Security Analysis on Wireless LAN protocols

Similar documents

How To Secure Wireless Networks

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

The following chart provides the breakdown of exam as to the weight of each section of the exam.

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices

WHITE PAPER. The Need for Wireless Intrusion Prevention in Retail Networks

TOWARDS STUDYING THE WLAN SECURITY ISSUES SUMMARY

Certified Wireless Security Professional (CWSP) Course Overview

WEP Overview 1/2. and encryption mechanisms Now deprecated. Shared key Open key (the client will authenticate always) Shared key authentication

Industrial Communication. Securing Industrial Wireless

WIRELESS NETWORKING SECURITY

Release: 1. ICANWK607A Design and implement wireless network security

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Wireless Network Security

Authentication in WLAN

BSc (Hons.) Computer Science with Network Security. Examinations for 2011/ Semester 2

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

Wireless Security with Cyberoam

The English translation Of MBA Standard 0301

Security Awareness. Wireless Network Security

Security in IEEE WLANs

Analysis of Security Issues and Their Solutions in Wireless LAN 1 Shenam Chugh, 2 Dr.Kamal

Authentication and Security in IP based Multi Hop Networks

Case Study - Configuration between NXC2500 and LDAP Server

CS5490/6490: Network Security- Lecture Notes - November 9 th 2015

CS 356 Lecture 29 Wireless Security. Spring 2013

Link Layer and Network Layer Security for Wireless Networks

Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi

1. discovery phase 2. authentication and association phase 3. EAP/802.1x/RADIUS authentication 4. 4-way handshake 5. group key handshake 6.

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Network Concepts. IT 4823 Information Security Concepts and Administration. The Network Environment. Resilience. Network Topology. Transmission Media

Wireless Technology Seminar

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

SECURE DATA TRANSMISSION USING INDISCRIMINATE DATA PATHS FOR STAGNANT DESTINATION IN MANET

Chapter 6: Fundamental Cloud Security

Security Requirements for Wireless Networks and their Satisfaction in IEEE b and Bluetooth

How To Protect A Wireless Lan From A Rogue Access Point

TELE 301 Network Management. Lecture 18: Network Security

Developing Network Security Strategies

NXC5500/2500. Application Note w Management Frame Protection. ZyXEL NXC Application Notes. Version 4.20 Edition 2, 02/2015

Security for 802 Access Networks: A Problem Statement

chap18.wireless Network Security

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

Wireless Network Security Position Paper. Overview for CEO s

Chapter 8 Security. IC322 Fall Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Security in Wireless Local Area Network

Notes on Network Security - Introduction

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

CS6956: Wireless and Mobile Networks Lecture Notes: 2/11/2015. IEEE Wireless Local Area Networks (WLANs)

Securing IP Networks with Implementation of IPv6

Hole196 Vulnerability in WPA2

WIRELESS NETWORK SECURITY

Security in Wireless and Mobile Networks

Wireless Robust Security Networks: Keeping the Bad Guys Out with i (WPA2)

CS 336/536 Computer Network Security. Summer Term Wi-Fi Protected Access (WPA) compiled by Anthony Barnard

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Configuring Security Solutions

DOS ATTACKS IN INTRUSION DETECTION AND INHIBITION TECHNOLOGY FOR WIRELESS COMPUTER NETWORK

Mobile Security Wireless Mesh Network Security. Sascha Alexander Jopen

Link Layer and Network Layer Security for Wireless Networks

Your Wireless Network has No Clothes

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 14 Key Management and Distribution.

Ebonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science

VoIP Security Threats and Vulnerabilities

Security Requirements for Wireless Local Area Networks

SECURITY ASPECTS IN MOBILE AD HOC NETWORK (MANETS)

SpiderCloud E-RAN Security Overview

THE IMPORTANCE OF CRYPTOGRAPHY STANDARD IN WIRELESS LOCAL AREA NETWORKING

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

ITL BULLETIN FOR AUGUST 2012

Wireless Security. New Standards for Encryption and Authentication. Ann Geyer

White paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points.

Key Management (Distribution and Certification) (1)

Networking: EC Council Network Security Administrator NSA

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline

Chapter 2 Wireless Networking Basics

Security in Ad Hoc Network

A Dynamic Extensible Authentication Protocol for Device Authentication in Transport Layer Raghavendra.K 1, G. Raghu 2, Sumith N 2

Intrusion Detection for Mobile Ad Hoc Networks

REVIEW ON RISING RISKS AND THREATS IN NETWORK SECURITY

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN

Network Attacks. Common Network Attacks and Exploits

HANDBOOK 8 NETWORK SECURITY Version 1.0

Networking: Certified Wireless Network Administrator Wi Fi Engineering CWNA

Wireless security. Any station within range of the RF receives data Two security mechanism

Threats to be considered (1) ERSTE GROUP

ANALYSIS OF SECURITY PROTOCOLS FOR WIRELESS NETWORKS

Closing Wireless Loopholes for PCI Compliance and Security

A Threat Analysis of The Extensible Authentication Protocol

Network Security Administrator

Transcription:

Security Analysis on Wireless LAN protocols HORI Yoshiaki hori@csce.kyushu-u.ac.jp Kyushu University / ISIT ETRI-ISIT 1st joint seminar 1

Contents ETRI-ISIT 1st joint seminar 2

Wireless LAN and Security Wireless LAN (WLAN) WLAN uses wireless media instead of wired media in order to provide connectivity for a terminal. A wireless terminal is connected with Access Point (AP) by using of wireless media. WLAN provides mobility, no wire WLAN enables easily to build LAN Currently WLAN become widely deployed. WLAN security WLAN security has become a serious concern for many organizations. Security requirements for a WLAN Data condidentiality Integrity Mutual authentication Availability ETRI-ISIT 1st joint seminar 3

WLAN security model Wireless terminal (Supplicant) Access Point (AP) (Authenticator) Network Attack Eaves dropping (Authentication Server) Adversary ETRI-ISIT 1st joint seminar 4

Wireless Threats (by C. He and J. C. Mitchell, Stanford Univ.) Wireless Threats Threat 1: Passive Eavesdropping Threat 2: Message Injection Threat 3: Message Deletion and Interception Threat 4: Masquerading and Malicious AP Threat 5: Session Hijacking Threat 6: Man-in-the-Middle Threat 7: Denial of Service Threats 1, 2, and 3: attack all three type of frames in the Link Layer Threats 4, 5, and 6: defeat mutual authentication Threats 7: interferes with availabilit ETRI-ISIT 1st joint seminar 5

IEEE 802.11i overview ETRI-ISIT 1st joint seminar 6

Data confidentiality and Integrity ETRI-ISIT 1st joint seminar 7

Authentication and Key Management ETRI-ISIT 1st joint seminar 8

Availability ETRI-ISIT 1st joint seminar 9

Known DoS Attacks ETRI-ISIT 1st joint seminar 10

Summary: 802.11i security ETRI-ISIT 1st joint seminar 11

MIS Protocol IP MIS protocol IEEE802.11 Pseudo AdHoc mode Protocol Layers ETRI-ISIT 1st joint seminar 12

Design and Standardize Some ideas of MIS protocol were written in 2001 Fast Authentication System for Secure Wireless Internet Services (K. Fujikawa, H. Nakano, M. Ohta, M. Hirabaru, H. Mano, and K. Ikeda) IPSJ SIGDPS technical report, 2001-DPS-107, March 2002 Protocol specifications were approved by Mobile Broadband Association (MBA) and published on their Web. http://www.mbassoc.org/ Protocol Documents (but these are written in only Japanese) MBA standard 0201, MIS protocol specification ver. 1.02 (announced on April 2004) MBA standard draft 0301, MISAUTH protocol specification (annouced on June 2004) ETRI-ISIT 1st joint seminar 13

MIS protocol time chart Mobile Node (MN) s generated k(s) generate beacon Auth. Request Base Router (BR) ( t ) ( s, t, Hk(t) ) Access Request k: Shared Key s: seed t: timestamp Hk(): Keyed Hash Func Authentication Server (AS) ( s, t, Hk(t) ) Hk(s) Hk(s) is shared as session key Auth. success Access O.K. ( Hk(s) ) ETRI-ISIT 1st joint seminar 14

Objective ETRI-ISIT 1st joint seminar 15

Confidentiality and Integrity ETRI-ISIT 1st joint seminar 16

Authentication ETRI-ISIT 1st joint seminar 17

Availability ETRI-ISIT 1st joint seminar 18

Countermeasure of MIS protocol ETRI-ISIT 1st joint seminar 19

Summary ETRI-ISIT 1st joint seminar 20