Professional Documents
Culture Documents
By: Sinju C
Abraham
Roll no : 49
MCA B5
• Wireless Outline
• Introduction
• Wireless Security Requirements
• Threats
• Vulnerabilities
• Taxonomy of Attacks
• Attack against Wireless networks
• Against 802.11 network
• Bluetooth
• Handheld devices
• Summary
WIRELESS
Wireless
• Fastest growing segment of Computer
industry
• Connection to LAN,WAN,PAN on the
move
• Portable office –Phone ,fax ,email ,file
retrieval ,login on machines.
• Rescue, Military
• Slow ,Error-prone, Transmission
interference
Wireless
• Wireless devices use Radio Frequency
(RF) technology to facilitate
communication.
• Various types of wireless
communication solutions use different
frequencies, most regulated by
governments.
• 802.11 and Bluetooth operate in the
2.4Ghz unregulated band.
Common wireless usage
scenarios
• Wide Area Networks (WANs)
using GPRS, GSM etc.
• Local Area Networking (LANs)
using 802.11b (aka Wi-Fi).
• Personal Area Networking
(PANs) using Bluetooth.
Security Requirements Expected
from Wireless Communication
Wireless security
requirement
• Same for wired & wireless
• CIA requirement-
• Confidentiality: Keeping secrets secret!!
• Integrity: Data is unchanged
• Availability: Data is available for needful
Types :
1. Masquerading- Impersonating
2. Replay- Man in the middle
3. Message modification- alteration
4. Denial of service (D o S)-flooding and jamming
Attack against Wireless
networks
Architectur
e
Infrastructure Mode
Passive attacks on 802.11
• Interception & Monitoring :
• Attacker needs to be in range of access point
• No need of compromising a system since signals
are broadcasted
• 802.11 b can have directional antennae which
enhance the risk of detection and attack because
it can exceed physical boundaries its not mean to
cross
Passive attacks on 802.11
• Traffic Analysis :
3 uses are
• Identify activity on network.
• Identify physical locations of access points
(s s i d broadcasting)
• Identify types of protocols used in network
for exploiting their flaws (pattern of packets
e.g. TCP-Syn\SynAck\Ack)
Passive attacks on 802.11
• Passive eavesdropping:
• Attacker monitor sessions not encrypted
• Reads the transmitted data and accumulate
information through studying the packets
• Active eavesdropping:
• IP Spoofing- Attacker changes the destination I P
address of packet to the address of a host they
control . When actual host does not get message
then message is resend so its undetected.
Active attacks on 802.11
1. Masquerade:
• Spoofing and id theft
• Unauthorized clients
• Brute force attacks
• Unauthorized access points
2. Man in middle:
3. Denial of Service:
• Jamming
• Flooding
Attacks against Blue tooth
Network
What is blue-tooth?
• Open standard for Short range digital
radio
• Fast and reliable
• Data + Voice communications
• Its employed to connect 2 blue tooth
devices e.g. phone, p d a, printer, mouse
Passive attacks on blue tooth
• Authorized remote users use insecure
links which are sniffed up by attackers
– If link is compromised then traffic analysis
– If system is compromised then data
manipulation and obtaining user details
Active attack on blue tooth
1. Masquerade: device authentication is
done not user so any device if
compromised possess as threat
Attacker C
2. Man in middle:
Device A Device B
Active attack on blue tooth
1. Message modification : use of un
trusted p d a and capture all yr
contacts to send messages
2. D o S- jamming the 2.4 Ghz Ism band
it operates with devices like baby
monitors which work on that same
frequency
Attack on Hand held devices
What are hand held devices ?
• Have their own IP address
• E.g. pager ,smart phone, tablets
Passive attack on Hand held
devices
• Eavesdropping:
• Hand held devices have default enabled
connectivity.
• Data is encrypted
Active attack on Hand held
devices
• Denial of service-
• Cell phones are jammed
• Virus, Trojan , worm
• Spamming inbox
– Managerial solutions
• Security management practices and controls
• Establish security policies
• Regularly conduct security audits and risk
assessment
• Provide user education
THANKYOU