Wireless Threats and Attacks | Online Safety & Privacy | Computer Security

Wireless Threats and Attacks

By: Sinju C Abraham Roll no : 49 MCA B5

1

Outline
• • Wireless Introduction
• • • Wireless Security Requirements Threats Vulnerabilities

• •

Taxonomy of Attacks Attack against Wireless networks
• • • Against 802.11 network Bluetooth Handheld devices

Summary
2

WIRELESS

3

Wireless
• Fastest growing segment of Computer industry • Connection to LAN,WAN,PAN on the move • Portable office –Phone ,fax ,email ,file retrieval ,login on machines. • Rescue, Military • Slow ,Error-prone, Transmission interference
4

Wireless
• Wireless devices use Radio Frequency (RF) technology to facilitate communication. • Various types of wireless communication solutions use different frequencies, most regulated by governments. • 802.11 and Bluetooth operate in the 2.4Ghz unregulated band.
5

Common wireless usage scenarios

• Wide Area Networks (WANs) using GPRS, GSM etc. • Local Area Networking (LANs) using 802.11b (aka WiFi). • Personal Area Networking (PANs) using Bluetooth.
6

Security Requirements Expected from Wireless Communication

7

Wireless security requirement
• Same for wired & wireless • CIA requirement• Confidentiality: Keeping secrets secret!! • Integrity: Data is unchanged • Availability: Data is available for needful

• Authentication requirement of message • Allow message non-repudiation
8

Attack and Threats
• Attack- Exploiting one or more vulnerabilities of communication medium • Threat- Object, person or Entity representing a danger to security of communication medium • Particular threats – Device theft, theft of service, espionage.
9

Threat agents
Majority of threats are hackers
• • • • Accidental Users Script KiddiesCasual HackersSkilled hackers-

Lot of freeware are available for hacking e.g.: netstumbler ,Kismet ,WEPcrack ,HostAP
10

Vulnerability
• Weakness or fault in the communication media allowing assurances to be compromised • Since transmissions are broadcasted, they are available freely for anyone with right equipment
• Un authorized access • Identity theft • Un authorized equipment

11

Classification of Attacks

12

Taxonomy of Attacks
Passive attacks:
No content modification Confidentiality threats Two types :
1. Traffic analysis2. Eaves dropping-

13

Taxonomy of Attacks
• Active attacks : CIA is questioned
Types :
1. 2. 3. 4. Masquerading- Impersonating Replay- Man in the middle Message modification- alteration Denial of service (D o S)-flooding and jamming

14

Attack against Wireless networks
1. 2. 3. Against 802.11 Networks : Against Blue tooth Networks : Against Hand held Devices :

15

16

What is 802.11 ??? • Two fundamental architectural components
• • Station (STA). Basic Service Set Identifier (BSSID) Access Point (AP). Service Set Identifier (SSID):

Attack against 802.11 networks

• Infrastructure mode and ad hoc mode are the two basic network topologies

17

Ad hoc Mode
Architecture

18

Infrastructure Mode
19

20

Passive attacks on 802.11
• Interception & Monitoring :
• Attacker needs to be in range of access point • No need of compromising a system since signals are broadcasted • 802.11 b can have directional antennae which enhance the risk of detection and attack because it can exceed physical boundaries its not mean to cross

21

Passive attacks on 802.11
• Traffic Analysis : 3 uses are
• Identify activity on network. • Identify physical locations of access points (s s i d broadcasting) • Identify types of protocols used in network for exploiting their flaws
(pattern of packets e.g. TCP-Syn\SynAck\Ack)

22

Passive attacks on 802.11
• Passive eavesdropping:
• Attacker monitor sessions not encrypted • Reads the transmitted data and accumulate information through studying the packets

• Active eavesdropping:
• IP Spoofing- Attacker changes the destination I P address of packet to the address of a host they control . When actual host does not get message then message is resend so its undetected.
23

24

Active attacks on 802.11
1. Masquerade:
• • • • Spoofing and id theft Unauthorized clients Brute force attacks Unauthorized access points

2. Man in middle: 3. Denial of Service:
• Jamming • Flooding

25

What is blue-tooth? • Open standard for Short range digital radio • Fast and reliable • Data + Voice communications • Its employed to connect 2 blue tooth devices e.g. phone, p d a, printer, mouse
26

Attacks against Blue tooth Network

27

Passive attacks on blue tooth
• Authorized remote users use insecure links which are sniffed up by attackers
– If link is compromised then traffic analysis – If system is compromised then data manipulation and obtaining user details

28

Active attack on blue tooth
1. Masquerade: device authentication is done not user so any device if compromised possess as threat Attacker C 2. Man in middle:

Device A

Device B
29

Active attack on blue tooth
1. Message modification : use of un trusted p d a and capture all yr contacts to send messages 2. D o S- jamming the 2.4 Ghz Ism band it operates with devices like baby monitors which work on that same frequency

30

Attack on Hand held devices
What are hand held devices ? • Have their own IP address • E.g. pager ,smart phone, tablets

31

32

33

• Eavesdropping:

Passive attack on Hand held devices
• Hand held devices have default enabled connectivity. • Data is seldom encrypted

34

• Denial of service-

Active attack on Hand held devices
• Cell phones are jammed • Virus, Trojan , worm • Spamming inbox

• 3g phones have continuous connection with the network so they are prone to attack and traffic analysis
35

Summary
• Threats and attacks for wired and wireless is same • CIA principle should be kept • CYCLE:
New Security measure -> New vulnerability discovered-> New hacking tool
36

Fighting back
• End to end security at application, transport and link layer. • Authentication of people • Cryptography• Security checklists • Almost any given single security mechanism alone may be easily overcome by attackers. However, proper configuration and implementation of the maximum possible security mechanisms must be used to form a hodgepodge of multiple security layers, in effort to provide the best possible wireless protection.
37

Solutions
– Mutual authentication – Strong confidentiality and dynamic rekeying
• Firewalls, anti-virus software

– Managerial solutions
• Security management practices and controls • Establish security policies • Regularly conduct security audits and risk assessment • Provide user education
38

THANKYOU

39

Sign up to vote on this title
UsefulNot useful