cs 356 lecture 29 wireless security
play

CS 356 Lecture 29 Wireless Security Spring 2013 Review Chapter - PowerPoint PPT Presentation

Jan 27, 2023 •154 likes •469 views

CS 356 Lecture 29 Wireless Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5

  1. CS 356 – Lecture 29 Wireless Security Spring 2013

  2. Review • Chapter 1: Basic Concepts and Terminology • Chapter 2: Basic Cryptographic Tools • Chapter 3 – User Authentication • Chapter 4 – Access Control Lists • Chapter 5 – Database Security (skipped) • Chapter 6 – Malicious Software • Networking Basics (not in book) • Chapter 7 – Denial of Service • Chapter 8 – Intrusion Detection • Chapter 9 – Firewalls and Intrusion Prevention • Chapter 10 – Buffer Overflow • Chapter 11 – Software Security • Chapter 12 – OS Security • Chapter 22 – Internet Security Protocols • Chapter 23 – Internet Authentication Applications • Chapter 24 – Wireless Security

  3. Chapter 24 Wireless Network Security

  4. Wireless Security Overview • concerns for wireless security are similar to those found in a wired environment • security requirements are the same: – confidentiality, integrity, availability, authenticity, accountability – most significant source of risk is the underlying communications medium

  5. Wireless Networking Components Endpoint Access point Figure 24.1 Wireless Networking Components

  6. Wireless Network Threats accidental malicious ad hoc association association networks identity theft man-in-the nontraditional (MAC middle networks spoofing) attacks denial of network service (DoS) injection

  7. Securing Wireless Transmissions • principal threats are eavesdropping, altering or inserting messages, and disruption • countermeasures for eavesdropping: – signal-hiding techniques – encryption – the use of encryption and authentication protocols is the standard method of countering attempts to alter or insert transmissions

  8. Securing Wireless Networks • the main threat involving wireless access points is unauthorized access to the network • principal approach for preventing such access is the IEEE 802.1X standard for port-based network access control – the standard provides an authentication mechanism for devices wishing to attach to a LAN or wireless network • use of 802.1X can prevent rogue access points and other unauthorized devices from becoming insecure backdoors

  9. Wireless Network Security Techniques allow only specific computers to use encryption access your wireless network use anti-virus and change your anti-spyware router’s pre-set software and a password for firewall administration change the identifier on your turn off identifier router from the broadcasting default

  10. IEEE 802.11 Terminology

  11. Wireless Fidelity (Wi-Fi) Alliance • 802.11b – first 802.11 standard to gain broad industry acceptance • Wireless Ethernet Compatibility Alliance (WECA) – industry consortium formed in 1999 to address the concern of products from different vendors successfully interoperating – later renamed the Wi-Fi Alliance • term used for certified 802.11b products is Wi-Fi – has been extended to 802.11g products • Wi-Fi Protected Access (WPA) – Wi-Fi Alliance certification procedures for IEEE802.11 security standards – WPA2 incorporates all of the features of the IEEE802.11i WLAN security specification

  12. IEEE 802 Protocol Architecture Specific IEEE 802.11 General IEEE 802 functions functions Logical Link Flow control Control Error control Assemble data Medium Access into frame Reliable data delivery Wireless access control Addressing Control protocols Error detection Medium access Encoding/decoding Frequency band of signals definition Physical Bit transmission/ Wireless signal reception encoding Transmission medium Figure 24.2 IEEE 802.11 Protocol Stack

  13. General IEEE 802 MPDU Format MAC Destination Source MAC Service Data Unit (MSDU) CRC Control MAC Address MAC Address MAC header MAC trailer Figure 24.3 General IEEE 802 MPDU Format

  14. Distribution System IEEE AP 2 802.11 AP 1 Basic Service Extended Set (BSS) Basic Service STA 1 Service Set (BSS) STA 8 STA 2 Set STA 7 STA 6 STA4 STA 3 Figure 24.4 IEEE 802.11 Extended Service Set

  15. IEEE 802.11 Services

  16. Distribution of Messages Within a DS • the two services involved with the distribution of messages within a DS are: – distribution – integration • the primary service used by stations to exchange MPDUs when distribution the MPDUs must traverse the DS to get from a station in one BSS to a station in another BSS • enables transfer of data between a station on an IEEE 802.11 integration LAN and a station on an integrated IEEE 802x LAN • service enables transfer of data between a station on an IEEE 802.11 LAN and a station on an integrated IEEE 802.x LAN

  17. Association-Related Services • transition types, based on mobility: – no transition • a station of this type is either stationary or moves only within the direct communication range of the communicating stations of a single BSS – BSS transition • station movement from one BSS to another BSS within the same ESS; delivery of data to the station requires that the addressing capability be able to recognize the new location of the station – ESS transition • station movement from a BSS in one ESS to a BSS within another ESS; maintenance of upper-layer connections supported by 802.11 cannot be guaranteed

  18. Services • establishes an initial association association between a station and an AP • enables an established association to be transferred from one AP reassociation to another, allowing a mobile station to move from one BSS to another • a notification from either a disassociation station or an AP that an existing association is terminated

  19. Wireless LAN Security • Wired Equivalent Privacy (WEP) algorithm – 802.11 privacy • Wi-Fi Protected Access (WPA) – set of security mechanisms that eliminates most 802.11 security issues and was based on the current state of the 802.11i standard • Robust Security Network (RSN) – final form of the 802.11i standard – Wi-Fi Alliance certifies vendors in compliance with the full 802.11i specification under the WPA2 program

  20. Robust Security Network (RSN) Confidentiality, Data Authentication Services Elements Origin Authentication Access Control and Key and Integrity and Generation Replay Protection Protocols IEEE 802.1 Extensible of TKIP CCMP Port-based Authentication Access Control Protocol (EAP) (a) Services and Protocols IEEE Robust Security Network (RSN) 802.11i Services Integrity and Key Confidentiality Data Origin Generation Authentication Algorithms CCM CCM NIST TKIP TKIP (AES- HMAC- HMAC- HMAC- RFC (AES- Key (Michael (RC4) CBC- SHA-1 MD5 SHA-1 1750 CTR) Wrap MIC) MAC) (b) Cryptographic Algorithms CBC-MAC = Cipher Block Block Chaining Message Authentication Code (MAC) CCM = Counter Mode with Cipher Block Chaining Message Authentication Code CCMP = Counter Mode with Cipher Block Chaining MAC Protocol TKIP = Temporal Key Integrity Protocol Figure 24.5 Elements of IEEE 802.11i

  21. STA AP AS End Station IEEE Phase 1 - Discovery 802.11i Phase 2 - Authentication Phases of Phase 3 - Key Management Operation Phase 4 - Protected Data Transfer Phase 5 - Connection Termination Figure 24.6 IEEE 802.11i Phases of Operation

  22. STA AP AS IEEE Station sends a request Probe request to join network AP sends possible security parameter Probe response (security capabilties set per the security policy) Open system 802.11i Station sends a authentication request request to perform null authentication Open system AP performs authentication response null authentication Station sends a request to Association request associate with AP with security parameters AP sends the associated Association response security parameters Station sets selected security parameters Phases 802.1X controlled port blocked 802.1x EAP request 802.1x EAP response of Access request (EAP request) Extensible Authentication Protocol Exchange Accept/EAP-success Operation key material 802.1x EAP success 802.1X controlled port blocked Figure 24.7 IEEE 802.11i Phases of Operation: Capability Discovery, Authentication, and Association

  23. 802.1X Uncontrolled port Authentication server Access Access point Control Station Controlled Controlled port port To other To DS wireless stations on this BSS Figure 24.8 802.1X Access Control

  24. MPDU Exchange • authentication phase consists of three phases: – connect to AS • the STA sends a request to its AP that it has an association with for connection to the AS; the AP acknowledges this request and sends an access request to the AS – EAP exchange • authenticates the STA and AS to each other – secure key delivery • once authentication is established, the AS generates a master session key and sends it to the STA

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Lecture 11: Energy and security Lecture 11: Energy and security considerations in wireless PHY +

Lecture 11: Energy and security Lecture 11: Energy and security considerations in wireless PHY +

Lecture 11: Energy and security Lecture 11: Energy and security considerations in wireless PHY + link considerations in wireless PHY + link layers layers Mythili Vutukuru CS 653 Spring 2014 Feb 10, Monday Energy and Security We will

259 views • 8 slides
Writing a book on wireless security available online is like writing a book on safe Internet

Writing a book on wireless security available online is like writing a book on safe Internet

Agenda The purpose of this presentation is to: FIRST Technical Colloquium Uppsala, Sweden Give an overview of Wireless technology Highlight the security issues Securing Your associated with IEEE 802.11b Wireless LAN wireless LANs Suggest

413 views • 16 slides
Wireless Security for Hotspots & Home PCCW Feb, 2009 Ubiquitous Wireless Indoor &

Wireless Security for Hotspots & Home PCCW Feb, 2009 Ubiquitous Wireless Indoor &

Wireless Security for Hotspots & Home PCCW Feb, 2009 Ubiquitous Wireless Indoor & Outdoor Wireless Security for Home Provides all-in-one DSL modem with Wi-Fi capability to residential customers Simplify setup to the

354 views • 21 slides
Wireless Security Why This Works Integrity Attacks Availability Black Holes Battery Exhaustion

Wireless Security Why This Works Integrity Attacks Availability Black Holes Battery Exhaustion

Wireless Security Wireless Security Confidentiality Integrity Wireless Architecture Access Points Which AP? The Evil Twin Attack Wireless Security Why This Works Integrity Attacks Availability Black Holes Battery Exhaustion Battery

785 views • 41 slides
The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs

The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs

The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs Bluetooth Security and Cooperation in Wireless Networks Georg-August University Gttingen Security in Wireless Networks Wireless networks are

519 views • 48 slides
Wireless LAN Security Setup & Optimizing Wireless Client in Linux Hacking and Cracking

Wireless LAN Security Setup & Optimizing Wireless Client in Linux Hacking and Cracking

Wireless LAN Security Setup & Optimizing Wireless Client in Linux Hacking and Cracking Wireless LAN Setup Host Based AP ( hostap ) in Linux & freeBSD Securing & Managing Wireless LAN : Implementing 802.1x EAP-TLS

417 views • 29 slides
Wireless Security: A Perspective (aka. What Weve Done Wrong, and Some of What We Can Do About

Wireless Security: A Perspective (aka. What Weve Done Wrong, and Some of What We Can Do About

Wireless Security: A Perspective (aka. What Weve Done Wrong, and Some of What We Can Do About It) Wade Trappe Agenda Agenda Tales from the Dark Side of Security Wireless in Particular Decomposing the Problem into Problems

697 views • 40 slides
Lecture 2: Wireless Physical Lecture 2: Wireless Physical Layer, Channel, and Capacity Layer,

Lecture 2: Wireless Physical Lecture 2: Wireless Physical Layer, Channel, and Capacity Layer,

Lecture 2: Wireless Physical Lecture 2: Wireless Physical Layer, Channel, and Capacity Layer, Channel, and Capacity Mythili Vutukuru CS 653 Spring 2014 Jan 9, Thursday Radio waves and spectrum Physical layer of mobile systems wireless

327 views • 20 slides
Hacking Hands on with wireless LAN routers, packet capture and wireless security Organised by

Hacking Hands on with wireless LAN routers, packet capture and wireless security Organised by

Free Technology Workshop Hacking Hands on with wireless LAN routers, packet capture and wireless security Organised by Steven Gordon Bangkadi 3 rd floor IT Lab 10:30-13:30 Friday 18 July 2014 http://ict.siit.tu.ac.th/moodle/ _______

795 views • 48 slides
Security in Pervasive Wireless Security in Pervasive Wireless Systems Systems Wade Trappe

Security in Pervasive Wireless Security in Pervasive Wireless Systems Systems Wade Trappe

Security in Pervasive Wireless Security in Pervasive Wireless Systems Systems Wade Trappe Breaking Down the Issues (summary) Breaking Down the Issues (summary) Wireless is easy to sniff. We still need encryption services and key management.

533 views • 13 slides
192620010 Mobile & Wireless Networking Lecture 2: Wireless Transmission (2/2) [Schiller,

192620010 Mobile & Wireless Networking Lecture 2: Wireless Transmission (2/2) [Schiller,

192620010 Mobile & Wireless Networking Lecture 2: Wireless Transmission (2/2) [Schiller, Section 2.6 & 2.7] [Reader Part 1: OFDM: An architecture for the fourth generation] Geert Heijenk Mobile and Wireless Networking 2013 / 2014

644 views • 31 slides
Wireless Security System 868 MHz RFID cards Vloit text Vloit text + Control Panel info

Wireless Security System 868 MHz RFID cards Vloit text Vloit text + Control Panel info

Wireless Security System 868 MHz Oasis is a wireless kit Sirens Wireless Security System 868 MHz RFID cards Vloit text Vloit text + Control Panel info Keypads ja-80_oasis_en_09_2011.ppt_c1 Wireless Security System 868 MHz Wireless

392 views • 16 slides
Wireless Network Security IT Security Ido Rosen ido@cs.uchicago.edu University of Chicago 5

Wireless Network Security IT Security Ido Rosen ido@cs.uchicago.edu University of Chicago 5

Introduction Wireless Network Security IT Security Ido Rosen ido@cs.uchicago.edu University of Chicago 5 March 2007 Ido Rosen Wireless Network Security Introduction Introduction 1 Overview Wireless LANs Ido Rosen Wireless Network

397 views • 8 slides
ECE590 Computer and Information Security Fall 2018 Wireless and Mobile Security Tyler Bletsch

ECE590 Computer and Information Security Fall 2018 Wireless and Mobile Security Tyler Bletsch

ECE590 Computer and Information Security Fall 2018 Wireless and Mobile Security Tyler Bletsch Duke University Adapted from Chapter 24: Wireless Network Security by Dr. Hossein Saiedian at Univ. Kansas, which in turn was adapted from

452 views • 27 slides
CSE 484 / CSE M 584 Computer Security: iOS, Wireless Security & Wireshark TA: Adrian Sham

CSE 484 / CSE M 584 Computer Security: iOS, Wireless Security & Wireshark TA: Adrian Sham

CSE 484 / CSE M 584 Computer Security: iOS, Wireless Security & Wireshark TA: Adrian Sham adrsham@cs With material from Franzi and Bens slides Logistics / Reminders Tomorrow Ian will introduce more tools you will need for Lab #3

318 views • 11 slides
and its Discontents Introduction The purpose of this presentation is to provide an overview of

and its Discontents Introduction The purpose of this presentation is to provide an overview of

Wireless Security and its Discontents Introduction The purpose of this presentation is to provide an overview of the strengths and weaknesses of Wireless Security solutions. We will cover: - Real-world examples of Wireless Security application

425 views • 38 slides
Purchasing Power Parity Yee-Tien Ted Fu Course web pages: http://finance2010.pageout.net

Purchasing Power Parity Yee-Tien Ted Fu Course web pages: http://finance2010.pageout.net

Tuesdays 6:10-9:00 p.m. Commerce 260306 Wednesdays 9:10 a.m.-12 noon Commerce 260508 Handout #6 International Parity Conditions Purchasing Power Parity Yee-Tien Ted Fu Course web pages: http://finance2010.pageout.net ID:

1.92k views • 154 slides
MIT Relational Database GraphiQL Expensive! Graph Intuitive Query Language for Relational

MIT Relational Database GraphiQL Expensive! Graph Intuitive Query Language for Relational

GraphiQL Graph Intuitive Query Language for Relational Databases at Talking on IEEE BigData 2014 Alekh Jindal collaborate Supervisors Amol Deshpande Sam Madden work sabbatical Mike Stonebraker work University work of Maryland

514 views • 40 slides
Lecture 2.1: Cyclic and abelian groups Matthew Macauley Department of Mathematical Sciences

Lecture 2.1: Cyclic and abelian groups Matthew Macauley Department of Mathematical Sciences

Lecture 2.1: Cyclic and abelian groups Matthew Macauley Department of Mathematical Sciences Clemson University http://www.math.clemson.edu/~macaule/ Math 4120, Modern Algebra M. Macauley (Clemson) Lecture 2.1: Cyclic and abelian groups Math

340 views • 15 slides
rst rts t

rst rts t

rst rts t r rtt rtr

526 views • 41 slides
2020 Census Program Management Review Decennial Census Programs U.S. Census Bureau August 3,

2020 Census Program Management Review Decennial Census Programs U.S. Census Bureau August 3,

2020 Census Program Management Review Decennial Census Programs U.S. Census Bureau August 3, 2018 The original version of slide 6, Where are We Now has been revised. 1 Welcome Albert E. Fontenot, Jr. Associate Director for Decennial

1.29k views • 99 slides
1 II.A. Extended Form Equations (contd.) Extended Form Equations (contd.) II.B. Reduced Form

1 II.A. Extended Form Equations (contd.) Extended Form Equations (contd.) II.B. Reduced Form

I. Motivation and Main Results Motivation and Main Results I. Multiple Equilibria and Sunspots in a Security Multiple Equilibria and Sunspots in a Security A. History of the project Market with Investment Restrictions Market with Investment

436 views • 5 slides
Mesh Basics Mesh Basics 1 Spring 2010 Definitions: Definitions: 1/2 Definitions:

Mesh Basics Mesh Basics 1 Spring 2010 Definitions: Definitions: 1/2 Definitions:

Mesh Basics Mesh Basics 1 Spring 2010 Definitions: Definitions: 1/2 Definitions: Definitions: 1/2 1/2 1/2 A polygonal mesh consists of three kinds of mesh elements : vertices, edges, and faces. The information describing the mesh

781 views • 45 slides
2019 Poll Book Training for Election Judges Hennepin County Elections 7/23/2019 1 Goal &

2019 Poll Book Training for Election Judges Hennepin County Elections 7/23/2019 1 Goal &

2019 Poll Book Training for Election Judges Hennepin County Elections 7/23/2019 1 Goal & trainers Goal: To learn about Poll Pad 3 and gain familiarity with (or review) Poll Book processes. Your trainer(s) Hennepin County Elections

1.12k views • 74 slides

More recommend