ilab
play

iLab Wireless Networks Florian Wohlfart wohlfart@in.tum.de - PowerPoint PPT Presentation

Oct 05, 2023 •183 likes •521 views

iLab Wireless Networks Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Lab 10 16ss 1 / 32 Oral attestations available dates Friday,

  1. iLab Wireless Networks Florian Wohlfart wohlfart@in.tum.de Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München Lab 10 – 16ss 1 / 32

  2. Oral attestations available dates ◮ Friday, July 15 ◮ Monday, July 18 ◮ Tuesday, July 19 ◮ Wednesday, July 20 Registration will be open from 8 pm today until Friday 2pm. 2 / 32

  3. Outline Wireless Communication Electromagnetic Spectrum General Problems Wireless LAN (IEEE 802.11) Basics Medium Access Control WLAN Security 3 / 32

  4. Outline Wireless Communication Electromagnetic Spectrum General Problems Wireless LAN (IEEE 802.11) Basics Medium Access Control WLAN Security 4 / 32

  5. Frequency Spectrum (US, 3KHz – 30 GHz) source: http://www.ntia.doc.gov/files/ntia/publications/spectrum_wall_chart_aug2011.pdf 5 / 32

  6. Frequency Spectrum (DE, mobile networks) source: https://www.bundesnetzagentur.de/SharedDocs/Downloads/DE/Allgemeines/Presse/Pressemitteilungen/ 2010/100830VerlosungGraphikFrequenzspektrum_pdf.pdf?__blob=publicationFile&v=3 6 / 32

  7. Frequency Spectrum Summary Unlicensed Operation ◮ 13.56 MHz NFC, RFID ◮ 2.4 GHz WLAN, Bluetooth, ZigBee, microwave ovens, RFID, etc. ◮ 5.8 GHz WLAN Mobile Networks (Germany) ◮ GSM (2G) 900, 1800 MHz ◮ UMTS (3G) 2100 MHz ◮ LTE (4G) 800, 1800, 2600 MHz 7 / 32

  8. Channel Access Methods Frequency Division Multiple Access (FDMA) ◮ each data stream uses a different frequency band Time Division Multiple Access (TDMA) ◮ each data stream uses a different time-slot Code Division Multiple Access (CDMA) ◮ multiplexing based on spreading-codes Space Division Multiple Access (SDMA) ◮ frequency reuse in different physical areas 8 / 32

  9. Space Division Multiple Access (SDMA) CC BY-SA 2.5 by Andrew pmk source: https://upload.wikimedia.org/wikipedia/commons/e/ee/Frequency_reuse.svg 9 / 32

  10. Cellular Base Stations in Garching source: http://emf3.bundesnetzagentur.de/karte/default.aspx 10 / 32

  11. Cellular Base Stations in Munich source: http://emf3.bundesnetzagentur.de/karte/default.aspx 11 / 32

  12. General Problems in Wireless Data Transmission ◮ half-duplex operation (self interference) ◮ interference – there is only one shared medium ◮ signal strength decreasing quadratically with the distance ◮ multipath propagation due to reflection and refraction source: http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/82068-omni-vs-direct.html 12 / 32

  13. Recap: Ethernet (IEEE 802.3) ◮ full-duplex, high-speed data transmission ◮ negligible interference ◮ usually no channel access control necessary switches limit collision domains to only two endpoints ◮ no built-in security 13 / 32

  14. Outline Wireless Communication Electromagnetic Spectrum General Problems Wireless LAN (IEEE 802.11) Basics Medium Access Control WLAN Security 14 / 32

  15. Wireless Network Types single-hop multi-hop infrastructure- WLAN (ad-hoc mode), Mobile ad-hoc networks less Bluetooth, ZigBee e.g. car-to-car WLAN infrastructure- (infrastructre mode), Wireless mesh networks based WiMAX 15 / 32

  16. Infrastructure Mode ◮ station wireless host ◮ access point base station ◮ basic service set (BSS) group of communication partners that use the same channel ◮ extended service set (ESS) group of multiple interconnected BSS with common service set identifier (SSID) ◮ distribution system interconnection network 16 / 32

  17. Family of IEEE 802.11 Protocols Name Frequency Max. data rate Modulation Published 802.11 2.4 GHz 2 Mbit/s CDM 1997 802.11a 5 GHz 54 Mbit/s FDM 1999 802.11b 2.4 GHz 11 Mbit/s CDM 1999 802.11g 2.4 GHz 54 Mbit/s FDM, CDM 2003 802.11n 2.4 + 5 GHz 600 Mbit/s FDM 2009 802.11ac 5 GHz 500 Mbit/s FDM 2013 17 / 32

  18. Link Layer Frames Management Frames ◮ beacon frame (periodical announcement by the AP, e.g. SSID) ◮ association request frame / association response frame (station joins the network) ◮ authentication frame Control Frames ◮ acknowledgement (ACK) frame, reliability ◮ request-to-send (RTS) frame (optional extension) ◮ clear-to-send (CTS) frame (optional extension) Data Frames ◮ actual data transmission 18 / 32

  19. Datagram Header 0 15 16 31 ... to ver fr duration / ID type subtype DS DS address 1 address 1 address 2 address 2 address 3 sequence control address 3 address 4 address 4 data (0–2312 Byte) frame check seq. 19 / 32

  20. Use of Address Fields ◮ (0,0) data frame from station to station (ad-hoc mode, mgmt/ctrl frames) ◮ (0,1) data frame exiting the DS (infrastructure mode) ◮ (1,0) data frame destined to the DS (infrastructure mode) ◮ (1,1) data frame in the DS from one AP to another AP (wireless distribution system) to DS from DS A1 A2 A3 A4 0 0 RA = DA TA = SA BSSID 0 1 RA = DA TA = BSSID SA 1 0 RA = BSSID TA = SA DA 1 1 RA TA DA SA DA = destination address, SA = source address, RA = receiver address, TA = transmitter address, BSSID = AP MAC address 20 / 32

  21. Medium Access Control ◮ collision detection not possible ◮ sensing while sending is difficult ◮ hidden terminal problem ◮ a frame is always fully transmitted ◮ link-layer acknowledgements 21 / 32

  22. Medium Access Control ◮ collision detection not possible ◮ sensing while sending is difficult ◮ hidden terminal problem ◮ a frame is always fully transmitted ◮ link-layer acknowledgements ◮ remember: collision != interference 21 / 32

  23. Carrier Sense Multiple Access / Collision Avoidance (CSMA/CA) ◮ prioritization of control traffic ◮ SIFS (Short Inter Frame Spacing): highest priority for control frames: e.g. ACK, CTS ◮ DIFS (DCF Interframe Spacing): lower priority (longer interframe spacing) for data traffic ◮ backoff time t bo = Random ([0 , CW ]) ∗ SlotTime source: S. Günther, et al. “Analysis of Injection Capabilities and Media Access of IEEE 802.11 Hardware in Monitor Mode”, NOMS 2014 22 / 32

  24. CSMA/CA – Inter-Frame Spacing Example source: https://www.cs.purdue.edu/homes/park/cs536-wireless-3.pdf ◮ SIFS = 10 µ s or 16 µ s ◮ DIFS = 28 µ s , 34 µ s , or 50 µ s ◮ slot time = 9 µ s or 20 µ s ◮ 15 ≤ CW ≤ 1023 23 / 32

  25. Collison Avoidance Algorithm (sending side) MAC receives frame from upper layer choose random backoff time t bo = Random ([0 , CW ]) ∗ SlotTime wait until channel is idle for DIFS busy while t bo > 0: wait for one slot time and decrement t bo transmit frame no yes CW = CW ∗ 2 ACK received before timeout? 24 / 32

  26. Collison Avoidance Algorithm (receiving side) MAC receives frame from the physical layer yes no wait for SIFS is received frame ok? transmit ACK 25 / 32

  27. CSMA/CA – Backoff Example source: IEEE Std 802.11-2012, http://standards.ieee.org/getieee802/download/802.11-2012.pdf 26 / 32

  28. Ready-to-Send and Clear-to-Send (CTS / RTS) ◮ optional extension to IEEE 802.11 ◮ before any transmission the sender transmits a request-to-send (RTS) message contains the expected duration of the transmission ◮ the receiver has to confirm with a clear-to-send (CTS) message everyone who received the CTS knows that the medium will be busy for the specified duration ◮ solves the hidden terminal problem 27 / 32

  29. Outline Wireless Communication Electromagnetic Spectrum General Problems Wireless LAN (IEEE 802.11) Basics Medium Access Control WLAN Security 28 / 32

  30. Wireless LAN Security Protocols WEP ◮ standardized in 1999, first broken in 2001 N. Borisov et al., Intercepting Mobile Communications: The Insecurity of 802.11, MOBICOM 2001 ◮ many design flaws including: ◮ only 40 bit key length ◮ initialization vector is too small (16 million possible values) ◮ integrity check via CRC32 (linear function) ◮ no replay-protection WPA ◮ standarized in 2003 ◮ stopgap replacement for WEP WPA2 ◮ standardized in 2004 (IEEE 802.11i) ◮ CCMP (CTR mode with CBC-MAC Protocol) encryption protocol uses AES with 128-bit block size 29 / 32

  31. WPA2 Authentication Pre-shared Key Mode (WPA-PSK) ◮ 256 bit key derived from 64 hexadecimal digits or an ASCII-String (8 to 63 characters) using the PBKDF2 key derivation function and the SSID as salt External Authentication Server (WPA-802.1X) ◮ relies on an external server for authentication ◮ advantages: mutual authentication, centralized authentication Wi-Fi Protected Setup (WPS) ◮ goal: make adding new devices as simple as possible ◮ assumption: attacker has no physical access to the access point ◮ PIN method (brute-force feasible [1]), push-button method [1] https://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf 30 / 32

  32. WPA-802.1X ◮ relies on an external server for authentication (via RADIUS or Diameter protocol) ◮ supplicant (station) negotiates with an authentication server, the authenticator (access point) acts as a relay source: https://en.wikipedia.org/wiki/File:802.1X_wired_protocols.png 31 / 32

  33. Conclusion ◮ only trust authenticated hosts and access points ◮ use WPA2 ◮ when using public Wi-Fi hotspots, encrypt your communication (e.g. VPN) 32 / 32

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

your exercise iLab 1+2 info event online Tell your friends!

your exercise iLab 1+2 info event online Tell your friends!

The iLab Experience a blended learning hands-on course concept you set the focus Final Lecture Marc-Oliver Pahl, Jul 25, 2017 your exercise iLab 1+2 info event online Tell your friends!

1.81k views • 96 slides
ilab 2 - IPSec with IKEv2 and Strongswan Lukas Grillmayer and Linus Lotz Chair for Network

ilab 2 - IPSec with IKEv2 and Strongswan Lukas Grillmayer and Linus Lotz Chair for Network

ilab 2 - IPSec with IKEv2 and Strongswan Lukas Grillmayer and Linus Lotz Chair for Network Architectures and Services Department for Computer Science Technische Universit at M unchen June 4, 2014 Lukas Grillmayer and Linus Lotz: ilab 2 -

1.39k views • 51 slides
iLab Countersurveillance Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab Countersurveillance Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab Countersurveillance Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Surveillance and operational security 14ws 1 lecture evaluation oral

916 views • 30 slides
ilab Lab 5 DNS and DNSSec History and Motivation of DNS Problem: The Internet needs IP

ilab Lab 5 DNS and DNSSec History and Motivation of DNS Problem: The Internet needs IP

Lehrstuhl fr Netzarchitekturen und Netzdienste Institut fr Informatik Technische Universitt Mnchen ilab Lab 5 DNS and DNSSec History and Motivation of DNS Problem: The Internet needs IP addresses. Human beings do not memorize IP

779 views • 23 slides
ilab Lab 4 TCP/UDP Purpose of the Transport Layer Provides an end to end connectivity to

ilab Lab 4 TCP/UDP Purpose of the Transport Layer Provides an end to end connectivity to

Lehrstuhl fr Netzarchitekturen und Netzdienste Institut fr Informatik Technische Universitt Mnchen ilab Lab 4 TCP/UDP Purpose of the Transport Layer Provides an end to end connectivity to applications application application 4

647 views • 26 slides
iLab TLS and packet filters Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab TLS and packet filters Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab TLS and packet filters Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Lab 7 17ws 1 / 41 Outline Trust Transport Layer Security Packet filter

1.19k views • 43 slides
iLab Onion Routing Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste

iLab Onion Routing Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste

iLab Onion Routing Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Lab 9 18ss 1 / 36 Outline Introduction Trust architecture Protocols Attacks

663 views • 45 slides
iLab Onion Routing Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste

iLab Onion Routing Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste

iLab Onion Routing Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Lab 9 16ss 1 / 38 Outline Introduction Trust architecture Protocols Attacks

879 views • 47 slides
iLab NAT / DHCP Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab NAT / DHCP Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab NAT / DHCP Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Lab 6 16ss 1 / 34 Motivation: IPv4 Address Scarcity source:

784 views • 54 slides
course evaluation room for attestations: 03.05.051 iLab Threat modelling, surveillance,

course evaluation room for attestations: 03.05.051 iLab Threat modelling, surveillance,

course evaluation room for attestations: 03.05.051 iLab Threat modelling, surveillance, operational security Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt

986 views • 47 slides
iLab TCP / UDP Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab TCP / UDP Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab TCP / UDP Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Lab 4 14ws 1 Outline Transport Layer UDP TCP MTCP / SCTP 2 Outline

720 views • 32 slides
ilab Lab 8 - SSL/TLS and IPSec Outlook: On Layer 4: Goal: Provide security for one

ilab Lab 8 - SSL/TLS and IPSec Outlook: On Layer 4: Goal: Provide security for one

Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen ilab Lab 8 - SSL/TLS and IPSec Outlook: On Layer 4: Goal: Provide security for one specific port SSL (Secure Socket Layer) /

812 views • 25 slides
iLab 2 Internet Protocol version 6 Stefan Liebald liebald@net.in.tum.de Lehrstuhl fr

iLab 2 Internet Protocol version 6 Stefan Liebald liebald@net.in.tum.de Lehrstuhl fr

iLab 2 Internet Protocol version 6 Stefan Liebald liebald@net.in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen October 18, 2017 Based on slides of Lukas Schwaighofer 1

678 views • 46 slides
iLab 2 Internet Protocol version 6 Stefan Liebald liebald@net.in.tum.de Lehrstuhl fr

iLab 2 Internet Protocol version 6 Stefan Liebald liebald@net.in.tum.de Lehrstuhl fr

iLab 2 Internet Protocol version 6 Stefan Liebald liebald@net.in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen April 25, 2017 Based on slides of Lukas Schwaighofer 1

471 views • 10 slides
iLab Static routing Minoo Rouhi rouhi@net.in.tum.de Slides by Benjamin Hof hof@in.tum.de

iLab Static routing Minoo Rouhi rouhi@net.in.tum.de Slides by Benjamin Hof hof@in.tum.de

iLab Static routing Minoo Rouhi rouhi@net.in.tum.de Slides by Benjamin Hof hof@in.tum.de Chair of Network Architectures and Services Department of Informatics Technical University of Munich Lab 2 17ws 1 / 21 Outline Meta

540 views • 27 slides
The iLab Experience a blended learning hands-on course concept you set the focus Do It Yourself

The iLab Experience a blended learning hands-on course concept you set the focus Do It Yourself

The iLab Experience a blended learning hands-on course concept you set the focus Do It Yourself - Hardware YE - Topic Outline May 29, 2018 10.4. Kick Off, IPv6 1 IPv6 BGP 17.4. 2 Minilab 1 2 mini labs Advanced Wireless Playground BGP

1.64k views • 125 slides
CS24 FRESHMAN SEMINAR FOR CS SCHOLARS WEEK 2 - GROUPS - VERSION CONTROL U N I V E R S I T Y O

CS24 FRESHMAN SEMINAR FOR CS SCHOLARS WEEK 2 - GROUPS - VERSION CONTROL U N I V E R S I T Y O

Spring 2015 - Berkeley, CA CS24 FRESHMAN SEMINAR FOR CS SCHOLARS WEEK 2 - GROUPS - VERSION CONTROL U N I V E R S I T Y O F C A L I F O R N I A - B E R K E L E Y 2 6 J A N U A R Y 2 015 LATEX : WRAPPING FIGURES \DOCUMENTCLASS{ARTICLE}

306 views • 11 slides
Linux Basics 2 Pre-Lab Everyone installed Linux on their computer Everyone launched the

Linux Basics 2 Pre-Lab Everyone installed Linux on their computer Everyone launched the

Computer Systems and Networks ECPE 170 Jeff Shafer University of the Pacific Linux Basics 2 Pre-Lab Everyone installed Linux on their computer Everyone launched the command line (terminal) and ran a few commands

533 views • 40 slides
Cubic Tragedy from NTUST CS5502 Fall 2005 (c) Chun-Fa Chang What Makes a Good Picture?

Cubic Tragedy from NTUST CS5502 Fall 2005 (c) Chun-Fa Chang What Makes a Good Picture?

Ray Tracing Writing a Very Simple Version CS5502 Fall 2005 (c) Chun-Fa Chang Todays Short Film Cubic Tragedy from NTUST CS5502 Fall 2005 (c) Chun-Fa Chang What Makes a Good Picture? Contents (3D models). Lighting.

423 views • 10 slides
1 Ray Tracing Avoiding Ray Traced Look Ray Tracing - Problems Object - ray intersection

1 Ray Tracing Avoiding Ray Traced Look Ray Tracing - Problems Object - ray intersection

Paper Summaries Any takers? Advanced Ray Tracing Assignments Projects Project feedback Checkpoint 5 Approx 18 projects Due next monday Listing of projects now on Web Checkpoint 6 Presentation schedule

231 views • 11 slides
Topic 2b Wireless MAC Chapter 7 Wireless and Mobile Networks Computer Networking: A Top Down

Topic 2b Wireless MAC Chapter 7 Wireless and Mobile Networks Computer Networking: A Top Down

Topic 2b Wireless MAC Chapter 7 Wireless and Mobile Networks Computer Networking: A Top Down Approach 7 th edition Jim Kurose, Keith Ross Pearson/Addison Wesley April 2016 Wireless and Mobile Networks 7-1 Ch. 7: Wireless and Mobile

331 views • 29 slides
Optical Communications Telecommunication Engineering School of Engineering University of Rome La

Optical Communications Telecommunication Engineering School of Engineering University of Rome La

Departamento de Seales y Dipartimento INFOCOM comunicaciones Universit degli studi di ULPGC Roma La Sapienza Optical Communications Telecommunication Engineering School of Engineering University of Rome La Sapienza Rome, Italy

356 views • 19 slides
Sofia Pediaditaki and Mahesh Marina s.pediaditaki@sms.ed.ac.uk mmarina@inf.ed.ac.uk University of

Sofia Pediaditaki and Mahesh Marina s.pediaditaki@sms.ed.ac.uk mmarina@inf.ed.ac.uk University of

Sofia Pediaditaki and Mahesh Marina s.pediaditaki@sms.ed.ac.uk mmarina@inf.ed.ac.uk University of Edinburgh Introduction 802.11 Causes of Packet Losses: Channel errors Interference (collisions or hidden terminals) Mobility,

292 views • 14 slides
Ad hoc and Sensor Networks Naming & Addressing Goals of this chapter This short chapter

Ad hoc and Sensor Networks Naming & Addressing Goals of this chapter This short chapter

Ad hoc and Sensor Networks Naming & Addressing Goals of this chapter This short chapter looks at non-standard options for denoting the senders/receivers of messages Traditional (fixed, wireless, ad hoc): Denote individual nodes by

558 views • 10 slides

More recommend