The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.04 - July-Aug. (2012 vol.10)
pp: 54-61
Frederick T. Sheldon , Oak Ridge National Laboratory
John Mark Weber , Dynetics
Seong-Moo Yoo , University of Alabama in Huntsville
W. David Pan , University of Alabama in Huntsville
ABSTRACT
Wi-Fi is the standard protocol for wireless networks used extensively in US critical infrastructures. Since the Wired Equivalency Privacy (WEP) security protocol was broken, the Wi-Fi Protected Access (WPA) protocol has been considered the secure alternative compatible with hardware developed for WEP. However, in November 2008, researchers developed an attack on WPA, allowing forgery of Address Resolution Protocol (ARP) packets. Subsequent enhancements have enabled ARP poisoning, cryptosystem denial of service, and man-in-the-middle attacks. Open source systems and methods (OSSM) have long been used to secure networks against such attacks. This article reviews OSSMs and the results of experimental attacks on WPA. These experiments re-created current attacks in a laboratory setting, recording both wired and wireless traffic. The article discusses methods of intrusion detection and prevention in the context of cyberphysical protection of critical Internet infrastructure. The basis for this research is a specialized (and undoubtedly incomplete) taxonomy of Wi-Fi attacks and their adaptations to existing countermeasures and protocol revisions. Ultimately, this article aims to provide a clearer picture of how and why wireless protection protocols and encryption must achieve a more scientific basis for detecting and preventing such attacks.
INDEX TERMS
Encryption, Wireless communication, Wireless networks, Communication system security, IEEE 802.11 Standards, Phase shift keying, Network security, computer security, Internet-based attacks on privacy and confidentiality, critical Internet infrastructure, intrusion detection and prevention, Wi-Fi protected access, IEEE 802.11, attack experimentation
CITATION
Frederick T. Sheldon, John Mark Weber, Seong-Moo Yoo, W. David Pan, "The Insecurity of Wireless Networks", IEEE Security & Privacy, vol.10, no. 4, pp. 54-61, July-Aug. 2012, doi:10.1109/MSP.2012.60
REFERENCES
1. Y. Xiao, “IEEE 802.11n: Enhancements for Higher Throughput in Wireless LANs,” IEEE Communications Magazine, vol. 12, no. 6, 2005, pp. 82–91.
2. IEEE Std. 802.11-200, Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications, IEEE, 2007; http://standards.ieee.org/getieee802/download 802.11-2007.pdf.
3. S. Frankel et al., Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i, US Nat'l Inst. Standards and Technology, 2007; http://csrc.nist.gov/publications/nistpubs/ 800-97SP800-97.pdf.
4. J. Geier, “802.11 WEP: Concepts and Vulnerability,” Wi-Fi Planet,20 June 2002; www.wi-fiplanet.com/tutorials/article.php 1368661.
5. H. Cheung, “How to Crack WEP—Part 1: Setup and Network Recon,” Tom's Guide, 2008; www.tomsguide.com/ushow-to-crack-wep,review-451.html .
6. H. Cheung, “How to Crack WEP—Part 2: Performing the Crack,” Tom's Guide, 2008; www.tomsguide.com/ushow-to-crack-wep,review-459.html .
7. H. Cheung, “How to Crack WEP—Part 3: Securing Your WLAN,” Tom's Guide, 2008; www.tomsguide.com/ushow-to-crack-wep,review-471-7.html .
8. F. Robinson, “Examining 802.11i and WPA,” Network Computing,26 Mar. 2004; www.networkcomputing.com/wireless229622096 .
9. F. Halvorsen and O. Haugen, “Cryptanalysis of IEEE 802.11i TKIP,” Dept. of Telematics, Norwegian Univ. of Science and Technology, 2009; http://download.aircrack-ng.org/wiki-files/ doctkip_master.pdf.
10. E. Tews and M. Beck, “Practical Attacks against WEP and WPA,” Proc. 2nd ACM Conf. Wireless Network Security, ACM, 2009, pp. 79–86.
11. T. Ohigashi and M. Morii, “A Practical Message Falsification Attack on WPA,” 2009; http://packetstormsecurity.net/papers/wireless A_Practical_Message_Falsification_Attack_On_WPA.pdf .
12. “WPA2 Hole196 Vulnerability: Exploits and Remediation Strategies,” white paper, AirTight Networks, 2010; www.airtightnetworks.com/fileadmin/pdf/whitepaper WPA2-Hole196-Vulnerability.pdf .
13. G. Combs, “TShark—Dump and Analyze Network Traffic,” Wireshark; www.wireshark.org/docs/man-pagestshark.html .
14. D. Gupta, “The New Attack on WPA/TKIP: Much Ado about Nothing?,” blog, AirTight Networks, 8 Sept. 2009; http://blog.airtightnetworks.comthe-new-attack-on-wpatkip-much-ado-about-nothing .
15. M. Kershaw, “Kismet Readme,” Kismet, 2011; www.kismetwireless.netdocumentation.shtml .
16. K. Hutchinson, “Wireless Intrusion Detection Systems,” SANS Inst., 2004; www.sans.org/reading_room/whitepapers/wireless wireless-intrusion-detection-systems_1543 .
21 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool