WPA is an acronym for "Wi-Fi Protected Access". It had been designed and produced by Wi-Fi alliance as a reponse to the weaknesses and vulnerabilities in the last wireless security process i. e. WEP (Wired Comparable Privacy). It is a qualification program produced by WiFi alliance to indicate compliance with the previous security standard protocol and secure wireless networks.
WPA2 is vulnerable to insider strike(If attacker is in the network or somehow enters the network) under certain conditions.
- PSK (Pre-Shared Key) vulnerability.
- PSK cracking tool, Eavesdropping. (Invasion on PSK Authentication)
- PEAP mis-configuring Vulnerability. (Episode on Authetication Server)
- TKIP Vulnerability. (Episode on Encryption)
- Pairwise key(PTK): It is used to protect unicast data frames.
- Group key (GTK): It is utilized to protect group resolved data casings like Broadcast APR data question frames. It is utilized as an encryption type in Access Point(AP) while as a decryption type in Client.
Analysis and Improvement of 802. 11i (WPA2):
The security requirement for WLAN(Wireless GEOGRAPHIC AREA network) industry are data confidentiality. Intergrit, common authentication and availability.
CCMP should be utilized for data confidentiality.
Mutual Authentication must be implemented for security concerns.
Addresses DoS(Denial of Service ) in MAC (Medium Gain access to Control)coating.
- Passive Eavesdropping/ Traffic Examination:
An attacker can easilty sniff and store all the traffic in the WLAN.
- Message Injections / Dynamic Eavesdropping:
An attacker is capable of inserting a message into the cellular network by making use of NIC credit cards(Network Interface cards). Attacker can create any choosen packet, alter contents of the packet and completely control the transmitting of the packet.
- Message Deletion and Interception:
It is performed by interfering with the packet reception processon the receiver's antenna. eg. Creating CRC errors so that the device drops the packet. Communication interception means an adversary is able to control an association completely i. e an attacker can get a packet before the receiver actually gets it and decide whether to delete the packet or forwards it to the device.
- Masquerading and Malicious AP (Gain access to Point):
An attacker can learn MAC addresses by eavesdropping and it can also spoof MAC address.
- Session hijacking:
An adversary might be able to hijack alegitimate session after the wireless devics have finished authenticatin themselves efficiently. It could be overcome using data confidentiality and strong integrity meachanism
- Man in the Middle Attack (MitM):
ARP cache posioning is a kind of Man in the centre Attack in case of wired interconnection.
- Denial of Service(DoS):
An adversary is capable of making the whole Basic Service Collection (BSS) unavailable, or disrupting the bond between respectable peers.
Ex. forging the unprotected management structures, protocol weaknesses or jamming of frequency rings with denial of service to the reputable users.
Data Confidentiality and integrity:
WEP (Wired Similar Privateness).
TKIP (Temporal Key Integrity Standard protocol)
CCMP (Counter Setting Cipher Blocking chaining MAC (Meaning Authetication Code) Protocol).
A temporal key (TK) is assumed tobe distributed between peers before executing any data confidentiality protocols.
Authentication and Key Management:
- Open System Authetication.
- Shared Key Authentication.
These are not anchored so IEEE802. 11i definesa new standard viz. RSNA (Robust Security Network Relationship)
- Network and Security Caability Finding.
- 802. 11 Authentication and Connection.
- EAP / 802. 1X / RADIUS Authentication.
- 4-way handshake
- Group key handshake.
- Secure data communication.
- First, an adversary can establish an 802. 11i assault a lot more easily than a physical layer harm, with only modest equipment.
- Second, it is much more difficult for a network administrator to find and locate these attacks.
- Layer abstraction is an essential concept in networks, requiring each coating to provide self-employed functionality separately.
When a wrong packet is diagnosed by Gain access to point, it waits for 60 secs, within this time around period of 60 secsif another inappropriate packet is received by gain access to point from the same source then it shut down that website link.
1. Security for Mobile ATE:
The data gathered from hardware systems using mobile phones, PDA's application must be shielded as currently many internet like things are done on mobiles only. We have been also aware that the security in cell phones while being able to access internet is not guaranteed. To triumph over this, many ATE (Automatic test Equipment) are isolated from networks and run in stand-alone environments.
An ATE system represents a single hardware device carrying out test measurements or several devices testing another hardware system.
- Configuration of the mobile device.
- Apps operating on these devices.
- Equipment communicating with these devices.
- Wireless connection between your device and ATE.
When ATE is sending data right out of the device, it may use an https connection, data encryption and user authenticationto ensure that the non-trusted sources won't have access to the data. The wireless interconnection between your device and the server should be anchored using cordless security protocols like WPA, WPA2, HTTPS and AES encryption.
Below fig. shows the security concerns for the cellular devices.
Fig. Major Mobile Request Server Areas
Securing the Wireless Connection:
The mobile device shouldn't connect to the ATE system through an unsecure Wireless network. Users must connect to the systems that implements strongest security process with encryption included. In rigorous scenarios, the application must use a secure VPN(Virtual Private Network) to hook up to the server.
Securing the mobile Device:
No amount of coding, server construction or wireless setup will be useful if the hardware including the mobile software has already been compromised. Before setting up any request on the mobile device, customer must check that they have got ot already jeopardized their system's security features by jailbreaking or rooting these devices. A jailbroken device is the fact device where individual removes "Operating system limitations imposed by the product manufacturer". By both of the procedure i. e. jailbreaking or rooting, every one of the security features that the system designers built-in to safeguard users are put into jeopardy.
Securing the Application:
Application must not gain too much controlof the mobile device. Each request must be self-employed of each other i. e one software should never call other program or use sources of the other.
Securing the ATE system:
The administrator and the programmer on the ATE server need to interact to assure that the server providing the mobile apllication data is secure. A lot of the data control must be achieved on the ATE server aspect as it is problematic for the attacker to gain access to data and also computing ability is ore on server side.
- (A)Data Acquisition Methodology:
Obtaining dark-colored -posted IP addresses: It was obtained from a german website, which was not up-to-date. This blacklisted IP addresses were the primary source for quantifying illegal activities.
Associating blacklisted IP addresses with geographic locations: IP addresses were never designated to a particular geographical area or region. IP addresses were designated to organisations in blocks or allocated to residences through set commercials ISPs. Maxmind provided one particular tool known as 'GeoIP'. The GeoIP tool is made up of a databases of IP addresses and their related global location information viz. City, Point out, Country, longitude and latitude.
Obtaining security figures of Wireless deployments: The information of Wireless deployments such as ratio of secure gain access to points and the number of blacklisted IP address occuring within the specific deployments for metropolitan areas.
(B) Data Manipulation Technique:
It involves handling the data. With regards to the volume of IP addresses balcklisted, city were choosen i. e metropolis having highest quantity of blacklisted IP addresses were considered.
- Data Analysis Technique:
We generated produced information of fileds such as IP address availability, Wi-fi network security and the number of blacklisted IP addresses.
Results of Data realated Methodology:
After 2006, every cellular empowered device is WPA/WPA2 accredited and Trademarked by WiFi alliance. The largest hurdle is the fact users don't realize the cordless security protocols and in the security dialogue box also first one is "None" and from then on there's a list from WEP to WPA2. It has been seen that an individual choose "None" or WEP as a security protocol without knowing just what that security standard protocol does as it comes before in the list.
So, the first and the main thing is do make customer alert to the protocols and advice those to use better protocol as per the requirements. For Ex. , Corporate and business world must use the toughest to decipher protocol whereas normal customer can use relatively lighter version of the protocol with good password, but it must do not have the Wireless gain access to without any security standard protocol i. e. none.
- Security for Mobile ATE Applications by Susan Moran.
- Malicious WiFI Network: AN INITIAL Look by Andrew Zafft and Emmaneal Agu.
- Security Research and Advancements for IEEE 802. 11i by Changhua He and John C Mitchell.