0% found this document useful (0 votes)
176 views11 pages

Implementing Privacy and Security To Wireless Networks

This document discusses implementing privacy and security in wireless networks. It begins by noting that wireless networks are inherently more vulnerable than wired networks due to issues like node mobility and changing topologies. It then provides an overview of common wireless networking technologies like Wi-Fi, cellular networks, Bluetooth, WiMAX and discusses their features. It also discusses wireless network types including WPANs, WLANs, and WMNs. The document aims to examine security challenges in wireless networks and potential solutions.

Uploaded by

Ashok K. Thakur
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
176 views11 pages

Implementing Privacy and Security To Wireless Networks

This document discusses implementing privacy and security in wireless networks. It begins by noting that wireless networks are inherently more vulnerable than wired networks due to issues like node mobility and changing topologies. It then provides an overview of common wireless networking technologies like Wi-Fi, cellular networks, Bluetooth, WiMAX and discusses their features. It also discusses wireless network types including WPANs, WLANs, and WMNs. The document aims to examine security challenges in wireless networks and potential solutions.

Uploaded by

Ashok K. Thakur
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 11

Implementing Privacy and Security to Wireless Networks

Kavita Dhiman Tarun Sharma


Assistant professor, Department of Computer Application
Department of Computer Application, CSB Chandigarh Group of Colleges
Chandigarh Group of Colleges Jhanjeri, Mohali -140307 (Punjab)
Jhanjeri, Mohali -140307 (Punjab) [email protected]
[email protected]

ABSTRACT
Inherently, wireless networks are more prone to attack than their wired counterparts. Additionally, problems are
created by node mobility and changeable network topology. Additionally, intermittent connectivity whether
brought on by node sleep or mobility presents new difficulties. Direct adoption of current security solutions is
additionally made challenging, if not impossible, by node resource limitations. The areas of wireless networks
and mobile computing are examined in Wireless Communication Network Security and Privacy. Authentication,
access control and authorization, nonrepudiation, privacy and confidentiality, integrity, and auditing are all part
of the security components. Any good or service must include privacy as a feature.

Keywords— Wireless Networks, Technologies, Attacks, Security

WIRELESS COMMUNICATION users have specific needs for cryptography, thus


NETWORKING AND TECHNOLOGIES current and future wireless communication systems
The provision of telecommunications services now must address these needs.
includes a very fascinating area known as wireless
communications. They range from straightforward Examples of Wireless Technologies
communication services to applications for unique Wi-Fi: In order to wirelessly link two devices, we
and delicate uses including electronic commerce, usually need a Wi-Fi arrangement in which a router
healthcare, and digital currency(Thurwachter, broadcasts a network and our devices which might
2002). be a PC, phone, laptop, or TV all connect to the
Wireless communications have gained popularity router. With Wi-Fi Direct, in contrast to this
as a research topic in recent years due to their low traditional method, compatible devices can join
cost, low power consumption, flexibility, lack of directly by creating their own wireless network.
physical infrastructure, and ease of deployment, as
well as the rapid increase in the number of wireless Cellular Network:Also called a base station or cell
users. Many wireless networks, including wireless site, a cellular network is a radio network that is
local area networks (WLAN), wireless body area distributed over land areas called cells and is each
networks (WBANs), wireless personal area served by at least one fixed-location transceiver. To
networks (WPANs), and ad-hoc networks, utilize prevent interference and guarantee bandwidth
these short-range wireless technologies(Tachikawa, inside each cell in a cellular network, each cell
2002). employs a separate set of frequencies from its
Wi-Fi, commonly known as the IEEE 802.11 nearby cells.
standard for wireless local area networks, now Capableof utilizing practically all public and
supports a number of over-the-air modulation private network capabilities and services.
techniques with speeds ranging from 11 to 540  a bigger capacity.
Mbit/s in the 2.4 GHz and 5 GHz frequency bands.  decreased energy use
(Chen, 2007).  greater area of coverage
Security will be crucial to information transmission  less signal interference from other sources
operations in future wireless protocols and In a cellular radio system, a land area is divided
communication environments (networks). Today's into uniformly shaped cells that can be hexagonal,
square, circular, or any other uniform shape, though and PHY system profiles are being developed by
hexagonal cells are typically used. The frequencies the WiMAX technical working group. For both
in question can be utilized again in other cells as wireless MAN (licensed) and wireless HUMAN,
long as they are not used again in nearby cells that the MAC profile offers an IP-based variant
are directly adjacent to one another because that (license-exempt). With physical layer
would interfere. specifications based on the spectrum of use and the
Short-range wireless communications between related regulations, IEEE Standard 802.16 was
desktop and laptop computers, personal digital created to develop as a set of air interfaces
assistants (PDAs), cell phones, printers, scanners, standards for WMAN based on a common MAC
digital cameras, and even home appliances are protocol. (Gavrilovska& Prasad, 2006).
made possible by the Bluetooth technology. Short-
range wireless interconnectivity is gradually Examples of Wireless Networking
replacing current wireline connections as more Wireless Personal Area Networks (WPAN) are a
people adopt Bluetooth wireless technology. type of low-range wireless network that only have a
Numerous intriguing usage scenarios are possible few dozen meters of coverage. Wireless Local Area
with Bluetooth, such the ones listed below (Anand, Networks (WLAN): This type uses radio or
2003): infrared signals rather than conventional network
wiring to offer wireless network connectivity
 Electronic identification verification by just across small distances. A wireless network adapter
putting your phone in your pocket and passing that serves the same purpose as a conventional
through a doorway. Ethernet adapter is used by clients to connect to the
 Purchasing electronic tokens or tickets that are AP.(Wang & Poor, 2003):
"punched" when you drive or stroll through a • Mobility: LAN users can have access to real-
sensor using a multipurpose PDA. time information wherever in their business
 A clinician can access a patient's information in with the help of wireless LAN systems.
a central database by carrying another • Installation Speed and Simplicity: A wireless
Bluetooth capable device because Bluetooth LAN system can be quickly and easily installed,
chips are always on and looking for other and it can do away with the need to run cable
Bluetooth devices. through walls and ceilings.
WiMAX:WiMax (Worldwide Interoperability for • Reduced Cost-of-Ownership: WirelessLAN
Microwave Access) is a wireless communications hardware may require a larger initial investment
standard intended to deliver data rates of 30 to 40 than conventional LAN hardware, but overall
megabits per second. In order to give last-mile installation costs and life-cycle costs may be
wireless broadband connectivity as an alternative to considerably cheaper.
cable and DSL, WiMAX is a wireless technology • Scalability: Peer-to-peer networks suited for a
based on the IEEE 802.16 specifications small number of users can be quickly
(Mahmoud, 2007): configured, while comprehensive infrastructure
 Spectrum: can to be used in spectra that are networks with thousands of users can enable
both licensed and unlicensed. roaming over a large area.
 Topology: various Radio Access Network Personal area networks (PANs), local area
(RAN) topologies are supported. networks (LANs), campus area networks (CANs),
 Interworking: Independent RAN architecture or metropolitan area networks (MANs) are similar
to provide smooth integration and interworking terms for different sorts of networks that are
with Wi-Fi, 3GPP and 3GPP2 networks and typically restricted to a room, building, campus, or
current IP operator core network. specific metropolitan area (e.g., a city). LANs and
 IPConnectivity: allows clients and application other smaller networks, such as metro area
servers to use a combination of IPv4 and IPv6 networks, are frequently connected by WANs
network interconnects. (MANs). WANs often employ different, pricier
 MobilityManagement: Possibility of networking hardware than do LANs (Comaneci&
expanding fixed access to include delivery of Poor, 2005).
mobile and broadband multimedia services. Wireless Mesh Networks (WMN): The field of
The IEEE 802.16a and HiperMan standards' MAC wireless communication technology is developing
quickly. The following aspects of Wireless Mesh cloud). Because hybrid clouds are
Networks are attracting attention (Ahmad, 2005): interconnected, it is simple to move programs
 Simple and inexpensive network deployment; and details from one implementation program
 Simple and inexpensive networker to another. It is possible to use any type of
configuration; cloud computing service alone or in conjunction
 Reduction in wired links; with others.
 Robust communication;
 Effective spectrum reuse; The Network
 Increased network capacity; and so forth. Clouds typically refer to wide area networks
Mesh routers and mesh clients make up a simple (WANs) like the Internet, but they can also refer to
WMN. Based on their structural design and private clouds, which are networks that belong to
deployment arrangement, WMNs can be divided specific businesses. However, as illustrated in
into three primary categories: Figure 1, the phrase "cloud computing" almost
 Infrastructure Mesh: Some mesh routers with typically refers to the public Internet rather than
gateway functionality connect to the internet private networks.
through access routers (ARs), and the mesh Figure 1. The cloud networking
routers build links that setup and heal
themselves(Agrawal & Zeng, 2003).
 Client Mesh: Peer-to-peer mesh networking
among clients makes up its architecture. In this
architecture, mesh clients handle all routing and
setups independently, negating the need for
mesh routers.
 Hybrid Mesh: Infrastructure and client
meshing are combined in its architecture. With
peer-to-peer connections with other mesh
clients or through the mesh routers, mesh
clients have access to the mesh network. TECHNIQUES OF WIRELESS
Utilizing the Cloud Networking: The collection of
COMMUNICATION NETWORKS
components, networks, storage space, solutions,
and connections that make up cloud computing FOR SECURITY AND PRIVACY
work together to generate various features of Network architecture and design are increasingly
computing as a service. Cloud computing involves focusing on issues related to security and privacy of
the internet delivery of software, features, and user, application, device, and network resources
storage space. (Al-Omari &Sumari, 2010) They and data. Understanding the connections between
comprise: security mechanisms and the security architecture
 Versatility and the ability to scale up and down, and other component architectures is essential for
 Program development connections (APIs), the correct operation of security inside a network
(Xiao & Du, 2009).
 Stipulating and automatic payments, and
The protection of networks and the services
 Metering of assistance utilization in a payas-
they provide against illegal access, alteration,
you-go style.
destruction, or disclosure is referred to as network
There are several types of cloud processing,
security in this context. Network privacy is a subset
including (Chen, 2007):
of network security that focuses on preventing
 Public clouds are in accordance with the typical
unauthorized access to networks and the services
cloud computing model, in which a business
they provide. In this book, whenever the phrase
develops services like software and storage and
"network security" is used, it also refers to all
makes them accessible to the public online.
aspects of "network privacy" (Olakanmi, 2012).
 They may be managed internally or by a third
However, in order for the network to fulfil user
party, and they may be arranged internally or
expectations and for security to offer sufficient
externally.
protection, security must now be built into the
 A blend of public and private clouds (hybrid network from the start.
Due to the following factors, interest in confidentiality, data authentication, and replay
cryptology has increased since the development of protection.
wireless data communications at the turn of the  The majority of wireless services demand
20th century (Boncella, 2002): access control in order to restrict access to
 The development of corporate and military authorized users and/or for billing
communications as a result of this technology, considerations. The mobile terminal, on the
which made it possible to communicate other hand, wants to confirm that it is connected
globally in seconds as opposed to weeks. to a reliable access point(Sklavos&Xinmiao,
 It is clear that wireless communications are just 2007).
as simple for an enemy to intercept as they are
for the intended recipient. Each security measure should be assessed for the
As a result, mechanical and electromechanical network it is being used on, taking into account
cryptographic devices were widely used in the first how much protection it offers, how it affects users'
half of the 20th century, and cryptanalysis of these ability to perform their tasks, how much technical
systems became increasingly popular. Because of knowledge is needed for installation and
the widespread use of the Internet and the World configuration, how much it costs to buy,
Wide Web, cryptography is now widely used in e- implement, and run, and how much administration
commerce and other commercial applications. and maintenance it requires(Sklavos&Xinmiao,
Low-cost, quick software cryptography and open 2007).
security protocols like TLS (SSL), SSH, and IPsec,
which were launched in the second part of the Encryption/Decryption
1990s, provide the foundation of these Encryption and decryption guard information from
technologies. being used by the attacker while other security
The lack of or very poor security offered by the methods prevent unauthorized access and the
earliest analogue mobile phones caused great destruction of resources and information
embarrassment. Even if there are still many flaws (Elminaam&Hadhoud, 2009). It is encrypted using
in the European GSM system, which was cypher algorithms and a secret key as part of the
developed in the late 1980s, security was already encryption and decryption process, which makes
considerably improved. data unintelligible if intercepted. Then, data are
As demonstrated in Figure 2, the concepts of decrypted at or close to their final destination. In
security and privacy are difficult to separate since Figure 3, this is displayed.
they, on the one hand, overlap in some areas and,
on the other, are not always combinable.
(Lashkari&Samadi, 2009).
The following significant security needs for
wireless networks must be taken into account:
 Confidentiality protection is frequently only
applied to the wireless link, despite the fact that
the majority of wireless connections continue
across a fixed network. Encryption and decryption thereby improve
other types of security by safeguarding data in the
event that those other methods are unable to
prevent unwanted individuals from accessing that
data. Public key and private key encryptions and
decryptions are the two most popular forms. Public
key encryption and decryption are frequently
implemented in software. Examples include Rivest,
Shamir, and Adleman (RSA) public key
 Along with encryption, triple DES private key encryption, and
security from replay, data authentication should data encryption standard (DES) private key
be offered. Authenticated encryption should be encryption. A security architecture that makes use
employed in order to achieve data of both public and private keys is public key
infrastructure (PKI). Information is encrypted using security objectives of the GSM system. Running an
a public and private cryptographic key pair that is authenticated key agreement (AKA) protocol
obtained and shared through a trusted authority in a between the mobile phone and the base station
system called public key infrastructure, which enables the achievement of these security
combines security mechanisms, policies, and objectives (with the exception of the first one). A
directives into a system intended for use across long-term secret or key needed for this protocol is
unsecured public networks (such as the Internet). kept on a smart card known as the Subscriber
PKI consists of cryptographic keys and a certificate Identity Module (SIM)(Xiao, Chen & Du, 2009).
management system and is intended for secret, The SIM card computes the key, which is then
official, commercial, and legal transactions. This transmitted to the mobile device. The phone
system's components are: encrypts all subsequent communication between
• Controlling the creation and distribution of the base station and the phone. The following
public and private keys issues with this protocol still exist:
• Publishing certificates with public keys and  It would not be suitable, from a security
UIDs in open directories standpoint, to keep the Ki of every user's key in
• confirming that a certain public key is actually the base stations or to send these keys to a base
connected to a pacific private key station.
• proving who is in possession of a public/private  There is no subscriber identity confidentiality
key pair provided by the protocol. In fact, one can get
the ability to track a mobile phone simply
Certification Authorities (CA), who act as cutting off the wireless connection.
trusted third parties for PKI, are one or more of the  The AKA protocol does not authenticate the
trusted systems used by PKI. user of the mobile phone to the network.
A different illustration is the secure sockets Three categories of GSM security system flaws can
library (SSL). In order to identify a party's digital be identified:
identity, the Secure Sockets Library uses RSA-  cryptography algorithms' flaws,
based authentication, while the accompanying  absence of defense against active attacks (a
transaction or communication is encrypted and cryptographic protocol weakness), and
decrypted using RC4. Network performance (in  architectural flaws
terms of capacity and delay) can be negatively
impacted by 15% to 85% or more depending on the
Wireless LAN Security
type of encryption/decryption and where it is
The data confidentiality, data integrity, entity
deployed in the network. Despite the fact that this
authentication, and authorization are the security
approach is compatible with other security
objectives of the IEEE 802.11 security architecture.
mechanisms, trade-offs like these musts to be taken
The Wired Equivalent Privacy was the first remedy
into account when assessing encryption and
incorporated into the 1999 IEEE 802.11 standard
decryption.
(WEP) WEP was immediately found to have
numerous security weaknesses, which led to the
Mobile Phone Systems Security industry organization Wi-Fi Alliance adopting Wi-
The original generation of mobile phone systems' Fi Protected Access (WPA) in 2002 as a temporary
only security feature was a secret user identity that fix.(Olakanmi, 2012).
was sent unencrypted over the network, much like In order to provide authenticated encryption at
a computer system's user name and password. As a the data link layer, IEEE 802.11 offers the WEP
result, second generation mobile systems (GSM protocol as an optional security mechanism. A
and IS-95) received advanced security services, short key K (40 or 104 bits) is stretched into a large
which were then developed for third generation key stream using the stream cypher RC4 before
systems(Gerkis, 2006). being added to the payload. Since no key
management is offered, each access point relies on
GSM Security a single shared key amongst its users that must be
User identity confidentiality, user identity manually installed and consequently is updated
authentication, user data confidentiality, and infrequently.
signaling information confidentiality are the The cost of retrieving such a key is extremely
low, making the 40-bit key size unacceptably symmetric cryptographic operations used in
small. While a 104-bit key provides enough long- Bluetooth, could significantly increase the security
term security, some implementations generate it of the Bluetooth
from a short password, making security less robust. protocol(Sreedhar&Kasiviswanath, 2010).
If changes are made to the packet headers, the
access point will decrypt the packet and may
redirect it to a machine of the attacker's choosing. ATTACKING METHODS FOR
Shared Key Authentication can be used with WIRELESS NETWORKS
WEP to increase protection against authentication Passive Attack Methods
faking (SKA). SKA makes the plaintext challenge This makes it more challenging to defend
and the cipher text response both exposed, making against passive attacks on a wireless network. The
it easy to fake authentication to a closed eavesdropper can simply capture network traffic for
network(Boncella, 2002). examination using readily available tools, such as
Network Monitor in Microsoft products, if they are
Wi-Fi Protected Accesses (WPA) equipped with a wireless network adaptor that
In 2002, WPA, a temporary replacement for supports promiscuous mode.
WEP, was created in advance of the 2004 (Sreedhar&Kasiviswanath, 2010).
publication of the IEEE 802.11i standard (WPA2). The task of a potential eavesdropper has been
WPA continued to use RC4 but switched out the made much simpler if the network administrator
CRC-32 with a more robust MAC algorithm with a has been so nice as to include a hint about the
64-bit output called Michael since it needed to be organization in the SSID or is not using WEP to
compatible with the deployed devices with limited encrypt traffic. The attacker can learn the DNS
computing capacity. servers being used, the default home pages set up
A way to extract per-packet WEP keys from a on browsers, network names, logon traffic, and
temporal secret key, the device's MAC address, and other information by examining the network traffic,
the packet sequence number is added by the for instance.
Temporal Key Integrity Protocol (TKIP), which This data can be used by the attacker to assess the
also doubles the IV space to 48 bits with network's interest level and decide whether to
sequencing restrictions. Even if numerous nodes launch additional attacks. Furthermore, if the
share the same secret key, this assures distinct keys. network is using WEP, the attacker has the ability
Every 10,000 packets, the temporal key, which is to collect enough traffic with enough time to break
obtained from the pair-wise master key (PMK), is the encryption if the network is using WEP.
updated. On networks that are set up as open systems,
This framework is based on the Extensible Nets tumbler operates. This means that when other
Authentication Protocol (EAP), which supports a wireless devices transmit a radio beacon with a
variety of authentication techniques including "empty set" SSID, the wireless network responds
public key authentication, one-time password with the value of its SSID and acknowledges their
tokens, smart cards, and Kerberos. The access point presence. Administrators should set up the wireless
only opens a port for EAP packets to an network as a closed system to protect against the
authentication server (like RADIUS or Diameter) usage of Nets tumbler and other tools to detect a
on the fixed network in response to a mobile node's wireless network quickly. This implies that tools
request for access. (Sen, 2009). like Nets tumbler, which rely on this method to
detect wireless networks, will not be able to "see"
Security for Personal Area Networks the AP because it will not reply to "empty set"
(Bluetooth) SSID beacons. (Padmavathi&Shanmugapriya,
The protocol for Bluetooth authenticated key 2009).
agreement is somewhat complicated. The 48-bit Aps are half-duplex devices that function
Bluetooth address and a random number are used to similarly to other half-duplex devices like hubs and
produce the key. Password-based authenticated key repeaters on the wireless side, it should be noted.
exchange (PAKE) protocols, which prevent off-line This implies that every device connected to the
PIN guessing attacks but necessitate public key network may be able to view all of the traffic
operations that are more expensive than the coming from other devices.
(akro&etin, 2010).
Active Attacking Methods
An attacker can conduct an active attack against the Access Control Attacking Methods
network once they have gathered enough data from Through the use of wireless technology or by
the passive attack. Using MAC filtering to grant avoiding WLAN access control measures such AP
access to the wireless network to only clients with MAC filters and 802.1X port access controls, these
legitimate MAC addresses is a typical method of attacks try to break into a
securing a wireless network against illegal access. network(Sreedhar&Kasiviswanath, 2010):
However, regardless of the method used to conduct • War Driving: locating wireless LANs by
MAC filtering, it is a relatively simple affair to use issuing probe requests or listening for beacons,
software to modify a wireless device's MAC which can be used as an entry point for
address in order to pose as a legitimate station additional attacks.
(Anand, 2003). • Rogue Access Points: placing an untrusted AP
The attacker can do port scans, use specialized within a firewall, opening a backdoor to a
tools to dump user lists and passwords, pose as reliable network.
users, connect to shares, and generally wreak havoc • Ad Hoc Associations: connecting directly to a
on the network with DoS and Flooding assaults station that is unprotected in order to get around
once they have authenticated and connected to the AP protection or to attack the station.
wireless network. These denial-of-service (DoS)
attacks may take the form of more conventional Confidentiality Attacking Methods
methods like ping floods, SYN floods, fragment These attacks try to intercept private data delivered
attacks, or Distributed DoS (DDoS) attacks, or they via wireless networks, whether it's encrypted using
may target wireless networks specifically by setting 802.11 or a higher layer protocol or sent in the
up and employing rogue access points to obstruct clear (Padmavathi&Shanmugapriya, 2009).
the proper forwarding of wireless traffic. • Eavesdropping: the gathering of potentially
sensitive information by intercepting and
Man-in-the-Middle Attacks decoding unprotected application traffic.
Wireless customers won't be able to tell if they are • WEP Key Cracking: using passive or active
connecting to an illegal AP if the attacker is aware techniques to capture data in order to recover a
of the SSID that the network is using and the rogue WEP key.
AP is powerful enough. An attacker can learn • Evil Twin AP: using the WLAN's service set
important details about the wireless network, such identifier (SSID) to entice users while posing as
as authentication requests, the secret key that might an approved AP.
be in use, and other information, by using a rogue
AP. Frequently, the attacker will set up a laptop Integrity Attacking Methods
with two wireless adapters, one of which is used by These attacks use wireless to broadcast faked
the malicious AP and the other of which is used to control, management, or data frames in an effort to
route requests to the real AP through a wireless deceive the recipient or aid another attack (like a
bridge. The rogue AP need not be situated close to DoS) (Padmavathi&Shanmugapriya, 2009).
the legal AP if it has a powerful enough antenna. • 802.11 Frame Injection: Making and
(Padmavathi&Shanmugapriya, 2009). transmitting fake 802.11 frames.
• 802.11 Data Replay: Replaying 802.11 data
Jamming Attacking Methods frames after they have been updated.
Jamming is a unique type of DoS attack that targets • 802.1X RADIUS Replay: Replaying captured
wireless networks only. The presence of other RADIUS Access-Accept or Reject messages
devices, such cordless phones, that use the same
frequency as the wireless network can sometimes Authentication Attacking Methods
result in jamming that is not malicious. When an Through these assaults, hackers get access to
attacker examines the spectrum being utilized by otherwise private networks and services by stealing
wireless networks and then sends out a strong the legitimate user identities and credentials
signal to disrupt communication on the found (Agrawal & Sharma, 2011).
frequencies, jamming is intentional and malevolent. • Shared Key Guessing: Using hacked, vendor
default, or guessable WEP keys when data without the owner's knowledge. The
attempting 802.11 shared key authentication. Bluejacking attack takes use of the fact that a
• Application Login Theft: obtaining user device's name can be shown for up to 248
information through clear-text application characters during a pairing process to transmit
protocols, such as their email address and advertisements to another device (Sethi, K
password. &Jaiswal, V. 2018).
• Domain Login Cracking: employing a brute- Attack WEP
force or dictionary attack tool to decrypt A significant portion of WLANs are still
NetBIOS password hashes in order to recover unprotected in 2006, and of those that do use
user credentials (such as a Windows login and security, more than 75% continue to use the WEP
password) (Sreedhar&Kasiviswanath, 2010). protocol (Padmavathi&Shanmugapriya, 2009). The
most frequent risks to a wireless network are
Availability Attacking Methods therefore unauthorized access and spoofing because
These attacks prevent legitimate users from of the characteristics of wireless networks and the
receiving wireless services by restricting their shortcomings of WEP.
access to WLAN resources or by disabling those The block diagram of various attacks on secure
resources (Padmavathi&Shanmugapriya, 2009). wireless communication systems is shown in
• AP Theft: Physically removing an AP from a Figure 4.
public space. Figure 4. Block diagram of different attacks
• Queensland DoS: Exploiting the CSMA/ CA
Clear Channel Assessment (CCA) mechanism
to make a channel appear busy.
• 802.11 Beacon Flood: Generating thousands of
counterfeits 802.11 beacons to make it hard for
stations to find a legitimate AP.

Bluetooth Attack
Bluetooth uses the stream cypher E0 for data
encryption and SAFER+ (Gehrmann&Smeets,
2004) for entity authentication and key
establishment. An attacker can gain the 48-bit
Bluetooth address and then trace the device by
listening in on a Bluetooth exchange or by
contacting a device that is in discoverable mode.
Since the 48-bit address is known to be not random
(the manufacturer-specific 24 bits are reserved for
specific devices, and some manufacturers preserve
specific ranges for specific devices), even if a
device is in non-discoverable mode, it may still be Wireless communication networks' security
discovered. Recovering an address can take issuesThis section will provide a summary of some
anywhere from a few hours to several years, of the key issues that have been raised in relation to
depending on the attacker's information and the wireless communication network security, privacy,
quantity of devices used in the attack and targeted and attack strategies.
at once.
Devices with Bluetooth functionality could be Examples of Different Challenges
subject to denial-of-service attacks. Rogue devices The difficulties of managing wireless security: As
may continually try to connect, which could WLANs become a commonplace part of enterprise
shorten the victim's battery life (Anand, 2003). As network infrastructure, security and management
an illustration, the Bluesnarf attack enables issues become of utmost importance to businesses.
connection to some mobile devices and gives (Laeeq, 2011).
access to the phone's calendar, IMEI (International Wireless LANs (WLANs) have developed to the
Mobile Equipment Identity), and other restricted point that they are being integrated into corporate
networks as standard equipment, posing the biggest is difficult for end users who lack the
wireless pain points for network managers. In order knowledge or server access necessary to set up
for the connectivity, they provide to be as SSH tunnels or their own VPN tunnel.
dependable as that provided by wired Ethernet Problems with Wireless Remote Monitoring:
switches, wireless APs and controllers must be Although employing wireless for remote
controlled and monitored similarly (Sethi, K., monitoring has several financial advantages,
&Jaiswal, V. 2022). business has been sluggish to adopt the technology.
Before wireless measuring systems are widely
The biggest error businesses make while setting
used, there are a number of obstacles that must be
up wireless networks: The worst error made while
removed, including those related to security,
implementing wireless networks is not paying
dependability, integration, and power.
enough attention to and preparing for capacity and
Security and Reliability: For many engineers
application performance needs. Many best-effort
and scientists contemplating wireless, security is
WLANs in use today managed without it, and there
their top worry. The justification for this is mostly
is a strong temptation to deploy next-generation
attributable to the shortcomings of early wireless
WLANs using the same stale guidelines and
protocols like wired equivalent privacy (WEP),
educated guessing.
which did not effectively block unauthorized
New wireless security gadgets: As standards access. Adaptation to Current Systems: Proprietary
have become more established, wireless security networking protocols have been used frequently to
updates have stalled. The current focus of wireless address wireless security flaws:
security technologies is on expanding the visibility • If such a protocol's specifics are ever disclosed,
and applicability of existing controls while the entire system is put at risk.
improving their performance in harsher situations. • Integrating proprietary networks into wired
Security issues with open wireless networks: A systems that are already in place is challenging.
shared wireless network poses two major security If you opt for a proprietary protocol, you are
issues. The absence of a reliable trust network forced to use network components from a single
between the owner of the wireless network node supplier, some of which might not be
and the network user effectively causes both of compatible with your current hardware.
these problems(Sreedhar&Kasiviswanath, 2010).
Battery life:Although it depends on the
The chance that someone will use your network for application, power is a third possible issue for
immoral (or maybe even criminal) purposes, such wireless networks. For instance, Wi-Fi uses more
as accessing immoral content online or trying to power than ZigBee but can broadcast waveform
gain access to personal information through the data continuously. On the other hand, ZigBee and
local network (Sethi, K., &Jaiswal, V. (2019). 802.15.4 can operate for years on batteries thanks
to restrictions on the volume of data they gather
The risk brought on by the requirement to put your and the frequency at which they broadcast it.
trust in the owner of whichever Access Point you
happen to connect to while away from home, as Challenges associated with convergence: The
well as the potential for misuse of that trust to gain wireless revolution depends on the fusion of
access to your personal information and try to steal numerous information and communication
passwords to services like email or online banking. technologies. The transition to more heterogeneous
systems entails the integration of several gadgets,
When one shares their network, there is a many of which demand varying amounts of
chance that users will not utilize it responsibly due bandwidth, such as computers, sensors,
to the potential of connectivity abuse. This risk transmitters, radar, GPS, and cameras. (Abu-
consists of: Rgheff, 2007).
• The risk of abuse of bandwidth:It is usually
done with the implicit idea that you are sharing
surplus bandwidth, i.e., that you probably won't FUTURE RESEARCH DIRECTIONS
notice the difference, when you agree to share However, creating an effective detection
your network with others. mechanism for such a system represents a
(Sreedhar&Kasiviswanath, 2010). significant scientific problem. Although security
• VPN’s and Tunneling: Using a VPN solution
procedures for each layer will eventually become survey of outing attacks and security
well-established, merging all the techniques to have measures in mobile ad-hoc networks.
them cooperate with one another will be a difficult Journal of Computing, 3(1).
research task. Even if wireless sensor networks'
[3]. Ahmad. (2005). Wireless and mobile
overall security could be guaranteed, the cost- data. London:Wiley.
effectiveness and energy efficiency of using such
technologies could present a significant research [4]. Al-Omari &Sumari. (2010). An overview
issue in the future (Agrawal & Sharma, 2011). of mobile ad hoc networks for the
existing protocols and applications.

[5]. International Journal on Applications of


CONCLUSION Graph Theory and Ad Hoc Networks and
The cyphers typically need extensive algebraic Sensor Networks, 2(1).
and arithmetic alterations, which are inappropriate
for hardware implementations. However, in the [6]. Anand. (2003). Power aware public key
authentication for Bluetooth. (M.Sc.
case of handheld devices and mobile
Thesis). University of Florida,
communications with high-speed and low-power Gainesville, FL.
consumption requirements, the software solution is
not suitable. [7]. Boncella. (2002). Wireless security: An
A heterogeneous multi-terminal hardware overview. Communications of the
prototype will be built for the actual assessment Association for Information Systems, 9.
over realistic situations of the most promising
[8]. Chen. (2007). The next generation
established cooperative and cognitive techniques,
CDMA technologies. London: Wiley..
expanding the scope of research in COSIMA
beyond theoretical and algorithmic levels. [9]. Comaniciu, Mandayam, & Poor. (2005).
The interaction between the layers is Wireless networks multiuser detection in
substantially greater with the new wireless cross – layer design. Berlin: Springer
technologies. A significant research difficulty is Science.
establishing fast enough communication between
[10]. Dong, Curtmola, & Nita-Rotaru. (2009).
multilayer complicated systems. Secure network coding for wireless
The development of platforms and architectures mesh networks: Threats, challenges, and
that can be used for a wide range of applications is directions. Computer Communications,
the core of convergence. 32, 1790–1801. doi:10.1016/j.
Users installing this software, either directly for comcom.2009.07.010.
the 3GPP voice stream or in a VoIP protocol, is
[11]. Elminaam, Kader, &Hadhoud.
something that may be anticipated for the
(2009). Performance evaluation of
upcoming generation of smart phones. symmetric encryption algorithms on power
Despite these security flaws, GSM has experienced consumption for wireless devices.
tremendous commercial success, which shows that International Journal of Computer Theory
attacks that take advantage of these vulnerabilities and Engineering, 1(4), 1793–8201.
for financial benefit may be managed. However, it
is also evident that, as these networks become more [12]. Elminaam, Kader, &Hadhoud.
(2010). Evaluating the performance of
integrated with the Internet, all network-level
symmetric encryption algorithms.
threats—including viruses, worms, denial-of- International Journal of Network
service attacks, and NS level attacks—will also Security, 10(3), 216–222.
need to be addressed on mobile networks.
[13]. Gavrilovska& Prasad. (2006). Ad
hoc networking towards seamless
REFERENCES communications. Berlin: Springer..
[1]. Abu-Rgheff. (2007). Introduction to
CDMA wireless communications. [14]. Gehrmann, Persson, &Smeets.
London: AcademicPress.. (2004). Bluetooth security. Boston:
Artech House, Inc..
[2]. Agrawal, Jain, & Sharma. (2011). A
[15]. Gerkis. (2006). A survey of Journal of Computer Science &
wireless mesh networking security Information Technology, 2(5).
technology and threats. SANS Institute.
[28]. Tachikawa. (2002). W-CDMA
[16]. Laeeq. (2011). Security mobile communication systems. London:
challenges & preventions in wireless Wiley and Maruzen.
communications. International Journal of
Scientific & Engineering Research, 2(5). [29]. Thurwachter. (2002). Wireless
networking. Upper Saddle River, NJ:
[17]. Lashkari, Danesh, &Samadi. Prentice Hall..
(2009). A survey on wireless security
protocols (WEP, WPA, and [30]. Wang & Poor. (2003). Wireless
WPA2/802.11i). In Proceedings of the communication systems: Advanced
2nd IEEE International Conference on techniques for signal reception. Upper
Computer Science and Saddle River, NJ: Prentice Hall..
[18]. Information Technology, (pp. 48-
52). IEEE. [31]. Xiao, Chen, & Yang, Lin, & Du.
(2009). Wireless network security.
[19]. Mahmoud. (2007). Cognitive URASIP Journal on Wireless
networks: Towards self- aware networks. Communications and Networking.
London: John Wiley &Sons..
[20]. McCabe. (2007). Network [32]. Sethi, K., Gupta, A., Gupta, G.,
analysis, architedture, and design (3rd &Jaiswal, V. (2019). Comparative
ed.). London: Elsevier Inc. analysis of machine learning algorithms
on different datasets. In Circulation in
[21]. Olakanmi. (2012). RC4c: A Computer Science International
secured way to view data transmission in Conference on Innovations in Computing
wireless communication networks. (ICIC 2017) (Vol. 87).
international Journal of Computer
Networks & Communications, 4(2). [33]. Sethi, K., Gupta, A., &Jaiswal,
[22]. Padmavathi&Shanmugapriya. V. (2018, December). Machine learning
(2009). A survey of attacks, security based performance evaluation system
mechanisms and challenges in wireless based on multi-categorial factors. In 2018
sensor networks. International Journal of Fifth International Conference on
Computer Science and Information Parallel, Distributed and Grid Computing
Security, 4(1). (PDGC) (pp. 86-89). IEEE.

[23]. Prttig, Szewczyk, Tygar, Wen, & [34]. Sethi, K., &Jaiswal, V. (2022).
Culler. (2002). SPINS: Security protocols PSU-CNN: Prediction of student
for sensor networks, wireless networks. understanding in the classroom through
Dordrecht, The Netherlands: Kluwer student facial images using convolutional
Academic Publishers.. neural network. Materials Today:
Proceedings.
[24]. Schwartz. (2005). Mobile
wireless communications. Cambridge,
UK: Cambridge University Press..
[25]. Sen. (2009). A survey on wireless
sensor network security. International
Journal of Communication Networks and
Information Security, 1(2), 55-78.

[26]. Sklavos&Xinmiao. (2007).


Wireless security and cryptography:
Specification and implementation. Boca
Raton, FL: CRC Press..

[27]. Sreedhar, C., Verma,


&Kasiviswanath. (2010). Potential
security attacks on wireless networks and
their countermeasure. International

You might also like