SYST44998: Wireless Security

Chapter 1: WLAN Security Overview

Outine
• Standards organizations
• 802.11 networking basics
• 802.11 security basics
• 802.11 security history
Learning Outcomes

• Explain how security information can be

gathered using various techniques (1)
Standards Organizations
• The Wi-Fi Alliance
• International Organization for Standardization (ISO)
• Institute of Electrical and Electronics Engineers (IEEE)
• Internet Society (ISOC)
Standards Organizations
Wi-Fi Alliance
• Global, nonprofit industry association of about 600
member companies
• Devoted to promoting the growth of WLANs
• Responsible for ensuring the interoperability of WLAN
products by providing certification testing
https://www.androidheadlines.com/2018/05/alleged-galaxy-a8-star-gets-certified-by-the-wi-fi-alliance.html
Standards Organizations
International Organization for Standardization (ISO)
• Created the Open Systems Interconnection (OSI) model
• OSI is an architectural model for data communications.
Standards Organizations

OSI Model
Standards Organizations
Institute of Electrical and Electronics Engineers (IEEE)
• Create standards for compatibility and coexistence between
networking equipment
– Not just wireless networking equipment
• Mission is to “foster technological innovation and excellence for
the benefit of humanity.”
 IEEE & OSI Model

https://t1.daumcdn.net/cfile/tistory/2169FB3D559179C720
Standards Organizations
Internet Society (ISOC)
• RFC 3935
– “…to produce high quality, relevant technical and engineering
document. …These documents include protocol standards, best current
practices, and informational documents of various kinds.”
• Internet Engineering Task Force (IETF)
• Internet Architecture Board (IAB)
• Internet Corporation for Assigned Names and Numbers
(ICANN)
• Internet Engineering Steering Group (IESG)
• Internet Research Task Force (IRTF)
 802.11 Networking Basics
• The OSI Model
• TCP/IP
• Routing
• Switching

A solid understanding of networking fundamentals is mandatory for an

understanding 802.11 networking and security.
802.11 Security Basics
• Data privacy
• Authentication, authorization, and accounting (AAA)
• Segmentation
• Monitoring
• Policy
802.11 Security Basics
Data privacy
• For wireless networks, data is transmitted openly and
freely, proper protection is needed to ensure privacy
• Privacy is achieved by strong encryption
802.11 Security Basics
Data privacy
• Encryption technologies
– Used to obscure the information
• Terminology:
– Cipher:
• An algorithm used to perform the encryption
– Cryptology:
• Field of science that covers the encryption &
decryption techniques
 Encryption & decryption processes

http://smartcardpoint.com/all-about-the-data-encryption-process/
802.11 Security Basics
Data privacy
• Cryptanalysis: The science of decrypting the cipher-
text without the knowledge of the key or cipher
802.11 Security Basics
Authentication, authorization, and accounting (AAA)
• Authentication
– Verification of user identity and credentials
– Users must identify themselves by presenting
usernames and passwords, etc.
– Multifactor-authentication is the most secure
approach.
802.11 Security Basics
Authentication, authorization, and accounting (AAA)
• Authorization
– Determines if the device or user is authorize to have
access to network resources
– It might be device-, time-, and location-dependent
– It takes place after authentication
802.11 Security Basics
Authentication, authorization, and accounting (AAA)
• Accounting
– It keeps a historical trail of who used what, when,
where, and how.
– Keeping an accounting trail is a requirement is most
industries.
802.11 Security Basics
Segmentation
• Process of separating user traffic within the network
• As important as strong encryption and AAA
• It can be achieved through the use of routers, VPNs,
and VLANs
• For 802.11, the most common technique is the
creation of WVLANS
802.11 Security Basics
Monitoring
• It is important for the sake of
– Performance analysis:
• Certify that the system is responding as planned
– Security analysis
• Certify that the system is secure against attacks
and intrusion- free
802.11 Security Basics
Monitoring
• To monitor malicious wireless activity, wireless IDS and
wireless IPS should be used
• WIDS and WIPS classify valid and invalid devices on the
network
• WIPS can also mitigate attacks from rogue AP and
rogue users
802.11 Security Basics
Policy
• Without security polices any effort to secure the
network is worthless.
• It must be clearly defined and enforced to solidify the
effectiveness of the WLAN security components.
802.11 Security History