Project Proposal
Project Proposal
BY
MURIITHI KELVIN GITHAE
A RESEARCH PROPOSAL SUBMITTED TO THE DEPARTMENT OF COMPUTING AND E-
LEARNING IN THE SCHOOL OF MATHEMATICS AND COMPUTER SCIENCE IN PARTIAL
FULFILLMENT OF REQUIREMENTS FOR THE AWARD OF A DEGREE OF BACHELOR OF
SCIENCE IN INFORMATION TECHNOLOGY IN THE CO- OPERATIVE UNIVERSITY OF KENYA.
Declaration
This research proposal is my inventive work, not presented for a degree in any other university.
Kelvin Githae Muriithi BITC01/0040/2018
Signature…………… Date………….
Supervisor’s Declaration
This research proposal has been presented for examination with my authorization as the University supervisor.
Signature…………………. Date……………………………..
MR PETER MUIGAI
Department of Computing And E-learning
School of Mathematics and Computer science
The Cooperative University of Kenya
Dedication
I dedicate this proposal to my family and friends for their tireless support they have always accorded me in
whatever way through out that period of writing the proposal may God Bless them Abundantly
Acknowledgement
I acknowledge the Almighty God for his provision and care throughout the duration of this research proposal. I also
express my sincere gratitude to my supervisor Mr. Peter Muigai, for his guidance, valuable feedback and
encouragement throughout the project. Special gratitude to my family for encouragement and financial support
during this period, without this, this research would have been incomplete.
Table of Contents
Declaration........................................................................................................................................i
Dedication........................................................................................................................................ii
Acknowledgements........................................................................................................................iii
Abstract...........................................................................................................................................xi
CHAPTER ONE..............................................................................................................................1
INTRODUCTION...........................................................................................................................1
1Introduction................................................................................................................................1
CHAPTER TWO.............................................................................................................................7
LITERATURE REVIEW................................................................................................................7
2.0 Introduction............................................................................................................................7
2.1.3 802.11b............................................................................................................................8
2.2 802.11i..............................................................................................................................8
2.3 VPN............................................................................................................................9
Abstract
As we know wireless networks have broadcast nature and therefor there are different security issues in the wireless
communications. The security convention intended for the wired systems can’t be extrapolated to wireless system.
Intruders can utilize the loopholes of the wireless communications. In this project proposal I will try to mull over
the remote security dangers to wireless systems and conventions at present accessible like Wired Equivalent
Privacy (WEP), Wi-Fi Protected Access (WPA), And Wi-Fi Protected Access 2 (WPA)2 WPA2 is more secure
security convention that WPA as it uses Advanced Encryption Standard (AES) encryption .WPA is helpless in
brute force attacks and MIC bits could be utilized by the programmer to compare it with decoded content. So this
CHAPTER ONE
1.1 INTRODUCTION
Wireless LAN technology has rapidly become very popular all over the world. The wireless local area network
(WLAN) protocol, IEEE 802.11, and associated technologies enable secure access to a network infrastructure.
Until the development of WLAN, the network client needed to be physically connected to the network by using
some kind of wiring.With the rapid increase in use of WLAN technology it is important to provide a secure
communication over wireless network. Since its creation the security of wireless
Networks went through different stages of development, from MAC address filtering or WEP to WPA/WPA2.The
wireless technology was proven to be very practical (not only) for home users. Such a handy option to be
comfortably connected to internet on a mobile device without the need of wires is still gaining in popularity. This
led to an attempt to make a configuration of WLAN easier for regular user without any knowledge about Computer
science. The result of this was standard known as Wi Fi Protected Setup (WPS).WPS, as a standardized
According to Siemens Enterprise Communications, July 2008 white paper, a number of concerns related to
insecurity risks with WLAN, such as loss of integrity, confidentiality, and network connectivity. Over the years,
various flaws have been demonstrated in WEP while research attribute vulnerability of WLAN setups to
installations that are inclined to with their default settings. Viehb, 2012 discovered vulnerability in the WPS
technology for WLAN security owing to poor design that enabled efficient brute force attack, which led to
immensely manipulating the security of all WPS- enabled Wi-Fi routers. Since recent models of routers are WPS
enabled, millions of devices were affected globally leading growing concerns over network security. Unethical
hackers found WLAN very easy to break through, the wireless technology made it easy to break into wired
networks. “War Driving is performed on wireless networks to verify the strength of the signal, encryption policy,
wireless network name, and the used channel, thus can be used for either to monitor or hack as illustrated by Sangit
2007. It is important that enterprises identify major security weaknesses within their WLAN in order to define
effective wireless security mechanisms policies that guard against unauthorized access to important data or
information, which is a great resource to the organization Chandra mouli, 2002 stated that the increasing demands
for mobile and flexible mechanisms in our day to day life, contributed significantly to the evolution from wired
LANs to wireless LAN (WLANs). A WLAN is based on a cellular architecture where the system is divided into
subsystems, each controlled by a Base station, known as Access point or AP. Figure 1 shows a simple model for
Network security is sometimes more than what people always thought it to be, malware, virus, Trojan, hackers.
Network security could be caused by unintentional human error and it could be compromised by human nature as
well. A common network security problem (Employees) most organizations are facing sometimes has to do with
the company’s employees and their various errors they make. According to Dr. Michael E. Whitman, CISM,
CISSP, and the author of the textbook “Principals of Information Security, “Humans make mistakes; sometimes
that is due to inexperience or improper training, and sometimes it is Because an incorrect assumption was reached.
But regardless of the reason and the lack of malicious intent something as simple as a keyboarding error has the
potential to cause a worldwide Internet outage”.(Whitman and Mattord 2012) The problem of piracy is another
common network problem. Piracy is a situation where intellectual properties are compromised although there are
technical mechanisms that aid in enforcing copyright laws to tackle this problem. However it is not only human
errors that can cause problem to network security, problems can also be caused by natural forces like fire
breakouts, earthquakes, floods lightning etc. The ways network administrators think about securing networks has
been changed by an increasingly dynamic and technically challenging risk environment. New business models rely
on open networks with multiple access points to conduct business in real time, driving down costs and improving
response to revenue generating opportunity by leveraging on the ability to quickly exchange critical information,
(i)General objective
-Investigate the existing wireless networks in order to identify threats and weaknesses .
2.What are some of the techniques that the hackers use to intrude a network?
3.what are the possible methodologies that will curb intrusion in the wireless network?
4.How will a control and management system help in curbing wireless network threats?
Amidst many attacks, individuals and organizations need to communicate and to operate efficiently, the
transmission of sensitive data may be hijacked in transit which might compromise the integrity of the data as well
as its privacy. Methods to control these attacks will help in efficient access of internet resources in a safe
environment. The finds of this study will help in coming up with mechanisms to help the users to easily identify
and detect intrusion and blocking mechanisms so as to protect that particular client as well as other network users
almost everybody has a gadget that can connect to the internet. However, young people are the most vulnerable to
this kind of the attacks due to their aggressiveness and the fact that they access the internet more often, More
handy, when the ecommerce was developed in 1979.This brought attackers on board, making them develop new
methodologies to bypass security mechanisms and policies in attempt to intercept the network through network and
system vulnerabilities for malicious gain. That’s has ever since, become a threats to wireless network which at first
the developers thought is more secure and reliable. In united states of America business have lost millions of
dollars as a results of attackers who intruded into their network and injected ransomware which enabled the
attackers decrypted their data which required one to pay money as to access the data it was known as wannacry
attack
CHAPTER TWO
LITERATURE REVIEW
2.1 Introduction
Network attacks have been discovered to be as varied as the system that they attempt to penetrate. Attacks are
known to either be intentional or unintentional and technically competent intruders have been interested in
targeting the protocols used for secure communication between networking devices. (Reed 2003). This review
addresses how highly sophisticated intruders are penetrating internet networks despite high levels of security. But
as the intruders increase, the network experts are deriving many techniques in preventing attackers from accessing
company networks
Wireless networks are particularly vulnerable to attacks because it is difficult to prevent physical access to them.
The only advantage they have in this respect is that an attacker must be in physical proximity to the network, which
can limit the pool of potential attackers. However, with an antennae, can pick up or send signals from up to a few
miles away. To secure a wireless network, an administrator should know what types of vulnerabilities exist and
what types of attacks can exploit them. Wireless networks are subject to both passive and active attacks. A passive
attack is one in which an attacker just captures signals, which is done without any alarm on the network whereas an
active attack is one in which an attacker sends signals, too. Passive attacks are exceedingly easy to carry out with
wireless antennae and are undetectable. Any good security mechanism must start with the assumption that an
attacker can see everything Wireless networks have become an integral part of how we conduct our businesses.
They ease many processes and help us get rid of the clutter caused by hundreds of wires yet keeping wireless
networks safe poses some challenges. Wireless technologies offer convenient solutions to our needs. They are
practical and fast, moreover they set us free of the clutter caused by wires and cables. On the other hand, it is no
secret that wireless networks are more vulnerable to attacks and intruders. In this project, we will explain types of
wireless network attacks and how you can protect your organization from them. Wireless networks are one of the
relatively new technologies brought to our lives by the internet technologies. They are easy to use, facilitate our
business processes and mobilize our businesses. On the downside, wireless networks are much more vulnerable to
attacks and intruders. Commonly known as wireless network attacks, penetration and intrusion acts that target
wireless networks pose serious threats. Wireless network attacks aim to capture the information sent across the
PACKET SNIFFING
Networks are designed to facilitate and accelerate the traffic of information. In order to achieve this goal, the
information is sent in packets across both wired and wireless networks. Due to the nature of wireless networks,
these packets are sent through the air. As a result, it is very easy to capture them.
A great deal of traffic is sent through wireless networks, such as RTP, SNMP or HTTP. The common feature of
these is the fact that they are in plain text. Which means, one can easily read them with the help of free access tools
like wireshark. As a result, someone with malicious intentions can simply steal your passwords and similar
sensitive information. Protecting a wireless network against packet sniffing, needs investments in encryption
solutions.
ROUGE ACCESS POINT
Rouge access point refers to any unauthorized access point (AP) on a network. It can be created by an attacker or
even a misinformed employee. Moreover, rouge Aps make the entire network vulnerable to DOS attacks, packet
captures, ARP poisoning and more. It’s prudent to use network access controls and network access protocols or
EVIL TWINNING
This is one of the most popular methods employed by wireless network attackers is creating an evil twin. In other
words, attackers get a wireless access point and configure it as the existing network. This way, the ‘evil’ access
point cannot be distinguished from actual access points. One of the easiest ways to stop evil twins from stealing the
information of your organization is opting for data encryption, so that even if an intruder successfully creates an
2.3RELATED STUDIES:
Choi et al, 2006, suggests key steps that are critical when implementing a robust WLAN security for organisations
by use of enhanced security mechanism such as visual to reassure security of information. The authors, by use of
actual scenarios on different organization employing variety of secure procedures and demonstrating fully executed
channels of a secure framework, propose the advantage of repeated measurement of the Wireless Local Area
Network; to facilitate durable, global and secure assurance by use of a company WLAN Security enhancement
structure. Vijay, 2002, has a general overview approach to WLANs, which fails to give an in-depth study of
security issues in WLAN and the possible threats and vulnerabilities. The author identifies that wireless
communication is a developing field that holds many future possibilities in this area. Such expectations indicate the
importance developing ample security as technology advances to cater for communication devices that support
communication with higher data rates. Vijay agrees and further suggests that a dominant means of supporting such
communication capabilities would be through the application of Wireless LANs; of which he focuses that as the
deployment of Wireless LAN increases well around the globe, it is increasingly important to understand different
technologies and select the most appropriate one. The author provides a detailed study of the available wireless
LAN technologies and issues of security concern while evaluating and suggesting a feasible standard for future.
However, the researcher neglects to explore vividly available frameworks, which addresses security flaws in
WLANs.Chen et al, 2005, reviews wireless LAN security by focusing on the new and evolving IEEE 802.11i
standard where major security enhancements in encryption and authentication specific to this standard are
illustrated. In addition, the newly introduced key management in 802.11i is captured by discussing the
incorporation of IEEE 802.1X as an authentication security enhancement. Similarly, the researcher delves in to the
specifics of both intra-subnet and inter-subnet roaming with regard to networking security. The paper thus does not
address framework issues that are relevant in enhancing security with regard to WLAN.Hamid, 2003, in his
approach begins by introducing the concept of WLAN where in the introductory section he gives brief information
on the WLAN components and its architecture. Seeking to understand security threats associated with WLAN, the
study explores at Denial of Service, spoofing, and eavesdropping forms of network attacks. The author further
explores into the functionality aspects of Wired Equivalent Privacy (WEP), which is a significant standard in IEEE
802.11b/ Wi Fi encryption for wireless networking. The researcher examines weaknesses indicated for WEP to
discover that the system is relatively weak in terms of security than anticipated and thus further study are required
to develop practical solutions for more secured WLAN. He also covers the new standards to improve the security
of WLAN such as the IEEE 802.1x standard, which comprises of three separated sections: Point-to-Point Protocol
(PPP), Extensible Authentication Protocol (EAP) and 802.1x itself. The author identifies that 802.1x is included in
802.11i, a newly proposed standard for key distribution and encryption that will play a big role in improving the
overall security capabilities of current and future WLAN networks. The 802.11i standard establishes a pair of
significantly improved encryption algorithms that include Temporal Key Integrity Protocol and CBC-MAC
Protocol to succeed WEP, and improve on network security. The study provides a comprehensive list of
networking products that afford users protection to their wireless networks from attacks, thus maintaining the
integrity. The paper therefore fails to address a framework for enhancement of WLAN security. Park, et al, 2003,
in their paper enumerates the various advantages of WLAN and the reasons for their implementation. The authors
concur that although WLANs solve some problems that exist in traditional wired LANs, they also introduce new
security issues. The study appreciates current and future security concerns with regard to networking and possible
countermeasures, which include standards, technologies, management, policies, and service environments. They
suggest that risks that WLAN services present can only be mitigated rather than completely eliminated, of which
they suggest that although there is no single solution for perfect WLAN security, WLAN security can be enhanced
to an acceptable level by a proper combination of counter measures. Singh, et al, 2010, illustrates security flaws of
Wireless LAN facilitated by cracking the 64 bit WEP key on Wi-Fi access points using Backtrack, which is a
Linux-based operating system popular among hackers. Backtrack users can attack an Wi-Fi access point by
initiating the generation of packets in the cracking effort, which results in the successful generation of the WEP
key. The authors give a detailed procedure of how to achieve the cracking process thus showing the vulnerability
and weakness in WLAN. The points out that owing to the broadcast nature of the wireless communication, it’s
relatively easy for intruders to interject communication and disrupt normal operations of the network by diverting
resources to serve their needs. They equally are of the opinion that security is of ultimate importance to the global
communication and information networks and that that data, which are encrypted with WEP Key, are also insecure.
They however have failed to address the solution to this flaw or weakness.
802.11b:
Over the years, WLAN setups have faced enormous security threats and attacks leading to compromised networks,
however, emerging technologies facilitate security and protection from most attacks. Among the steps taken
towards securing WLAN from vulnerability is the addition of the 802.11b standard that employs the Wired
Equivalent Privacy (WEP) protocol, which was developed to ensure user-friendly encryption.WEP functions by
encrypting the network's packets with an encryption key, which is then sent to its destination for decryption of the
packet in order to retrieve its contents. Theoretically, this is an efficient way to secure data using encryption codes
whose key is known to the originating and the target addresses; yet, there exists intrinsic flaws that compromise
this security to experienced hackers. This flaws are highlighted within WEP protocol that generates a
proportion of encryption key as plain text, which hackers, using reverse engineering software, extract the key to
decrypt packet contents. A plausible countermeasure to ensure protection when using the WEP protocol is achieved
by changing the encryption key frequently such that intruders do not accumulate enough data on packets to crack
the key. Owing to the demonstrated vulnerabilities regarding WEP, a vast majority of organisations and firms opt
for alternatives as they abandoned the implementation of 802.11b wireless LAN in their premises. Moreover, it has
been demonstrated that in 802.11b, the WEP protective functionality can be switched off, which justifies
reluctance by most firms and companies who ensure that the function is running. However, most home users
remain ignorant of the benefits of WEP and end up leaving it turned off, thus increasing the risk for security
attacks. Following lack of adequate knowledge on the benefits of the 802.11b standard and massive abandonment
by commercial institutions, the security measure can be consider a failure. Nonetheless, even as the 802.11b
standard is illustrated as a failing measure, the demeaning aspects sparked off a campaign seeking to overhaul
802.11i,
802.11i was developed as a result of 802.11b WEP security failure. 802.11i brings more protection by
making use of secure keys and encryption. According to Dulaney et al, 2004, 802.11i security standard was
permitted incorporation into WLAN setups by IEEE. The 802.11i security standard was approved by the
IEEE to be incorporated in securing WLANs networks Dulaney et al, 2004.The 802.11i standard employs a
dual layered security protocol namely the Counter Mode with Cipher Block Chaining Message
Authentication Code Protocol (CCMP) and the Temporary Key Integrity Protocol (TKIP). CCMP is the
primary method employed in the protection of wireless packets in the 802.11i standard, which confers
significant benefits that address the shortcomings experienced while using WEP in the 802.11b standard. The
CCMP protocol is designed to be always active, thus enabling security features even if the user does not
know how to configure manually. The CCMP adopted a differentiated version of the Advanced Encryption
Standard (AES) encryption algorithm, which provides a robust security where the packets are encrypted
using a 128-bit key to offer a nearly impenetrable system. Despite encrypting the message data, the origin,
target as well as other interactions remain encrypted. Another crucial feature of CCMP worth noting regards
the encryption key, which does not need to be included in the packet thus eliminating risk of interception.
Among the drawbacks of WEP lie with the inclusion of portions of the encryption key in the packets, which
culminated in transmission of large volumes of packets increasing the chances of cracking the key. With
802.11i standard, CCMP preserves the integrity of wireless networks by securing them against a majority of
common networking threats, and thus ensure an efficient security mechanism. However, the sole indicated
setback lies with infrastructure requirements where CCMP being new technology, demands high end
hardware and software, which is a necessary step to ensure security protection in wireless networks. Another
important encryption method within the 802.11i standard is TKIP, serves as a wrapper around the old WEP
protocol to seal off previous limitations. Contrary to the infrastructural demands of CCMP protocol, TKIP is
readily compatible with old hardware and software that satisfy WEP requirements, thus curtailing additional
costs during implementation. The TKIP and CCMP functions works in a similar manner only that TKIP
makes use of a number of keys for purpose of encrypting the data packets. It also helps in and the addition
of encryption keys in the packet. This mechanism makes use of 64 – bit encrypting key whereby each packet
is encrypted prior to packet transmission. The encryption process involves encrypting the header and data for
every packet, and due to change of keys with each packet, it’s important to have these keys to the packet.
In addition to a 64 bit encryption key, a 128 bit encryption key is employed to enhance security and integrity
of the whole packet.
While the 802.11i standard was conceived to resolve issues demonstrated in WEP and expedite the
implementation adequate WLAN security scheme for the enterprise market, the process took time to
approve. As such, the Wi-Fi Alliance established the WPA, which is based on a subset of the 802.11i draft in
2002, as a temporary remedy to ensure vendor interoperability. While still utilizing RC4 encryption, TKIP
applies a temporal encryption key that is regularly renewed in order to discourage efforts made towards
stealing the encryption key before deciphering a sizeable amount of information. Furthermore, the integrity
of data is largely improved by the use of the more sturdy mechanism, the Michael Message Integrity Check
(MMIC).WPA did a great deal to address the concerns associated with WLAN security, and can be hailed as
an important step in increasing acceptance of WLAN as an enterprise-ready technology. Nevertheless,
concern is expressed concerning the use of RC4 encryption algorithm in TKIP as opposed to the use of
temporal keys, which are considered to offer relatively superior security solutions. For this reason, most
institutions viewed WPA as a provisional measure purposed to reconcile the gap between WEP and the soon-
to-be ratified 802.11i standard and thus opted to hold off on their deployments. The year 2004 ushered in
WPA2 after the Wi Fi Alliance upgraded the WPA standard by replacing the RC4 encryption algorithm with
AES (Advanced Encryption Standard).
VPN;
Tyson, 2001 defines a Virtual Private Network as an isolated network that utilises open networks to remotely
connect users or sites together. VPNs have a wide array of security attributes that facilitate user connectivity
to different networks while preserving the integrity. According to Tyson, 2001 a VPN is made up of four
parts that guard its security and they include firewall, encryptions, IPSec, and AAA Servers. A VPN’s
firewall acts exactly like any other firewall that block and only allows certain ports whose packets have been
filtered and deemed as malicious- free through a designed mechanism. A firewall is an important unit in the
VPN as it ensures viruses and Trojans do not jeopardise the server. There exists no defined encryption
mechanism in a VPN setup; nonetheless, three key approaches have been implemented. First is the
Symmetric Key Encryption whereby every connected device is allocated a unique key that affords each
the capacity to decrypt packets as they are received. Notably, the symmetric keys used on each device are
identical and thus require frequent reassessment to deter efforts made by intruders to compromise the
network.
The second is the Public Key Encryption that operates by both communal and personal keys to enhance
network security. The private key is applied by the sender to encrypt data packets (which they only know),
while the public key is employed by the receiver to decipher the packets using the source's public key. Public
key is identical to the symmetric key, with only difference being that two divergent keys are applied as
opposed to one. For the purposes of a successful connection every user should obtain an access key, which
guarantees controlled connectivity. The third way of encryption is by use of Pretty Good Privacy (PGP) that
relies on a generated session key to promote and secure protection. Sessional keys are generated per session
for each user, and are renewed in every session or for each user seeking to connect. The PGP system then
transforms into a public key system as it encrypts the packet and assigns sessional keys to available public
keys. The newly encrypted packets and keys are then sent to the destination device where private keys are
applied to decrypt information. While these are the most common techniques, there are no limitations to
govern the encryption systems within VPN, thus the lack of a defined encryption standard in the setup.
Internet Protocol Security Protocol (IPSec) provides alternative security to VPN setups by enhancing privacy
protection through message encryption. Two methods are sought in IPSec where one (tunnel) involves the
encryption the whole packet encompassing the header. The second method is transport, whose only role is to
encrypt the data section of the packets and not the header. These methods demand that the user and the
access point have the same key in order to decrypt the message as it arrives. Lastly, is the use of an
Authenticating, Authorising, and Accounting (AAA) server in which connection requests are passed on to a
proxy server where the user is determined and authenticated according to the scope of what he/she is allowed
to do against what he/she is actually doing Tyson, 2001. This system has extra security because it monitors
what the user is doing. Through monitoring efforts, the system establishes a pattern and defines the
likelihood of a security breach based on user activities. Although the VPN setup does not compare
competitively in terms of security with the 802.11i standard, it facilitates flexibility within an institution.