Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)"

Transcription

1 Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Prepared by Dr. Samia Chelloug

2 Content 1. Basics of computer and network security. 2. Impact of network architecture on network security. 3. Basics of network design. 4. Firewalls and virtual private networks. 5. Internet and wireless network security. 6. Impact of operating systems models on network security. 7. How to secure an application?

3 References William Stallings, Cryptography and Network Security: Principles and practice, Fifth edition, 2011.

4 Part 5 : Wireless network security

5 IEEE IEEE 802 is a committee that has developed standards for a wide range of local area networks (LANs). In 1990, the IEEE 802 Committee formed a new working group, IEEE , with a charter to develop a protocol and transmission specifications for wireless LANs (WLANs). Since that time, the demand for WLANs at different frequencies and data rates has exploded.

6 IEEE IEEE standards are defined within the structure of a layered set of protocols. PHYSICAL LAYER includes such functions as encoding/decoding of signals. In addition, the physical layer includes a specification of the transmission medium. In the case of IEEE , the physical layer also defines frequency bands and antenna characteristics. MEDIA ACCESS CONTROL All LANs consist of collections of devices that share the network s

7 IEEE transmission capacity. Some means of controlling access to the transmission medium is needed to provide an orderly and efficient use of that capacity. This is the function of a media access control (MAC) layer. The MAC layer receives data from a higher-layer protocol, typically the Logical Link Control (LLC) layer, in the form of a block of data known as the MAC service data unit (MSDU). In general, the MAC layer performs the following functions: On transmission, assemble data into a frame, known as a MAC protocol data unit (MPDU)

8 IEEE with address and error-detection fields. On reception, disassemble frame, and perform address recognition and error detection. Govern access to the LAN transmission medium. LOGICAL LINK CONTROL : in the LAN protocol architecture, these two functions are split between the MAC and LLC layers. The MAC layer is responsible for detecting errors and discarding any frames that contain errors. The LLC layer optionally keeps track of which frames have been successfully received and retransmits unsuccessful frames.

9 IEEE

10 MPDU format MAC Control: This field contains any protocol control information needed for the functioning of the MAC protocol. For example, a priority level could be indicated here. MAC Service Data Unit: The data from the next higher layer. CRC: The cyclic redundancy check field; also known as the Frame Check Sequence (FCS) field. The CRC is calculated based on the bits in the entire MPDU. The sender calculates the CRC and adds it to the frame. The receiver performs the same calculation on the incoming MPDU and compares that calculation to

11 MPDU format the CRC field in that incoming MPDU. If the two values don t match, then one or more bits have been altered in transit. The header and trailer contain control information that accompany the data field and that are used by the MAC protocol.

12 IEEE components IEEE Extended service set

13 IEEE network components The smallest building block of a wireless LAN is a basic service set (BSS), which consists of wireless stations executing the same MAC protocol and competing for access to the same shared wireless medium. A BSS may be isolated, or it may connect to a backbone distribution system (DS) through an access point (AP). The AP functions as a bridge and a relay point. If one station in the BSS wants to communicate with another station in the same BSS, the MAC frame is first sent from the originating station to the AP and then from the AP to the destination station.

14 IEEE network components A MAC frame from a station in the BSS to a remote station is sent from the local station to the AP and then relayed by the AP over the DS on its way to the destination station. When all the stations in the BSS are mobile stations that communicate directly with one another (not using an AP), the BSS is called an independent BSS (IBSS). An IBSS is typically an ad hoc network. In an IBSS, the stations all communicate directly, and no AP is involved. An extended service set (ESS) consists of two or more basic service sets interconnected by a distribution system.

15 IEEE services

16 IEEE services DISTRIBUTION OF MESSAGES WITHIN A DS Distribution is the primary service used by stations to exchange MPDUs when the MPDUs must traverse the DS to get from a station in one BSS to a station in another BSS. For example, suppose a frame is to be sent from station 2 (STA 2) to station 7 (STA 7). The frame is sent from STA 2 to AP 1, which is the AP for this BSS. The AP gives the frame to the DS, which has the job of directing the frame to the AP associated with STA 7 in the target BSS. AP 2 receives the frame and forwards it to STA 7.

17 IEEE services DISTRIBUTION OF MESSAGES WITHIN A DS The integration service enables transfer of data between a station on an IEEE LAN and a station on an integrated IEEE 802.x LAN. The term integrated refers to a wired LAN that is physically connected to the DS and whose stations may be logically connected to an IEEE LAN via the integration service. The integration service takes care of any address translation and media conversion logic required for the exchange of data.

18 IEEE services ASSOCIATION-RELATED SERVICES The primary purpose of the MAC layer is to transfer MSDUs between MAC entities; this purpose is fulfilled by the distribution service. For that service to function, it requires information about stations within the ESS that is provided by the association-related services. Before the distribution service can deliver data to or accept data from a station, that station must be associated.

19 IEEE services ASSOCIATION-RELATED SERVICES Association: Establishes an initial association between a station and an AP. Before a station can transmit or receive frames on a wireless LAN, its identity and address must be known. For this purpose, a station must establish an association with an AP within a particular BSS. The AP can then communicate this information to other APs within the ESS to facilitate routing and delivery of addressed frames.

20 IEEE services ASSOCIATION-RELATED SERVICES Reassociation: Enables an established association to be transferred from one AP to another, allowing a mobile station to move from one BSS to another. Disassociation: A notification from either a station or an AP that an existing association is terminated. A station should give this notification before leaving an ESS or shutting down. However, the MAC management facility protects itself against stations that disappear without notification.

21 IEEE Wireless security problem: Despite the productivity, convenience and cost advantage that WLAN offers, the radio waves used in wireless networks create a risk where the network can be hacked. 1.Denial of service: the intruder floods the network with either valid or invalid messages affecting the availability of the network resources. Due to the nature of the radio transmission, the WLAN are very vulnerable against denial of service attacks. The relatively low bit rates of WLAN can easily be overwhelmed and leave them open to denial of service attacks

22 2. Spoofing: IEEE This is where the attacker could gain access to privileged data and resources in the network by assuming the identity of a valid user. This happens because networks do not authenticate the source address, which is Medium Access Control (MAC) address of the frames. Attackers may therefore spoof MAC addresses.

23 3. Eavesdropping: IEEE This involves attack against the confidentiality of the data that is being transmitted across the network. By their nature, wireless LANs intentionally radiates network traffic into space. This makes it impossible to control who can receive the signals in any wireless LAN installation. In the wireless network, eavesdropping by the third parties is the most significant threat because the attacker can intercept the transmission over the air from a distance, away from the premise of the company.

24 IEEE Wired Equivalent privacy (WEP) WEP is a standard encryption for wireless networking. It is a user authentication and data encryption system from IEEE used to overcome the security threats. Basically, WEP provides security to WLAN by encrypting the information transmitted over the air. Only the receivers who have the correct encryption key can decrypt the information.

25 WEP encoded MPDU IEEE

26 IEEE Wired Equivalent privacy (WEP) The IV contains a 6 bit padding and a 2 bit key ID, so only the rest 24 bits contain an actual Initialization Vector. IV is concatenated with a key, which is one of the four possible keys indicated by the key ID. This forms a seed to the RC4 stream cipher, resulting in a key stream. The key stream is XOR'ed with the concatenation of the plaintext and a 32 bit Integrity Check Value.

27 IEEE Wired Equivalent privacy (WEP)

28 IEEE Key scheduling algorithm j = 0 For i = 0 to 7 do j = (j + S[i] + T[i]) mod 8 Swap(S[i],S[j]) end

29 IEEE Pseudo random generation algorithm i, j = 0; while (true) { i = (i + 1) mod 8; j = (j + S[i]) mod 8; Swap (S[i], S[j]); t = (S[i] + S[j]) mod 8; k = S[t]; }

30 RC4 example: Assume we use a 4 x 3-bit key, K, and a plaintext P as below: K = [ ] P = [ ] IEEE Initialize the state vector S and the temporary vector T. S is initialized such that the S[i] = i, and T is initialized such that it is the key K (repeated as necessary). S = [ ] T = [ ] I = 0 : Swap(S[0],S[1]); So in the 1st iteration S[0] must be swapped with S[1] giving: S = [ ]

31 IEEE i = 1 j = 3 Swap(S[1],S[3]) S = [ ]; i = 2 j = 0 Swap(S[2],S[0]) S = [ ] i = 3 j = 6 Swap(S[3],S[6]) S = [ ];

32 IEEE What is the result of the last iteration ( I = 7)?

33 IEEE Pseudo random generation algorithm S = [ ] i = (0 + 1) mod 8 = 1 j = (0 + S[1]) mod 8 = 3 Swap(S[1],S[3]) S = [ ] t = (S[1] + S[3]) mod 8 = 7 k = S[7] = 5 Remember, that P is: P = [ ] So our rest 3-bits of ciphertext is obtained by: k XOR P1 5 XOR 1 = 101 XOR 001 = 100 = 4

34 IEEE Pseudo random generation algorithm S = [ ] i = (1 + 1 ) mod 8 = 2 j = (3 + S[2]) mod 8 = 2 Swap(S[2],S[2]) S = [ ] t = (S[2] + S[2]) mod 8 = 6 k = S[6] = 1 Second 3-bits of ciphertext are: 1 XOR 2 = 001 XOR 010 = 011 = 3

35 IEEE What is the result of the last iteration?

36 IEEE Practical security solutions Service Set Identifier (SSID) is a unique identifier attached to the header of packets sent over a WLAN that acts as a password when a mobile device tries to connect to a particular WLAN. The SSID differentiates one WLAN from another, so all access points and all devices attempting to connect to a specific WLAN must use the same SSID. In fact, it is the only security mechanism that the access point requires to enable association in the absence of activating optional security features.

37 IEEE Not changing the default SSID is one of the most common security mistakes made by WLAN administrators. This is equivalent to leaving a default password in place.

38 Authentication types for wireless networks Open authentication: IEEE Allows any device to authenticate and then attempt to communicate with the access point. Using open authentication, any wireless device can authenticate with the access point, but the device can communicate only if its Wired Equivalent Privacy (WEP) keys match the access point s WEP keys. Devices that are not using WEP do not attempt to authenticate with an access point that is using WEP.

39 IEEE The device s WEP key does not match the access point s key. Therefore, the device can authenticate but not pass data.

40 Authentication types for wireless networks: Shared key authentication: IEEE During shared key authentication, the access point sends an unencrypted challenge text string to any device that is attempting to communicate with the access point. The device that is requesting authentication encrypts the challenge text and sends it back to the access point. If the challenge text is encrypted correctly, the access point allows the requesting device to authenticate.

41 IEEE

42 Authentication types for wireless networks: EAP authentication: IEEE By using the Extensible Authentication Protocol (EAP) to interact with an EAP-compatible RADIUS server, the access point helps a wireless client device and the RADIUS server to perform mutual authentication. The radius server sends an authentication challenge to the client. The client uses a one-way encryption of the user-supplied password to generate a response to the challenge and sends that response to the RADIUS server.

43 Authentication types for wireless networks: EAP authentication: IEEE Using information from its user database, the RADIUS server creates its own response and compares that to the response from the client. When the RADIUS server authenticates the client, the process repeats in reverse, and the client authenticates the RADIUS server. When mutual authentication is complete, the RADIUS server and the client determine a WEP key that is unique to the client and that provides the client with the appropriate level of network security.

44 IEEE Authentication types for wireless networks:

45 Authentication types for wireless networks: MAC authentication: IEEE We can create a list of allowed MAC addresses on the access point s. Devices with MAC addresses not on the list are not allowed to authenticate.

46 IEEE

Wireless Network Security

Wireless Network Security Wireless Network Security Wireless network overview Slide from 2 nd book 1 IT352 Network Security Najwa AlGhamdi IEEE 802.11 IEEE 802 committee for LAN standards IEEE 802.11 formed in 1990 s charter to

More information

Outline. CS5984 Mobile Computing. IEEE 802 Architecture 1/7. IEEE 802 Architecture 2/7. IEEE 802 Architecture 3/7. Dr. Ayman Abdel-Hamid, CS5984

Outline. CS5984 Mobile Computing. IEEE 802 Architecture 1/7. IEEE 802 Architecture 2/7. IEEE 802 Architecture 3/7. Dr. Ayman Abdel-Hamid, CS5984 CS5984 Mobile Computing Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech Outline IEEE 82 Architecture IEEE 82. Wireless LANs Based on Chapter 4 in Wireless Communications and Networks, William

More information

Chapter 17. Wireless Network Security

Chapter 17. Wireless Network Security Chapter 17 Wireless Network Security IEEE 802.11 IEEE 802 committee for LAN standards IEEE 802.11 formed in 1990 s, to develop a protocol & transmission specifications for wireless LANs (WLANs) Demand

More information

Functions of physical layer:

Functions of physical layer: Chapter 14 Functions of physical layer: Encoding/decoding of signals Preamble generation/removal (for synchronization) Bit transmission/reception Includes specification of the transmission medium Functions

More information

WIRELESS LOCAL AREA NETWORK SECURITY USING WPA2-PSK

WIRELESS LOCAL AREA NETWORK SECURITY USING WPA2-PSK WIRELESS LOCAL AREA NETWORK SECURITY USING WPA2-PSK S.DEEPTHI 1 G.MARY SWARNALATHA 2 PAPARAO NALAJALA 3 Assoc. Professor, Dept. of Electronics &Communication Engineering at Institute of Aeronautical Engineering,

More information

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder. Outline 18-759: Wireless Networks Lecture 10: 802.11 Management Peter Steenkiste Departments of Computer Science and Electrical and Computer Engineering Spring Semester 2016 http://www.cs.cmu.edu/~prs/wirelesss16/

More information

How Insecure is Wireless LAN?

How Insecure is Wireless LAN? Page 1 of 7 How Insecure is Wireless LAN? Abstract Wireless LAN has gained popularity in the last few years due to its enormous benefits such as scalability, mobile access of the network, and reduced cost

More information

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Prepared by Dr. Samia Chelloug E-mail: samia_chelloug@yahoo.fr Content

More information

Wireless Security Protocol Analysis and Design. Artoré & Bizollon : Wireless Security Protocol Analysis and Design

Wireless Security Protocol Analysis and Design. Artoré & Bizollon : Wireless Security Protocol Analysis and Design Protocol Analysis and Design 1 Networks 1. WIRELESS NETWORKS 2 Networks 1. WIRELESS NETWORKS 1.1 WiFi 802.11 3 Networks OSI Structure 4 Networks Infrastructure Networks BSS : Basic Set Service ESS : Extended

More information

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Prepared by Dr. Samia Chelloug E-mail: samia_chelloug@yahoo.fr Content

More information

IEEE Technical Tutorial. Introduction. IEEE Architecture

IEEE Technical Tutorial. Introduction. IEEE Architecture IEEE 802.11 Technical Tutorial Introduction The purpose of this document is to give technical readers a basic overview of the new 802.11 Standard, enabling them to understand the basic concepts, principle

More information

WIRELESS LANS. By: M. Habibullah Pagarkar Mandar Gori Rajesh Jaiswal

WIRELESS LANS. By: M. Habibullah Pagarkar Mandar Gori Rajesh Jaiswal WIRELESS LANS By: M. Habibullah Pagarkar Mandar Gori Rajesh Jaiswal Introduction Why wireless? World will become fully mobile Increase in wireless devices usage Wireless will succeed; integrates into many

More information

Status of P Sub-Specification

Status of P Sub-Specification Status of P1451.5 802.11 Sub-Specification June 7, 2004 Ryon Coleman Senior Systems Engineer 802.11 Subgroup rcoleman@3eti.com Agenda 1. IEEE 802.11 Architecture 2. Scope within the 1451 Reference Model

More information

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis CS-435 spring semester 2016 Network Technology & Programming Laboratory University of Crete Computer Science Department Stefanos Papadakis & Manolis Spanakis CS-435 Lecture preview 802.11 Security IEEE

More information

Wireless LANs. ITS 413 Internet Technologies and Applications

Wireless LANs. ITS 413 Internet Technologies and Applications Wireless LANs ITS 413 Internet Technologies and Applications Aim: Aim and Contents Understand how IEEE 802.11 wireless LANs work Understand what influences the performance of wireless LANs Contents: IEEE

More information

Wireless Network Security

Wireless Network Security Wireless Network Security Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/

More information

Securing a Wireless LAN

Securing a Wireless LAN Securing a Wireless LAN This module describes how to apply strong wireless security mechanisms on a Cisco 800, 1800, 2800, or 3800 series integrated services router, hereafter referred to as an access

More information

CHAPTER 11 WIRELESS LAN TECHNOLOGY AND THE IEEE WIRELESS LAN STANDARD

CHAPTER 11 WIRELESS LAN TECHNOLOGY AND THE IEEE WIRELESS LAN STANDARD CHAPTER 11 WIRELESS LAN TECHNOLOGY AND THE IEEE 802.11 WIRELESS LAN STANDARD These slides are made available to faculty in PowerPoint form. Slides can be freely added, modified, and deleted to suit student

More information

Wireless Technologies

Wireless Technologies Wireless Technologies Networking for Home and Small Businesses Chapter 7 Manju. V. Sankar 1 Objectives Describe wireless technologies. Describe the various components and structure of a WLAN Describe wireless

More information

A Configuration Protocol for Embedded Devices on Secure Wireless Networks

A Configuration Protocol for Embedded Devices on Secure Wireless Networks A Configuration Protocol for Embedded Devices on Secure Wireless Networks Larry Sanders lsanders@ittc.ku.edu 6 May 2003 Introduction Wi-Fi Alliance Formally Wireless Ethernet Compatibility Alliance (WECA)

More information

Wireless Networks. Authors: Marius Popovici Daniel Crişan Zagham Abbas. Technical University of Cluj-Napoca Group Cluj-Napoca, 24 Nov.

Wireless Networks. Authors: Marius Popovici Daniel Crişan Zagham Abbas. Technical University of Cluj-Napoca Group Cluj-Napoca, 24 Nov. Wireless Networks Authors: Marius Popovici Daniel Crişan Zagham Abbas Technical University of Cluj-Napoca Group 3250 Cluj-Napoca, 24 Nov. 2003 Presentation Outline Wireless Technology overview The IEEE

More information

RC4. Invented by Ron Rivest. A stream cipher Generate keystream byte at a step

RC4. Invented by Ron Rivest. A stream cipher Generate keystream byte at a step RC4 RC4 1 RC4 Invented by Ron Rivest o RC is Ron s Code or Rivest Cipher A stream cipher Generate keystream byte at a step o Efficient in software o Simple and elegant o Diffie: RC4 is too good to be true

More information

Overview of IEEE b Security

Overview of IEEE b Security Overview of IEEE 802.11b Security Sultan Weatherspoon, Network Communications Group, Intel Corporation Index words: 802.11b, wireless, WLAN, encryption, security ABSTRACT There is much regulatory and standards

More information

Network Security Essentials

Network Security Essentials Network Security Essentials Applications and Standards Third Edition William Stallings Chapter 2 Symmetric Encryption and Message Confidentiality Dr. BHARGAVI H. GOSWAMI Department of Computer Science

More information

Analysis of Security or Wired Equivalent Privacy Isn t. Nikita Borisov, Ian Goldberg, and David Wagner

Analysis of Security or Wired Equivalent Privacy Isn t. Nikita Borisov, Ian Goldberg, and David Wagner Analysis of 802.11 Security or Wired Equivalent Privacy Isn t Nikita Borisov, Ian Goldberg, and David Wagner WEP Protocol Wired Equivalent Privacy Part of the 802.11 Link-layer security protocol Security

More information

Wireless Security Security problems in Wireless Networks

Wireless Security Security problems in Wireless Networks Wireless Security Security problems in Wireless Networks Security of Wireless Networks Wireless networks are everywhere more and more electronic devices are becoming wireless However, ensuring security

More information

1. INTRODUCTION. Wi-Fi 1

1. INTRODUCTION. Wi-Fi 1 Wi-Fi 1 1. INTRODUCTION Wi-Fi, or Wireless Fidelity, is freedom: it allows you to connect to the Internet from your home, a bed in a hotel room or at a conference room at work without wires. How? Wi-Fi

More information

Security Setup CHAPTER

Security Setup CHAPTER CHAPTER 8 This chapter describes how to set up your bridge s security features. This chapter contains the following sections: Security Overview, page 8-2 Setting Up WEP, page 8-7 Enabling Additional WEP

More information

CCNA Exploration1 Chapter 7: OSI Data Link Layer

CCNA Exploration1 Chapter 7: OSI Data Link Layer CCNA Exploration1 Chapter 7: OSI Data Link Layer LOCAL CISCO ACADEMY ELSYS TU INSTRUCTOR: STELA STEFANOVA 1 Explain the role of Data Link layer protocols in data transmission; Objectives Describe how the

More information

Changes to 802.1Q necessary for 802.1Qbz (bridging media)

Changes to 802.1Q necessary for 802.1Qbz (bridging media) Changes to 802.1Q necessary for 802.1Qbz (bridging 802.11 media) Norman Finn March, 2013 v01 bz-nfinn-802-1q-changes-0313-v01.pdf 1 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

More information

Security and Authentication for Wireless Networks

Security and Authentication for Wireless Networks University of New Orleans ScholarWorks@UNO University of New Orleans Theses and Dissertations Dissertations and Theses 5-21-2004 Security and Authentication for 802.11 Wireless Networks Michel Getraide

More information

Configuring Layer2 Security

Configuring Layer2 Security Prerequisites for Layer 2 Security, page 1 Configuring Static WEP Keys (CLI), page 2 Configuring Dynamic 802.1X Keys and Authorization (CLI), page 2 Configuring 802.11r BSS Fast Transition, page 3 Configuring

More information

1. Data Link Layer Protocols

1. Data Link Layer Protocols 1. Data Link Layer Protocols Purpose of the Data Link Layer The Data Link Layer Purpose of the Data Link Layer Data Link Sublayers Network LLC Sublayer Data Link Physical MAC Sublayer 802.3 Ethernet 802.11

More information

Securing Your Wireless LAN

Securing Your Wireless LAN Securing Your Wireless LAN Pejman Roshan Product Manager Cisco Aironet Wireless Networking Session Number 1 Agenda Requirements for secure wireless LANs Overview of 802.1X and TKIP Determining which EAP

More information

Wireless# Guide to Wireless Communications. Objectives

Wireless# Guide to Wireless Communications. Objectives Wireless# Guide to Wireless Communications Chapter 8 High-Speed WLANs and WLAN Security Objectives Describe how IEEE 802.11a networks function and how they differ from 802.11 networks Outline how 802.11g

More information

Evaluation of secure 802.1X port-based network access authentication over wireless local area networks

Evaluation of secure 802.1X port-based network access authentication over wireless local area networks Calhoun: The NPS Institutional Archive DSpace Repository Theses and Dissertations 1. Thesis and Dissertation Collection, all items 2003-03 Evaluation of secure 802.1X port-based network access authentication

More information

Double-DES, Triple-DES & Modes of Operation

Double-DES, Triple-DES & Modes of Operation Double-DES, Triple-DES & Modes of Operation Prepared by: Dr. Mohamed Abd-Eldayem Ref.: Cryptography and Network Security by William Stallings & Lecture slides by Lawrie Brown Multiple Encryption & DES

More information

outline background & overview mac & phy wlan management security

outline background & overview mac & phy wlan management security IEEE 802.11a/g WLAN outline background & overview mac & phy wlan management security WLAN benefits flexibility & mobility installation scalability disadvantages distance security performance IEEE 802.11a

More information

Wireless Networked Systems

Wireless Networked Systems Wireless Networked Systems CS 795/895 - Spring 2013 Lec #5: Medium Access Control High Throughput, Security Tamer Nadeem Dept. of Computer Science High Throughput Networks (802.11n) Slides adapted from

More information

IEEE Notes. 1 Local Area Networks. 2 Protocols. 3 Network Model

IEEE Notes. 1 Local Area Networks. 2 Protocols. 3 Network Model IEEE 802.11 Notes This document provides a primer on the layered Internet protocol stack and its correspondence to the IEEE 802.11 standard. The components and architecture of an 802.11 network along with

More information

CSNT 180 Wireless Networking. Chapter 7 WLAN Terminology and Technology

CSNT 180 Wireless Networking. Chapter 7 WLAN Terminology and Technology CSNT 180 Wireless Networking Chapter 7 WLAN Terminology and Technology Norman McEntire norman.mcentire@servin.com Founder, Servin Corporation, http://servin.com Technology Training for Technology Professionals

More information

Wireless LAN -Architecture

Wireless LAN -Architecture Wireless LAN -Architecture IEEE has defined the specifications for a wireless LAN, called IEEE 802.11, which covers the physical and data link layers. Basic Service Set (BSS) Access Point (AP) Distribution

More information

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005 Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks

More information

WL-5420AP. User s Guide

WL-5420AP. User s Guide WL-5420AP User s Guide Table of contents INTRODUCTION... 1 About the Operation Modes...2 LED Indicators...5 Solid...5 Ports on the Rear Panel...7 GETTING CONNECTED... 8 WPA AP -CONFIGURATION VIA WEB...

More information

CCMP Advanced Encryption Standard Cipher For Wireless Local Area Network (IEEE i): A Comparison with DES and RSA

CCMP Advanced Encryption Standard Cipher For Wireless Local Area Network (IEEE i): A Comparison with DES and RSA Journal of Computer Science Original Research Paper CCMP Advanced Encryption Standard Cipher For Wireless Local Area Network (IEEE 802.11i): A Comparison with DES and RSA 1 Velayutham, R. and 2 D. Manimegalai

More information

Security in Data Link Protocols

Security in Data Link Protocols Security in 802.11 Data Link Protocols Gianluca Dini Dept. of Ingegneria dell Informazione University of Pisa, Italy Via Diotisalvi 2, 56100 Pisa gianluca.dini@ing.unipi.it If you believe that any security

More information

ICE 1332/0715 Mobile Computing (Summer, 2008)

ICE 1332/0715 Mobile Computing (Summer, 2008) ICE 1332/0715 Mobile Computing (Summer, 2008) IEEE 802.11 Prof. Chansu Yu http://academic.csuohio.edu/yuc/ Contents Overview of IEEE 802.11 Frame formats MAC frame PHY frame IEEE 802.11 IEEE 802.11b IEEE

More information

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security 1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security Dr. L. Christofi 1 0. Overview As the knowledge of computer networking and protocols has become more widespread, so the threat of

More information

02/21/08 TDC Branch Offices. Headquarters SOHO. Hot Spots. Home. Wireless LAN. Customer Sites. Convention Centers. Hotel

02/21/08 TDC Branch Offices. Headquarters SOHO. Hot Spots. Home. Wireless LAN. Customer Sites. Convention Centers. Hotel TDC 363 Introductions to LANs Lecture 7 Wireless LAN 1 Outline WLAN Markets and Business Cases WLAN Standards WLAN Physical Layer WLAN MAC Layer WLAN Security WLAN Design and Deployment 2 The Mobile Environment

More information

Chapter III THE IEEE ARCHITECTURE. Estelar. 3.1 Components of the IEEE Architecture

Chapter III THE IEEE ARCHITECTURE. Estelar. 3.1 Components of the IEEE Architecture Chapter III THE IEEE 802.11 ARCHITECTURE 3.1 Components of the IEEE 802.11 Architecture The IEEE 802.11 architecture consists of several components. These components interact to provide a wireless LAN

More information

Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services

Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services CHAPTER 11 Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services This chapter describes how to configure your access point/bridges for wireless domain services

More information

Stream ciphers. Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 91

Stream ciphers. Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 91 Stream ciphers Lecturers: Mark D. Ryan and David Galindo. Cryptography 2017. Slide: 91 Lecturers: Mark D. Ryan and David Galindo. Cryptography 2017. Slide: 92 Stream Cipher Suppose you want to encrypt

More information

Wireless Communication and Networking CMPT 371

Wireless Communication and Networking CMPT 371 Wireless Communication and Networking CMPT 371 Wireless Systems: AM, FM Radio TV Broadcast Satellite Broadcast 2-way Radios Cordless Phones Satellite Links Mobile Telephony Systems Wireless Local Loop

More information

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks. Presented by Paul Ruggieri

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks. Presented by Paul Ruggieri TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry,, David Wagner Presented by Paul Ruggieri 1 Introduction What is TinySec? Link-layer security architecture

More information

Procedure: You can find the problem sheet on the Desktop of the lab PCs.

Procedure: You can find the problem sheet on the Desktop of the lab PCs. University of Jordan Faculty of Engineering & Technology Computer Engineering Department Computer Advance Networks Laboratory 907529 Lab.3 WLAN Security Objectives 1. Configure administrator accounts.

More information

Wireless Networking WiFi Standards 802.11a 5GHz 54MB 802.11b 2.4 GHz 11MB 802.11g 2.4GHz 52MB 802.11n 2.4/5GHz 108MB 802.11b The 802.11b standard has a maximum raw data rate of 11 Mbit/s, and uses

More information

Configuring Cipher Suites and WEP

Configuring Cipher Suites and WEP 10 CHAPTER This chapter describes how to configure the cipher suites required to use WPA authenticated key management, Wired Equivalent Privacy (WEP), Temporal Key Integrity Protocol (TKIP), and broadcast

More information

802.11g. Wireless LAN Card

802.11g. Wireless LAN Card 802.11g Wireless LAN Card LCS-8031G Quick Installation Guide M73-LGS01-030 INSTALLATION Caution: Do not insert the Wireless PC Card into your computer until the procedures in Install the Driver & Utility

More information

The Final Nail in WEP s Coffin

The Final Nail in WEP s Coffin 1/19 The Final Nail in WEP s Coffin Andrea Bittau 1 Mark Handley 1 Joshua Lackey 2 May 24, 2006 1 University College London. 2 Microsoft. Wired Equivalent Privacy 2/19 WEP is the 802.11 standard for encryption.

More information

Architecture. Copyright :I1996 IEEE. All rights reserved. This contains parts from an unapproved draft, subject to change

Architecture. Copyright :I1996 IEEE. All rights reserved. This contains parts from an unapproved draft, subject to change 802.11 Architecture Copyright :I1996 IEEE. All rights reserved. This contains parts from an unapproved draft, subject to change What is unique about wireless? Difficult media - interference and noise -

More information

WLAN The Wireless Local Area Network Consortium

WLAN The Wireless Local Area Network Consortium WLAN The Wireless Local Area Network Consortium 802.11 Base Station MAC Layer Test Suite Version 3.2 Technical Document Last Updated: November 25, 2008 Wireless LAN Consortium 121 Technology Drive, Suite

More information

WLAN Technology: LAN: a review WLAN: applications & key parameters. protocol architectures

WLAN Technology: LAN: a review WLAN: applications & key parameters. protocol architectures WLAN Technology: LAN: a review WLAN: applications & key parameters IEEE 802.11 protocol architectures LOCAL AREA NETWORKS LAN ROUTER INTERNET WEB SERVER RAM Ethernet Processor RAM ROM A C NIC with unique

More information

Computer Networks. Wireless LANs

Computer Networks. Wireless LANs Computer Networks Wireless LANs Mobile Communication Technology according to IEEE (examples) Local wireless networks WLAN 802.11 Personal wireless nw WPAN 802.15 WiFi 802.11a 802.11b 802.11h 802.11i/e/

More information

CH : 15 LOCAL AREA NETWORK OVERVIEW

CH : 15 LOCAL AREA NETWORK OVERVIEW CH : 15 LOCAL AREA NETWORK OVERVIEW P. 447 LAN (Local Area Network) A LAN consists of a shared transmission medium and a set of hardware and software for interfacing devices to the medium and regulating

More information

Presentation_ID. 2001, Cisco Systems, Inc. All rights reserved.

Presentation_ID. 2001, Cisco Systems, Inc. All rights reserved. 1 Session Number Denver Tech Days 2002 WLAN Security Mike Morrato System Engineer Cisco Systems April 10, 2002 2 Agenda Past security methods in Wireless LANs The problem with 802.11 - Wireless Insecurity

More information

CHAPTER SECURITY IN WIRELESS LOCAL AREA NETWORKS

CHAPTER SECURITY IN WIRELESS LOCAL AREA NETWORKS CHAPTER SECURITY IN WIRELESS LOCAL AREA NETWORKS Mohammad O. Pervaiz, Mihaela Cardei, and Jie Wu Department of Computer Science &Engineering, Florida Atlantic University 777 Glades Road, Boca Raton, Florida

More information

HACKING & INFORMATION SECURITY Presents: - With TechNext

HACKING & INFORMATION SECURITY Presents: - With TechNext HACKING & INFORMATION SECURITY Presents: - With TechNext We Are The Speakers Sudarshan Pawar Cer.fied Security Expert(C.S.E.) Cer.fied Informa.on Security Specialist (C.I.S.S.) Security Xplained (TechNext

More information

CHAPTER 8: LAN Standards

CHAPTER 8: LAN Standards CHAPTER 8: LAN Standards DR. BHARGAVI GOSWAMI, ASSOCIATE PROFESSOR HEAD, DEPARTMENT OF COMPUTER SCIENCE, GARDEN CITY COLLEGE BANGALORE. LAN STRUCTURE NETWORK INTERFACE CARD MEDIUM ACCESS CONTROL SUB LAYER

More information

Configuring WEP and WEP Features

Configuring WEP and WEP Features CHAPTER 9 This chapter describes how to configure Wired Equivalent Privacy (WEP), Message Integrity Check (MIC), and Temporal Key Integrity Protocol (TKIP). This chapter contains these sections: Understanding

More information

Wireless Networking Basics. Ed Crowley

Wireless Networking Basics. Ed Crowley Wireless Networking Basics Ed Crowley 2014 Today s Topics Wireless Networking Economic drivers and Vulnerabilities IEEE 802.11 Family WLAN Operational Modes Wired Equivalent Privacy (WEP) WPA and WPA2

More information

Distributed Queue Dual Bus

Distributed Queue Dual Bus Distributed Queue Dual Bus IEEE 802.3 to 802.5 protocols are only suited for small LANs. They cannot be used for very large but non-wide area networks. IEEE 802.6 DQDB is designed for MANs It can cover

More information

Local Area Network Overview

Local Area Network Overview Local Area Network Overview Chapter 15 CS420/520 Axel Krings Page 1 LAN Applications (1) Personal computer LANs Low cost Limited data rate Back end networks Interconnecting large systems (mainframes and

More information

LAN PROTOCOL ARCHITECTURE

LAN PROTOCOL ARCHITECTURE Fahad Yassir AL Bazzaz M.sc Student Student No: 15501064 2016 The basic functions of a LAN is organized by set of layering protocols. IEEE 802 Reference Model Protocols defined specifically for LAN and

More information

Advanced Security and Mobile Networks

Advanced Security and Mobile Networks Advanced Security and Mobile Networks W.Buchanan (1) 9. GSM/3G Unit 7: Mobile Networks. Wireless. Security. Mobile IP. Mobile Agents. Spread spectrum. Military/Emergency Networks 8. Ad-hoc 7. Mobile Networks

More information

EEC-682/782 Computer Networks I

EEC-682/782 Computer Networks I EEC-682/782 Computer Networks I Lecture 24 Wenbing Zhao wenbingz@gmail.com http://academic.csuohio.edu/zhao_w/teaching/eec682.htm (Lecture nodes are based on materials supplied by Dr. Louise Moser at UCSB

More information

COSC4377. Chapter 8 roadmap

COSC4377. Chapter 8 roadmap Lecture 28 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7

More information

WL-5450AP & WL-5460AP Wireless Access Point. User s Guide

WL-5450AP & WL-5460AP Wireless Access Point. User s Guide WL-5450AP & WL-5460AP Wireless Access Point User s Guide 1 FCC Certifications This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the

More information

WPA Migration Mode: WEP is back to haunt you

WPA Migration Mode: WEP is back to haunt you Black Hat USA 2010 WPA Migration Mode: WEP is back to haunt you Leandro Meiners (lmeiners@coresecurity.com / @gmail.com) Diego Sor (dsor@coresecurity.com / diegos@gmail.com) Page 1 WPA Migration Mode:

More information

WNC-0300USB. 11g Wireless USB Adapter USER MANUAL

WNC-0300USB. 11g Wireless USB Adapter USER MANUAL WNC-0300USB 11g Wireless USB Adapter USER MANUAL Contents 1. Introduction...3 1.1 Product Feature...3 1.2 System Requirement...3 2. Getting Start...3 2.1 LED Indicators...3 2.2 Install the 54Mbps Wireless

More information

FAQ on Cisco Aironet Wireless Security

FAQ on Cisco Aironet Wireless Security FAQ on Cisco Aironet Wireless Security Document ID: 68583 Contents Introduction General FAQ Troubleshooting and Design FAQ Related Information Introduction This document provides information on the most

More information

Content. Chapter 1 Product Introduction Package Contents Product Features Product Usage... 2

Content. Chapter 1 Product Introduction Package Contents Product Features Product Usage... 2 Content Chapter 1 Product Introduction... 2 1.1 Package Contents... 2 1.2 Product Features... 2 1.3 Product Usage... 2 1.4 Before Installation... 2 1.5 Disable other manufacturers wireless network adapters...

More information

802.11b/g Access Point WL-8000AP

802.11b/g Access Point WL-8000AP 802.11b/g Access Point WL-8000AP User s Guide - FCC Certifications This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules.

More information

The following chart provides the breakdown of exam as to the weight of each section of the exam.

The following chart provides the breakdown of exam as to the weight of each section of the exam. Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those

More information

ECE442 Communications Lecture 3. Wireless Local Area Networks

ECE442 Communications Lecture 3. Wireless Local Area Networks ECE442 Communications Lecture 3. Wireless Local Area Networks Husheng Li Dept. of Electrical Engineering and Computer Science Spring, 2014 Wireless Local Networks 1 A WLAN links two or more devices using

More information

WLAN The Wireless Local Area Network Consortium

WLAN The Wireless Local Area Network Consortium WLAN The Wireless Local Area Network Consortium WPA Station MAC Layer Test Suite Version 2.5 Technical Document Last Updated: February 18, 2013 Wireless LAN Consortium 121 Technology Drive, Suite 2 Durham,

More information

Appendix E Wireless Networking Basics

Appendix E Wireless Networking Basics Appendix E Wireless Networking Basics This chapter provides an overview of Wireless networking. Wireless Networking Overview The FWG114P v2 Wireless Firewall/Print Server conforms to the Institute of Electrical

More information

A Scheme for Key Management on Alternate Temporal Key Hash

A Scheme for Key Management on Alternate Temporal Key Hash International Journal of Network Security, Vol.1, No.1, PP.8 13, July 2005 (http://isrc.nchu.edu.tw/ijns/) 8 A Scheme for Key Management on Alternate Temporal Key Hash Song-Kong Chong 1, Hsien-Chu Wu 2

More information

U S E R M A N U A L b/g PC CARD

U S E R M A N U A L b/g PC CARD U S E R M A N U A L 802.11b/g PC CARD Table of Content CHAPTER 1 INTRODUCTION... 1 1.1 WIRELESS LAN FEATURE FUNCTIONS... 1 1.2 REGULATORY NOTICE... 1 1.2.1 FCC Class B Statement...1 1.2.2 Canadian Regulatory

More information

Cryptographic Concepts

Cryptographic Concepts Outline Identify the different types of cryptography Learn about current cryptographic methods Chapter #23: Cryptography Understand how cryptography is applied for security Given a scenario, utilize general

More information

User s Manual Doc. No.:

User s Manual Doc. No.: 802.11g Wireless LAN Card User s Manual Doc. No.:120903-01 REGULATORY STATEMENTS FCC Certification The United States Federal Communication Commission (FCC) and the Canadian Department of Communications

More information

KALASALINGAM UNIVERSITY

KALASALINGAM UNIVERSITY KALASALINGAM UNIVERSITY (Kalasalingam Academy of Research and Education) DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING CLASS NOTES CRYPTOGRAPHY AND NETWOTK SECURITY (CSE 405) Prepared by M.RAJA AP/CSE

More information

Journal of Global Research in Computer Science A UNIFIED BLOCK AND STREAM CIPHER BASED FILE ENCRYPTION

Journal of Global Research in Computer Science A UNIFIED BLOCK AND STREAM CIPHER BASED FILE ENCRYPTION Volume 2, No. 7, July 2011 Journal of Global Research in Computer Science RESEARCH PAPER Available Online at www.jgrcs.info A UNIFIED BLOCK AND STREAM CIPHER BASED FILE ENCRYPTION Manikandan. G *1, Krishnan.G

More information

WLAN PCMCIA Card. Quick Setup Guide WLC3010

WLAN PCMCIA Card. Quick Setup Guide WLC3010 WLAN PCMCIA Card Quick Setup Guide WLC3010 This Quick Set-Up Guide only provides you with the basic instructions for setting up these wireless adaptors on your computer. A complete User Manual that includes

More information

Mobile Communications Chapter 7: Wireless LANs

Mobile Communications Chapter 7: Wireless LANs Mobile Communications Chapter 7: Wireless LANs Characteristics IEEE 802.11 (PHY, MAC, Roaming,.11a, b, g, h, i, n z) Bluetooth / IEEE 802.15.x IEEE 802.16/.20/.21/.22 RFID Comparison Prof. Jó Ueyama courtesy

More information

Data Communications. Data Link Layer Protocols Wireless LANs

Data Communications. Data Link Layer Protocols Wireless LANs Data Communications Data Link Layer Protocols Wireless LANs Wireless Networks Several different types of communications networks are using unguided media. These networks are generally referred to as wireless

More information

Wireless Networking based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

Wireless Networking based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Wireless Networking 802.11 based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers topics Standards Technical Concepts Implementation Troubleshooting 802.11 timeline source: Anandtech

More information

Configuring Management Frame Protection

Configuring Management Frame Protection Information About Management Frame Protection, page 1 Restrictions for Management Frame Protection, page 3 (GUI), page 3 Viewing the Management Frame Protection Settings (GUI), page 3 (CLI), page 4 Viewing

More information

Master thesis 60 credits

Master thesis 60 credits UNIVERSITY OF OSLO Department of informatics Capacity and performance study of IEEE 802.11e in WLANs and ad hoc networks Master thesis 60 credits Frank Roar Mjøberg 2. May 2007 Abstract Today, WLANs allow

More information

Chapter 4. The Medium Access Control Sublayer

Chapter 4. The Medium Access Control Sublayer Chapter 4 The Medium Access Control Sublayer The Channel Allocation Problem Static Channel Allocation in LANs and MANs Dynamic Channel Allocation in LANs and MANs Dynamic Channel Allocation in LANs and

More information

Securing Wireless Networks by By Joe Klemencic Mon. Apr

Securing Wireless Networks by By Joe Klemencic Mon. Apr http://www.cymru.com/ Securing Wireless Networks by By Joe Klemencic (faz@home.com) Mon. Apr 30 2001 Many companies make attempts to embrace new technologies, but unfortunately, many of these new technologies

More information