EVIL TWIN ACCESS POINT DETECTION AND PREVENTION IN WIRELESS NETWORK Sandip S. Thite Bharati Vidyapeeth s College of Engineering for Women, Pune, India
|
|
- Cornelia McKinney
- 5 years ago
- Views:
Transcription
1 EVIL TWIN ACCESS POINT DETECTION AND PREVENTION IN WIRELESS NETWORK Sandip S. Thite Bharati Vidyapeeth s College of Engineering for Women, Pune, India Abstract Now a days wireless access points are widely used in public places to provide web services to the user. The growing users of smartphones use such free WI-FI services for their personal use. They don t care about whether they connect to secure network or not. Such a careless attitude causes a risk of phishing attacks on smartphones. Phishing attacker creates Evil twin access point which attracts the smartphone users and perform the attacks on mobile devices and capture all the sensitive information stored in smartphone memory. The evil Twin attacker sends a stronger signal within close proximity to the wireless users so they can easily attract to Evil Twin AP. The evil twin access point is a serious threat for current smartphone devices. It is a big challenge to distinguish between legitimate access point and Evil Twin AP. Several Evil- Twin AP detection mechanism developed to provide a solution to these problems. Most of these solutions are automated and depends on specific parameters used for detection. In this paper, we have presented a survey on existing techniques with its advantages & disadvantages and proposed new technique for Evil twin AP detection. Keywords: IEEE , Evil Twin AP, Wireless Security I. INTRODUCTION Wireless connectivity is so ubiquitous that one can hardly imagine life without it. Smartphone users rely heavily on a WIFI network for mobile applications. Wi-Fi technology helps us to easily get connected to the web, without cables, patch cords or physical media. Wi-Fi statistics of 2014 highlight that 75 % of people say a week without Wi-Fi would leave them grumpier than a week without coffee. Hotels, Railway stations, restaurant, malls see Wi-Fi as an essential amenity. Smart cities concept pushes Municipal Corporation of city to implement public Wi-Fi concepts for city people. So maximum peoples switch to public Wi-Fi to get data connectivity for different devices like smartphones, laptop, tablet etc. These public Wi-Fi networks are easily available for customers and also completely unsecured in order to facilitate connectivity. Bad side of these public Wi-Fi network is it allows hackers to perform different attacks on connected nodes. hotforsecurity.com [3] reports suggest that 88% public Wi-Fi network is unsecured and easily vulnerable to attack. It is so simple to create an Evil Twin AP with a smartphone by enabling Hotspot. Even with the help of other internet capable devices & software tools we can easily create an Evil Twin AP. The attacker position himself in the propinquity of an authorized AP and lets his smartphone discover what Radio Signal strength and Service Set Identifier (SSID) uses. Then he sends his own device radio signal with the same SSID of authorized AP. Public Wi-Fi users can easily attract to such Evil Twin AP because of good radio signal strength and connect to it. Now Evil Twin AP becomes the end users internet access point. In such scenario, now attacker can easily enter into the information system of a particular smartphone device and able to intercept sensitive data such as password, banking details etc. Evil Twin AP also called as a clone of Authorized access point or Honeypots. It is easy to deploy in any wireless public network, difficult to detect and it is easy to implement different attacks with it. It performs Denial of service, Phishing attack, Man-in-Middle attack and session hijacking attack. 1
2 Figure 1: Secured vs. Unsecured Public Wi-Fi Network In this paper our attention is on important security issues of wireless network, which is called as Evil Twin access point. The rest of this paper organized as follows. In section II describes background details of the access point. Section III describes the literature survey about Evil Twin access point detection technique. Proposed system presented in section IV. Future scope mentioned in section V. Section VI concludes this paper. II. BACKGROUND Wirless Network Mobility it is a great feature provided by wireless network.wireless network is used to provide interconnection between different devices. It s very popular because of features like low cost, effectiveness, mobility, easy to install & scalability. Now a days maximum network developed with the wireless environment. Wireless access point The access point is a heart of wireless network. It is central device which takes services from wired network & provide it to end point nodes like mobile, laptop, tablet etc. with the help of access point we require minimum infrastructure cost for WLAN development. Multiple device connectivity is the added advantage with the access point. With the help of Hotspot application, we can create our handheld device as an access point. An attacker can create his handheld device as AP by using Hotspot application, which acts as an Evil Twin AP. Such AP attracts other wireless devices. These devices connect to such Evil twin AP and become victim of an attacker. Now a day s different security mechanism are used to protect authorized AP from such attacks. By using the wireless encryption protocol we can secure our AP from different attacks. But different software tools are easily available in the market which can be used by attacker to break the security of such secure network. For example, with the help of MAC address changer software attacker can easily change its AP S MAC address into an authorized AP address. Also tools like Aircrack-ng suite attacker can easily monitor the wireless traffic and steal some important information of authorized AP which is helpful to create Evil Twin AP. The Unauthorized Access point is divided into three categories Fake access point It is created or installed by outside attacker who is not a part of authorized network. Without knowing to authorize user it can perform the attack. The purpose of such attack is to perform a malicious behavior, such as eavesdropping, steal the information & falsification. Rouge Access point- It is installed by not only outside attacker, but also authorized user of that network. Authorized user of network wants more advantage from network for that purpose he creates Rouge AP in its network by stealing the information of authorized AP. Rouge AP is more dangerous because of authorized user handling such AP who knows all the secure information about the network. Evil Twin Access point- Attacker creates bogus access point, with such AP it will provide internet services by enabling DHCP service. So mobile user can easily attract to such AP which provide internet service. At the same time attacker continuously monitoring wireless traffic and capture some important information of connected user. SSID: Service Set Identifier SSID comprises 32 characters. It is associated with WLAN. Client devices use the SSID to identify and connect different wireless Network. It is important to communicate in WLAN and form a group of devices connected to the same access point Received Signal Strength (RSS) The quality of communication between the sensor unit and the AP is indicated by the RSS value [9] and it is expressed as Decibels (db). RSS values can vary from 0 to -100[12]. The value showing nearness to 0 signifies strong signal, whereas the value approaching 100 indicates weaker signal [14]. Evil Twin access point creation with example It is easy to create Evil Twin access point, Consider figure 2, where Original AP is 2
3 authorized AP, and all users & smart phone are connected to it. This AP gets WAN services through a modem. Evil Twin AP also called as a clone of Authorized access point. Attacker capture the Original AP information through wireless traffic, through which it get information, like SSID, MAC Address, IP address range. Now attackers AP uses this captured information of authorized AP to create clone of authorized AP. After successful creation of the clone, the attacker tries to attract users who normally connect to authorized AP. Victim as shown in figure the, User3, User 4 & smartphone 2 are easily attracted to Evil Twin AP, because of maximum signal strength and better bandwidth which they get from Evil Twin AP. They also think that they are connected to authorize AP. Now Evil Twin AP performs the attack on these users by providing WAN services. It also steals the important information of these connected nodes and victim never knows about this. Figure 2: An example of Evil Twin AP III. LITERATURE SURVEY Lots of research is going on for prevention & detection of evil twin access point. Different technique used by industry people & academic researchers. These techniques further divided into client side, server side and hybrid approaches. The oldest method to detect Evil twin access point is to compare different parameters like MAC address, IP address, SSID. If all these parameters are same then we can say that the access point will be authorized one. But attackers are very smart by using d ifferent software tools they can easily steal authorized user s different parameters and using this create Evil twin AP. Even if we monitor wireless traffic it is easy to get such type of information. In server side approach, Central server which is connected to the wired & wireless network. On this central server Evil twin access point detection tool is installed, by using this tool whole network continuously monitor and check that if any unauthorized client is connected in network. After specific time interval it checks the status of each AP in the network. And generate the result, whether AP is authorized or unauthorized. In client side approach, different techniques are used, in first technique client called as a thick client, where Evil-Twin AP detection tool is installed on client side, using this tool client decide whether it s connected to authorized or evil twin AP. In second technique client called as a thin client, where Evil Twin AP detection tool is available at server side, the client request for verification of AP and depending upon result generated by server client decide whether to connect to AP or not. Academic researcher also contributed for detection of malicious AP. Industry solutions are also useful. Air Defense & AirMagnet these are the some commercial products are useful for prevention of malicious AP. Academic researchers and Industry people are works on to find a improved solution for the detection of Evil Twin AP. There are some methods which focus these problems. Every method uses different parameters to get a solution which causes a different rate of success for fake AP detection. Air Defense [2] it is a commercial product which deploy sensors in the network. With the help of sensor it manages up to 10 APs. It detects the attackers & vulnerabilities in the network. It is very useful network monitoring tool, especially for wireless network. But the slow response time for detection of Evil Twin AP is the big drawback. Time require for verification of AP is high. That s the sufficient time for attacker to understand and attack the network. AirMagnet [1] is another commercial product which is used for detection of vulnerabilities and intrusions. It not only detect unauthorized APS but also denial of service attack by flooding technique. The drawback with this system is that, system administrator is always moving around the network for detection of security threats in network. Qiang Xu et al. [5] proposed device fingerprinting solution for unauthorized AP detection. They create a whitelist database where authorized AP information is stored with some parameters. Every time it checks Available AP in the network with the parameter listed in Whitelist. If it found any unmatched parameter during comparison then it discarded that AP from the network. It is a very good solution for Evil Twin AP detection, but it considers only few parameters for comparison which is not 3
4 sufficient for unauthorized AP detection. Even in some cases it banned authorized AP from the network because of some vulnerable parameter mismatching. Songrit Srilasak et al. [7] provides combined solution for detection and counterattack the malicious AP. It has a central server which is used to collect the wireless data by using its own access point. First it analyze the wireless data and then it detect the malicious AP. After analyzing the data if it found rogue access point, then the central system uses the switch to disable a port to which rogue access point is connected. This technique gives effective and low cost solution which works on any existing wireless infrastructure. But if the central system takes the wireless data from rogue access point for analysis, then the whole system will collapse. The drawback with this approach is we want to rely on a central server for detection and if because of heavy network traffic if the central server is not available then network in critical condition which is easily vulnerable to attacks. Wei et al. [8] implement sequential hypothesis test for unauthorized AP Detection. In this technique, they monitors incoming traffic at router and take a decision about TCP-ACK pairs which are passively collected. Roth et al. [6] implemented systematic approach which helps the user to detect evil twin AP in a wireless network. In this technique short authentication string protocol is used for the purpose of cryptographic key exchange. Verification of short string is done by encoding the short strings as a sequence of color, carried out sequentially by user device and from particular access point. S. Jana et. al. [4] provides a server side solution using clock skews of access point in a wireless network. They use clock skews as a fingerprint to differentiate malicious AP with beacon frames. Detection of MAC spoofing is difficult in this approach. Calculation of clock skews in TCP/ICMP required more time and lack of accuracy shows drawbacks in system. It causes a heavy weighted solution. Even with some drawbacks positives from this method which includes it measure the effects of temperature variations, virtualizations and Network Time Protocol (NTP) synchronization on clock skews. Clock skews is most important parameter which acts as fingerprint so will be unique to each access point. IV. PROPOSED SYSTEM Evil Twin AP detection is a challenging task. The Current technique handles different attacks like Man in the Middle attack, spoofing attack etc. But these techniques will not work for different scenarios. The main drawbacks of many techniques is they work for detection of Evil Twin AP, but prevention policy is not present with these mechanisms. We proposed a novel approach which considers parameters like MAC address, SSID, RSSI value, and 12 bit sequence no. field in IEEE frame. Figure 3 : System Architecture Evil Twin AP detection mechanism works in two different modes, It is initially work for Data collection MODE and with the help of collected data from data collection mode used in verification mode. Data collection mode The data collection mode is used to gather the information parameters like MAC address, SSID, RSSI value, and 12 bit sequence no. field in IEEE frame. This information is used for comparison between authorized and malicious AP. In data collection mode, there are two important phases which can be used for getting above information. Figure 4 : Working of Data Collection Mode 4
5 Wireless traffic capturing Phase In this phase we can use a software tool like Aircrack suite, in which airmon-ng tool can be used for capturing wireless traffic from the network. This tool is very useful to distinguish wired and wireless traffic. It s also useful to capture encrypted wireless traffic. By using this tool we capture wireless traffic by putting our wireless network interface card in monitoring mode. It is used to capture beacon and management frame in a wireless network. We here consider not only the Beacon frame, but also management frame because in some network beacon frames are blocked. After monitoring Wireless traffic we get detailed information of each & every AP in the network. Packet Data Extraction Phase In this phase, each and every wireless packet extracted for required information. From these packets we get detailed information about sender, receiver of packets. Here we concentrate on only few specific parameters like SSID, MAC address of AP, RSSI & Sequence no etc. In the packet header field, we get SSID & MAC address and with data field, we get a frame sequence no & RSSI value. Verification Mode In verification mode two important tasks will perform, In first task, it will create a list of all authorized access point with given parameters and in next task, it will compare this list with current list with given parameters and if it found some changes in parameter values then it will disassociate that AP from network. Authentication Information generation phase It takes the input from packet data extraction phase and create a list of all authorized access point with the parameters given in figure 5. Figure 5: Parameters for Authentication Analysis Phase After specific time interval data collection mode gather the data and verification mode generate the list with the given parameters. It always checks the current parameter values with previous values. In comparison it initially check SSID, if it is not same then it immediately prevent that AP to access from network. Next it take MAC address field if SSID is same and MAC address is different then it add that AP in prevention list, But if it found both MAC and SSID same, but RSSI value is different then it checks the current RSSI value with previous value and if the difference will be in between +10 to -10 then it consider it as authorized AP if difference is more than that then it will consider it as Evil Twin AP. There are always few changes in RSSI value because of environmental effect and distance between nodes and AP. Finally, it checks for Sequence no of frames. For that it checks previous frame and current frame sequence no. If the difference between the values is multiple of 12 then its fine, but if it is not multiple of 12 then it is Evil Twin AP. This technique efficiently detect the Evil Twin AP, but environmental condition can affect the RSSI value. Nodes like a smartphone because of mobility causes a drastic change in value of RSSI. But if we use normalization techniques to normalize the RSSI value, then it will reduce these previous problems with RSSI value. Prevention To block Evil Twin Access point we concentrate on the MAC address of access point. We create a list called as Banned AP where we can put these MAC addresses. Every node always goes through this list before connecting to any AP. If it is found in the Banned AP list, then it will never connect to this AP. V. FUTURE SCOPE In future scope, we use an RSSI value as a one parameter in detection mechanism, using this parameter we can easily find the approximate distance in between access point and node. In current scenario we consider parameters like SSID, MAC address, RSSI value & Frame sequence no. We will add more parameters for evaluation, which include Frequency and channel used by AP. Adding more parameters creates robust system for Evil twin detection mechanism. VI. CONCLUSION The Evil Twin access point detection system has been a major research area because of increased in use of wireless network in public places. In this paper, we proposed a novel approach for detection & prevention of Evil Twin AP by comparing important parameters like SSID, MAC address of AP, RSSI values and frame sequence number. Existing Technique does not provide a lightweight solution. But the proposed solution provides a lightweight solution with minimum delay. This system is scalable, cost effective and easy to deploy on any wireless 5
6 network without modifying existing wireless network. This system works on some specific parameters. By increasing more parameters will create a system more robust. So there still remains considerable scope for future research by adding more parameters. REFERENCES [1]Airmagnet. Available: airmagnet.com [2]Air defense enterprise: WIPS. Available: [3]Hot for Security. Hot for security.com [4] S. Jana S. Jana and S. K. Kasera, On fast and accurate detection of unauthorized wireless access points using clock skews, in Proceedings of the 14th ACM international conference on Mobile computing and networking, ser. MobiCom 08. New York, NY, USA: ACM, 2008, pp [5] Qiang Xu, Rong Zheng and Zhu Han, Device Fingerprinting in Wireless Networks: Challenges and Opportunities, IEEE Communication surveys & Tutorials, Vol- 18,No-1, 2016 [6] Roth, V., Polak, W., Rieffel, E. and Turner, T., (2008). Simple and effective defense against Evil Twin Access Points. WiSec 08, March 31 April 2, 2008, Alexandria, Virginia, USA [7] S. Srilasak, K. Wongthavarawat and A. Phonphoem, Integrated Wireless Rogue Access Point Detection and Counterattack System International Conference on Information Security and Assurance, (2008). [8] W. Wei, K. Suh, B. Wang. J. Kurose and D. Towsley, Passive online rogue access point detection using sequential hypothesis testing with TCP ACK-pairs. In Proc. 7th ACM SIGCOMM conference on Internet measurement, (2007). [9] T. Kim, H. Park, H.Jung and H. Lee(2012) Online detection of fake access points using Received Signal Strength [10] G. Shivraj, M. Song and S. Shetty, A hidden markov model based approach to detect rogue access points IEEE, ,2008. [11] H. Han, B. Sheng, C. Tan, Q. Li,and S. Lu A timing based scheme for Rogue AP detection, IEEE Transactions on parallel and distributed systems, vol. 22, no-11, November 2011 [12] S. Vanjale, P.B. Mane, S. Thite Elimination of Rogue access point in Wireless Network, International Journal of Scientific & Engineering Research, Volume 4, Issue 12, December-2013 [13] K. kao, I-En Liao, Y-C Li, Detecting rogue access points using client-side bottleneck bandwidth analysis, ScienceDirect, computers & security 28 (2009), [14] S. Vanjale, S. Thite, A novel approach for fake access point detection and prevention in wireless network, International Journal of Computer Science Engineering and Information Technology Research (IJCSEITR), Vol 4, Issue 1, Feb 2014,
Wireless Network Security
Wireless Network Security Why wireless? Wifi, which is short for wireless fi something, allows your computer to connect to the Internet using magic. -Motel 6 commercial 2 but it comes at a price Wireless
More informationWireless LAN Intrusion Detection and Prevention System for Malicious Access Point with Live Attacks
Wireless LAN Intrusion Detection and Prevention System for Malicious Access Point with Live Attacks Prof. Poonam Rajput 1, Prof. Sandip V. Patil 2, Prof. Chhayadevi H. Khambalkar 3 1Ph.D. Research Scholar,
More informationPRODUCT GUIDE Wireless Intrusion Prevention Systems
PRODUCT GUIDE Wireless Intrusion Prevention Systems The Need for Wireless INTRUSION PREVENTION SYSTEMS A Wireless Intrusion Prevention System (WIPS) is designed to address two classes of challenges facing
More informationWireless Attacks and Countermeasures
Wireless Attacks and Countermeasures Wireless Network Technology Wireless network refers to any type of computer network which is wireless, and is commonly associated with a network whose interconnections
More informationWireless LAN Security (RM12/2002)
Information Technology in Education Project Reference Materials Wireless LAN Security (RM12/2002) Infrastructure Division Education Department The Government of HKSAR www.ited.ed.gov.hk December 2002 For
More informationD. The bank s web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.
Volume: 119 Questions Question No: 1 John Smith uses a coffee shop's Internet hot-spot (no authentication or encryption) to transfer funds between his checking and savings accounts at his bank's website.
More informationCYBER ATTACKS EXPLAINED: WIRELESS ATTACKS
CYBER ATTACKS EXPLAINED: WIRELESS ATTACKS Wireless networks are everywhere, from the home to corporate data centres. They make our lives easier by avoiding bulky cables and related problems. But with these
More informationWhat is Eavedropping?
WLAN Security What is Eavedropping? War Driving War Driving refers to someone driving around with a laptop and an 802.11 client card looking for an 802.11 system to exploit. War Walking Someone walks
More informationHow Insecure is Wireless LAN?
Page 1 of 7 How Insecure is Wireless LAN? Abstract Wireless LAN has gained popularity in the last few years due to its enormous benefits such as scalability, mobile access of the network, and reduced cost
More informationManaging Rogue Devices
Finding Feature Information, page 1 Information About Rogue Devices, page 1 How to Configure Rogue Detection, page 6 Monitoring Rogue Detection, page 8 Examples: Rogue Detection Configuration, page 9 Additional
More informationWLAN Intrusion Detection System Ms. Sushama Shirke 1, Mr. S.B.Vanjale 2
International Journal of Computer Science and Management Studies, Vol. 11, Issue 02, Aug 2011 25 WLAN Intrusion Detection System Ms. Sushama Shirke 1, Mr. S.B.Vanjale 2 1 B.V.D.U. Pune (India) Susha_1720@rediffmail.com
More informationRobust and Effective Evil Twin Access Point Detection Technique at End User Side
Robust and Effective Evil Twin Access Point Detection Technique at End User Side Vibhawari V. Nanavare 1, Prof. Dr. V. R. Ghorpade 2 ME Student, Dept. of CSE, D. Y. Patil College of Engineering & Technology,
More informationDetecting & Eliminating Rogue Access Point in IEEE WLAN
Detecting & Eliminating Rogue Access Point in IEEE 802.11 WLAN S.B.Vanjale, Amol K. Kadam, Pramod A. Jadhav Department of Computer Engg Bharati Vidyapeeth Deemed University College of Engineering Pune.
More informationManaging Rogue Devices
Information About Rogue Devices, page 1 Configuring Rogue Detection (GUI), page 5 Configuring Rogue Detection (CLI), page 8 Information About Rogue Devices Rogue access points can disrupt wireless LAN
More informationMobile Security Fall 2013
Mobile Security 14-829 Fall 2013 Patrick Tague Class #6 More WiFi Security & Privacy Issues WiFi Security Issues A Scenario Internet Open AP SSID Network X Open OpenAP AP SSID Attacker Network X LaptopLaptop
More informationIJSER. Keywords Rogue access point, wireless security, insider Threat, Evil twin attack, rogue AP detection, wireless security. I.
International Journal of Scientific & Engineering Research, Volume 5, Issue 5, May-2014 26 Active User-Side Evil Twin Access Point Detection Mr. Maheshkumar Ramrao Gangasagare Student of Master of Engineering,
More informationLESSON 12: WI FI NETWORKS SECURITY
LESSON 12: WI FI NETWORKS SECURITY Raúl Siles raul@taddong.com Founder and Security Analyst at Taddong Introduction to Wi Fi Network Security Wireless networks or Wi Fi networks IEEE 802.11 Standards Information
More information5 Tips to Fortify your Wireless Network
Article ID: 5035 5 Tips to Fortify your Wireless Network Objective Although Wi-Fi networks are convenient for you and your employees, there may be unwanted clients using up the bandwidth you pay for. In
More informationObstacle Avoiding Wireless Surveillance Bot
Volume 118 No. 20 2018, 4309-4314 ISSN: 1314-3395 (on-line version) url: http://www.ijpam.eu Obstacle Avoiding Wireless Surveillance Bot ijpam.eu Aman Aryan, Aakanksha Mishra, Raashi Pradeep Shetty Department
More informationWIRELESS EVIL TWIN ATTACK
WIRELESS EVIL TWIN ATTACK Prof. Pragati Goel Associate Professor, NCRD s Sterling Institute of Management Studies, Navi Mumbai Mr. Chetan Singh NCRD s Sterling Institute Of Management Studie, Navi Mumbai
More information@IJMTER-2016, All rights Reserved ,2 Department of Computer Science, G.H. Raisoni College of Engineering Nagpur, India
Secure and Flexible Communication Technique: Implementation Using MAC Filter in WLAN and MANET for IP Spoofing Detection Ashwini R. Vaidya 1, Siddhant Jaiswal 2 1,2 Department of Computer Science, G.H.
More informationAttacks on WLAN Alessandro Redondi
Attacks on WLAN Alessandro Redondi Disclaimer Under the Criminal Italian Code, articles 340, 617, 617 bis: Up to 1 year of jail for interrupting public service 6 months to 4 years of jail for installing
More informationNETWORK SECURITY. Ch. 3: Network Attacks
NETWORK SECURITY Ch. 3: Network Attacks Contents 3.1 Network Vulnerabilities 3.1.1 Media-Based 3.1.2 Network Device 3.2 Categories of Attacks 3.3 Methods of Network Attacks 03 NETWORK ATTACKS 2 3.1 Network
More informationToday s challenge on Wireless Networking. David Leung, CISM Solution Consultant, Security Datacraft China/Hong Kong Ltd.
Today s challenge on Wireless Networking David Leung, CISM Solution Consultant, Security Datacraft China/Hong Kong Ltd. Agenda How Popular is Wireless Network? Threats Associated with Wireless Networking
More informationChapter 5 Local Area Networks. Computer Concepts 2013
Chapter 5 Local Area Networks Computer Concepts 2013 5 Chapter Contents Section A: Network Building Blocks Section B: Wired and Wireless Technologies Section C: Network Setup Section D: Sharing Files Section
More informationMultipot: A More Potent Variant of Evil Twin
Multipot: A More Potent Variant of Evil Twin K. N. Gopinath Senior Wireless Security Researcher and Senior Engineering Manager AirTight Networks http://www.airtightnetworks.net Email: gopinath.kn@airtightnetworks.net
More informationGETTING THE MOST OUT OF EVIL TWIN
GETTING THE MOST OUT OF EVIL TWIN B-SIDES ATHENS 2016 GEORGE CHATZISOFRONIOU (@_sophron) sophron@census-labs.com www.census-labs.com > WHOAMI Security Engineer at CENSUS S.A. Cryptography, Wi-Fi hacking,
More informationEthical Hacking and Prevention
Ethical Hacking and Prevention This course is mapped to the popular Ethical Hacking and Prevention Certification Exam from US-Council. This course is meant for those professionals who are looking for comprehensive
More informationSECURITY ON PUBLIC WI-FI New Zealand. A guide to help you stay safe online while using public Wi-Fi
SECURITY ON PUBLIC WI-FI New Zealand A guide to help you stay safe online while using public Wi-Fi WHAT S YOUR WI-FI PASSWORD? Enter password for the COFFEE_TIME Wi-Fi network An all too common question
More informationDepartment of Computer Engineering, Dr. D. Y. Patil Institute and Technology, Pimpri, Pune, India
Introduction to IEEE 802.11 Rogue Access Point Detection Mechanism Using Covert Channel Prof. Kiran Somase 1, Akshay R. Shelke 2, Ankita S. Bhise 3, Rajat R. Balpande 4, Sagar D Bhusari 5 1,2,3,4 Department
More informationWireless Network Security Spring 2014
Wireless Network Security 14-814 Spring 2014 Patrick Tague Class #16 Network Privacy & Anonymity 2014 Patrick Tague 1 Network Privacy Issues Network layer interactions in wireless networks often expose
More informationSchool of Computer Sciences Universiti Sains Malaysia Pulau Pinang
School of Computer Sciences Universiti Sains Malaysia Pulau Pinang Information Security & Assurance Assignment 2 White Paper Virtual Private Network (VPN) By Lim Teck Boon (107593) Page 1 Table of Content
More informationWireless technology Principles of Security
Wireless technology Principles of Security 1 Wireless technologies 2 Overview This module provides an introduction to the rapidly evolving technology of wireless LANs (WLANs). WLANs redefine the way the
More informationOutline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.
Outline 18-759: Wireless Networks Lecture 10: 802.11 Management Peter Steenkiste Departments of Computer Science and Electrical and Computer Engineering Spring Semester 2016 http://www.cs.cmu.edu/~prs/wirelesss16/
More informationWi-Net Window and Rogue Access Points
Wi-Net Window and Rogue Access Points The Wi-Net Window (WP150) has several features that make it ideal for detecting and locating rogue access points: A rogue access point is a wireless access point that
More informationSecurity Challenges Facing the Future Wireless World (aka.. Alice and Bob in the Wireless Wonderland) Wade Trappe
Security Challenges Facing the Future Wireless World (aka.. Alice and Bob in the Wireless Wonderland) Wade Trappe Talk Overview Security has been one of the great detractors for wireless technologies (and
More informationRogue Access Points and UBC s Wi-Fi Network
Rogue Access Points and UBC s Wi-Fi Network Arunkumar Chebium, Pawittar Dhillon, Kaveh Farshad, Farhan Masud Department of Electrical and Computer Engineering, University of British Columbia Vancouver,
More informationTestsDumps. Latest Test Dumps for IT Exam Certification
TestsDumps http://www.testsdumps.com Latest Test Dumps for IT Exam Certification Exam : PW0-200 Title : Certified wireless security professional(cwsp) Vendors : CWNP Version : DEMO Get Latest & Valid PW0-200
More informationTypes of Attacks That Can Be Carried Out on Wireless Networks
1 Types of Attacks That Can Be Carried Out on Wireless Networks Westley Hansen CS 4960 Dr. Martin May 7, 2015 2 Abstract Wireless Networks are very mainstream, it allows a way for computer devices to connect
More informationCSC 574 Computer and Network Security. TCP/IP Security
CSC 574 Computer and Network Security TCP/IP Security Alexandros Kapravelos kapravelos@ncsu.edu (Derived from slides by Will Enck and Micah Sherr) Network Stack, yet again Application Transport Network
More informationSYSTEM THREAT ANALYSIS FOR HIGH ASSURANCE SOFTWARE DEFINED RADIOS
SYSTEM THREAT ANALYSIS FOR HIGH ASSURANCE SOFTWARE DEFINED RADIOS David Murotake, (SCA Technica, Inc. Nashua NH, USA; david.murotak@scatechnica.com) Antonio Martin (SCA Technica, Inc., Nashua NH, USA;
More informationDETECTING, DETERMINING AND LOCALIZING MULTIPLE ATTACKS IN WIRELESS SENSOR NETWORK - MALICIOUS NODE DETECTION AND FAULT NODE RECOVERY SYSTEM
DETECTING, DETERMINING AND LOCALIZING MULTIPLE ATTACKS IN WIRELESS SENSOR NETWORK - MALICIOUS NODE DETECTION AND FAULT NODE RECOVERY SYSTEM Rajalakshmi 1, Umamaheswari 2 and A.Vijayaraj 3 1 Department
More informationThe 8 th International Scientific Conference DEFENSE RESOURCES MANAGEMENT IN THE 21st CENTURY Braşov, November 14 th 2013
The 8 th International Scientific Conference DEFENSE RESOURCES MANAGEMENT IN THE 21st CENTURY Braşov, November 14 th 2013 Florin OGÎGĂU-NEAMŢIU National Defense University of Romania "Carol I"/ The Regional
More informationWho Is Peeping at Your Passwords at Starbucks? To Catch an Evil Twin Access Point
Who Is Peeping at Your Passwords at Starbucks? To Catch an Evil Twin Access Point Yimin Song, Chao Yang, and Guofei Gu Texas A&M University Success Lab, Texas A&M University July 1th, 2010 Pre-question
More informationBYOD: BRING YOUR OWN DEVICE.
white paper BYOD: BRING YOUR OWN DEVICE. On-BOaRDING and Securing DEVICES IN YOUR Corporate NetWORk PrepaRING YOUR NetWORk to MEEt DEVICE DEMaND The proliferation of smartphones and tablets brings increased
More informationnetwork security s642 computer security adam everspaugh
network security s642 adam everspaugh ace@cs.wisc.edu computer security today Announcement: HW3 to be released WiFi IP, TCP DoS, DDoS, prevention 802.11 (wifi) STA = station AP = access point BSS = basic
More informationTOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS
TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS 1 Introduction Your data and infrastructure are at the heart of your business. Your employees, business partners, and
More informationExam : PW Title : Certified wireless security professional(cwsp) Version : DEMO
Exam : PW0-200 Title : Certified wireless security professional(cwsp) Version : DEMO 1. Given: John Smith often telecommutes from a coffee shop near his home. The coffee shop has an 802.11g access point
More informationWireless Security Security problems in Wireless Networks
Wireless Security Security problems in Wireless Networks Security of Wireless Networks Wireless networks are everywhere more and more electronic devices are becoming wireless However, ensuring security
More informationSpoofing Detection in Wireless Networks
RESEARCH ARTICLE OPEN ACCESS Spoofing Detection in Wireless Networks S.Manikandan 1,C.Murugesh 2 1 PG Scholar, Department of CSE, National College of Engineering, India.mkmanikndn86@gmail.com 2 Associate
More informationIntroduction to Information Security Dr. Rick Jerz
Introduction to Information Security Dr. Rick Jerz 1 Goals Explain the various types of threats to the security of information Discuss the different categorizations of security technologies and solutions
More informationJu-A A Lee and Jae-Hyun Kim
Ju-A A Lee and Jae-Hyun Kim Wireless Information & Network Engineering Research Lab, Korea {gaia, jkim}@ajou.ac.kr Abstract. IEEE 802.11i standard supports a secure access control for wireless LAN and
More information5. Execute the attack and obtain unauthorized access to the system.
Describe how a combination of preventive, detective, and corrective controls can be employed to provide reasonable assurance about information security. Before discussing the preventive, detective, and
More informationConfiguring Security Solutions
3 CHAPTER This chapter describes the security solutions for wireless LANs. It contains the following sections: Cisco Unified Wireless Network Solution Security, page 3-1 Interpreting the Security Tab,
More informationPrincess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)
Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Prepared by Dr. Samia Chelloug E-mail: samia_chelloug@yahoo.fr Content
More informationDESIGN AND DEVELOPMENT OF MAC LAYER BASED DEFENSE ARCHITECTURE FOR ROQ ATTACKS IN WLAN
------------------- CHAPTER 4 DESIGN AND DEVELOPMENT OF MAC LAYER BASED DEFENSE ARCHITECTURE FOR ROQ ATTACKS IN WLAN In this chapter, MAC layer based defense architecture for RoQ attacks in Wireless LAN
More informationChapter 11: It s a Network. Introduction to Networking
Chapter 11: It s a Network Introduction to Networking Small Network Topologies Typical Small Network Topology IT Essentials v5.0 2 Device Selection for a Small Network Factors to be considered when selecting
More informationSecuring Wireless LANs with Certificate Services
1 Securing Wireless LANs with Certificate Services PHILIP HUYNH University of Colorado at Colorado Springs Abstract Wireless Local Access Network (WLAN) is used popularly in almost everywhere from the
More informationCyber Security Guidelines for Public Wi-Fi Networks
Cyber Security Guidelines for Public Wi-Fi Networks Version: 1.0 Author: Cyber Security Policy and Standards Document Classification: PUBLIC Published Date: April 2018 Document History: Version Description
More informationAttacking Networks. Joshua Wright LightReading LIVE! October 1, 2003
Attacking 802.11 Networks Joshua Wright Joshua.Wright@jwu.edu LightReading LIVE! October 1, 2003 Attention The material presented here reflects the personal experience and opinions of the author, and not
More informationWireless Network Security Spring 2011
Wireless Network Security 14-814 Spring 2011 Patrick Tague Feb 8, 2011 Class #9 Link/MAC layer security Announcements HW #1 is due on Thursday 2/10 If anyone would like Android phones for their course
More informationDetection and Localization of Multiple Spoofing using GADE and IDOL in WSN. U.Kavitha 1.
Detection and Localization of Multiple Spoofing using GADE and IDOL in WSN U.Kavitha 1 1 PG Student, Department of ECE, CK College of Engineering & Technology, Cuddalore, Tamil Nadu, India Abstract Wireless
More informationANALYSIS AND EVALUATION OF DISTRIBUTED DENIAL OF SERVICE ATTACKS IDENTIFICATION METHODS
ANALYSIS AND EVALUATION OF DISTRIBUTED DENIAL OF SERVICE ATTACKS IDENTIFICATION METHODS Saulius Grusnys, Ingrida Lagzdinyte Kaunas University of Technology, Department of Computer Networks, Studentu 50,
More informationChapter 1 Describing Regulatory Compliance
[ 2 ] Chapter 1 Describing Regulatory Compliance Failure to secure a WLAN makes it vulnerable to attack. To properly secure your network, you must be able to identify common threats to wireless and know
More informationExpected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy
CHAPTER 9 DEVELOPING NETWORK SECURITY STRATEGIES Expected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy Network Security Design
More informationDetecting Protected Layer-3 Rogue APs
Detecting Protected Layer-3 Rogue APs Authors: Hongda Yin, Guanling Chen, and Jie Wang Department of Computer Science, University of Massachusetts Lowell Presenter: Bo Yan Department of Computer Science
More informationWhat is a Wireless LAN? The wireless telegraph is not difficult to understand. The ordinary telegraph is like a very long cat. You pull the tail in Ne
Introduction to Wireless Networking and Security Chino Information Technology Center Steve Siedschlag, Associate Professor What is a Wireless LAN? The wireless telegraph is not difficult to understand.
More informationManaging and Securing Computer Networks. Guy Leduc. Chapter 7: Securing LANs. Chapter goals: security in practice: Security in the data link layer
Managing and Securing Computer Networks Guy Leduc Chapter 7: Securing LANs Computer Networking: A Top Down Approach, 7 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2016. (section 8.8) Also
More informationStudy on Computer Network Technology of Digital Library
International Symposium on Computers & Informatics (ISCI 2015) Study on Computer Network Technology of Digital Library Yanming Sui LinYi University, Linyi, China suiyanming@lyu.edu.cn Abstract With the
More informationWireless Security Algorithms
(NOTE: If you are using a virtual lab to run your attacks you will need an external Wi Fi attachment. The other option is to have a direct install on your computer. Virtual labs cannot access your wireless
More informationA Survey of BGP Security Review
A Survey of BGP Security Review Network Security Instructor:Dr. Shishir Nagaraja Submitted By: Jyoti Leeka November 16, 2011 1 Introduction to the topic and the reason for the topic being interesting Border
More informationWIDS Technology White Paper
Technical white paper WIDS Technology White Paper Table of contents Overview... 2 Background... 2 Functions... 2 Rogue detection implementation... 2 Concepts... 2 Operating mechanism... 2 Operating modes...
More informationWireless KRACK attack client side workaround and detection
Wireless KRACK attack client side workaround and detection Contents Introduction Components used Requirements EAPoL Attack protections Why this works Possible impact How to identify if a client is deleted
More informationOverview. Information About wips CHAPTER
1 CHAPTER This chapter describes the role of the Cisco 3300 mobility services engine (MSE) and the Cisco Adaptive Wireless Intrusion Prevention System (wips) within the overall Cisco Unified Wireless Network
More informationConverged World. Martin Capurro
Information Management in a Converged World Martin Capurro Qwest Product Management Agenda I. Changes In Information Technology II. III. IV. Exploring Technology Trends vs. Needs What is the Buying Opportunity
More informationNETWORK INTRUSION. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006
NETWORK INTRUSION Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Learning Objectives Students should be able to: Recognize different
More informationSecuring Wireless Networks by By Joe Klemencic Mon. Apr
http://www.cymru.com/ Securing Wireless Networks by By Joe Klemencic (faz@home.com) Mon. Apr 30 2001 Many companies make attempts to embrace new technologies, but unfortunately, many of these new technologies
More informationCYBER ATTACKS EXPLAINED: PACKET SPOOFING
CYBER ATTACKS EXPLAINED: PACKET SPOOFING Last month, we started this series to cover the important cyber attacks that impact critical IT infrastructure in organisations. The first was the denial-of-service
More informationChapter 24 Wireless Network Security
Chapter 24 Wireless Network Security Wireless Security Key factors contributing to higher security risk of wireless networks compared to wired networks include: o Channel Wireless networking typically
More informationTO DETECT AND RECOVER THE AUTHORIZED CLI- ENT BY USING ADAPTIVE ALGORITHM
TO DETECT AND RECOVER THE AUTHORIZED CLI- ENT BY USING ADAPTIVE ALGORITHM Anburaj. S 1, Kavitha. M 2 1,2 Department of Information Technology, SRM University, Kancheepuram, India. anburaj88@gmail.com,
More informationWayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk
Wayward Wi-Fi How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk 288 MILLION There are more than 288 million unique Wi-Fi networks worldwide. Source: Wireless Geographic Logging
More informationAssignment Project Whitepaper ITEC495-V1WW. Instructor: Wayne Smith. Jim Patterson
Project Whitepaper ITEC495-V1WW Instructor: Wayne Smith Jim Patterson Table of Contents 1. Abstract Page 3 2. Introduction Page 3 3. Analysis Page 4 4. Solution Discussion Page 7 5. Evaluation Criteria
More informationWireless Network Security Fundamentals and Technologies
Wireless Network Security Fundamentals and Technologies Rakesh V S 1, Ganesh D R 2, Rajesh Kumar S 3, Puspanathan G 4 1,2,3,4 Department of Computer Science and Engineering, Cambridge Institute of Technology
More informationDetection and Localization of Multiple Spoofing Attackers in Wireless Networks Using Data Mining Techniques
Detection and Localization of Multiple Spoofing Attackers in Wireless Networks Using Data Mining Techniques Nandini P 1 Nagaraj M.Lutimath 2 1 PG Scholar, Dept. of CSE Sri Venkateshwara College, VTU, Belgaum,
More informationInternational Journal of Advance Engineering and Research Development
Scientific Journal of Impact Factor (SJIF): 5.71 International Journal of Advance Engineering and Research Development Volume 5, Issue 03, March -2018 e-issn (O): 2348-4470 p-issn (P): 2348-6406 BATCH
More informationDrone /12/2018. Threat Model. Description. Threats. Threat Source Risk Status Date Created
Drone - 2 04/12/2018 Threat Model Description Threats Threat Source Risk Status Date Created Mobile Phone: Sensitive Data Leakage Smart Devices Mobile Phone: Session Hijacking Smart Devices Mobile Phone:
More informationScanning. Introduction to Hacking. Networking Concepts. Windows Hacking. Linux Hacking. Virus and Worms. Foot Printing.
I Introduction to Hacking Important Terminology Ethical Hacking vs. Hacking Effects of Hacking on Business Why Ethical Hacking Is Necessary Skills of an Ethical Hacker What Is Penetration Testing? Networking
More informationCIS 5373 Systems Security
CIS 5373 Systems Security Topic 4.1: Network Security Basics Endadul Hoque Slide Acknowledgment Contents are based on slides from Cristina Nita-Rotaru (Northeastern) 2 Network Security INTRODUCTION 3 What
More informationWeb Gate Keeper: Detecting Encroachment in Multi-tier Web Application
Web Gate Keeper: Detecting Encroachment in Multi-tier Web Application Sanaz Jafari Prof.Dr.Suhas H. Patil (GUIDE) ABSTRACT The Internet services and different applications become vital part of every person
More informationCISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks
CISNTWK-440 Intro to Network Security Chapter 4 Network Vulnerabilities and Attacks Objectives Explain the types of network vulnerabilities List categories of network attacks Define different methods of
More informationProbeQuest Documentation
ProbeQuest Documentation Release 0.7.0 Paul-Emmanuel Raoul Oct 08, 2018 Table of Contents 1 What are Wi-Fi probe requests? 3 2 Installation 5 2.1 Using pip (recommended)........................................
More informationIntroduction and Statement of the Problem
Chapter 1 Introduction and Statement of the Problem 1.1 Introduction Unlike conventional cellular wireless mobile networks that rely on centralized infrastructure to support mobility. An Adhoc network
More informationSolution Architecture
2 CHAPTER Introduction The purpose of the Secure Wireless is to provide common security services across the network for wireless and wired users and enable collaboration between wireless and network security
More informationBackTrack 5 Wireless Penetration Testing
BackTrack 5 Wireless Penetration Testing Beginner's Guide Master bleeding edge wireless testing techniques with BackTrack 5 Vivek Ramachandran [ PUBLISHING 1 open source I community experience distilled
More informationSecuring WMSN using SHAREMIND
Securing WMSN using SHAREMIND Prof. Dhanshri Patil 1, Priyanka Kanse 2, Priyanka Kakade 3, Ketaki Sortur 4, Akshata Nalawade 5 1, 2,3,4,5 UG Student Department of Computer Engineering, PCET s Nutan Maharashtra
More informationData Communication. Chapter # 5: Networking Threats. By: William Stalling
Data Communication Chapter # 5: By: Networking Threats William Stalling Risk of Network Intrusion Whether wired or wireless, computer networks are quickly becoming essential to everyday activities. Individuals
More informationA Visualization Tool for Wireless Network Attacks
A Visualization Tool for Wireless Network Attacks Xiaohong YUAN, Ricky L. ARCHER, Jinsheng XU, Huiming YU Department of Computer Science, North Carolina A&T State University Greensboro, NC 27411, USA ABSTRACT
More informationCTS2134 Introduction to Networking. Module 08: Network Security
CTS2134 Introduction to Networking Module 08: Network Security Denial of Service (DoS) DoS (Denial of Service) attack impacts system availability by flooding the target system with traffic or by exploiting
More informationNetwork Security and Cryptography. December Sample Exam Marking Scheme
Network Security and Cryptography December 2015 Sample Exam Marking Scheme This marking scheme has been prepared as a guide only to markers. This is not a set of model answers, or the exclusive answers
More informationWireless# Guide to Wireless Communications. Objectives
Wireless# Guide to Wireless Communications Chapter 8 High-Speed WLANs and WLAN Security Objectives Describe how IEEE 802.11a networks function and how they differ from 802.11 networks Outline how 802.11g
More information