Best practices for wireless security

Outline

  • Introduction the topic
    1. Define wireless network
    2. Explain the focus of the paper
  • Wireless security elements
    1. List and explain strategies used in securing the wireless network system
      1. Authentication
      2. The rogue access points
  • Encryption
  • Solution for wireless network security
    1. Explain solutions for wireless security
      1. Access point
      2. Service set identifier
  • Open system authentication
  1. The shared key authentication
  • Explain the different types of networking topologies
    1. Explain the Ad-hoc mode
    2. Explain the infrastructure mode
    3. Explain the wire equivalent privacy protocol
  • Global trend
    1. Explain the global trend of the wireless security
      1. Describe the WI-FI Protected Access
  • Future trend
    1. Explain the future trend in the wireless security
      1. Explain the security risk and threats
      2. Explain the parking lot attack
  • Explain the service set identifier flaw
  • Write the conclusion

Introduction

Wireless networks have proven inexpensive to use in the modern business works, and they cannot be ignored. However, the issue of insecurity has become an issue of concern, and the experts are looking into various strategies to mitigate the same. There are information as well as misinformation on the types of the technologies on wireless security.  This essay seeks to examine wireless network security technologies and the security measures that can be undertaken to mitigate the same. The technology is applied in the public and office environments as well as by home users (Osterhage, 2011). The wireless technology is defined as a Local Area Network (LAN), which utilizes high-frequency radio waves instead of wires for the purpose of communicating between different network enabled devices.

Wireless Security Elements

There are different elements associated with wireless security. In most cases, individuals and enterprises can establish wireless networks without considering security.  The mentioned is possible because most of the systems are in default open access mode from the manufacturers. This means that all the systems security features are turned off, and the user has the sole responsibility of activating them. The three major strategies that can assist in securing the wireless network system include the following.

  • Identifying all the unauthorized users via authentication
  • Mitigating unofficial connections by removing all access points that are rogue
  • Securing transmitted data through encryption

Authentication

Authentication is the best way to ensure that all users of the wireless networks have the authority to do so. Unique passwords and logins are primary authentication basis. However, extra tools can ensure that authentication is not only reliable but also secure. There are different forms of authentication, and the best one is per-session and per-user mutual authentication between the source and the user (Akhgar & Arabnia, 2013).

 The Rogue Access Points

Workers who enjoy a reliable network at the comfort of their rooms might want similar experience at their places of work. This will make the worker buy cheaper access point. The worker will find it easy to install the access point into the network jack without seeking for approval from the relevant authorities. These types of access points are referred to as rogue, and in most cases, they are due to workers actions and not external malicious intruders. Citing Sandhu, Mann and Kaur (2013), it is possible for firm-sanctioned access points to prove as security risks if configured incorrectly.

It is challenging to check for the rogue access points. However, according to Osterhage (2011), different tools can be used to achieve this, such as using wireless software and laptop within a small premise to obtain data from the employees’ access points. Moreover, technical personnel can effectively scan for all new wireless access points. This would enable the team to pick up new threats early enough.

 Encryption

To ensure that all the data can be read easily, and prevent it from being changed during the transmission process, it is important to use encryption. Encryption is considered a secret code and translates all the data into gibberish, and it is only the recipient who can understand it (Choi, Robles, Hong & Kim, 2008). Encryption requires that the receiver and sender possess the key code for decoding the relayed data (Boncella, 2002). A secured encryption utilizes sophisticated algorithms or keys, which regularly changes and this ensures that all the obtained data are secure.

Solutions for Wireless Network Security

There are different solutions for wireless security.

 Access point

A Wireless Access Point (WAP) is defined as a hardware device. The hardware devices permits wireless communication between devices like mobile computers and PDAs to connect the various wireless network (Zhang, Zheng & Ma, 2008). The wireless access point not only connects to a given wired network but also offers a bridge meant for data transfer between wired and wireless gadgets (Wrightson, 2012).

Service Set Identifier (SSID)

A service set Identifier refers to a configurable identification. The configuration identification enables effective communication among wireless clients using the access point. Therefore, regarding effective configuration, it is only users with the right SSID who effectively communicate with the identified access points.  As a result, SSID functions as a one shared password between clients and access points (Wrightson, 2012).

 Open System Authentication

According to Bhatnagar and Birla (2015), Open System Authentication (OSP) is defined as the default authentication protocol particularly for 802.11 standards. It is made up of a simple authentication request featuring authentication response and station ID, which has failure or success data. Following the successful authentication, both stations are authenticated. The open system authentication can be used together with the WEP protocol with the objective of offering effective communication security (Osterhage, 2011). Nonetheless, it is significant to note that the frames of the authentication framework are communicated during the process authentication.  WEP is only applied during encrypting data once the client is associated and authenticated (Choi, et al., 2008). It is possible for any client to remit station ID to link effectively with AP. As a result, there is usually no authentication

The Shared Key Authentication

Shared key authentication is not only not a standard response mechanism but also challenge, which utilizes the WEP in addition to secret key which is shared and ensure authentication. After encrypting the marked challenge text with the WEP utilizing the shared secret key, the verifying user will be required to send back the encrypted challenge text to the access point (Sandhu, Mann & Kaur, 2013). This is useful for the purpose of authentication. It is important to note that the successfulness of authentication would be seen if the access point facilitates the decryption of the similar challenge text.

 Ad-hoc Mode

This networking topology is also referred to as a peer-to-peer mode. The setup of this wireless network structure exhibits the 802.11 standards. The Ad-hoc Mode entails two or more wireless devices. Osterhage (2011) argues the devices communicate without involving the access point. This network typology is not expensive to operate because AP are not required for communication purposes. Nonetheless, it is impossible for it to scale particularly for larger networks. Additionally, it lacks key security features such as access control and MAC filtering.

 The Infrastructure Mode

This is a networking typology that is present in the 802.11 standards with the ad-hoc mode. It has different access points and wireless stations (Bhatnagar & Birla, 2015). In most cases, the access points connect with other larger wired networks. It is possible for the typology to scale up and result in large-scale systems featuring complexity and arbitrary coverage.

The Wired Equivalent Privacy Protocol

This is an essential feature of security that is present in IEEE 802.11 standards, and its objective is to ensure confidentiality in all the wireless networks. It achieves this by encrypting all the information that is transmitted via the network. However, the protocol is no longer considered secure. This is because it is possible to crack the WEP key within few minutes using other automated tools. Hence, WEP should not be utilized unless there are other secure methods (Peikari & Fogie, 2003).

Global Trends

WI-FI Protected Access

This is a security protocol that fixes and also addresses the identified security issues within the WEP. WPA provides all the systems users with assurance on the security of their data (Choi, et al., 2008). Data security is provided by the Temporal Key Integrity Protocol. For the purpose of enhancing the authentication, the 802.1x has also been introduced in the system.

The Wi-Fi Protected Access 2 is associated with IEE 802.11i, which is a new protocol in the wireless security system and it is only the authorized users who can have access to the wireless device (Osterhage, 2011).  It also has different features, which support the cryptography that is stronger, key management, stronger authentication tools, data integrity and replay attack protection.

Citing Wrightson (2012) in 2010, there was a security vendor who purported that he had discovered the various elements attributed to WPA2 protocol vulnerability called the Hole 196. It argued that through exploration of the vulnerability, it was possible for Wi-Fi user who is internally authenticated to decrypt other people’s private data and introduce malicious traffic into the entire wireless network.  Following an investigation, it was discovered that the attack could not break, recover or crack the encryption keys of the WPA2. The systems attacks could only act as AP, and this will provide them with the opportunity to launch an attack in case patients are associated with them (Abel, 2011). Furthermore, it is impossible for the mentioned attack to succeed especially when it is launch in the middle with the objective of interfering with other users.

Future Trends

The Security Risks and Threats

The wireless networks feature minimal deployment costs, and this makes them attractive to different users. Nonetheless, the ready availability of the equipment, which is inexpensive, provides the users with the opportunity access tools that will enable them to launch attacks on the system’s networks.  Additionally, Abel (2011) asserts that the 802.11 standard security mechanisms feature design flaws and this results into active and passive potential attacks.  The attacks provide the intruders with ideal opportunity to tamper with and eavesdrop on wireless transmissions systems.

The Parking Lot Attack

The access points are responsible for the emission of radio signals, which are usually in circular patterns. Consequently, the signals are beyond the intended coverage area. It is possible to intercede the signals outside the buildings or within floors of a building (Abel, 2011). This makes it possible for the attackers to initiate the parking lot attack. This is whereby from the firm’s parking lot, the attackers attempt to attack the internal hoists through the wireless network.  In case the network is interfered with, then the attacker has realized a higher degree of penetration into the system. The attackers might have succeeded in getting through the firewall and can now access the network just like the firms trusted employees.

It is also possible for the attackers to fool the clients who are the legitimate users of the wireless system by making them connect to the network of the attacker. The attacker introduces an unauthorized and stronger access point closer to the clients wireless. The objective is to access the passwords or sensitive data of the end users when they try to log into the systems (Bhatnagar & Birla, 2015). Also, shared key authentication can be exploited easily.  This can be realized via a passive attack that entails the attacker eavesdropping on the response, access point and the authenticating client (Bhatnagar & Birla, 2015). This form of attack is possible as the attacker can easily capture the cipher text and the plaintext.

Service Set Identifier Flaw

The access point feature default SSIDs.  In the circumstances whereby the SSID remain unchanged, then there are more attacks emerging from the attackers as the units are viewed as configured poorly (Bhatnagar & Birla, 2015).  Additionally, the SSIDs are incorporated into the available management frames, which are mostly broadcasted in clear texts without putting into consideration whether the access point has been configured with the objective of disabling the SSID broadcasting or enabling the encryption. Carrying an extensive analysis on the captured network traffic, it is possible for the attacker to perform additional attacks by obtaining the network SSID.

Endpoint security control is also important for ensuring wireless security within a system (Akhgar & Arabnia, 2013). This is defined as the system’s ability to enforce a particular policy from the trust that the IT bestows on the user or the users’ environment.  It is possible for IT firms not only to define but also establish Policy Zones such as laptops and home PCs. This is because, through the end point security control, the firms can effectively control the zones by applying different apparatus. Conversely, the end point security control ensures that is granularity. Therefore, it is evident that IT can not only minimize risk but also offer access to different location and reduced cost to the organization.

There are also associated security risks linked to Bluetooth flaws. This is because it interferes with all networks. Additionally, the AES vulnerability interferes with the AES encryption. This is because the mentioned vulnerabilities impact negatively on the entire technology and not in a given implementation. Moreover, the risk level can be exhibited in both flaws.

Conclusion

In conclusion, it is evident that there are different factors associated with wireless network security and IT managers should come up with different strategies to manage the same.  Even though Wi-Fi technologies have enhanced the capabilities of the security, there are abilities and features which are only present in most recent equipment in managing IT infrastructures, which are technologically managed. In most cases, the cellular data networks depend on the different design of security, which focuses on the radio link protection. Besides, there is no provision of the end-to-end encryption. It is evident that VPN and SSL can be effectively used to secure the various types of wireless communication. The mechanism also houses different user equipment.

Moreover, it is important for IT managers not to allow unauthorized access points. It is easy to establish access points and this might make IT departments to loosen the rules and regulations and permit anyone with VCR knowledge to set them up. However, the IT department should not allow this as it acts as an open window for the intruders to attack the system. Therefore, the firm should deploy a given procedure and strategy on the same and adhere to it.  In sum, it is evident that IT managers can implement different security solutions for wireless network connections. However, every solution will be unique and manage each strategy independently will not be practicable. Another primary concern is that employees might utilize different computing devices, and it is impossible for the IT specialist to have an effective control all over them. Unmanaged devices such as public workstations and home systems might risk the entire network system.

 

References

Abel, V. S. (2011). Survey of current and future trends in security in wireless networks. International Journal of Scientific & Engineering Research, 2(4), 1-6.

Akhgar, B., & Arabnia, H. R. (Eds.). (2013). Emerging trends in ICT security. Waltham, Massachusetts: Morgan Kaufmann/Elsevier.

Bhatnagar, R., & Birla, V. K. (2015). Wi-Fi security: A literature review of security in wireless network. International Journal of Research in Engineering & Technology, 3(5), 23-30.

Boncella, R. J. (2002). Wireless security: an overview. Communications of the Association for Information Systems, 9(1), 269-282.

Choi, M. K., Robles, R. J., Hong, C. H., & Kim, T. H. (2008). Wireless network security: Vulnerabilities, threats and countermeasures. International Journal of Multimedia and Ubiquitous Engineering, 3(3), 77-86.

Osterhage, W. (2011). Wireless Security. CRC Press.

Peikari, C., & Fogie, S. (2003). Wireless maximum security: An insider’s guide to protecting your wireless network. Indianapolis, In.: Sams Publishing.

Sandhu, G. K., Mann, G. S., & Kaur, R. (2013). Benefit and security issues in wireless technologies: Wi-Fi and WiMax. International Journal of Innovative Research in Computer and Communication Engineering, 1(4), 976-982.

Wrightson, T. (2012). Wireless network security: A beginner’s guide. New York: McGraw-           Hill.

Zhang, Y., Zheng, J., & Ma, M. (2008). Handbook of research on wireless security.          Hershey, PA: Information Science Reference.

 
Do you need an Original High Quality Academic Custom Essay?