Wireless Security - Research Paper Example

?WIRELESS SECURITY Wireless Security affiliation Table of Contents TECHNOLOGY INVOLVED IN WIRELESS NETWORKS 4 WIRELESS TECHNOLOGY:FUTURE TRENDS 5 COMPANIES INVOLVED IN WIRELESS TECHNOLOGY 7 REGULATORY ISSUES IN WIRELESS NETWORK 8 Piggybacking 8 Wardriving 9 Unauthorized Computer Access 9 Evil Twin Attacks 9 Wireless Sniffing 10 Shoulder Surfing 10 WIRELESS SECURITY MANAGEMENT 11 Wireless Network should be Invisible 11 Wireless Network should be renamed 11 Network Traffic should be encrypted 12 Administrator Password should be Changed 12 Online Awareness 12 Connect Using a VPN 13 Disable File Sharing 13 CONCLUSION 14 REFERENCES 14 INTRODUCTION Wireless networking offers wonderful advantages and opportunities to get easy access to communication and collaborative services. Due to this reason, it has been evolving quickly around the world. In addition, most of the modern technologies today are completely reliant on wireless communication. On the other hand, there are countless security and privacy issues also emerging in wireless networking environments. Though, the new technologies require more and more high level application of wireless communication networks, but such implementations are being established without giving significant concentration to privacy and security related issues. Consequently, the majority of wireless networks around the world are in danger regarding security and safety. Thus, there are a lot of chances that someone with appropriate equipment could be able to spy network traffic. In this scenario, they can get access to users’ passwords and other data (Gerkis, 2006; The State University of New Jersey, 2006). In addition, these security issues and attacks are not immediately theoretical. Additionally, techniques and tools to tap near wireless networks are extensively accessible, even for palmtop devices (Gerkis, 2006; The State University of New Jersey, 2006). In this situation there is vital need for implementing wireless security. Wireless security management has turned out to be a hot issue in literature. This paper presents a detailed analysis of wireless security related issues and their management. This research will analyze some of the important aspects of wireless security, main challenges and possible mitigation techniques. TECHNOLOGY INVOLVED IN WIRELESS NETWORKS Consider the fact that users of WLAN (wireless local area network) are able to travel along with their laptop computers and other devices from one location to another inside their offices or houses without breaking the link with the network. Thus, many corporations and general public at the present think that wireless communication based devices are very useful, efficient, and easy to operate. On the other hand, personal networks based on wireless technology help users receive and distribute data, as well as software applications, by making use of network systems and other users of the network with well-matched devices, without establishing a connection to printer cables and other secondary device links. In fact, with wireless networking users of small PDA, hand-held devices and cell phones can effectively coordinate data and information among PDAs and personal computers, as well as are able to effectively make use of internet based services like that web browsing, email and internet access. In addition, wireless communications can help individuals and business firms reduce their networking or wiring costs (Radack, 2011; Gerkis, 2006; css-security, 2010). In this scenario, Information Technology Laboratory established by NIST (National Institute of Standards and Technology), presents various standards and measures which can be adopted to enhance safety and security of wireless communication networks. Additionally, National Institute of Standards and Technology Special Publication (SP) 800-48, Wireless Network Security, 802.11, Bluetooth, and Hand-held Devices, whose authors were Les Owens and Tom Karygiannis, outlines 3 main and fundamental aspects of wireless security: (Radack, 2011; Gerkis, 2006; css-security, 2010)  Wireless security related issues are foundational upon IEEE (Institute of Electrical and Electronics Engineers) standards 802.11 Wireless security issues which are associated with wireless personal area networks come under Bluetooth specifications, those were established by an industry consortium Security of wireless communication networks for hand-held devices such as PDAs and mobile devices WIRELESS TECHNOLOGY: FUTURE TRENDS Wireless systems are making extensive progress in the direction of development of broadband software applications, which comprise multimedia services in a way to take part with wired LAN systems. Additionally, it is predictable that people will ultimately require establishing new systems with broadband access and bit rates greater than 2 Mbps, comprising broadband WLANs, multimedia, and interactive broadcasts in a worldwide setting foundational on global and satellite systems. However, this need will demand a 4th generation systems though the lack of existing spectrum will cause grave blockage to the development (Camera2000, 2010; Iqbal, 2002; Lane, 2005; Tynan, 2004; Abel, 2011). Moreover, nowadays the new technology based devices require relatively higher bandwidth capabilities by means of wireless data communication system along with parallel reliability, performance and security as compared to its wired equivalent networks. On the other hand, with the growth of wireless communication technology more innovative characteristics and capabilities will carry on to be included. In this scenario, standardization businesses, such as ETSI and IEEE, are always trying to deal with always changing requirements of user by offering innovative standards and reducing faults of the earlier standards. This comprises performance ?ne-tuning, similar to seamless and smother roaming potentials and quality of services and more highly security characteristics. Additionally, these new technology based standards are presently in development. In this scenario, some standards, such as 802.11b 802.11g, 802.11a and HiperLAN, are aimed at offering more robust and enhanced Wireless LAN performance (Camera2000, 2010; Iqbal, 2002; Lane, 2005; Tynan, 2004; Abel, 2011). Furthermore, future IEEE technology based standards regarding wireless communication (such as 802.11g which is an extension of 802.11b) permitting for data rates more than 54 Mbps in the 2.4 MHz ISM transfer band and complete rati?cation. In this scenario, 802.11e will be used ultimately to establish a link between QoS and WLANs, 802.11f will help improve the handover from AP to AP as clients roam, 802.11h will tackle European approvals. In the same way, 802.11i will deal with security features. In fact, new wireless communication technology based standards are continuously developing; a variety of RF and IR standards has been planned previously to deal with users’ requirements. Though, it is extremely improbable that all of them will carry on in the long-standing, however, the majority probable the extensively accepted wireless standards for data communication, WLAN will take pleasure in wonderful expansion in future (Camera2000, 2010; Iqbal, 2002; Lane, 2005; Tynan, 2004; Abel, 2011). COMPANIES INVOLVED IN WIRELESS TECHNOLOGY This section outlines some of the biggest companies of the world and US those are operational in wireless technology based communication. This section presents a detailed overview of those corporations and their overall market standing. In this scenario, one of the biggest wireless network companies is Cingular Wireless, with more than 46 million wireless subscribers who are making use of the nation's major digital voice and data network. In addition, Cingular is devoted to provide its clients with wireless technology intended to supplement their lives. In this scenario, the next biggest wireless company is Verizon Wireless that possesses and work in the nation's the majority dependable wireless network, offering communication capability to approximately 42.1 million clients. The next biggest wireless communication corporation is Sprint, which operates in the major all-PCS, all-digital countrywide wireless network in the US, previously facilitating the greater part of the country’s metropolitan regions comprising more than 4,000 cities, as well as societies all through the nation. In addition, this wireless communication service provider deals with more than 21.3 million subscribers (Bellaire, 2010; Reed, 2011). Moreover, the next biggest wireless communication company is LLTEL, which is also the 7th major wireless telephone corporation of the US with 7.928 million clients (3Q03) and wire-line telephone corporation with more than 3.1 million customers (Bellaire, 2010; Reed, 2011). Furthermore, the mobile technology of GSM is by far the dominant mobile standard globally, with more the two billion worldwide customers. In the US, though, the only carriers that at present make use of GSM are T-Mobile and AT&T. In this scenario, Carriers Sprint and Verizon both make use of the rival Code Division for Multiple Access (CDMA) communication technology, though Verizon has moved to the GSM area when it launched its own LTE network in 2010 (Bellaire, 2010; Reed, 2011). REGULATORY ISSUES IN WIRELESS NETWORK There are numerous security related issues in communication and collaboration at the wireless communication networks. These security and privacy issues vary from situation to situation; however, in all cases the main challenge and threat is personal information security. This section presents some of the main security attacks and issues regarding wireless communication networks: (US-CERT, 2008; Tyrrell, 2003; The State University of New Jersey, 2006; Singh & Liu, 2010) Piggybacking If we do not protect our wireless communication based network then someone by means of a wireless device sited in area of wireless access point could be able to access the internet through our wireless communication link. In this scenario, normal internal broadcast range of an access point is 150–300 feet. However, external broadcast range can be expanded up to 1,000 feet. On the other hand, if our area is intimately settled, for instance, if we live in a condominium or apartment house, failure to protect our wireless network could probably offer our internet link for free use to countless users. Thus, this can be a huge danger of security for our wireless link (US-CERT, 2008). Wardriving Wardriving is a particular type of piggybacking. In this scenario, the communication broadcast region of a wireless access point could be able to establish internet connections outside of our home, even as far away as our street. In fact, savvy computer clients are well familiar with this fact, and most of them have made a hobby out of driving throughout cities, as well as neighborhoods with a wireless-equipped computer occasionally by making use of a powerful antenna searching for unsecured wireless networks (US-CERT, 2008). Unauthorized Computer Access A non-protected wireless communication network connected with unsecured file sharing is able to imply disaster. In this situation, a malicious user could be able to get illegal access to some directories and files which we have permitted for sharing (US-CERT, 2008). Evil Twin Attacks In case of wireless communication environment, an evil twin attack could damage the overall security of network. In this kind of attack, the attacker collects data and information regarding a public access point, and then makes use of that data to mimic the actual wireless network access point. In addition, in this kind of attack, the attacker makes use of a broadcast signal which is much stronger than the one generated by the real access point. In this scenario, innocent users will unintentionally make use of wrong (stronger) signals. For the reason that the sufferer is making use of the attacker’s system to access the internet, as a result, it is very easy for the attacker to make use of specialized tools to interpret some data the victim transmits over the internet. Moreover, this precious data can comprise user-name, credit card numbers and password combinations, addresses, and other personal data and information (US-CERT, 2008). Wireless Sniffing A lot of public access points are not protected, as a result, the traffic they hold is not encrypted. This situation puts our sensitive communications or transactions at security based risk. For the reason that our network communication link is being transmitted “in the clear,” malicious clients are able to make use of “sniffing” tools to get sensitive information like that bank account numbers, passwords and credit card numbers (US-CERT, 2008). Shoulder Surfing While using wireless communication arrangement in public wireless areas, the users with bad intentions can hack our sensitive data and information without using a computer. In addition, the reality that somebody can be carrying out their personal business activity in a public place is a golden chance for them. In fact, if somebody is much closer, then the attacker could be able to simply look over their shoulder as sufferer type. Moreover, they could be able to establish peer by making use of binoculars from an apartment window located in same street. Thus, by simply observing us, they can be able to steal all types of sensitive, personal data and information (US-CERT, 2008). WIRELESS SECURITY MANAGEMENT This section presents a detailed analysis of some of the important aspects of wireless security management. In this scenario, we will make use of effective security management techniques and measures that can help ensure the effective privacy and security of our systems: (US-CERT, 2008; Tyrrell, 2003; The State University of New Jersey, 2006; Singh & Liu, 2010) Wireless Network should be Invisible In case of wireless communication arrangement, the wireless access points can themselves let the others know regarding their presence to wireless enabled nearby computers. This process is acknowledged as the identifier broadcasting. In addition, in many cases, identifier broadcasting is enviable. For example, an internet cafe would desire its users to simply discover its access point; consequently, it could enable identifier broadcasting. On the other hand, this can create problems for our security. In this scenario, there is vital need for making our identity invisible in case of any communication situation. This will ensure the effective and enhanced protection of systems (US-CERT, 2008). Wireless Network should be renamed A lot of wireless access point devices come with a default name, which is normally represented as the service set identifier (SSIS) or comprehensive service set identifier (ESSID). In this scenario, the evade names employed by a variety of manufacturers are extensively recognized, as well as could be employed to get illegal access to our network. Thus, when someone wants to rename their network, they should think for a name that would not be simply guessed by others (US-CERT, 2008). Network Traffic should be encrypted Our wireless access point device must facilitate us to encrypt traffic going in direction of device, as well as coming back to our systems. Thus, encryptions of wireless traffic will allows us to convert it to a code that would simply be understood by computers with the correct key to that safety code. Administrator Password should be Changed As discussed above, our wireless access point device is delivered to us with a default user-name and password. In this scenario, default user passwords intended for a variety of manufacturers are extensively recognized, as well as could be employed to get illegal access to our network. Thus, it is essential for the network users to make sure that they have modified their administrator password to one that is long, holds non-alphanumeric characters (like that: #, $, and &), and holds no personal data and information (like that their birth date). Moreover, if their wireless network access point does not encompass a default password, make sure to produce one and utilize it to protect our device (US-CERT, 2008). Online Awareness For the reason that we are likely to have an unencrypted, unsecured network link when we make use of a public wireless communication access point, thus, we need to be careful about what we are going to do on internet. There is for all time the possibility that another person on the network could be monitoring our online working activity. If we are unable to link steadily with a VPN, then we should be watchful while using following services: (US-CERT, 2008) • Online banking • Online shopping • Sending email • Typing our online passwords or credit card numbers Connect Using a VPN A lot of corporations have a virtual private network (VPN). In this scenario, VPNs permits workers to connect securely to their business network when away from the office. In addition, VPNs hide network connections at the sending and receiving ends, as well as keep out traffic that is not correctly encrypted. Disable File Sharing In case of home wireless network, there is need to disable the open file sharing option. In this scenario, users need to adopt the capability to check and verify the authenticity of file sharing personal for the enhanced sharing of information with others. CONCLUSION Wireless networking offers wonderful advantages and opportunities to get easy access to communication and collaborative services. Due to this reason, it has been evolving quickly around the world. In addition, most of the modern technologies today are completely reliant on wireless communication. On the other hand, there are countless security and privacy issues also emerging in wireless networking environments. Though, the new technologies require more and more high level application of wireless communication networks, but such implementations are being established without giving significant concentration to privacy and security related issues. Consequently, the majority of wireless networks around the world are in danger regarding security and safety. This paper has discussed different aspects involved in wireless security. This research has offered a detailed evaluation of wireless communication technology. This paper has discussed various issues which happen in case of wireless network security. This paper has also suggested the ways to improve the wireless security. REFERENCES Abel, V. S. (2011, April 23). Survey of Current and Future Trends in Security in Wireless Networks . Retrieved December 28, 2011, from http://www.ijser.org/forum/index.php?topic=1236.0 Bellaire, J. (2010). America's Top Wireless Carriers. Retrieved December 28, 2011, from http://tk.com/wireless/top10.html Camera2000. (2010, August 2). Future Trends: Bluetooth Wireless Keyboard. Retrieved December 22, 2011, from http://www.camera2000.com/blog/2010/08/future-trends-bluetooth-wireless-keyboard/ css-security. (2010). Wireless Security: A Technology Primer. Retrieved December 23, 2011, from http://www.css-security.com/wp-content/downloads/papers/swwhitepaper.pdf Gerkis, A. (2006, September). A Survey of Wireless Mesh Networking Security Technology and Threats. Retrieved December 27, 2011, from http://www.sans.org/reading_room/whitepapers/honors/survey-wireless-mesh-networking-security-technology-threats_1657 Iqbal, Z. (2002). Wireless LAN Technology: Current State and Future Trends. Retrieved December 25, 2011, from http://www.tml.tkk.fi/Studies/T-110.557/2002/papers/zahed_iqbal.pdf Lane, H. D. (2005, February 06). Security Vulnerabilities and Wireless LAN Technology. Retrieved December 24, 2011, from http://www.sans.org/reading_room/whitepapers/wireless/security-vulnerabilities-wireless-lan-technology_1629 Radack, S. (2011). Security for wireless networks and devices. Retrieved December 24, 2011, from http://www.itl.nist.gov/lab/bulletns/bltnmar03.htm Reed, B. (2011). Next Big Wireless: LTE? Retrieved December 30, 2011, from http://www.pcworld.com/businesscenter/article/146811/next_big_wireless_lte.html Singh, K. K., & Liu, L. (2010). Security Issues in Wireless Networks. Retrieved December 29, 2011, from http://www.cc.gatech.edu/~ksingh/gatech/projects/paper1_7001.pdf The State University of New Jersey. (2006, March 23). Wireless Security Recommendations for Rutgers. Retrieved December 23, 2011, from http://techdir.rutgers.edu/wireless.html Tynan, D. (2004, July 26). The future of wireless. Retrieved December 24, 2011, from http://www.cnet.com.au/the-future-of-wireless-239116516.htm Tyrrell, K. (2003). An Overview Of Wireless Security Issues. Retrieved December 28, 2011, from http://www.sans.org/reading_room/whitepapers/wireless/overview-wireless-security-issues_943 US-CERT. (2008). Using Wireless Technology Securely. Retrieved December 22, 2011, from http://www.us-cert.gov/reading_room/Wireless-Security.pdf Read More