Network Security and Control Mechanisms - Threats and Challenges - Research Paper Example

Network Security and Control Mechanisms - Threats and Challenges Wireless networking has provided many advantages tothose that have embraced its use. However, it is coupled with a number of security threats that alter the individual’s or organization’s overall data security risk profile. Although implementation of technological solutions is usually the most applied response to wireless security threats and vulnerabilities, wireless security is most basically a management issue. Effective threat management requires a sound and thorough assessment of the risk, with the environment and development of a plan to alleviate the identified threats. This paper presents a framework that is designed to help managers to understand and to be able to assess the various threats associated with wireless technology use. It also addresses various solutions for those threats. Table of Contents Table of Contents 1 1.0Introduction 4 3.0 Wireless network attacks 8 3.1 Accidental association 8 3.2 Malicious association 8 3.3 Ad-hoc networks 9 3.4 Non-traditional networks 9 3.5 Identity theft (MAC spoofing) 9 3.6 Man-in-the-middle attacks 10 3.7 Denial of service 10 3.8 Network injection 10 3.9 Caffe Latte Attack 11 4.0 How to secure wireless transmissions 11 4.1 Protecting confidentiality of transmissions 11 4.2 Preventing alteration of communications 12 4.3 Reducing DoS attacks 12 4.4 Securing wireless access points 13 4.5 Securing wireless client devices 13 4.6 Securing wireless networks 14 4.7 Training and Educating users 15 4.8 Network auditing 15 5.0 Conclusion 16 Figure 1: wireless network components 8 Network Security and Control Mechanisms - Threats and Challenges 1.0 Introduction In the present world, data is a very valuable asset used by both individuals and organizations. It is stored in a database to make it easy to retrieve and maintain. It is then exchanged over wireless networks for ease of use within an organization. It is essential to secure data as attacks could prove detrimental to the organization or individual owning it. There are several database security layers such as database administration, system administration, security office, developers and employees. Security can be breached at any of these layers by an attacker (Lail 23). Database security is becoming more challenging because the data concerns are evolving and amounts of data that is highly valuable are increasing by day. The internet has resulted in disintermediation of the access of data, which together with the democratization of computing has resulted in requirements for data access anywhere, anytime and anyhow, making its own contribution to the increase of data security concerns. New computing paradigms as well as applications such as grid based computing and on-demand business are coming up together with security policies such as access control policies that are becoming complex with time (Lail 23). Classical security concerns for data are such as confidentiality which deals with availability of data only to subjects, who are authorized, integrity dealing with the ability to modify data by subjects who are authorized only and finally, availability that is all about the ability to retrieve the data whenever it is needed regardless of time (Basar 15). Other data concerns are like the quality and completeness of data. It deals with questions such as, is the data correct and complete with respect to the outside world? Is it up-to-date? How does an organization make sure that users receive all the information that they are entitled to access? How does one show evidence of compliance with respect to policies that deal with data release? Another concern is the provenance of data, ownership and IPR. Questions of the sources of the data and whether or not the data has been modified while being copied are important to put to consideration. Other questions are such as how the data enforces ownership and protection IPR. Large volumes of data are considered too. It is paramount to establish whether the estimated amount of information which is growing very first can be able to fit. An attacker can be categorized into: Intruder – an unauthorized user who illegally accesses a system to obtain valuable information. Insider – belongs to the group of trusted users but makes abuse of his privileges and tries to get information beyond his access rights. Administrator – has privileges to administer a computer system but will illegally use these privileges to spy on other people’s behavior and get information that is valuable. An attacker can carry out a direct attack (attacks the target directly) or an indirect attack (not directly executed on the target but information of/ from the target can be retrieved through intermediates). The indirect attack is often very difficult to track as it combines queries with the intent of cheating the security mechanisms (Lail 23). The attacker can execute their attack either passively or actively. In a passive attack, he observes the data in a database and may use static leakage (information can be obtained by observing the snapshot of the database at a specific time), linkage leakage (information obtained by linking the database values to their positions in index) or dynamic leakage whereby changes performed in the database over time can be observed, analyzed and information obtained. In an active attack, the actual database values are modified. Active attacks present more problems than passive attacks as they can mislead the user. For example, a user can get wrong information as a result of a query (Lail 23). Active attacks can be performed by spoofing (the cipher text value is replaced with a generated value), splicing (a cipher text value is replaced with a different cipher text value) and replay (a kind of attack where the cipher text value is replaced with an old version of it). Databases are preferred targets by attackers because of the data that they contain and their volume. However, if an organization designs their security policies, they have to put in mind that wireless networks they use to exchange this data otherwise their efforts are in vain. The advantages of wireless networking are many such as improving productivity due to increased accessibility to information resources, making network configuration and reconfiguration easier, faster and cheaper and many others. It however creates new threats and alters the existing information security risk profile. For instance, since communication takes place ‘through the air’ using radio frequencies, the risk of being intercepted is greater than with wired networks [1]. If the message is unencrypted or the encryption algorithm is weak, the attacker can be able to read it and compromise confidentiality. Wireless networking alters the risks associated with several threats to security but the overall security objectives remain the same as those of wired networks, that is, preserving confidentiality, ensuring integrity and the maintenance of the availability of the information and information systems (Lail 23). The paper offers assistance to managers in an understanding of the threats associated with wireless networks as well as the counter measures. The popularity of wireless networks is primarily a proof to their convenience, cost, efficiency and ease of integration with other network components. Majority of computers that are sold to computers today come pre-equipped with the necessary wireless network technology. Their benefits include convenience, mobility, productivity, development, cost and expandability. Wireless network technology while rich with conveniences and advantages as described, it has its share of downfalls. For a certain networking situation, wireless networks may not be desirable due to a number of reasons. Most of these have a lot to do with the limitations that are within the technology. The disadvantages of wireless networks are such as security, range, reliability and speed. They present a number of issues for managers such as unauthorized access points, broadcasted SSIDs, unknown stations and spoofed MAC addresses among others. Most network analysis vendors offer WLAN troubleshooting tools and functionalities in their product line to address most of these problems. 2.0 Components of a wireless network Wireless networks consist four basic components: the data transmission with the use of radio frequencies, the access points that offer a connection to the organizations network and/or the client devices such as laptops and PDAs, and the user, as illustrated in the Figure 1 diagram below. Each of the components provides an avenue for attack that can result in compromising confidentiality, integrity and availability. Figure 1: wireless network components 3.0 Wireless network attacks 3.1 Accidental association Unauthorized access to a company’s wireless network and wired networks can come from different sources with different intents. Accidental association refers to a situation whereby a user turns on a computer and it latches onto a wireless access point from a neighboring overlapping network perhaps even without the user’s knowledge. It is a security breach in that a company’s information is exposed and could risk it. 3.2 Malicious association This occurs whenever a wireless device can be actively made by a cracker to connect to a company network through cracking their laptops instead of the company’s access point (AP). Laptops created when a cracker runs software that makes it appear as a legitimate access point is referred to as a ‘soft AP’. Once a hacker gains access, they can be able to steal passwords and launch attacks on the wireless network or even plant Trojans. As wireless networks operate on layer 2 level protections, layer 3 protections such as network authentication and virtual private networks (VPNs) offer no barriers. Wireless 802.1x authentications could help with protection but are still vulnerable to cracking [6]. The idea behind this kind of attack may not be breaking into the VPN or other security measures, but most likely to take over the client at the layer 2 level. 3.3 Ad-hoc networks These can pose a security threat. They are peer to peer networks that are between wireless computers and have no access point between them. Whereas they have little protection, encryption methods can be used to offer security (Basar 15). 3.4 Non-traditional networks They are such as personal networks. Bluetooth devices are not safe from cracking and ought to be considered as a security risk. Barcode readers, handheld ODAs and wireless printers ought to be secured. These non-traditional networks may be easily overlooked by IT personnel as they base their major focus on laptops and access points (Lail 23). 3.5 Identity theft (MAC spoofing) Identity theft is when a cracker can be able to listen in on network traffic and be able to identify the MAC address of a computer that has network privileges. Most wireless systems allow different kinds of MAC filtering to allow only authorized computers that have specified MAC IDs to gain access and to utilize the network. However, there are programs that have ‘sniffing’ capabilities. When these are combined with other software, they allow a computer to pretend to have another MAC address of the crackers choice. The cracker can easily get around this spoofing. 3.6 Man-in-the-middle attacks This kind of attacker forces the computer to log in to a computer that is set up as a soft AP. After this has been done, the hacker is able to connect to the real access point through another wireless card thereby offering a steady flow of traffic through transparent hacking of the computer to the real network. The hacker can then sniff the traffic. One type of this attack relies on security faults in challenge and handshake protocols to be able to execute a ‘de-authentication attack’ forcing the AP connected to computers to drop the connections and reconnect with the cracker’s soft AP. These attacks are enhanced by software such as AirJack which automate many steps of the process. Hotspots are particularly vulnerable to any attack as there is little or no security on most. 3.7 Denial of service This attack occurs when an attacker continually bombards a target AP on network with invalid requests, premature successful connection messages and/or failure messages among other commands. These cause legitimate users to be unable to get on the network and could even cause the network to crush. These attacks usually rely on the abuse of protocols such as the EAP (Extensible Authentication Protocol). 3.8 Network injection In this kind of attack, a cracker can make use of exposed access points (to non-filtered traffic) specifically a broadcasting network for example ‘spanning tree’ (802.1D). The cracker injects bogus networking re-configuration commands which have an effect on routers, switches and intelligent hubs (Basar 15). This can bring down a whole network and raise a need for rebooting or reprogramming of all devices affected. 3.9 Caffe Latte Attack It is another way through which WEP can be defeated. The attacker does not necessarily need to be in the area of the network to launch this kind of attack. They could use a process that targets the Windows wireless stack if possible to obtain the WEP key from a remote client. They can do so by sending a flood of encrypted ARP requests and then taking advantage of the shared key authentication and message modification flaws in 802.11 WEP. The attacker can be able to use ARP responses to obtain the WEP key in less than 6 minutes. 4.0 How to secure wireless transmissions How do you ensure the privacy of data communications? This is a major question that needs to be addressed. Privacy is a very broad concept encompassing several definitions. For the individual, it involves the ability to control how confidential information spreads such as health, employment, and credit records. In the business world, privacy could involve trade secrets, proprietary information concerning products and processes, competitive analyses, together with marketing and sales plans (Lail 23). For the government, privacy involves such issues like the ability to collect and analyze demographic information, whereas protecting the confidentiality of millions of individual citizens. It also involves the ability for keeping secrets that affect the countrys interests. Wireless communications create three basic threats: interception, alteration and disruption. 4.1 Protecting confidentiality of transmissions Two types of countermeasures can be applied in order to reduce the risk of eaves dropping on wireless transmissions. The first involves making it even more difficult to locate and intercept wireless signals. It involves the use of signal-hiding techniques. In order to be able to intercept transmissions, attackers need to identify and locate the networks first. In order to ensure that this is hard to do, organizations can turn off the service set identifier (SSID) broadcasting through wireless access points, they can also assign cryptic names to them; they can reduce signal strength to the lowest levels that are still able to provide requisite coverage. They can also locate wireless access points in the interior of the building, away from walls and windows. These are the least costly and easiest measures to put in place. More effectively, the organization could employ the use of directional antennas that constrain emanations within the areas that are desired, or using signal emanation shielding techniques to block the emanation of these signals. These methods however even though are much more effective, they are also more costly. The second method involves the use of encryption to preserve the confidentiality of the information even if the wireless signal is intercepted. It involves the use of encryption. It has been found to be the best method of protecting confidentiality. Networks usually encrypt all their wireless traffic. This is especially important for organizations that are subject to regulations. 4.2 Preventing alteration of communications Interception and alteration of transmissions represents a form of ‘man-in-the middle’ attack. This can be done by using two types of countermeasures, that is, the use of strong encryption and strong authentication of the devices and users. 4.3 Reducing DoS attacks Organizations can conduct careful site surveys in order to identify the locations where signals from other devices exist. They can use the results of the surveys to decide where to locate their wireless access points. Regular audits that are periodically conducted would also be important in the identification of problem areas. Appropriate remedial activity actions could include the removal of the offending devices or measures that raise signal strength and coverage within the problem area. 4.4 Securing wireless access points Insecure, poorly configured wireless access points can compromise the confidentiality for example by allowing unauthorized access to the network. Organizations can reduce the risks for unauthorized access by: eliminating rogue access points, configuring all authorized access points properly and using 802.1x to authenticate all devices. 802.1x is the best method to eliminate the threat of rogue access points on wired networks (Basar 15). It authenticates all devices that are plugged into the network preventing any unauthorized devices from connecting to the network. Organizations should also realize the need to ensure that all authorized wireless access points are configured securely. They can change all the default settings because they are usually well known and highly exploited by attackers. For all devices attempting to connect to the network strong authentication can be helpful in preventing rogue access points and other devices that are not authorized and may be coming from insecure backdoors. The 802.1x protocol provides a means for strong authentication before assigning then IP addresses. 4.5 Securing wireless client devices Wireless client devices are threatened, mostly by loss or theft or compromise. Loss of laptops and PDAs is a big problem as they often store proprietary information. Their loss may cause an organization to be in violation of privacy regulations that involve disclosure of personal information especially that which has been collected from third parties (Basar 15). Another threat is that they can face is compromise of the information by an attacker, or even enabling them to obtain unauthorized access to other system resources. 4.6 Securing wireless networks Use of encryption is the most effective way to secure a wireless network from intruders. Most wireless routers, access points and base stations have built in encryption mechanism. If a router does not have, then organizations could be advised to get one that has. Other wireless routers are usually delivered with the encryption feature turned off and one needs to turn it on. The use of anti-viruses, antispyware and firewalls is another way to ensure that a wireless network is secure. They must be installed and kept up to date. The firewall, if turned off should be turned on. Another way to secure them is by turning off identifier broadcasting. Most wireless routers have a mechanism that sends out a signal to any device in the vicinity to announce its presence. This information need not be broadcast as hackers can use this broadcasting to home in on vulnerable wireless networks. Disabling this provision is thus advised (Lail 23). Changing the identifier on the router from the default can also be applied as a security measure. The identifier for the router is usually likely to be a standard default ID that is assigned by the manufacturer to all the people that have that hardware model. Even if a router is not broadcasting its identifier, hackers may know the default IDs and can use them to try to access ones network. It is important to change the identifier to something that only few people in the organization know and configure the same to the wireless router and the computer. The password should be at least 10 characters long. It is paramount also to change their router’s pre-set password for administration. The manufacturers of the wireless routers usually assign a standard default password that allows one to set up and operate the router. Hackers know most of these default passwords and so changing is important (Basar 15). The organization should also limit the computers that access the wireless network. Every computer that is able to communicate within a network is usually assigned a unique Media Access Control (MAC) address. Routers usually have a mechanism to allow only those devices with particular MAC addresses. Some hackers may have mimicked these addresses and so it is not advisable to use this alone. Whenever the wireless network is not in use, it needs to be turned off. Hackers cannot access a router when it is shut down. Shutting the router off limits the amount of time susceptible to a hack. It is also important that public hotspots are not assumed to be secure. Many cafes, hotels, airports and other public establishments that offer wireless networks to their customers for use may be highly risky. 4.7 Training and Educating users As is the case with wired security, users are key to wireless networking security. It is important to have them trained and especially on secure wireless behavior. To be effective, user training and education should be carried out periodically. 4.8 Network auditing Wireless network auditing is an important part of network security policy. The network needs to be regularly audited for rogue hardware. The network is usually scanned and mapped for all access points and nodes. This is then compared to previous network maps. Commonly available network mapping tools can be utilized in this auditing process. Specialized tools such as Airsnort may be used for WEP cracking and auditing the network to check for weak keys, re use of keys and WEP security settings. These methods could include the same methods that are carried out by hackers to break into the network. After the threat vendors are considered, organizations rely on the listed controls to be able to accomplish in depth defense as a part of the security architecture. The security controls can be classified into three categories, that is, administrative, technical and physical. Administrative controls are majorly policies and procedures, technical are about controls which involve electronics, hardware, software and others as such while physical controls concern mechanical ones. Examples of administrative controls are such as security awareness training, policies and standards, audits and tests, good hiring practices and background checks of contractors and employees. If an organization has strict hiring practices that require for instance drug testing and background checks, employees with questionable character will likely be fewer. Although these controls cannot single handedly solve security issues, they are an important part of an information security program. Technical controls are such as firewalls, intrusion prevention systems, VPN, routers with ACLs and biometric authentication devices. Physical controls while trying to secure an environment are important to complement administrative and technical controls. Examples are such as security guards, locks, positive air-flow systems and racks. 5.0 Conclusion Wireless networking provides many opportunities to raise productivity and cut costs. It also changes an organization’s overall computer security risk profile. It is not possible to eliminate all risks associated with wireless networks but it is possible to achieve a reasonable level of overall security through an approach that assesses and manages risk (Lail 23). Providing recommendations can many times offer a false sense of security because threats are often difficult to anticipate, and may exploit serious vulnerabilities. Ultimately, the proper implementation and the management of security controls coupled with the best practices for wireless access restrictions are usually intended to mitigate risks that are associated with attacks. Most of these attacks are usually against network availability, user confidentiality or even privacy. Securing wireless networks must be treated carefully because of the inherent trust disparity in a wireless network, for instance the access medium may no longer be under a physical operator or administrator (Lail 23). Another reason why security wireless networks must be treated with care is the limitations that exist in 802.11 MAC protections. Wireless mesh networks amplify the challenges because such networks now extend way beyond the physical control of the operator. Easily available open networks provide opportunities for malicious activities that are against unsuspecting and uneducated end-users. Denial of service of the 802.11 wireless media either through the MAC packet injection or any other means remains among the top concerns that are related to wireless networking (Lail 23). However, even with the known vulnerabilities in WEP, wireless networks are most of the times successfully secured with combining WLAN, VPN, firewall intrusion detection controls as well as security controls such as HTTPs for example, the usual defense in depth strategies. Works Cited Anjum, Farooq, and Petros Mouchtaris. Security for Wireless Ad Hoc Networks. Hoboken, N.J: Wiley-Interscience, 2007. Internet resource. Basar, Tamer. Network Security. Cambridge University Press, 2010. Internet resource. Chin, Shiu-Kai, and Susan B. Older. Access Control, Security, and Trust: A Logical Approach. Boca Raton, FL: Chapman & Hall/CRC, 2011. Print. Chirillo, John. Hack Attacks Denied: A Complete Guide to Network Lockdown. New York: Wiley, 2001. Internet resource. Lail, Benjamin M. Broadband Network & Device Security. Berkeley, Calif: McGraw Hill/Osborne, 2002. Print. Pahlavan, Kaveh, and Prashant Krishnamurthy. Principles of Wireless Access and Localization. , 2013. Print. Perez, André. Network Security. Hoboken: Wiley, 2014. Internet resource. Rozenblit, Moshe. Security for Telecommunications Network Management. New York: IEEE Press, 2000. Print. Sood, Aditya, and Richard Enbody. Targeted Cyber Attacks: Multi-staged Attacks Driven by Exploits and Malware. Burlington: Elsevier Science, 2014. Internet resource. Read More