772062, findings are presented in the form of a

772062, 7788921How will the wireless network impact you?UP772062, UP778892Abstract — As technology continues to grow, Wireless local area network (WLAN) has gained more popularity for many reasons. For example, easy to install, reduced costs, scalability and many more. However, besides all the advantages, WLAN has many security threats and everyone should be aware of the potential implication of security vulnerabilities. This is important because if you increase the network security it decreases the chance of network being breached by hackers. This paper aims to portray the impacts of wireless network securities and the existing ways to solve them which will make the user more aware of the security exposures. The research was conducted to explore more about network security and the findings are presented in the form of a report. From the findings it shows that there are not any effective solutions towards networksecurity, however, there are precautions that you can put forth to prevent it from happening. Index Terms DDoS, Distributed Denial of Service, Denial of services, DoS, LAN, Local Area Network, MAN, Metropolitan Area Network, Network security, Passive monitoring, Personal Area Network PAN, Security in wireless network, Unauthorised access, WAN, Wide Area Network. ———————————————— UP778892, E-mail: [email protected], E-mail [email protected]—————————— ?——————————1 INTRODUCTIONWhy is there a demand for effective technology? As agrowing population, everything is done online, therefore the world expects nothing less. The Internet provides the most influential tools in our lives and the importance of them is becoming more evident as we step into the future; in fact, it is impossible to imagine a contemporary society without them. With the rise in wireless networking, it is becoming more popular day by day, as well as leading to increasing number of security vulnerabilities. Although, Wireless local area networks (WLANs) offer huge benefits, however, users are not aware of possible issues such as security weaknesses, radio signal interference, multipath propagation etc. Therefore, there is a need for users to be fully aware of how wireless networks affects them.In this report, we’ll explain the impacts of security vulnerability and ways to solve them as well as explaining in depth on how to combat the implications by exploring secondary research that are available on the internet, books, magazine and articles etc. From the secondary research, we have gathered all the findings and have given our recommendation on securing the network. By doing this we have produced a qualitative report.2 RELATED TO WORK2.1 Background According to (Hope, 2017) a network is a collection of computers, servers, mainframes and network devices that are connected to one another in order to share the data. A wired or wireless network connection can be established. Radio communication is used as a main source of medium for communication in the wireless network. Depending onthe geographic location it will require a different range ofradio frequency for communication. This is shown in the table (below).Type of the applicationRangePersonal Area NetworkAvailable within the reach(PAN)of a personLocal Area Network (LAN)Available within a buildingMetropolitan Area NetworkAvailable within the city(MAN)Wide Area NetworkAvailable worldwide(WAN)2As wireless protocols and technology are constantly changing, this affects how we communicate. The table above shows, the wireless network can be accessed withinthe range of a person or even to worldwide. Therefore there is an increasing need to manage and distribute the information in a secure way. Personal Area Network (PAN) Short-range wireless networks that works over 10 metres. There are 2 types of PAN technologies;1.Cordless products – mouse devices and keyboardsthat use radio or infrared.2.Bluetooth – phones, mobiles, mouse devices,handsets, PCs, printers and keyboards that connectwirelessly within a range of 10 metres.Local Area Network (LAN) LAN is used within the range of a building where a group of computers are connected to the same server, e.g. office network. LAN network can be established using Ethernet or Wi-Fi. Metropolitan Area Network (MAN) MAN will allow to connect the users that are in a region bigger than LAN and smaller than WAN. Wide Area Network (WAN) WAN network spans a large geographic area such as across cities, states and countries. They can be either private to connect parts of a business or they can be more public to connect smaller networks together.2.2 CURRENT PROBLEMS AND THE EXISTING SOLUTIONSNetwork security is introduced to protect access to files on acomputer network against hacking, misuse and unauthorised changes to the system. With this in mind, security vulnerabilities in WLANs fall within the following areas shown in (Figure 1).Figure 1. WLAN security vulnerabilities include; Unauthorised access, Denial-of-Service (DoS) attacks and Passive Monitoring (Geier, 2015). a.Unauthorised accessIf any of the users can connect to a WLAN, they can access anything within the network for example: client device, servers and application (US Patent No. 7702309 B2, 2010) This raises complications as WLAN is not secured which means hacker or hackers can access the vital information ofthe organisation.UP772062, UP778892Figure 2. (Olzak, 2012) General view on how the devices are connected to the network.Figure 2, shows how unauthorised access takes place, the hacker can get connected to the access point (AP) and canbe achieved using the TCP scanner. Once the hacker accessthe TCP port it will then allow them to directly access any valuable information stored in that network e.g. sensitive information. According to (Mazelabs, 2013) unauthorised access can be prevented by ensuring that only the authorised users will gain access to the network. By doing this, the users will have to enter a unique username and a password in order to access the host. As well as the authentication privileges can be implemented in place. This means the admin will be able to set privileges to the users according to the needs and they only be allowed access to a particular area of the network. Another approach to this solution will be to have a centralised database, especially if there is a large number of devices within the network. Centralised database security will allow to establish a remote access and policies through the organisation. b.Denial of service (DoS)An article written by (John M.Bellardo, 2017) established the vulnerabilities on denial services based on 802.11. As a part of this research, they found that there are vulnerabilities among the MAC protocols that can lead to the deauthentication, disassociation and virtual carrier-sense attacks. MAC layer usually has 12-byte address globally, however, the standard802.11 network does not allow users to include any method to verify the self-reported identity. For example, the hackercould spoof other nodes and request various MAC layer, this leads to cause distinct vulnerabilities. WLAN is intensely vulnerable to DoS attack even using the latest security mechanism this is because DoS attack can lead to disabling the wireless local area network. If DoSattack happens on the web applications then it can overload the application which fails to serve the web page meaning that a DoS threat attacks the following services; network bandwidth, server memory, application exception handling the mechanism, CPU usage, hard drive-3Although, DoS and DDoS attack cannot be avoided, there are different approach towards protecting the network against some and to limit the extent of the attack (Lough, 2001). These can include;1.Having firewalls which will keep everything outexcept legal traffic.2.Implementing router filters will lessen the exposureto certain DoS attacks.3.Anti-viral software up to date to prevent the sitebecoming a home for DDoS.4.Install patches to guard against TCP/IP attacks.This will reduce the exposure of the attacks.?Data encryption, so only authorised users canaccess information over the wireless network.?User authentication, which identifies computerstrying to access the network?Secure access for visitors and guests?Control systems, which protect the laptops andother devices that use the network.Figure 3. Attack packets send per second (David Moore,2003)c. Passive monitoringPassive monitoring is a technique that can be used to capturethe data that is passed through the buildings, campuses andcities. Computer criminals such as hackers, can be outside acompany sitting car with a comp ruetceorrding all 802.11transmissions by using a freely available packet sniffer suchas WireShark (Vincent F.Mancuso, 2015). The datarecorded on a computer by the computer criminal (hackers),can retrieve contents of emails and users’ passwords tocompany servers. Therefore, the computer criminal(hackers) can use this information to compromise thecompany’s security. However, (Buddhikot, 2008)demonstrates there are methods of resolving the issues ofpassive monitoring e.g. encryption can be implementedbetween all client devices and the access points. By doingthis, encryption alters the information bits in each framebased on an encryption key. This will ensure that the hackercan’t understand the data that has been captured via passivemonitoring.2.3 LIMITATION ON THE CURRENT SOLUTIONSNetwork security can be put in place to prevent anyunauthorised users accessing the network. However, if thereis a breach in security then the hackers will be able to accessthe network as well as the confidential data. As networks arebecoming a captivating target of cyber-attacks, there is ademand to ensure that the network security is implementedin order to prevent any harm that can cause to the network.DoS attacker can attempt to prevent legitimate users fromaccessing information or services. The attacker can target theuser’s computer and the network of the sites the user is trying touse and prevent it from accessing email, website and onlineaccount etc. Therefore, the limitation of DoS attack is that itwill not enable to use any application.During the passive monitoring, it is only one aspect ofthe network is taken into consideration. This is also alimitation of passive monitoring as it can cause a majordrawback on the methodology as the monitoring tool maybe incorrectly judged which will cause false alarms.3 PROPOSED SOLUTIONAs the wireless network continues to grow, the flawedsecurity of the network has become more problematic. Awireless network means that the radio frequency might becorrupted as it is available to everyone within the network.Thus, precautions must be put in forth to prevent thesevulnerabilities. This can be implemented using a staticshared key as it will offer more secure access withinthe network by ensuring that the client and the Access Point(AP) must know the PSK before disclosing any of theinformation.Another issues with wireless security is authentication, thisinvolves attack against the confidentiality of the data that isbeing transmitted across the network. This happens by theirnature, as WLAN radiates network traffic into space. It isimpossible to control the signal that you receive from theWLAN. Third parties in the WLAN can be seen as a threatdue to the attacker because it can intercept the transmissionover the air from a distance, away from the premiseof the company.Security is so vital to the wireless networking therefore, theseare the security methods to consider for wireless networkincludes:UP772062, UP778892space, database space and database connection pool. Thiscauses a WLAN to slow down the speeds or even stopworking.An example of DoS attack is shown below in figure 3. Thenumber of attacks are non-stoppable as 50,000 packets aresent per/seconds SYN flood yields 20Mbits/seconds of the Internet traffic in each direction.4Denial of service attacks are ever growing but also it’s becoming the complexity and more sophisticated while security methods are still playing catch-up. With every new implementation of an attack. Security needs more time to come up with countermeasure which means that they are always effectively behind. At the moment, there is no certain strategy that fits all approach to prevention going forward. Other available solutions for wireless security are:1.Wi-Fi Protected Access (WPA)2.Wi-Fi Protected Access 2(WPA2)3.Virtual Private Networking (VPN)It is recommended that WPA2 should be used as it provides secure access control, strong data encryption and they protect the network from passive and active attacks. It is the latest method as it uses AES (advantages Encryption Standard) algorithm and CCMP (Counter Cipher Mode with Block-Chaining Message Authentication Code) which can be used to tighten the security for any of the network.4 EVALUATION OF THE SOLUTIONSFigure 4: A model for securing the network.The above diagram shows User 1 sending a message to UserUsing asymmetric/ Public-key Cryptography (PKC) bothsender and the receiver will share the private key (KA-, KB -) and public key (KA+, KB +) and these key are 30 digitsare more.2.Symmetric EncryptionUsing the symmetric means that they agree on a secret (shared) key algorithm. In this case (KAB) both sender and the receiver will share the same private key. This plan text will be then scrambled into cipher text KAB(M). Only the user 2 who has got the private key will be able to read the message read the message after decryption KAB(KAB(M)) = M.5 CONCLUSIONAs the world of computer networks continues to grow there is a strong need to increase the network security mechanism. 68% of the population are now using wireless local area network (WLAN) (Boost, 2017), this is because it offers cheap set-up costs, able to connect multiple devices without the need for extra hardware and it’s not tied down to a specific location. Network security has become one of the most important factors to consider for everyone. By increasing network security, it will decrease the chance of privacy spoofing, identity/information theft and so on (Popescu, 2013). Through this paper, we aimed tomake the users aware of security vulnerabilities of using wireless network such as eavesdropping attack, unauthorised access, DoS attack, passive monitoring attack and many others. Even though there are many possible solutions from a deeper research and analysis it evidences that there are no perfect solutions, as “Allwifi network are vulnerable to hacking security expert discovers” (Hern, 2017). 6 ACKNOWLEDGMENT The authors wish to thank Mo Adda for all the help and support. REFERENCES1Boost. (2017, Febuary 1). 10 WI-FISTATS AND FACTS YOUR COMPANY SHOULDKNOW. Retrieved from Boostansco:https://boostandco.com/news/wi-fi-stats-and-facts/2Buddhikot, M. (2008, Spetember 214-24).Radio Transmitter Fingerprinting: A Steady StateFrequency Domain Approach. Retrieved fromIEEE Xplore:http://ieeexplore.ieee.org/document/4657123/3David Moore, C. S. (2003, December 11).Offline from Denial-of-Service Attack. Retrievedfrom SCO:http://www.caida.org/research/security/sco-dos/4Geier, J. (2015, June 15). Wireless LANimplications, problems and solutions. Retrieved2. The system must encrypt the data or ‘Systematicallyscramble information’ therefore only the authorised userswill have the confidentiality, integrity and availability of themessage. This is achieved using encryption and decryptionmethod. To overcome threads cryptograph devise techniquescan be used such as cipher text, this will allow to scramblethe messages. When the message is received by user 2,crypto-analysts will be used to break cipher texts. There aretwo data encryption categories depending on the type ofsecurities keys used:1. Asymmetric EncryptionUP772062, UP778892from CISCO: http://www.ciscopress.com/articles/article.asp?p=23511315Hern, A. (2017, October 16). ‘All wifi networks’are vulnerable to hacking, security expertdiscovers. Retrieved from The Guardian:https://www.theguardian.com/technology/2017/oct/16/wpa2-wifi-security-vulnerable-hacking-us-government-warns6Hope, C. (2017, May 05). Network. Retrievedfrom ComputerHope:https://www.computerhope.com/jargon/n/network.htm7John M.Bellardo, S. S. (2017, December 19).802.11 Denial-of-Service Attacks: RealVulnerabilities and Practical Solutions. Retrievedfrom Researchgate:https://www.researchgate.net/publication/234818629_80211_Denial-of-Service_Attacks_Real_Vulnerabilities_and_Practical_Solutions8Lough, D. L. (2001, April 12). A Taxonomy ofcomputer attacs with applications to wirelessnetwroks. Retrieved from vTech:https://vtechworks.lib.vt.edu/bitstream/handle/10919/27242/lough.dissertation.pdf;sequence=19Mazelabs. (2013, October 21). Unauthorizedaccess attack. Retrieved from Telelink:http://itsecurity.telelink.com/unauthorized-access-attack/10Olzak, T. (2012, April 18). VLAN NetworkSegmentation and Security- Chapter 5. Retrievedfrom infosecinstitute:http://resources.infosecinstitute.com/vlan-network-chapter-5/#gref11Stefano Faccin, J. K. (2010). US Patent No.7702309 B2.12Vincent F.Mancuso, G. F. (2015, July 10).Augmenting Cyber Defender Performance andWorkload through Sonified Displays. Retrievedfrom ScienceDirect:http://www.sciencedirect.com/science/article/pii/S2351978915005909UP772062, UP778892 5