security risk of wireless networks is the higher than wired networks: oChannel: Wireless uses broadcast communications •more susceptible to eavesdropping and jamming. •more vulnerable to active attacks that exploit vulnerabilities in communications protocols. o Mobility: •far more portable and mobile => larger number of risks oResources: some devices have sophisticated Oss but limited memory and processing resources with which to counter threats •More denial of service and malw are. oAccessibility: Some wireless devices, such as sensors and robots, may be left unattended in remote and/or hostile locations. •This greatly increases their vulnerability to physical attacks. The transmission medium, which carries the radio waves for data transfer, is also a source of vulnerability
Trang 1
Lecturer: Nguyễn Thị Thanh Vân – FIT - HCMUTE
1
Wireless security
Mobile device security
IEEE 802.11i Wireless LAN Security
Wireless Application Protocol Overview
Wireless Transport Layer Security
Trang 2 security risk of wireless networks is the higher than wired
networks:
o Channel: Wireless uses broadcast communications
• more susceptible to eavesdropping and jamming
• more vulnerable to active attacks that exploit vulnerabilities in
communications protocols.
o Mobility:
• far more portable and mobile => larger number of risks
o Resources: some devices have sophisticated Oss but limited
memory and processing resources with which to counter threats
• More denial of service and malw are.
o Accessibility: Some wireless devices, such as sensors and robots,
may be left unattended in remote and/or hostile locations
• This greatly increases their vulnerability to physical attacks.
The transmission medium, which carries the radio waves for data
transfer, is also a source of vulnerability
3
Accidental association
o create overlapping transmission ranges => exposes resources of one LAN to the
accidental user.
Malicious association:
o steal passw ords from legitimate users and then penetrate a w ired netw ork through a
legitimate w ireless access point.
Ad hoc networks:
o pose a security threat due to a lack of a central point of control
Nontraditional networks:
o pose a seecurity risk both in terms of eavesdropping and spoofing.
Identity theft (MAC spoofing):
o eavesdrop on netw ork traffic and identify the MAC address of a computer w ith netw ork
privileges.
Man-in-the middle attacks:
o persuading a user and an access point to believe that attackers are talking to each other
Denial of service (DoS):
o attacker continually bombards a w ireless access w ith various protocol.
Network injection:
o nonfiltered netw ork traffic, such as routing protocol messages or netw ork management
Trang 3 Securing Wireless Transmissions (eavesdropping,
altering or inserting messages, and disruption)
o Signal-hiding technique (against eavesdropping)
• turning off service set identifier (SSID)
• assigning cryptic names to SSIDs;
• reducing signal strength to the lowest level that still provides
requisite coverage;
• locating wireless access points in the interior of the building, away
from windows and exterior walls
• use of directional antennas and of signal-shielding techniques
o Encryption: Encryption of all wireless transmission, the
encryption keys are secured
5
o the IEEE 802.1X standard for port-based network access control
• an authentication mechanism for devices
• prevent rogue access points and other unauthorized devices from
becoming insecure backdoors
o Use encryption Wireless routers are typically equipped with
built-in encryption mechanisms for router-to-router traffic
Trang 4 Mobile computers:
– Mainly smartphones, tablets
o Sensors: GPS, camera,
accelerometer, etc
o Computation: powerful CPUs
(≥ 1 GHz, multi-core)
o Communication: cellular/4G,
Wi-Fi, near field
communication (NFC), etc
Many connect to cellular
networks: billing system
Cisco: 7 billion mobile
devices will have been
sold by 2012 [1]
Organization
Mobile devices make attractive targets:
o People store much personal info on them: email,
calendars, contacts, pictures, etc.
o Sensitive organizational info too…
o Can fit in pockets, easily lost/stolen
o Built-in billing system: SMS/MMS (mobile
operator), in-app purchases (credit card), etc.
• Many new devices have near field communications
(NFC), used for contactless payments, etc.
• Your device becomes your credit card
– Location privacy issues
NFC-based billing system vulnerabilities
Trang 5The Wi-Fi Alliance
IEEE 802 Protocol Architecture
IEEE 802.11 Network Components and
Architectural Model
IEEE 802.11 Services
Trang 6 The Wi-Fi Alliance has developed certification
procedures for IEEE 802.11 security standards,
o 802.11 privacy
o set of security mechanisms that reduces most 802.11 security
issues
o based on the current state of the 802.11i standard
o final form of the 802.11i standard
o Wi-Fi Alliance certifies vendors in compliance with the full
802.11i specification under WPA2
11
12
Flow control Error control
Assemble data into frame Addressing
Error detection Medium access
En/decoding of signals Bit transmission/reception Transmission medium
Reliable data delivery
Wireless access
control protocols
Frequency band
definition
Wireless signal
encoding
Specific IEEE 802.11
functions
General IEEE 802 functions
Trang 7 MPDU - MAC protocol data unit
13
The data from the next higher layer
IEEE 802.11 Extended Service Set
Trang 8IEEE 802.11i Phases of Operation
Discovery Phase
Authentication Phase
Key Management Phase
Protected Data Transfer Phase
The IEEE 802.11i Pseudorandom Function
16
Trang 917
Trang 10An AP uses messages called Beacons
and Probe Responses to advertise
the STA and AS prove their identities to
each other
The AP and the STA perform several
operations that cause cryptographic keys
Frames are exchanged betw een the STA and the end station through the AP The AP and STA exchange frames
Trang 11 authentication phase consists of three phases:
o connect to AS
• the STA sends a request to its AP that it has an association with for
connection to the AS;
• the AP acknowledges this request and sends an access request to
the AS
o EAP exchange
• authenticates the STA and AS to each other
Trang 12used for communication
between a pair of devices
(STA and AP)
communication
o 1 STA sends MPDUs to n STAs
o Group master key (GMK): At the top
o Group temporal key (GTK):
• is generated using material from both
AP and STA
• is distributed securely using the
pairwise keys that are already
established
• is changed every time a device leaves
the network
24
Trang 13 Data integrity: Uses message authentication to ensure
that data sent between the client and the gateway are
not modified.
Privacy: Uses encryption to ensure that the data cannot
be read by a third party.
Authentication: Uses digital certificates to authenticate
Trang 14- takes user data from the next higher layer
- encapsulates these data in a PDU:
User Data -> Compress -> Add MAC ->
Encrypt -> Append WTLS Record Header
- authenticate: server & client
- negotiate an encryption and MAC
algorithms and cryptographic keys
- convey WTLS-related alerts to the peer entity
- are compressed and encrypted, as specified
by the current state
- specifies the encryption algorithm, the hash
algorithm used as part of HMAC, and
cryptographic attributes
30
Trang 15 Mobile device: establishes a secure WTLS session with the WAP gateway
WAP gateway: establishes a secure SSL or TLS session with the Web server
o Within the gateway, data are not encry pted during the translation process
o The gateway is thus a point at which the data may be compromised.
approaches to providing end-to-end security
o TLS-based security
o IPSec-based security
31
Trang 16 Access control attacks: attempt topenetrate a netw ork by using w ireless or evading
WLAN access control measures
o War Driv ing
o Rogue Access Points
o Ad Hoc Associations
o MAC Spoof ing
o 802.1X RADIUS Cracking
Confidentiality attacks: attempt to intercept private information sent over w ireless
associations, w hether sent in the clear or encrypted by 802.11 or higher layer protocols
o Eav esdropping
o WEP Key Cracking
o Ev il Twin AP
o AP Phishing
o Man in the Middle
Integrity attacks: send forged control, management or data frames over w ireless to
mislead the recipient or facilitate another type of attack (e.g., DoS).
o 802.11 Frame Injection, 802.11 Data Replay
o 802.1X EAP Replay, 802.1X RADIUS Replay, 802.1X EAP Length Attacks
34
http://searchsecurity.techtarget.com/feature/A-list-of-wireless-network-attacks
Trang 17http://searchsecurity.techtarget.com/feature/A-list-of-wireless-network-attacks
Authentication attacks: use these attacks to steal legitimate user
identities and credentials to access otherwise private networks and
services
o Shared Key Guessing
o PSK Cracking
o Application Login Thef t
o Domain Login Cracking
o VPN Login Cracking
o 802.1X Identity Thef t, Password Guessing, LEAP Cracking, EAP Downgrade
Availability attacks: impede delivery of wireless services to legitimate
users, either by denying them access to WLAN resources or by crippling
those resources
o AP Thef t
o Queensland DoS
o 802.11 Beacon Flood, Associate / Authenticate Flood, TKIP MIC Exploit, Deauthenticate Flood
o 802.1X: EAP-Start Flood, EAP-Failure, EAP-of -Death, EAP Length Attacks
o Use tools to excute at least 2 attacks
o
http://searchsecurity.techtarget.com/feature/A-list-of-wireless-network-attacks
Trang 18 IEEE 802.11i
o IEEE 802.11i Services
o IEEE 802.11i Phases of Operation
o Discovery Phase
o Authentication Phase
o Protected Data Transfer Phase
o Attack types
wireless security
overview
o wireless network threats
o wireless security measure
o IEEE 802.11 wireless LAN
overview
o Wi-Fi alliance
o IEEE 802 protocol
architecture
o IEEE 802.11 network
components and
architectural model
o IEEE 802.11 services