written 6.2 years ago by |
Wireless LAN’s (WLAN) are LAN’s networked wirelessly using the air interface as the medium of the network. The wireless technology being used is nothing but radio frequency waves. WLAN can run on three different physical media, two based on the spread spectrum and one on diffused infrared.
Most of the industries and businesses are dependent on correct, secure and safe operation of the wireless local area networks. The security of this confidential data is extremely important. If there is an attack on the network, this data can be leaked and unauthorized users or enemies can misuses the data or modify it. There are two types of attacks on computer networks. They are:
Active Attack: Active attacks are attacks where the user data is modified or fraud data is created. It is very difficult to avoid attacks on the computer networks.
The different types of Active attack are:
Unauthorized Access: The attack is not aimed at a particular user, but by doing this, the attacker gains unauthorized access to the whole network. This attack in turn gives rise to more malicious attacks such as MITM, ARP poisoning. Man In The Middle Attacks (MITM): This attack comprises the integrity of messages as they can be read and/or modified by the attacker. The attacker appears to the access point(AP) as the user and to the user as the authentic AP, Hence this fools both the AP and the user and all data is passed through the Attacker Masquerading/spoofing is the technique employed by the attacker to fool the participants of the connection.
Masquerade: A masquerade attack is an attack that uses a fake identity, such as a network identity, to gain unauthorized access to personal computer information through legitimate access identification.
Masquerade attacks may happen in a number of ways. In case of an insider attack, a masquerade attacker gains access to the account of a legitimate user either by stealing the victim's account ID and password, or by using a key logger.
Another common method is by exploiting a legitimate user's laziness and trust. Vulnerable authentication is one of the other factors that can trigger a masquerade attack.
For example, although a unique IP address is assigned to each individual computer, a hacker can convince another system that it is the authorized user through spoofing, essentially convincing the target computer that the hacker's computer has the same IP.
A standard strategy to resist this kind of attack is to create innovative algorithms that can efficiently detect the suspicious actions, which could result in the detection of imposters.
Replay: A replay attack has the same objectives as the Man-in-the-Middle and the session hijacking, but this attack happens offline, rather than in real time. The attacker can capture data of a session and can use it later to exploit the victim’s information.
Denial of Service (DoS): This works well on WLAN and is one of the very famous attacks, to bring down the system. The main aim is to bring down the system so that it doesn’t respond to the users request. This can be done by sending huge traffic at the AP, making it unable to respond.
Modification of messages: In this attack, some part of the message is modified (deleted or added), recorded or delayed so as to produce an unauthorized result.
Session Hijacking: This attack is also attacking the victim indirectly as the MITM attack. Session High jacking involves taking control of the session. The attacker will take control of the session and the victim will think that the session is no longer in operation whatever the cause. Whereas the session will be live and in the hands of the attacker, which he/she can exploit for many purposes. This attack happens in real time and also compromises the integrity aspect.
Passive Attacks:
Passive attacks are attacks where the attacker tries to access the data that is being transmitted over the network. Passive attacks are eavesdropping - easy to perform and almost impossible to detect or snopping during the data is transmitted.
There are two types of Passive attack:
Traffic analysis: The first step to any type of hacking is foot printing and wireless foot printing is done by carrying out traffic analysis. The attackers before mounting an active attack have to obtain sufficient information about the network This operation of traffic analysis gives the attacker some basic information about the network, like, the network activity going on, the protocols being used by the network and also the active access points (AP’s) of the network.
Passive eavesdropping: This attack is very similar to the traffic analysis attack, as this also discloses the information about the network but at the same time the attacker can access and read the message contents.
Release of message content: The attacker can attack the users email or file that is being transmitted. The attacker can then view those secret messages and can misuse them.
The different attacks on wireless networks are:
Service Interruption: In this attack the system resources are destroyed or service to the network is made unavailable by either increasing the load on the service network by making fake requests to connect to the network or by destroying the resources.
Modification: In this attack, the attacker accesses the data of the network and also he can modify the data or destroy the data.
Jamming: In this attack, the network service is interrupted if the traffic is such that it cannot reach the client. The attackers flood the 2.4GHz band, degrading the signal strength.
Fabrication: In this attack, the network authenticity is attacked. The attacker puts obstruction objects in file records. Attacks against encryption: Wired Equivalent Privacy (WEP) is used as an encryption method in IEEE 802.11b standard. It has some drawbacks. The attacker can break the WEP.
Misconfiguration: Some of the access points (APs) have unsecured configuration as they are rapidly deployed. Hence, each access point must be secured otherwise, it can be attacked by unauthorized users.
Interception: For capturing the data in a network, this attack is an attack on the network confidentiality.
Client-to-client attacks: The clients need to protect themselves against attacks similar to wired networks. The service can be interrupted even if IP or MAC addresses of networks are duplicated.
Brute-force attacks against passwords of access points: Usually the wireless users that use an Access point share a single password or key. An attacker or hacker can hack the password by guessing the password. Once the password is known to the attacker, he can access that entire network or even change the password, causing a threat to system security.
Insertion attacks: Insertion attacks occur because of deploying wireless network without implementing security methods or installing unauthorized devices on the network.
Characteristics of a Network System: Confidentiality: This features indicates only the authorized users can access the network system. The access provided will be read-only access to the network system.
Integrity: This feature indicates that only authorized users can insert, delete or modify the network system data in an authorized manner. Integrity is related to error correction and protection of resources.
Availability: This feature indicates that a user can access files (data and services) to which he has access.