With the development wireless gadgets, there has been the need to ensure that their security is guaranteed. Initially, wireless communication outlined two forms of authentication described by the 802.11 standards. These two forms were the open system association and shared key authentication. Actually, open system authentication was not authentication per se. it was just that open and free for all to access the network resources without any form of verification. Shared key, on the other hand, employed the use of WEP key. This was a shared key hat was used for all platforms connecting wireless networks across different networks. There are disadvantages associated with the use of shared key in authentication process. WEP allowed per packet master key reuse also allowing group use of same PSK and sharing of keys across APs. It lacked proper network authentication to clients and as such allowed vulnerabilities associated with confidentiality and integrity.
Common wireless security concepts
The common concepts in wireless security currently are WEP, VPN, WPA and IDS.
WEP
WEP stands for the Wired Equivalent Protocol. It is the most widely used protocol in the wireless field. It actually was the first protocol established in the security of wireless networks sector. Though this method is widely used in the in wireless industry, it is prone to many problems. The first problem has to do with the fact that the system is based on alphanumeric keys. It becomes easier for a hacker to uncover private and public key by use of hacking methods such as dictionary or brute force approach. Another problem associated with these methods of authentication in wireless security is the length of the keys. The keys used are short in length hence giving a hacker easy time in guessing the possible combinations of the same. Moreover, the same keys are static. It means that the same do not change unless done so manually. Static keys are easier to guess or hack into; however, the server can change dynamic keys frequently. In static key approach offered by the WEP technology, an administrator has to change the keys of every device in each location.
WAPs
Wireless access points are radio devices, which have low frequency and can transmit over short distances. The distances covered by the broad cast could be as short as ten meters or a few blocks away. WAP cards can be used in PCs at home to connect to WAP cable modem, which is cheaply available. There is a disadvantage, however, associated with the WAP. Just like any radio device, the WAP is subject to interferences or attenuation. Buildings or walls can block or reduce the signal receive. Mountains and long distances also affect the same. High-tension electrical signals cannot be forgotten as another source of problem to WAP. The same can jam the signals.
WAP offers the potential of responding to the strongest radio frequency signal. The same, however, can be a disadvantage since any one can eavesdrop on someone’s WAP by just going or moving closer to it and setting its device to default. The most important advantage that WAP allows is the ability to implement dynamic WEP.
Wireless VPNs
VPN stands for Virtual Private Network. Wired VPNs are currently in use in the industry. The advantage that this private network offers is the improved security features. Data can be sent over ten networks by encapsulating them within a specified protocol and sending the same via a TCP/IP protocol (Dhillon 89). VPN offers a good secure platform for dial-up connections. VPNs are however complex to configure and are mostly affected by traffic networks. VPN provide an opportunity to clients working in hotspots to access company’s wireless LAN easily and securely (Moerschel et al., 2006).
IDS (Wireless Intruder Detection Systems)
Wireless Intruder Detection Systems are used to identify or detect intrusions in the system network. They are either sniffer devices or network software applications that analyze gathered data concerning the network in order to identify any potential threat to the system. This can be achieved by studying the expected patterns or methodology of a particular attack and as well identify abnormal network activity. Some IDSs are developed in a way that network rules and policy violations can be identified and reports generated for the administration to use (White 74). Traffic anomalies can also form the basis for anomaly detection in a wireless system by signature analysis. IDSs offer many advantages in the wireless systems therefore the need for its implementation. It is also able to detect spoofing and attack source by triangulating an attacker’s signal source. However, since IDS is new technology there is a worry that the same might affect the normal functioning of WLAN or reduce traffic.
References
Allen, J. (2003). The ultimate guide to system security. Boston: Madison-Wesley.
Dhillon, G. (2007). Information systems security and principles. New York: John Wiley & Sons.
Moerschel, G., Carpenter, T., & Dreger, R. (2006). CWSP certified wireless security professional: Official study guide. New York: McGraw Hill Professional.
Swaminatha, T. M., & Elden, C. R. (2003). Wireless security and privacy: Best practices and design techniques. New York: Addison-Wesley Professional.
