Jump to ContentJump to Main Navigation
Show Summary Details
In This Section

Applied Computer Systems

The Journal of Riga Technical University

2 Issues per year

Open Access
Online
ISSN
2255-8691
See all formats and pricing
In This Section

Security Evaluation of Wireless Network Access Points

Rūdolfs Kalniņš
  • Corresponding author
  • Riga State German Grammar School, Riga, Latvia
  • Email:
/ Jānis Puriņš
  • Riga State German Grammar School, Riga, Latvia
  • Email:
/ Gundars Alksnis
  • Department of Applied Computer Science, Riga Technical University, Riga, Latvia
  • Email:
Published Online: 2017-06-13 | DOI: https://doi.org/10.1515/acss-2017-0005

Abstract

The paper focuses on the real-world usage of IEEE 802.11 wireless network encryption and Wi-Fi Protected Setup (WPS) function. A brief history on the development of encryption methods and WPS is given. Wireless scanning of 802.11 networks in a capital city has been performed, and the results of it have been analysed. To ascertain the knowledge about the security of wireless networks of the average user, an online survey has been conducted. To test the security of encryption methods and WPS function, practical attacks against private test wireless networks have been made. The authors conclude that the safest way to set up 802.11 network with a pre-shared key is to use Wi-Fi Protected Access 2 (WPA2) encryption without support for WPS function. Statistics in Riga shows that networks are often configured otherwise and thus vulnerable to attacks. Survey results prove that respondents are not well informed regarding the security of wireless networks.

Keywords: Network security; unauthorised access; wireless networks

References

  • [1] “Internet of Things - Lietiskais internets (IoT),” May 2016. [Online]. Available: https://cert.lv/uploads/Ieteikumi/OUCH-201605_lv.pdf [Accessed: January 25, 2017]. (in Latvian).Google Scholar

  • [2] S. Fluhrer, I. Mantin, and A. Shamir, “Weaknesses in the key scheduling algorithm of RC4” Lecture Notes in Computer Science, pp. 1-24, 2001. https://doi.org/10.1007/3-540-45537-x_1CrossrefGoogle Scholar

  • [3] Wi-Fi Alliance, “Wi-Fi Protected Access: Strong, standards-based, interoperable security for today’s Wi-Fi networks,” White paper, University of Cape Town, 2003. [Online]. Available: http://www.ansvb.com/Docs/Whitepaper_Wi-Fi_Security4-29-03.pdf [Accessed: May 5, 2017].Google Scholar

  • [4] K. Benton, “The evolution of 802.11 wireless security,” Informatics- Spring, 2010. [Online]. Available: http://homes.soic.indiana.edu/ktbenton/research/benton_wireless.pdf [Accessed: January 25, 2017].Google Scholar

  • [5] J. R. Vacca, Computer and Information Security Handbook. Morgan Kaufmann, 2007, pp. 172-173.Google Scholar

  • [6] E. Tews, R.-P. Weinmann, and A. Physkin, “Breaking 104 bit WEP in less than 60 seconds,” in Cryptology ePrint Archive, Report 2007/120 [Online]. Available: Cryptology ePrint Archive http://eprint.iacr.org/2007/120 [Accessed: January 25, 2017].Google Scholar

  • [7] Wi-Fi Alliance [Online]. Available: http://www.wi-fi.org/ [Accessed: May 5, 2017].Google Scholar

  • [8] E. Tews and M. Beck, “Practical attacks against WEP and WPA” in Proceedings of the second ACM conference on Wireless network security - WiSec’09, pp. 79-86, 2009. https://doi.org/10.1145/1514274.1514286CrossrefGoogle Scholar

  • [9] O. Nakhila, A. Attiah, Y. Jinz, and C. Zoux, “Parallel Active Dictionary Attack on WPA2-PSK Wi-Fi Networks,” MILCOM 2015 - 2015 IEEE Military Communications Conference, October 26-28, 2015, Tampa, FL, USA. https://doi.org/10.1109/milcom.2015.7357520CrossrefGoogle Scholar

  • [10] Wi-Fi Alliance. “Product finder” [Online]. Available: http://www.wifi.org/product-finderresults?sort_by=default&sort_order=desc&certifications=39 [Accessed: January 25, 2017].Google Scholar

  • [11] S. Viehböck, “Brute forcing Wi-Fi Protected Setup” [Online]. Available: https://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf [Accessed: January 25, 2017].Google Scholar

  • [12] “DSS ITSEC 2016: Cyber, Connected Things and Insecurity: The Largest Cyber Security Event in Baltics,” 2016. [Online]. Available: https://www.dssitsec.eu/ [Accessed: May 5, 2017].Google Scholar

  • [13] “WIFI pētījums. Atvērto bezvadu tīklu drošības riski - Wi-Fi research. Security risks of open wireless networks,” Oct. 27, 2015. [Online] Available: https://blogs.squalio.com/2015/10/27/wifi-petijums-atvertobezvadu-tiklu-drosibas-riski/ [Accessed: January 25, 2017]. (in Latvian).Google Scholar

  • [14] “Lattelecom vēsture - History of Lattelecom” [Online]. Available: https://www.lattelecom.lv/par-lattelecom/par-mums/vesture [Accessed: January 25, 2017]. (in Latvian).Google Scholar

  • [15] “Wardrive in Berlin” [Online]. Available: http://www.gehaxelt.in/blog/wardrive-in-berlin/ [Accessed: May 5, 2017]. (in German).Google Scholar

  • [16] S. Helme, “WiFi (in)Security - Is your network on the map and is it secure?” [Online]. Available: https://scotthelme.co.uk/wifi-insecuritywifi-map/ [Accessed: May 5, 2017].Google Scholar

  • [17] A. Gostev and R. Schouwenberg. “War-driving in Germany - CeBIT2006” [Online]. Available: https://securelist.com/analysis/36076/war-driving-in-germanycebit2006/ [Accessed: May 5, 2017].Google Scholar

  • [18] “Where to find us” [Online]. Available: http://coffee-inn.lv/#find [Accessed: January 25, 2017].Google Scholar

  • [19] “Map of Lattelecom Wi-Fi” [Online]. Available: https://wifi.1188.lv/ [Accessed: January 25, 2017]. (in Latvian).Google Scholar

  • [20] “WiGLE Statistics” [Online]. Available: https://wigle.net/stats [Accessed: January 28, 2017].Google Scholar

  • [21] “DistroWatch: Kali Linux” [Online]. Available: https://distrowatch.com/table.php?distribution=kali [Accessed: May 5, 2017].Google Scholar

  • [22] “Airodump-ng documentation” [Online]. Available: https://www.aircrack-ng.org/doku.php?id=airodump-ng [Accessed: January 25, 2017].Google Scholar

  • [23] “Aircrack-ng documentation” [Online]. Available: https://www.aircrackng.org/doku.php?id=aircrack-ng [Accessed: January 25, 2017].Google Scholar

  • [24] IEEE Standarts Association, “IEEE 802.11i-2004: Medium Access Control (MAC) Security Enhancements” [Online]. Available: http://standards.ieee.org/getieee802/download/802.11i-2004.pdf [Accessed: May 5, 2017].Google Scholar

  • [25] A. Tsitroulis, D. Lampoudis, and E. Tsekleves, “Exposing WPA2 security protocol vulnerabilities,” International Journal of Information and Computer Security, vol.6, no.1, pp. 93-107, 2014. https://doi.org/10.1504/ijics.2014.059797CrossrefGoogle Scholar

  • [26] “Brute-Force WPA/WPA2 via GPU” [Online]. Available: https://nullbyte.wonderhowto.com/how-to/brute-force-wpa-wpa2-via-gpu-0170474/ [Accessed: May 5, 2017].Google Scholar

  • [27] “FLUXION” [Online]. Available: https://github.com/wi-fianalyzer/fluxion [Accessed: May 5, 2017].Google Scholar

About the article

Published Online: 2017-06-13

Published in Print: 2017-05-24


Citation Information: Applied Computer Systems, ISSN (Online) 2255-8691, DOI: https://doi.org/10.1515/acss-2017-0005.

Export Citation

© Riga Technical University. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License. BY-NC-ND 4.0

Comments (0)

Please log in or register to comment.
Log in