Wireless Local Area Networks WLANs Security Computer Science Essay

This thesis surveies the security missions of radio LANs ( WLANs ) , from its exposure every bit good as alternate solutions. The suggested research program includes experiments on analyzing security and achievement facets of each of the alternate solutions. Appendix A contains accretion proficient appellations, which are referred on radio LANs and referred engineering, and their several definitions.

The remainder of the proposal is composed of the undermentioned subdivisions:

An debut in a WLAN ( this subdivision ) : Kinds of WLANs, of criterions and of security features

Definition of the research job

Propose the Alternative solutions to the job such as IEEE 802.1x, VPN ( practical private web ) , LEAP ( Lightweight Extensible Authentication Protocol ) , and SSL ( Secure Socket Layer ) .

Apparatus of the trial beds and constellation of the experiments

Research program and timelines

1.1 WIRELESS LOCAL AREA NETWORKS ( WLANS ) :

A radio LAN ( WLAN ) is correspondent to a wired LAN but wireless moving ridges being the conveyance medium alternatively of traditional wired constructions. This allows the users to travel about in a limited country while being still connected to the web. Therefore, WLANS combine informations connectivity with user mobility, and, through simplified constellation, enable movable LANs [ WLANA Resource Center, 1999 ] .

Due to the flexibleness WLAN is popular in recent old ages in LAN environment. It provides solution for place and office mechanization. It ‘s typical communicating scope is individual edifice or a bunch of edifices i.e. , 100-1500 metres ( Mohammad Illyas, 2003 ) .

WLAN should guarantee the same demands that are the characteristic of any LAN, that are capacity, full connectivity among affiliated Stationss and broadcast capableness should be maintain. For accomplishing these features wireless design faces some issues that are transmission medium security, power ingestion, bandwidth restriction of air interface and bandwidth ( Theodore S. Rappaport, Wireless Communications, Principles and Practice, Prentice Hall, 1996. W. Stallings, Wireless Communications & A ; Networks ) .

There are two different attacks are used to implement radio LAN

Infrastructure based

Ad hoc networking Approach

In substructure based there is a centralised control for each cell ( Access Point ) which is connected with the wired web to supply internet entree to mobile devices, nevertheless Ad hoc networking is a equal to peer web which is formed by the figure of station which are in scope connect through each other through automatic constellation and put up a impermanent web. There is no fixed accountant ; accountant is selected among the devices which are taking portion in communicating. If the devices do non necessitate entree to the web resources they make a web without entree point. Examples of these types of webs are conference room web, fire combatants web, Army force web. Typical radio LAN executions include 802.11 ( Wi-Fi ) and Hiperlan2. Under 802.11a and 802.11b, informations can make transmittal velocities between 11 Mbps to 54 Mbps ( L. Goldberg, ( 1995 ) , ( D. L. Lough, Tutorial on Wireless LANs and IEEE 802. 11, “ Virginia Polytechnic Institute and State University.

By and large a WLAN ( in manner of substructure, to see below ) is composed of a cardinal point of connexion called the entree point ( AP ) . It is similar to a hub or a switch in traditional star topology based wired local country webs. The entree point transmits the information between assorted nodes of a wireless local country web and is utile in the bulk of the instances of merely nexus between the WLAN and the wired LAN. A typical entree point can manage a beautiful measure of users in a beam of about 300 pess. The nodes without wire, besides called the clients of a WLAN are normally composed of the GCV of office computing machine, the portable computing machines or PDAs equipped with wireless interface cards ( Randall K. Nichols, Panos C. Lekkas, 2001 ) .

1.2- Types of Wireless Networks:

Harmonizing to the 802.11 criterion ( John Vollbrecht, 2001 ) describe following three types of radio webs.

1.2.1 Independent Basic Service Set ( IBSS ) :

IBSS ( normally referred to as Ad Hoc Network ) is logically comparable to a Peer-to-Peer web in instance of a wired LAN as shown in Fig.1. In instance of IBSS different terminal nodes communicate without any Access Point and therefore without any connexion to a wired web. It is used to rapidly put up a radio web ( to avoid the concealed node job[ 1 ]) such as for a group meeting or at a convention Centre or at an airdrome, etc.

IBSS ( by and large indicated under the name of ad hoc web ) is logically comparable with a web of Par-with-Par in the event of wired LAN as shown in figure 1. In the event of different terminal nodes of IBSS communicate without any entree point and therefore without any connexion to a radio web. It is employed to rapidly set up a web without wire ( in order to avoid the node hidden job ) as for a meeting of group or in a Centre of convention or an airdrome, etc.

AP

Fig.1 Ad-hoc Mode[ 2 ]

Fig.2 Infrastructure Mode

1.2.2 Basic Service Set ( BSS ) : BSS ( by and large indicated under the name of a web of substructure ) is composed of merely one entree point harmonizing to the figure 2. Any communicating between two unspecified nodes must go through by entree point ( AP ) . The sector of insurance is increased well compared to an IBSS.

1.2.3 Drawn-out Service Set ( ESS ) :

An ESS consists of multiple BSSs each holding a individual Access Point. Access Point in each BSS is connected to a distribution system that is normally a Wired Ethernet Network.

Fig.3 Extended Service Set ( ESS )

1.3- Wireless Networking Standards

Harmonizing to WLANA Resource Center ( April 17 2002 ) , Institute of Electrical and Electronics Engineers ( IEEE ) has specified assorted WLAN criterions such as 802.11, 802.11a, 802.11b, and 802.11g. Some of import criterions in the context of this thesis are summarized below in Table

Standard

Description

Approved

IEEE 802.11

Datas rates up to 2Mbps in 2.4-GHz ISM set, Coverage ( m ) 40 to 400, Mobility Roaming between APs by nomadic Internet

Protocol ( IP ) devices, Security 128-bit WEP

July 1997

IEEE 802.11a

Datas rates up to 54Mbps in 5-GHz UNII set, Coverage ( m ) & lt ; 100

Mobility Roaming between APs by nomadic IP devices,

Security 128-bit WEP, 64-bit WEP, 152-bit WEP

Sept 1999. End user merchandises began transporting in early 2002

IEEE 802.11b

Datas rates up to 11Mbps in 2.4-GHz ISM set, Coverage ( m ) 40 to 400,

Mobility Roaming between APs by nomadic IP devices,

Security 128 spot WEP.

Sept 1999. End user merchandises began transporting in early 2000

Table 1. IEEE WLAN Standards

1.3.1- IEEE 802.11b SECURITY FEATURES: The security characteristics provided in 802.11b criterion are as follows ( John Vollbrecht, 2001 ) :

A. SSID – Service Set Identifier

SSID behaves like as identifier of WLAN. Therefore all the devices seeking to link itself to a peculiar WLAN must be configured with the same SSID. One adds it to the heading of each bundle sent above the WLAN ( with a BSS ) and checked by an entree point. A device of client can non pass on with an entree point unless it is configured with the same SSID as the entree point.

B. WEP – Wired Equivalent Privacy

Harmonizing to criterions of 802,11, ( WEP ) has been understanding in order to provide “ the confidentiality that is subjective equivalent to the confidentiality of a wired local country web ( LAN ) . It does non use the cryptanalytic techniques in order to increase to the privateness ( Interlink Networks Resource Library, 2002 ) .

The elaborate lists of the IEEE for wired LANs do non include the cryptanalysis as a demand. That is because about all the this LANs are fixed through physical agencies which the constructions walled and the controlled entryway to building etc However no such physical contour can in the event be supplied of WLANs that justifies therefore the demand of a cryptanalysis mechanism.

WEP supplies to the symmetrical cryptanalysis utilizing the WEP key. Every node must be shaped manually with the same key of WEP. The transmittal station figure the message utilizing the WEP key while the response station decrypts the message utilizing the same key of WEP. WEP uses the figure of flow RC4.

C. MAC Address Filters

Assembled in this instance will the entree point, around connexion and petitions for the puting up a connexion by merely those nodes to presume their MAC addresses with the point of entryway to be registered. This bill of exchange supplies an extra security bed.

2 – Problem Definition

Everywhere bing web entryway without lines is the chief attractive force underlying wireless web development. Although this seems as sufficient attractive force, other side of the illustration exists. Before they go all wirelessly organisations should understand foremost, how wireless webs could be vulnerable some sorts penetration methods.

2.1 INVASION & A ; RESOURCE Larceny: Resources of a web know different devices such as pressmans and Internet entree etc. First the aggressor tries to fasten and find the entree parametric quantity for this certain web. for illustration if web uses the MAC reference created filtering of the clients, everything must make an interloper is MAC reference and assigned IP reference for a certain client to find. The interloper delaies, until this valid client goes off from the web and so he begins, the web and its operational resources with the visual aspect to utilize as valid users.

2.2 TRAFFIC REDIRECTION: An interloper can alter hence know the manner of traffic and the packages, which are intended for a certain computing machine, for assailing station to be readdressed. for illustration ARP tabular arraies ( the MAC reference contained to the exemplifying IP reference ) , into which switches of a wired web are manipulated, so that bundles for a certain wired station can reroute themselves for assailing station.

2.3ROUGE ACCESS POINT: A rogue entree point is one, which is attached by an aggressor ( usually within the general scopes like divided office infinite, airdromes etc. ) around traffic of the radio clients to presume, to whom it appears as valid Authenticator. The packages, which are taken captured hence, can be used to pull out over sensitive information or can for farther onslaughts, be eventually used before one into the right web are once more inserted.

2.4 DENIALOF SERVICE ( DOS ) ATTACK: A DOS can take two signifiers thronging and deauthentication. Network thronging can happen when a high powered sender is placed within web scope on the same spectrum as the web. A major concern for this signifier of onslaught is that it is hard to observe and devices which use the 2.4-GHz spectrum can do web thronging – such as Bluetooth devices and microwave ovens. A deauthentication onslaught exploits the fact that control and direction information is broadcast unencrypted over the radio web. A malicious aggressor can capture this information and usage it to deauthenticate a device which is connected to the web. This is the first measure in either a man-in-the-middle onslaught or capturing logon certificates from the device as it tries to reconnect ( Woodward, 2005 ) .Woodward, A. 2005. ‘Recommendations for radio web security policy ‘ . [ Online ] Microsoft Academic Research. Available at: hypertext transfer protocol: //scissec.scis.ecu.edu.au/anzsys08/proceedings/2005/aism/woodward.pdf [ Accessed: 13may2010 ] .

These concerns relate to wireless webs in general. The security concerns raised specifically against IEEE 802.11b webs [ 4 ] are as following.

2.5 MAC ADDRESSES Authentication: Such kind of hallmark establishes the individuality of the physical machine, non its human user. Thus an aggressor who manages to steal a laptop with a registered MAC reference will look to the web as a legitimate user.

2.6 One-way Authentication: WEP hallmark is client centered or one-way merely. This means that the client has to turn out its individuality to the Access Point but non frailty versa. Thus a rogue Access Point will successfully authenticate the client station and so later will be able to capture all the packages send by that station through it.

2.7 Inactive WEP Keys: There is no construct of dynamic or per-session WEP keys in 802.11b specification. Furthermore the same WEP key has to be manually entered at all the Stationss in the WLAN.

2.8 SSID: Since SSID is normally provided in the message heading and is transmitted in clear text format, it provides really small security. It is more of a web identifier than a security characteristic

2.9 WEP KEY encoding: The usage of a little low-level formatting vector ( IV ) means that in a high traffic environment it is likely that the same IV will be used more than one time in a twenty-four hours. This makes it executable for an aggressor to short-circuit encoding system. ( Woodward, 2005 ) Besides issues have been discovered with the RC4 algorithm used to bring forth the cardinal watercourse that synchronises conveying and having devices. It has been shown that the secret key can be obtained by capturing 5 to 6 million packages of informations to correlate the first few bytes of the keystream with the generate key. ( Borisov, 2005 )

This thesis will seek to turn to in deepness the security restrictions of WEP included in IEEE 802.11b specifications. To battle the WEP exposure for WLAN security, I plan to look into the undermentioned solutions: IEEE 802.1x, VPN ( Virtual Private Network ) , Cisco LEAP ( Light Weight Authentication Protocol ) , and SSL ( Secure Socket Layer ) . These alternate attacks will be studied and tested for their several security strength and public presentation operating expense.

3 Alternate Solutions:

3.1- IEEE 802.1x: IEEE 802.1x is a port based hallmark protocol. There are three different types of entities in a typical 802.1x web including a prayer, an appraiser and an hallmark waiter. When applied to 802.11b LANs, the 802.1X specification includes two chief characteristics ( Interlink Networks Resource Library, 2002 ) .

Logical Ports: Since, otherwise than wired webs, radio Stationss are attached non to the web with physical agencies, they must hold any sort of the connexion relation with one point of entryway of utilizing for the WLAN. This connexion is made, by allowing the clients and the entree point of each other MAC reference know. This combination of MAC reference of the entree point and the station serves as a logical gate. This serves so as a finish reference into the EAPOL proceedingss from lead oning. EAPOL criterion is defined for directing EAP proclamations over IEEE 802.11 created connexions. . EAP message exchanges utilizing EAPOL occurs at Data Link bed i.e. merely MAC Addresses are involved. Higher proceedingss such as IP were non present instantiated. EAPOL field informations format is shown in the fig: 4

2-byte Type codification assigned to EAPOL

Fig.4 EAPOL Frame Format[ 3 ]

Cardinal Management: IEEE 802.1x specifications do non stress on utilizing WEP key for encoding. This is because cardinal information is passed from Access Point to a station utilizing EAPOL-Key message. Thus keys are generated dynamically, per-session footing authenticates with the Authentication Server by utilizing EAPOL to pass on with the Access Point. Messages are exchanged between Supplicant and Authenticator to set up Supplicant ‘s individuality. The Authenticator so transfers Supplicant ‘s information to the Authentication Server utilizing RADIUS. Authentication Server instantiates hallmark mechanism by publishing a challenge message. All communicating between Authentication Server and Supplicant passes through Authenticator utilizing EAP over LAN ( i.e. EAPOL ) and EAP over RADIUS consequently. This creates an end-to-end EAP conversation between Supplicant and Authentication Server. Once Authentication Server authenticates the Supplicant, the Authenticator delivers cardinal parametric quantities ( and non the existent key ) to the Supplicant. Typical constellation of WLAN utilizing IEEE 802.1x is shown in Fig.5.

IEEE 802.1x specifications do non foreground on utilizing WEP key for encoding. This is, because cardinal information is led from the entree point to a station with EAPOL cardinal message. Thus keys are generated dynamically, per-session footing authenticates with the Authentication Server by utilizing EAPOL to pass on with the Access Point. Announcements are exchanged between Supplicant and Authenticator, in order to fabricate individuality Supplicants. The Authenticator brings so information to Prayers on the hallmark operator with RADIUS. Authentication operator of instantiates authentication unit by the outgo of a challenge proclamation. All communicating between hallmark operator and Supplicant exceeds by Authenticator with EAP over LAN ( i.e. EAPOL ) and EAP over radius consequently. This causes a consecutive EAP treatment between Supplicant and hallmark operator. Equally shortly as hallmark operator authenticates the Supplicant, the Authenticator cardinal parametric quantity ( and non the reference key ) supplies to the Supplicant. Typical constellation of WLAN, which uses IEEE 802.1x, is shown in Fig.5.

Supplicant Authenticator Authentication Server

Fig.5 IEEE 802.1x in 802.11 Wireless local area networks[ 4 ]

3.1.1- Association & A ; EAP Authentication Procedure

IEEE 802.1X specifies two distinguishable ports. The first port is uncontrolled and allows merely hallmark messages ( EAP messages ) to be exchanged. Second port is controlled and allows the exchange of frames merely if the port is authorized.

3.1.2- Advantages

Dynamic Session Key Management: 802.1x allows dynamic session cardinal encoding.

Open Standards Based: 802.1x purchases bing criterions, EAP and RADIUS.

Centralized User Administration: Since 802.1x supports RADIUS, hallmark, mandate and accounting are centralized.

Low operating expense ; 802.1x does non affect encapsulation, so it adds no per-packet operating expense.

User Based Identification

3.2- VIRTUAL PRIVATE NETWORK ( VPN )

VPN engineering supplies the agencies to convey informations certainly between two web devices over an unsure informations transportation means ( Pierre Trudeau, 2001 ) . VPN engineering was used successfully in wired web, peculiarly if utilizing Internet as a physical agency. This success of VPN in wired webs and associated security limitations of the radio webs requested developers and directors to blossom it in instance of the radio webs.

3.2.1- Need for VPN in Wireless Networks

Wireless web connexion is more vulnerable and less secure than wired web connexion. In order to come with a security solution for radio webs above, we would wish to stress first two of import facets of the wired webs in their security expressed:

There is no specification of any encryption criterion to be implemented in instance of wired LANs. This is, because usually the wired webs ( overseas telegrams, routers, etc ) are within the enclosed physical construction of an organisation.

Even if the medium used is insecure ( e.g. , the Internet ) , to implement security, accent is laid on Network Layer and above alternatively of Physical Layer. For illustration, some signifier of user hallmark or Internet Firewall can be implemented. This is because in instance of Internet, there is no 1 physical dedicated nexus between the two terminal Stationss. Therefore Physical Layer can non be relied upon supplying significant security.

In a VPN, an organisation uses the bandwidth of the Internet to set up private, unafraid connexions between its remote offices and/or employees. Each of the distant users connects to the local ISP in the same mode that is used for Internet entree: dial-up, overseas telegram, DSL, ISDN, T1 or radio. A procedure called “ tunneling ” is used to transport the information over the Internet. However, burrowing entirely does non guarantee privateness. To procure a tunneled transmittal against interception, all traffic over a VPN is encrypted for safety.

Figure 6: Virtual Private Network ( VPN ) with burrowing over the cyberspace[ 5 ].

VPN plants by making a tunnel, on top of a protocol such as IP. Fig 6 represents a typical radio LAN constellation utilizing VPN. VPN engineering provides three degrees of security ( L. Goldberg, ( 1995 ) , :

Authentication: A VPN waiter must authorise each user logged on to a specific radio station and it besides try to link with a WLAN by usage the VPN client. Therefore hallmark is non machine based so it is a user based.

Encoding: VPN provides a protected tunnel on the top of basically unprotected medium like as cyberspace. In which, traffic base on balls through the tunnel to give another degree of informations confidentiality.Thus even if an interloper manages to acquire into the tunnel and intercepts the information, that interloper will hold to travel through a batch of attempt and clip decrypting it ( if he is able to decrypt it ) .

Data hallmark: It guarantees that all traffic is from attested devices therefore connoting informations unity.

3.3- CISCO LEAP ( LIGHT WEIGHT AUTHENTICATION PROTOCOL )

Cisco LEAP or EAP Cisco radio is an hallmark 802.1X sort for radio LANs, which supports strong common hallmark between the client and a radius operator. LEAP is a constituent of Cisco wireless security system. Cisco imported LEAP in December 2000 as introductory manner to better the full security of the radio LAN hallmark fast. LEAP is, a market-proven EAP hallmark sort unfolded far.

Cisco ‘s LEAP fills two notable WLAN security holes ( Interlink Networks Resource Library, 2002 ) :

Common Authentication between Client Station and Access Point: I have described in subdivision 2 ( job representation ) about the points of Rogue Access Point. This was because of the One Way, client cantered hallmark between the client and the entree point. LEAP requires bipartisan hallmark, i.e. a station can besides analyze the individuality of the entree point, before it accomplishes the connexion.

Distribution of WEP Keys on a Per-session Footing: In contrast with the inactive keys of WEP in 802.11 elaborate lists, the LEAP protocol supports the impression of the dynamic keys of session. This key is generated by the Radius Server and Cisco client independently. Therefore the key is non transmitted through the air in which it could be intercepted.

3.4- SSL ( SECURE SOCKET LAYER )

The SSL is fundamentally security protocol of exigency used in about 100 % of the unafraid minutess of the Internet. Basically, the SSL transforms a typical secure protocol of conveyance ( which the TCP ) in order to do a secure communications adapted to take the sensitive minutess. The SSL protocol defines the methods by which a secure communications channel can be established-it does non bespeak which cryptanalytic algorithms need to be used.

The SSL supports many different processs and serves from construction for which the cryptanalysis it can be used in a convenient and distributed manner. Since WEP entirely does non guarantee secure radio communications, people are encouraged to utilize applications that provide encoding such as SSL-based secure web sites.

The SSL protocol tallies above TCP/IP and below higher-level protocols such as HTTP or IMAP ( Refer to Fig. 7. ) . It allows common hallmark between SSL Client and SSL Server and so organize an encrypted connexion.

Fig.7 SSL runs above TCP and at a lower place High Level Protocols[ 6 ]

3.4.1- Some advantages of SSL are given below:

SSL provides an encrypted communicating between client and the Serer in order to do communicating safe and secure.

It besides provides the hallmark between waiter and the client

It is one of most common criterions on today ‘s web browser.

Easy to set up Sessionss

It is inexpensive solution as comparison to the others.

4 – TESTBED Apparatus

4.1- DESKTOP Computer

There are two computing machines desktop bases Intel. They both will be associates with the entree point in order to bring forth an substructure based WLAN. One of them will move as waiter who accommodates a plan that generates sample informations. Furthermore it acts as a waiter of VPN and/or like waiter of hallmark, harmonizing to the bottom method that is employed in an experiment. Harmonizing to ciphering it will move as from client of VPN, the LEAP or the SSL etc, harmonizing to the bottom method that is employed in an experiment.

4.1.1- Hardware Configuration

Processor

Intel Pentium II 400MHz

Random-access memory:

256MB

Network Adapter

Cisco Aironet 350 Series Wireless LAN Adapter

4.1.2- Software Configuration

Operating System: Windows 2000 Professional

ACU ( Aironet Client Utility ) : This plan of usefulness comes with the card of Aironet. It is used to execute user degree nosologies on the Cisco Wireless LAN adapter card. It allows us to modernize microcode, expression at the current status of the device, we observe statistics currents of the device and carry out a connexion trial in order to gauge the public presentations of the RF connexion to several topographic points in our zone.

The client is used in order to obtain the IP reference of a wireless Ethernet device based on the device MAC ID. To put up the IP reference and SSID user can utilize this public-service corporation if the device is still in default province

4.2- LAPTOP Computer:

Intel based Dell Laptop will be used to seek to check the WEP key in the WEP enabled WLAN constellation. ( Refer to Fig.7. ) It will host a plan like ‘AirSnort ‘ for checking WEP key.

4.2.1- HARDWARE CONFIGURATION

Processor: Intel Pentium III 600MHz

Random-access memory: 256MB

Network Arranger: Cisco Aironet 350 Series Wireless LAN PCMCIA Adapter

4.2.2- SOFTWARE CONFIGURATION: The same as the desktop.

4.3- ACCESS POINT

The entree point is the absolute necessity in the event of the radio LAN that works in the manner of the substructure. All the traffic between the two computing machines in the radio web must go through through this entree point. Therefore it is correspondent to a hub or a switch in wired LAN.

Make and Model: Cisco Aironet 350 Series

Data Ratess Supported: 1, 2, 5.5, 11 Mbps

Network Standard: IEEE 802.11b

Uplink: Auto-Sensing 10/100BaseT Ethernet

Frequency Band: 2.4 to 2.497 GHz

Network Architecture: Infrastructure

Wireless Medium: Direct Sequence Spread Spectrum ( DSSS )

Supports IEEE 802.1x- based Extensile Authentication Protocol ( EAP ) services that provide centralized, user-based hallmark and single-user, single-session encoding keys

Supports Automatic channel choice, Cisco Discovery Protocol ( CDP ) , Dynamic Host Configuration Protocol ( DHCP ) , and BOOTP services to simplify installing and direction of WLAN substructures

4.4- OTHER SOFTWARE REQUIRED

With the bing little articles indicated above, four different security units were introduced. A Java based plan would hold to be accomplished and ( on the server side ) for all units ( described in Sec.4.5 ) , which would empty informations continuously to the client for security and consequence analysis. Some these units require excess package constellations in add-on, which were fulfilled, by doing slightly necessary constellation alterations in the entree point and Cisco client package apparatus ( e.g. in instance WEP and the LEAP ) and besides by utilizing the 3rd party package. This 3rd party package would include:

Airsnort public-service corporation for snap of WEP key. ( Currently widely used version of Airsnort is Linux based. If Windowss version could non be obtained so one of the desktop PCs would be installed with Linux runing system. )

Radius ( AAA ) Server. This would be an absolute demand in the instance of Cisco LEAP attack and can besides be used in the VPN attack.

VPN Server and VPN Clients for the VPN attack. Any shareware distribution of VPN waiter and client can be used for this intent. SSL enabled client and waiter for the SSL based attack

5 – Research Plan

To be used the chief estimate is the comparable estimate i.e. to compare security features and capableness features of all over described four estimates.

5.1- SECURITY FEATURES

To compare security characteristics, for every attack there would be Theoretical Analysis of the job in manus Testing ( by seeking to chop and onslaught ) , for illustration, Airsnort for WEP For the other attacks efforts would besides be made to develop an attack to prove them after extended survey in their security mechanisms is conducted.

5.2- PERFORMANCE FEATURES

A Java application is used, in order to bring forth sample informations. Care will be taken to do certain that all these four attacks are tested for public presentation considerations under similar hardware and package environments. In order to analyze the accomplishment of all estimates indicated supra, a plan can be written or any 3rd party tool can be used. We can besides utilize 3rd party package like “ Net Stumbler ” , in order to carry through the strict public presentation review.

6 – THESIS TIMELINE

A probationary thesis timeline is shown in Table 2 as follows:

Calendar months

Intended Activity

1week

2 hebdomad

Client Server Testing ( Java ) plan

Initial Study sing IEEE 802.11B security restrictions and exposures

4 yearss

3days

WEP security survey ( Continued )

WEP key checking

1 hebdomad

Cisco LEAP Study and Testing

1week

VPN Approach Study and Testing

1week

SSL Approach Study and Testing

1week

Collection and Analysis of Research consequences

2week

Writing of the Master Thesis

Table 2. Probationary Thesis Timeline

7 – REFRENCES

( L. Goldberg, ( 1995 ) , ( D. L. Lough, Tutorial on Wireless LANs and IEEE 802. 11, “ Virginia Polytechnic Institute and State University.

Randall K. Nichols, Panos C. Lekkas, ( 2001 ) . Wireless Security Models, Threats, and Solutions.

Thomas M. Thomas ( 2004 ) , Wireless Security By Sample Chapter is provided courtesy of Cisco Press.

( Theodore S. Rappaport, Wireless Communications, Principles and Practice, Prentice Hall, 1996. W. Stallings, Wireless Communications & A ; Networks ) . hypertext transfer protocol: //www.securitymagazine.com/CDA/ArticleInformation/features/BNP__Features__Item/0,5411,77206,00.html

Interlink Networks, “ Introduction to 802.1X for Wireless Local Area Networks ” , White Papers at Interlink Networks Resource Library, 2002. hypertext transfer protocol: //www.interlinknetworks.com/images/resource/802_1X_for_Wireless_LAN.pdf.

Interlink Networks, “ Wireless LAN Security utilizing Interlink Networks RAD Series AAA Server and Cisco EAP-LEAP ” , Application Notes at Interlink Networks Resource Library, 2002 hypertext transfer protocol: //interlinknetworks.com/images/resource/wireless_lan_security.pdf.

Jean-Paul Saindon, “ Techniques to decide 802.11 and wireless LAN engineering in out-of-door environments ” , News Article at SecurityMagazine.com, Aug 08 2002.

Jesse R.Walker, “ Unsafe at any cardinal size ; An analysis of the WEP encapsulation ” , 802.11 Security Documents at NetSys.com, Oct 27 2000 hypertext transfer protocol: //www.netsys.com/library/papers/walker-2000-10-27.pdf

John Vollbrecht, David Rago, and Robert Moskowitz. “ Wireless LAN Access Control and Authentication ” , White Papers at Interlink Networks Resource Library,2001.http: //www.interlinknetworks.com/images/resource/WLAN_Access_Control.pdf.

Pierre Trudeau, “ Building Secure Wireless Local Area Networks ” , White Papers at Colubris.com, 2001 hypertext transfer protocol: //download.colubris.com/library/whitepapers/WP-010712-EN-01-00.pdf

WLAN Association, “ Introduction to Wireless LANs ” , WLANA Resource Center, 1999, hypertext transfer protocol: //www.wlana.com/learn/intro.pdf

WLAN Association, “ Wireless Networking Standards and Organizations ” , WLANA Resource Center, April 17 2002 hypertext transfer protocol: //www.wlana.com/pdf/wlan_standards_orgs.pdf

Woodward, A. 2005. ‘Recommendations for radio web security policy ‘ . [ Online ] Microsoft Academic Research. Available at: hypertext transfer protocol: //scissec.scis.ecu.edu.au/anzsys08/proceedings/2005/aism/woodward.pdf [ Accessed: 13may2010 ] .