The inevitable spread of wireless networks and the growing traffic in them can lead to an increase in information security incidents. The main threats are aimed at interception, violation of the confidentiality and integrity of transmitted data, attacks on the availability of nodes of the transmission channel and their substitution. Due to its characteristics, the wireless data transmission environment creates potential conditions for eavesdropping on network traffic and uncontrolled connection to the wireless network by attackers who are in its range. Wireless networks, unlike wired networks, are extremely vulnerable to possible attacks and unauthorized access due to the use of radio spectrum and the broadcast nature of the physical layer. To intercept data, it is enough to be in the range of the Wi-Fi network. Therefore, an attacker, being at a safe distance, can use wireless devices to carry out attacks. The article analyzes a cyberattack of the "War Driving" type on wireless networks. The analysis carried out in the article showed that there are open wireless networks. Wireless networks are open or because the administrators who configure them are not security aware. A full-scale simulation of a "War Driving" attack was carried out. Real-time simulation data show that 10.1% of networks do not use any encryption. The detection error of access points not using encryption is from 8% to 12%. This is a very good result and confirms the adequacy of the conducted full-scale modeling. Based on the analysis of the results of live simulation, recommendations have been developed to protect the wireless network from a "War Driving" attack. The developed recommendations will protect wireless networks from "War Driving" attacks
The “Evil twin” rogue access point is one of the most serious security threats to wireless LANs. To solve this problem, a practical approach has been proposed for detecting rogue access points using the received signal strength indicator (RSSI). First, a distributed architecture is presented, which consists of three network analyzers. Then, a cluster analysis of the RSSI vectors is performed to determine the attack. The coordinates of the centroids of clusters obtained were converted into the distance by using an empirical model of signal propagation under indoor conditions. The obtained distances are used to determine the localization of a rogue access point (RAP) using the trilateration method. Finally, we are conducting experiments to evaluate the performance of practical RAP detection. The results show that the proposed approach to detecting rogue access points can significantly reduce the frequency of false alarms, while providing an average localization error of 1.5m, which is quite acceptable for RAP localization in real indoor conditions.
Предложен метод синтеза шлейфных фильтров нижних частот с чебышевской характеристикой, не использующий фильтры-прототипы. Выполнено сравнение результатов синтеза фильтров предложенным методом и методами на основе фильтровпрототипов, показавшее преимущество предложенного метода. Ключевые слова: разомкнутый шлейф, фильтр, функция фильтрации, четвертьволновой отрезок линии. Д-р техн. наук, професор, Запорізький національний технічний університет, Україна 2 Ст. викладач, Запорізький національний технічний університет, Україна ПРЯМИЙ СИНТЕЗ ШЛЕЙФОВИХ ФІЛЬТРІВ НИЖНІХ ЧАСТОТ З ЧЕБИШЕВСЬКОЮ ХАРАКТЕРИСТИКОЮ Запропоновано метод синтезу шлейфових фільтрів нижніх частот з чебишевською характеристикою, що не використовує фільтри-прототипи. Виконано порівняння результатів синтезу фільтрів запропонованим методом і методами на основі фільтрівпрототипів, яке показало перевагу запропонованого методу. Ключові слова: розімкнутий шлейф, фільтр, функція фільтрації, чвертьхвильовий відрізок лінії.
Purpose. Analysis of the main types of vulnerabilities and definition of weaknesses in 802.11 wireless network security, identification of the causes of information loss or network failure as a result of attacks. Methodology. Research on attacks at different levels of the OSI network model. Findings. The main threats and attacks that are implemented at each level of the OSI network model, from the physical to the application level, are identified. 15 different attacks with a detailed description of the consequences of their implementation are considered. The correspondence between the levels of the OSI network model and peculiarities of the implementation of attacks is established. Originality. The principle of increasing the abstraction level was used to systematize attacks on WLAN. First, the known attacks are compared according to the levels of the OSI network model and the destructive consequences of their implementation are indicated; secondly, four types of attacks (reconnaissance, availability, spoofing, man-in-the-middle) are identified, and thirdly, attacks are divided into categories of passive and active ones. This approach makes it possible to get a more conceptual understanding of security issues in wireless networks. Practical value. The results obtained can be used to develop effective multi-level systems for detecting and preventing intrusions into WLAN.
One of the most serious security threats to wireless local area networks (WLANs) in recent years is rogue access points that intruders use to spy on and attack. Due to the open nature of the wireless transmission medium, an attacker can easily detect the MAC addresses of other devices, commonly used as unique identifiers for all nodes in the network, and implement a spoofing attack, creating a rogue access point, the so-called "Evil Twin". The attacker goal is to connect legitimate users to a rogue access point and gain access to confidential information. This article discusses the concept, demonstrates the practical implementation and analysis of the “Evil Twin” attack. The algorithm of the intruder's actions, the scenario of attack on the client, and also procedure for setting up the program-implemented rogue access point is shown. It has been proven that the implementation of the attack is possible due to the existence of several access points with the same service set identifier and MAC address in the same area, allowed by 802.11 standard. The reasons for failure operation of the network and possible interception of information as a result of the attack are identified, methods of detecting rogue access points are analyzed. During the experiment, observations of the 802.11 frames showed that there were deviations in the behavior of beacon frames at the time of the "Evil Twin" attack. First, the number of beacon frames coming from the access point which succumbed to the attack is increasing. Secondly, the traffic analyzer detected significant fluctuations in the values of the received signal level, which simultaneously come from a legitimate and rogue access point, which allows to distinguish two groups of beacon frames. The "Evil Twin" attack was implemented and researched using Aircrack-ng – a package of software for auditing wireless networks, and Wireshark – network traffic analyzer. In the future, the results obtained can be used to improve methods of protection against intrusion into wireless networks, in order to develop effective systems for detecting and preventing intrusions into WLAN.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
Contact Info
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Product
Resources
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.
