Introduction to Wireless

Network
Er. Avinash Bhagat
UID11002
Assistant Professor
School of Computer Applications
Lovely Professional University
avinash.bhagat@lpu.co.in
avinash.bhagat@gmail.com
9463281930

Wireless Networks
Security issues
Chapter 14

Wireless Network Security

Requirements
A security protocol for wireless
network should satisfy following
requirements:
Confidentiality
Integrity
Availability
Authentication
Non Repudiation

Network security
requirement
Confidentiality-only to the intended receiver
(Data privacy) information is never released to
unauthorized users

Integritywhat it was sent

no unauthorized modification of resources

Network security
requirement
Availability: remain operational all the times
Authentication : concerned

with verifying

the identity of a user

Network security
Non-repudiation :
requirement
sender of the message cant later deny having sent the
message the recipient cannot deny having received
the message.
ensure that a message was originally sent by the
sender and it was verified that the message was
received by the recipient.

Security in Ad Hoc Wireless

Networks

Issues and challenges in security provisioning

Shared broadcast radio channel: The radio channel

in wireless networks is broadcast and is shared by all
nodes in the network. This problem can be minimized
by using directional antennas.
Insecure operational environment: The operating
environments where wireless networks are used may
not always be secure. For example, battlefields.
7

Security in Ad Hoc Wireless

Networks

Issues and challenges in security provisioning

Lack of association: If no proper authentication mechanism is

there any node can join and leave the network at any point. An
intruder would be able to join into the network quite easily and
carry out his / her attacks.
Limited resource availability: Resources such as bandwidth,
battery power, and computational power are scarce. It is
difficult to implement complex cryptography based security
mechanism in wireless networks
8

Security in Ad Hoc Wireless

Networks

Issues and challenges in security

provisioning

Physical vulnerability: Nodes in these

networks are usually compact and handheld in nature. They could get damaged
easily and are also vulnerable to theft.

Security Issues
SECURITY ISSUES
LAYER
Application
Layer
Transport
layer

Detecting and preventing

viruses , worms , malicious
codes.
Authenticating and securing
end to end communications
through data encryption

Network layer Protecting routing and

forwarding protocols
Link-layer
Protecting the wireless Mac
protocol and providing linklayer security support

10

Security Threats
Four types of security threats:
Interception
Interruption
Modifications
Fabrication

11

Security Threats
Four types of security threats:
Interception refers to the situation that
an unauthorized party has gained access
to a service or data.
Interruption refers to the situation in
which
services
or
data
become
unavailable, unusable, or destroyed.

12

Security Threats
Four types of security threats:
Modifications
involve
unauthorized
changing of data or tampering with a
service.
Fabrication refers to the situation in
which additional data or activity are
generated that would normally not exist.

13

Network Security Attacks

Security Attacks

Passive Attacks

Active Attacks

Snooping
MAC Layer
Attacks
Jamming

Network Layer
Attacks

Transport Layer
Attacks

Application Layer
Attacks

Session
hijacking

Repudiation

Wormhole
attack
Blackhole attack
Byzantine attack

Information disclosure
Resource consumption attack

Other attacks
DoS
Impersonation
Manipulation
of network
traffic
Device
tampering

Routing attacks
14

Network Layer Attacks

Wormhole attack: an attacker receives packets at
one location in the network and tunnels them to
another location in the network.

15

Network Layer Attacks

An example is shown in the above figure. Here X
and Y are the two end-points of the wormhole link
(called as wormholes). X replays in its
neighborhood (in areaA) everything thatY hears
in its own neighborhood (areaB) and vice versa.

16

Network Layer Attacks

The net effect of such an attack is that all the
nodes in areaA assume that nodes in areaB are
their neighbors and vice versa.

17

Network Layer Attacks

This, as a result, affects routing and other connectivity
based protocols in the network. Once the new routes
are established and the traffic in the network starts
using theX-Y shortcut, the wormhole nodes can start
dropping packets and cause network disruption.

18

Network Layer Attacks

They can also spy on the packets going through and use
the large amount of collected information to break any
network security. The wormhole attack will also affect
connectivity-based localization algorithms and protocols
based on localization, like geographic routing, will find
many inconsistencies resulting in further network
disruption.

19

Network Layer Attacks

Blackhole attack:
In the attack a malicious node falsely advertise good
paths (e.g. shortest path or suitable path) to the
destination node during path finding process or in
route update message. The intention of the
malicious node could be to hinder the path finding
process or to interrupt all data packets being sent to
the concerned node.

20

Network Layer Attacks

Byzantine attack:
A compromised intermediate node or a set of
compromised nodes could

create routing loops

Routing packets
Routing optimal paths
Selectively dropping packets

21

Network Layer Attacks

Information disclosure:
A compromised node may leak confidential
information to unauthorized nodes in the network.
Such information may include information
regarding the network topology, geographic location
of nodes or optimal route to unauthorized nodes

22

Network Layer Attacks

Resource consumption attack:
Bandwidth
Processing Power
Battery Power

23

Network Layer Attacks

Routing Attacks : Aim at disrupting the
operation of the network.
Routing table overflow
Routing table poisoning
Packet replication
Route cache poisoning

24

Network layer attacks

Routing table overflow
in this type of attack, and adversary node advertise
routes to non existent nodes, to the authorized nodes
present in the network
This causes an overflow and prevent the creations
of entries corresponding to new routes authorized
nodes.
25

Network layer attacks

Routing table poisoning :
Here the compromised nodes in the
networks send fictitious routing updates or
modify geniune routes.
Routing table poisoning may result in sub
optimal routing, congestion in portions of
the network or even make some parts of
the networks inaccessable.
26

Network layer attacks

Packet replication:
In this attack an adversary node replicates
the stale packets.
This consumes
additional bandwidth and battery power
resources available to the nodes and also
caused unnecessary confusion in the
routing process

27

Network layer attacks

Route cache poisoning:
All the nodes maintain a route cache
which holds information regarding routes
that have become known to the node in
the recent past.
Similar to routing table poisoning cache
can also be poisoned.

28

Transport Layer Attacks

Session hijacking:
An adversary takes control over a session between two
nodes.
As most authentication process are carried out only at the
start of the session, once the session between two nodes
get established the adversary node masquerades as one of
the end nodes of the session and hijacks the session

29

Application Layer Attacks

Repudiation:
Repudiation refers to the denial or attempted denial
by a node involved in a communication.

30

 Other Attacks

Multi-layer attacks could occur in any layer

of the network protocol stack.

31

 Denial of service:
An adversary attempts to prevent
authorized users from accessing
the service.
Jamming: Transmitting signals on
the frequency of senders and
receivers
to
hinder
the
communication.
32

 Denial of service:
SYN flooding: An adversary node
send a large number of SYN
packets to a victim node.
Distributed DoS attack: Several
adversaries attack a service at the same
time.
33

 Other Attacks
Impersonation
An adversary assumes the identity and privileges of an
authorized node to
Make use of network resources that may not be
available to it under normal circumstances.
Disrupt functioning of network by inserting false
routing information on the network
Can get by chance or by guess the authentication of
authorized nodes.
Man in the middle attack

34

 Other Attacks
Device Tempering

35

Question Bank
1.Explain network security requirements.
2.What are issues and challenges in
security provisioning?
3.What are various network layer attacks
4.What are various routing attacks
5.What is session hijacking?
6.What is repudiation attack in wireless
networks
36

Question Bank
7.Explain various multilayer attacks in
wireless networks.
8.How DoS attack is preformed by
adversaries in wireless networks?
9.What are various Impersonation attacks
in wireless networks ?

37