1 / 61

CS 535 – Wireless Network Security Introduction , Wireless Networks, Security Threats and Services

CS 535 – Wireless Network Security Introduction , Wireless Networks, Security Threats and Services. Albert Levi Sabancı University. Wireless Network Security. Needs introduction to Wireless Communication and Wireless Networks Security Threats and Services Cryptography.

pollylucia
Télécharger la présentation

CS 535 – Wireless Network Security Introduction , Wireless Networks, Security Threats and Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CS 535 – Wireless Network SecurityIntroduction, Wireless Networks, Security Threats and Services Albert Levi Sabancı University

  2. Wireless Network Security • Needs introduction to • Wireless Communication and Wireless Networks • Security Threats and Services • Cryptography

  3. Wireless Communications

  4. Wireless Communication Basics • No Link • Electromagnetic (Radio) waves • Sinusoidal current through an antenna (transmitter) • Fields induce current in the receiving antenna • Travelling speed is the speed of the light • 3x108 m/s • Unidirectional vs. Onmidirectional • Now: Some Wireless Comm. Details from Rappaport

  5. Radio Propagation • Ideal world • "free space" radio wave propagation • No obstacles, in all directions or point to point • Real World • There are obstacles and related problems • Reflection, diffraction and scattering • Cause signal distortions, signal fades

  6. Wave propagation in real world through obstacles • Reflection occurs when the wave hits a very large object (big buildings, surface of earth) • The wave gets reflected • Diffraction occurs when a wave hits an impenetrable object, making it to bend at the edges and propagate in different directions (even behind the obstacle) • Scattering occurs when a wave travels through a medium containing small and high amount of objects ( example trees).

  7. Multipath • Multipath occurs when there are multiple signal propagation paths • the actual received signal level is vector sum of all the signals received from any direction or angle of arrival • Reflection, Diffraction and Scattering cause multipath • Cause fading if several signals cancel out

  8. Path Loss or Attenuation • Power of wireless transmission reduces because of • terrain contours (rough surfaces are bad) • Environmental setting (urban areas, vegetation and foliage) • Moist air and rain • Distance between transmitter and receiver • Depends also on the wavelength: • Long wavelength waves (low frequency) have less loss • Short wavelength waves (high frequency) have more loss

  9. Fading and Interference • Fast fading • rapid fluctuations in amplitude and phase due to multi-path propagation resulting in interference of multiple copies of the same transmitted signal arriving at the receiver • Slow fading • may last for several seconds or minutes • mainly due to absorption of the energy by objects hit • Interference • Different signals may get into each other • Kind of a noise

  10. Thermal Noise • Johnson–Nyquist noise (thermal noise, Johnson noise, or Nyquist noise) is the electronic noise generated by the thermal agitation of the charge carriers (usually the electrons) inside an electrical conductor at equilibrium, which happens regardless of any applied voltage. • From wikipedia • Do not get frustrated if you did not understand anything • Just see that this noise is natural and inevitably exists • However, if you increase the power, it becomes less effective • The amplitude of the signal is almost Gaussian probability density function.

  11. SNR (Signal-to-Noise Ratio)

  12. Frequency Spectrum Allocation • Different frequency bands are used for different applications and carriers (companies) • Very limited and valuable resource • Allocation is done by auctioning to the highest bidder • Some frequencies are not allocated at all • for example ISM (industrial, scientific and medical)

  13. Wireless Communication Characteristics - Summary • Wireless communication is achieved through electromagnetic waves in the air • So anybody with an antenna can receive the signal • Wireless communication interacts with the environment • path loss, attenuation, interference, blockage • Physical Limitations • Quality of communication affected by noise • Bottomline: Error rate is higher as compared wired communication

  14. Wireless Networking

  15. Wireless Networking Architecture • Layered structure (remember OSI and TCP/IP) • Not a fixed reference model but we have similar problems and layers as in wired networks • But the nature of the problems depends on the wireless network type • The main and common layer is the MAC (Medium Access Control) layer • How multiple stations share the same communication medium

  16. Transmission medium is broadcast Can be accessed by anyone If everybody sends at the same time, then communication becomes full of collisions Access to the channel must be controlled in such a way to: maximize throughput minimize waiting time Multiple Access Techniques Methods that determine how the medium is accessed such that the channel is shared between multiple participants

  17. Multiple Access Techniques • We need to separate the users • 3 domains • Frequency • Time • Space • Several methods are proposed

  18. FDMA – Frequency Division Multiple Access • Users are separated in frequency domain • Each station has its own frequency band, separated by guard bands to eliminate interchannel interference • Receivers tune to the right frequency • Number of frequencies is limited • Main drawback is under-utilization of the frequency spectrum

  19. TDMA – Time Division Multiple Access • Users transmit data on same frequency, but at different times • Channel is divided into time slots • Users may use the full channel or may be given different amounts of bandwidth • Requires time synchronization among the users in the networks • which is not so preferred due to overhead • Multipath interference may cause problems if some signals arrive late using another user’s time slot • If the users do not use the channel for the entire slot, under-utilization occurs

  20. CDMA – Code Division Multiple Access • Was the rival of GSM in the USA • Users are separated by both frequency and time • Actually much more complex than that • Data are converted into some codes during transmission • Receiver decodes by the inverse process • No need for all stations to synchronize • Some people says secure • But I think “security by obscurity” has no value

  21. FHSS – Frequency Hopping Spread Spectrum • Basic idea behind spread spectrum • Transmitter uses several frequencies to transmit a signal in a synchronized way with the receiver • FHSS • Transmitter hops between available frequencies according to a predefined order • Fixed intervals • Transmitter operates in synchronization and pre-agreement with the receiver • i.e. receiver, hopping between frequencies in synchronization with transmitter, picks up message

  22. FHSS Example

  23. FHSS - Bonus • Any security implications of spread spectrum? • Hint: Did you watch the movie “Catch me if you can”?

  24. SDMA – Space Division Multiple Access • Users are separated in space domain (geographical) • Several users use the same frequency and time slot • They differ in the spatial area in which the signals are transmitted and received • via the use of smart directional antennas • or by selecting the power levels and positions of the antennas to serve only in a particular area • In this way different areas can be served using the same frequency • but one should expect increase in co-channel interference from adjacent co-channel cells

  25. Different Types of Wireless Networks • Cellular Networks • Wireless LANs (IEEE 802.11 series) • MANETs (Mobile Ad hoc NETworks) • Sensor Networks • Wireless Mesh Networks • Bluetooth • VANETs (Vehicular Ad hoc NETworks)

  26. Cellular Networks • Main idea • Frequency is limited so that we have to reuse it in several places • Key concept: frequency reused by dividing the area covered by a cellular network in cells

  27. Features of Cellular Networks • Wide coverage • Reuse frequencies as much as needed • Although number of users per cell is limited by the channels in the cell, the entire network can serve very large number of users • Intelligent cell formations are needed. • Any ideas for TEM and İstiklal street? • Deployment is costly • One base station per cell • Wired communication among the base stations and connectivity to PSTN (Public Switched Telephone Network) • But still not as costly as a PSTN with the same coverage

  28. Cellular Networks – Handoff (Handover) • Definition: Transition of a mobile user from one base station to another as it travels from one cell to another • May cause call drops if the new cell is unavailable • Was very hot research topic in late 90’s and early 00’s

  29. terminal association request association response beacon • MAC header • timestamp • beacon interval • capability info • SSID (network name) • supported data rates • radio parameters • power slave flags Introduction to WLANs scanning on each channel “connected” AP

  30. Introduction to WLANs Internet AP

  31. WLAN - Two Modes of Operation • Infrastructure mode • Fixed access point connected to the wired infrastructure • Mobile stations communicating with the access point • Ad hoc mode • Mobile stations communicate with each other through the access point

  32. WLAN Standards • IEEE 802.11 • family of standards for wireless local area network computer communication, developed by the IEEE LAN/MAN Standards Committee (IEEE 802) • 5 GHz and 2.4 GHz public spectrum bands (mostly).

  33. WLAN Standards (1/2)

  34. WLAN Standards (2/2)

  35. MANETs (Mobile Ad Hoc Networks) • Network is self-configuring • No fixed infrastructure • Network topology may change rapidly and unpredictably • Multi-hop communication among the users • Cooperation needed • Several RFCs on MANETs

  36. Sensor Networks • Sensor nodes • low cost small devices, able to sense the environment (temperature, light, humidity, etc.), report sensed data using wireless communication • Nodes are tiny • Limited memory, computational power, energy • Reports obtained by a base station (a.k.a. sink) • Sensor networks • A large number of sensors (static or mobile), distributed in an ad hoc manner over an area • Nodes cooperate: communicate via multi-hop wireless communication, some nodes aggregate data • No fixed infrastructure (kind of an ad hoc network) • Applications • battlefield surveillance, medical monitoring, biological detection, habitat monitoring, home security, disaster recovery

  37. sink A Sample Sensor Network

  38. Wireless Mesh Networks (WMNs) • Recent research area • Consist of: • a set of fixed wireless routers • a wireless backbone • a set of wireless clients. • Can be integrated with other types of networks via gateways • such as wired (Internet), cellular or sensors networks

  39. Transit Access Point ( TAP ) Mesh Networks

  40. WMN Applications • Community and neighborhood networking • Broadband home networking • Surveillance systems

  41. Bluetooth • Industrial specification for wireless personal area networks (PANs) • Standardized by IEEE (IEEE 802.15.1) • What does Bluetooth provide? Why do we need a PAN? • exchange information between devices like mobile phones, tablets, laptops, PCs, printers, digital cameras, etc. • Cable-free computing environment • Main communication infrastructure for IoT devices • Replacement for infrared (remotes) • Replacement for any type serial communication interface (medical equipment, test devices, etc.) • Range: 1 -100 meters • Data Rate • Version 1.2: 1 Mbit/s • Version 2.0, 2.1: 3 Mbit/s • Version 3.0, 4.0, 4.1 (uses 802.11 technologies), 4.2 • Version 5 (2016): range*4, speed*2 (tradeoff scheme)

  42. VANETs (Vehicular Ad Hoc Networks) • As name implies • An ad hoc network in which the nodes are vehicles • May also have some roadside nodes

  43. Vehicular networks: why? • Combat the awful side-effects of road traffic • In the EU, around 40,000 people die yearly on the roads; more than 1.5 millions are injured • Traffic jams generate a tremendous waste of time and of fuel • Most of these problems can be solved by providing appropriate information to the driver or to the vehicle

  44. VANETs • Goals • Promote safety and efficiency • Cars will have onboard equipment equipped with GPS • tied in in-car sensors and safety systems to get safety related information • Cars can communicate with the roadside infrastructure • to conduct electronic payments • monitor traffic, • send updates • Applications • congestion detection, collision alert, deceleration warning, road hazard warning, toll collection

  45. Information SecurityThreats and Services

  46. Mostly important for information and network security What security is about in general? • Security is about protection of assets • D. Gollmann, Computer Security, Wiley • Prevention • take measures that prevent your assets from being damaged (or stolen) • Detection • take measures so that you can detect when, how, and by whom an asset has been damaged • Reaction • take measures so that you can recover your assets

  47. Services, Mechanisms, Attacks • 3 aspects of information security: • security attacks (and threats) • actions that compromise security • security services • services against these attacks and threats • security mechanisms • used by services • e.g. secrecy is a service, encryption (a.k.a. encipherment) is a mechanism

  48. Attacks • Attacks on computing systems • break-in to destroy information • break-in to steal information • blocking to operate properly • malicious software • wide spectrum of problems

  49. Attacks • Network Security • Active attacks • Passive attacks • Passive attacks • interception of the messages • What can the attacker do? • use information internally • hard to understand • release the content • can be understood • traffic analysis • hard to avoid

  50. Attacks • Active attacks • Attacker actively manipulates the communication • Masquerade • pretend as someone else • In order to get more privileges • Fabrication • create a bogus message • Replay • passively capture data and send later • Denial-of-service • Blocking the normal operation of servers, end users, or network

More Related