Insecurity of Wireless Networks
- ORNL
- Dynetics, Inc.
- University of Alabama, Huntsville
Wireless is a powerful core technology enabling our global digital infrastructure. Wi-Fi networks are susceptible to attacks on Wired Equivalency Privacy, Wi-Fi Protected Access (WPA), and WPA2. These attack signatures can be profiled into a system that defends against such attacks on the basis of their inherent characteristics. Wi-Fi is the standard protocol for wireless networks used extensively in US critical infrastructures. Since the Wired Equivalency Privacy (WEP) security protocol was broken, the Wi-Fi Protected Access (WPA) protocol has been considered the secure alternative compatible with hardware developed for WEP. However, in November 2008, researchers developed an attack on WPA, allowing forgery of Address Resolution Protocol (ARP) packets. Subsequent enhancements have enabled ARP poisoning, cryptosystem denial of service, and man-in-the-middle attacks. Open source systems and methods (OSSM) have long been used to secure networks against such attacks. This article reviews OSSMs and the results of experimental attacks on WPA. These experiments re-created current attacks in a laboratory setting, recording both wired and wireless traffic. The article discusses methods of intrusion detection and prevention in the context of cyber physical protection of critical Internet infrastructure. The basis for this research is a specialized (and undoubtedly incomplete) taxonomy of Wi-Fi attacks and their adaptations to existing countermeasures and protocol revisions. Ultimately, this article aims to provide a clearer picture of how and why wireless protection protocols and encryption must achieve a more scientific basis for detecting and preventing such attacks.
- Research Organization:
- Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- DE-AC05-00OR22725
- OSTI ID:
- 1048716
- Journal Information:
- IEEE Security and Privacy Magazine, Vol. 10, Issue 4
- Country of Publication:
- United States
- Language:
- English
Similar Records
Intrusion detection and monitoring for wireless networks.
Inventory of Public Key Cryptography in US Electric Vehicle Charging
Related Subjects
DETECTION
INTERNET
PHYSICAL PROTECTION
RESOLUTION
SECURITY
TAXONOMY
COMPUTERS
Internet based attacks on privacy and confidentiality
critical Internet infrastructure
intrusion detection/prevention
Wi-Fi protected access
IEEE 802.11 and attack-experimentation.