Insecurity of Wireless Networks

Sheldon, Frederick T; Weber, John Mark; Yoo, Seong-Moo; Pan, W. David

doi:10.1109/MSP.2012.60

Title: Insecurity of Wireless Networks

Journal Article · Sun Jan 01 00:00:00 EST 2012 · IEEE Security and Privacy Magazine

DOI:https://doi.org/10.1109/MSP.2012.60· OSTI ID:1048716

Sheldon, Frederick T ^[1]; Weber, John Mark ^[2]; Yoo, Seong-Moo ^[3]; Pan, W. David ^[3]

ORNL
Dynetics, Inc.
University of Alabama, Huntsville

Wireless is a powerful core technology enabling our global digital infrastructure. Wi-Fi networks are susceptible to attacks on Wired Equivalency Privacy, Wi-Fi Protected Access (WPA), and WPA2. These attack signatures can be profiled into a system that defends against such attacks on the basis of their inherent characteristics. Wi-Fi is the standard protocol for wireless networks used extensively in US critical infrastructures. Since the Wired Equivalency Privacy (WEP) security protocol was broken, the Wi-Fi Protected Access (WPA) protocol has been considered the secure alternative compatible with hardware developed for WEP. However, in November 2008, researchers developed an attack on WPA, allowing forgery of Address Resolution Protocol (ARP) packets. Subsequent enhancements have enabled ARP poisoning, cryptosystem denial of service, and man-in-the-middle attacks. Open source systems and methods (OSSM) have long been used to secure networks against such attacks. This article reviews OSSMs and the results of experimental attacks on WPA. These experiments re-created current attacks in a laboratory setting, recording both wired and wireless traffic. The article discusses methods of intrusion detection and prevention in the context of cyber physical protection of critical Internet infrastructure. The basis for this research is a specialized (and undoubtedly incomplete) taxonomy of Wi-Fi attacks and their adaptations to existing countermeasures and protocol revisions. Ultimately, this article aims to provide a clearer picture of how and why wireless protection protocols and encryption must achieve a more scientific basis for detecting and preventing such attacks.

Cite

Export

Save

Research Organization:: Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)

Sponsoring Organization:: USDOE

DOE Contract Number:: DE-AC05-00OR22725

OSTI ID:: 1048716

Journal Information:: IEEE Security and Privacy Magazine, Vol. 10, Issue 4

Country of Publication:: United States

Language:: English

Similar Records

2019 Wireless Test Bed Range Manual

Program Document · Mon Oct 07 00:00:00 EDT 2019 · OSTI ID:1048716

Peterson, Scott L

Intrusion detection and monitoring for wireless networks.

Technical Report · Tue Nov 01 00:00:00 EST 2005 · OSTI ID:1048716

Thomas, Eric D; Van Randwyk, Jamie A; Lee, Erik J; +10 more

Inventory of Public Key Cryptography in US Electric Vehicle Charging

Technical Report · Fri Sep 01 00:00:00 EDT 2023 · OSTI ID:1048716

Carroll, Thomas E.; Redington, Lindsey M.; Moran-Schmoker, Addison M.; +1 more

Related Subjects

99 GENERAL AND MISCELLANEOUS//MATHEMATICS, COMPUTING, AND INFORMATION SCIENCE
DETECTION
INTERNET
PHYSICAL PROTECTION
RESOLUTION
SECURITY
TAXONOMY
COMPUTERS
Internet based attacks on privacy and confidentiality
critical Internet infrastructure
intrusion detection/prevention
Wi-Fi protected access
IEEE 802.11 and attack-experimentation.

Title: Insecurity of Wireless Networks

Citation Formats

Similar Records

Related Subjects