Skip to main content Accessibility help

We use cookies to distinguish you from other users and to provide you with a better experience on our websites. Close this message to accept cookies or find out how to manage your cookie settings.

Close cookie message
×
Hostname: page-component-77c89778f8-gq7q9 Total loading time: 0 Render date: 2024-07-22T15:47:41.702Z Has data issue: false hasContentIssue false

10 - Wireless LANs security

from III - E-security applications

Published online by Cambridge University Press:  11 September 2009

Mohammad Obaidat  and
Noureddine Boudriga
Mohammad Obaidat
Affiliation:
Monmouth University, New Jersey
Noureddine Boudriga
Affiliation:
Université du 7 Novembre à Carthage, Tunis
Get access

Summary

Security of wireless networks has become an important issue recently due to the increased dependence of individuals and organizations on these systems in their daily life. The goal of this chapter is to present the major trends and techniques in the security of wireless local area networks as well as to review the needs for securing access to such systems as any breach to such systems may entail loss of money, risk to the secrets of companies and organizations, as well as national security information. We will review the types of attacks on wireless networks. One section is dedicated to the review of services of any reliable security system that include confidentiality, non repudiation, authentication, access control, integrity, and availability. We will also shed some light on the chief aspects of the Wired Equivalent Privacy (WEP) Protocol and security aspects of mobile IP. The major weakness of the WEP protocol will be investigated. Then, we will review the features of the newly devised WPA protocols that proved to have superior security characteristics. Finally, we shed some light on Virtual Private Networks as related to wireless LAN security.

Introduction and rationale

The growth of Wireless Local Area Networks (WLANs) since the mid 1980s was triggered by the US Federal Communications Commission (FCC) determination to authorize the public use of the Industrial, Scientific and Medical (ISM) bands. This decision abolished the need for companies and end users to obtain FCC licenses in order to operate their wireless products.

Type
Chapter
Information
Security of e-Systems and Computer Networks , pp. 218 - 246
Publisher: Cambridge University Press
Print publication year: 2007

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

Arbaugh, W. A., Shankar, N., and Wan, Y. C. Justin (2002). Your Wireless Network has No Clothes, available at: http://www.cs.umd.edu/~waa/wireless.pdf
Bleha, S. and Obaidat, M. S. (1991). Dimensionality reduction and feature extraction applications in identifying computer users. IEEE Transactions on Systems, Man and Cybernetics, Vol. 21, No. 2, 452–6.CrossRefGoogle Scholar
Bleha, S. and Obaidat, M. S. (1993). Computer user verification using the perceptron. IEEE Transactions on Systems, Man and Cybernetics, Vol. 23, No. 3, 900–2.CrossRefGoogle Scholar
Brahim, H., Wright, G., Gleeson, B., Bach, R., Sloane, T., Young, A., Bubenik, R., Fang, L., Sargor, C., Weber, C., Negusse, I., and Yu, J., Network based IP VPN Architecture using Virtual Routers, Internet draft: draft-ietf-l3vpn-vpn-vr-00.txt.
Braun, T., Guenter, M., and Khalil, I. (2001). Management of quality of service enabled VPNs. IEEE Communications Magazine, 90–98, May 2001.CrossRefGoogle Scholar
Checkpoint http://www.checkpoint.com/products/vpn1/vpnwp.html
Cisco http://www.cisco.com/warp/public/779/largeent/learn/technologies/VPNs.html
Denning, D. (1983). Cryptography and Data Security. Addison-Wesley.Google Scholar
Ferguson, P. and Huston, G. (2000). “What is a VPN?,” A White paper, available online at http://www.employees.org/~ferguson.Google Scholar
Harding, A. (2003). SSL virtual private networks. Computers & Security, Vol. 22, No. 5, 416–420.CrossRefGoogle Scholar
Hunt, R. and Rodgers, C. (2003). Virtual Private Networks: Strong Security at What Cost? Available at http://citeseer.nj.nec.com/555428.html.Google Scholar
IEEE 802.11 Working Group, available at: http//grouper.ieee.org/groups/802/11/index.html.
IEEE 802.11b Wired Equivalent Privacy (WEP) Security, at: http://www.wi-fi.com/pdf/Wi-FiWEPSecurity.pdf
ISAAC. Security of WEP Algorithm, at: http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html
Meddeb, A., Boudriga, N., and Obaidat, M. S. (2006). IPsec: AH (Authentication Header) and ESP (Encapsulating Security Payload). In Handbook on Information Security, Vol. 1, Wiley, pp. 932–43.Google Scholar
Netmotionwireless http://www.netmotionwireless.com/resource/ whitepapers/security.asp
Nicopolitidis, P., Obaidat, M. S., Papadimitriou, G. I., and Pomportsis, A. S. (2003). Wireless Networks. Wiley.Google Scholar
Obaidat, M. S. (1993). A methodology for improving computer access security. Computers & Security, Vol. 12, 657–62.CrossRefGoogle Scholar
Obaidat, M. S. and Macchairolo, D. T. (1993). An on-line neural network system for computer access security. IEEE Transactions on Industrial Electronics, Vol. 40, No. 2, 235–41.CrossRefGoogle Scholar
Obaidat, M. S. (1997). An evaluation simulation study of neural network paradigm for computer users identification. Information Sciences Journal-Applications, Vol. 102, No. 1–4, 239–58.CrossRefGoogle Scholar
Obaidat, M. S. and Sadoun, B. (1997). Verification of computer users using keystroke dynamics. IEEE Transactions on Systems, Man and Cybernetics, Part B, Vol. 27, No. 2, 261–9.CrossRefGoogle ScholarPubMed
Obaidat, M. S. and B. Sadoun (1999). Keystroke Dynamics based authentication. In Biometrics: Personal Identification in Networked Society, Jain, A., Bolle, R., and Pankanti, S. (eds.), Kluwer, pp. 213–230.CrossRef
Obaidat, M. S. and Papadimitriou, G. I. (2006). Fundamentals of Wireless LANs. Handbook on Information Security, Vol. 1, Wiley, pp. 617–636.Google Scholar
Papadimitriou, G. I., M. S. Obaidat, C. Papazoglou, and A. S. Pomportsis (2004). Design alternatives for virtual private networks. Proceedings of the 2004 Electronic Government and Commerce: Design, Modeling, Analysis and Security, EGCDMAS 2005 (Obaidat, M. S. and Boudriga, N., eds.), pp. 95–105, Setubal, Portugal, August 2004.Google Scholar
Papadimitriou, G. I. and Obaidat, M. S. (2006). Virtual Private Networks (VPNs) Basics. In Handbook on Information Security, Vol. 3, Wiley, pp. 596–611.Google Scholar
Ribeiro, S., Silva, F., and Zuquete, A. (2004). “A Roaming Authentication Solution for Wifi using IPSec VPNs with client certificates,” TERENA Networking Conference, June 2004.Google Scholar
Rosenbaum, G., Lau, W., and Jha, S. (2003). Recent directions in virtual private network solutions. IEEE International Conference on Networks (ICON 2003), September 2003.CrossRefGoogle Scholar
Rsasecurity http://www.rsasecurity.com/rsalabs/3-6-3.html
Sans http://rr.sans.org/wireless/wireless_list.php
Stallings, W. (1999). Cryptography and Network Security: Principles and Practice, 2nd edn., Prentice Hall.Google Scholar
Stallings, W. (2000). Network Security Essentials: Applications and Standards. Prentice Hall.Google Scholar
Stallings, W. (2002). Wireless Communications and Networks. Prentice Hall.Google Scholar
Strayer, W. and Yuan, R., Introduction to virtual private networks, Available online at http://www.awprofessional.com/articles/
Arora, P., Vemuganti, P., and Allani, P. (2001). Comparison of VPN Protocols – IPSec, PPTP, and L2TP. Project Report ECE 646, Fall 2001, available at: http://ece.gmu.edu/courses/ECE543/reportsF01/arveal.pdf.
Ukela, S. (1997). Security in Wireless Local Area Networks, available at: http://www.tml.hut.fi/Opinnot/Til-110-501/1997/wireless_lan.htmlGoogle Scholar
Walker, J. (2001). Overview of 802.11 Security. Available at: http://grouper.ieee.org/groups/802/15/pub/2001/Mar01/01154r0P802-15_TG3%Google Scholar
Walker, J. (2002). Unsafe at any Key Size: An Analysis of the WEB Encapsulation, Tech. Report 03628E, IEEE 802.11 Committee, March 2002. Available at: http//grouper.ieee.org/groups/802/11/Documents/DocumentHolder/0-362.zip
Wright, M. A. (2000). Virtual private network security. Network Security, July 2000, 11–14.CrossRefGoogle Scholar

Save book to Kindle

To save this book to your Kindle, first ensure coreplatform@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.

Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

Find out more about the Kindle Personal Document Service.

  • Wireless LANs security
  • Mohammad Obaidat, Monmouth University, New Jersey, Noureddine Boudriga, Université du 7 Novembre à Carthage, Tunis
  • Book: Security of e-Systems and Computer Networks
  • Online publication: 11 September 2009
  • Chapter DOI: https://doi.org/10.1017/CBO9780511536700.014
Available formats
×

Save book to Dropbox

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.

  • Wireless LANs security
  • Mohammad Obaidat, Monmouth University, New Jersey, Noureddine Boudriga, Université du 7 Novembre à Carthage, Tunis
  • Book: Security of e-Systems and Computer Networks
  • Online publication: 11 September 2009
  • Chapter DOI: https://doi.org/10.1017/CBO9780511536700.014
Available formats
×

Save book to Google Drive

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.

  • Wireless LANs security
  • Mohammad Obaidat, Monmouth University, New Jersey, Noureddine Boudriga, Université du 7 Novembre à Carthage, Tunis
  • Book: Security of e-Systems and Computer Networks
  • Online publication: 11 September 2009
  • Chapter DOI: https://doi.org/10.1017/CBO9780511536700.014
Available formats
×