Zabezpečení bezdrátových sítí / Wireless Network Security

Sedlák, Břetislav

January 2009

Master thesis focuses on wireless network security. The thesis is divided in two parts. First part describes today’s used standards and their components, topology and security methods as stealth SSID, MAC addresses filtration, WEP, WPA and WPA2. The last three methods are described in detail. In second part there are realized attacks on above described methods of security. There are described attacks on WEP as KoreK chopchop attack, fragment attack, attack FMS, KoreK and attack PTW. Then is described the dictionary attack on passphrase by WPA/WPA2 with PreShared Key authentication obtaining, precomputed hash tables for faster passphrase finding and for using more core procesors during dictionary browsing. The last attack describes obtaining of keystream used for encrypting of frames by WPATKIP and then sending custom data to client. It is described how to carry out each attack and how to protect against them.

A Comprehensive Taxonomy of Attacks and Mitigations in IoT Wi-Fi Networks : physical and data-link layer

Almjamai, Sarmed

January 2022

The number of Internet of Things (IoT) devices is rising and Wireless Fidelity (Wi-Fi) networks are still widely used in IoT networks. Security protocols such as Wi-Fi Protected Access 2 (WPA2) are still in use in most Wi-Fi networks, but Wi-Fi Protected Access 3 (WPA3) is making its way as the new security standard. These security protocols are crucial in Wi-Fi networks with energy and memory-constrained devices because of adversaries that could breach confidentiality, integrity, and availability of networks through various attacks. Many research papers exist on single Wi-Fi attacks, and the strengths and weaknesses of security protocols and Wi-Fi standards. This thesis aims to provide a detailed overview of Wi-Fi attacks and corresponding mitigation techniques against IoT Wi-Fi networks in a comprehensive taxonomy. In addition tools are mentioned for each Wi-Fi attack that allows, e.g., professionals or network administrators to test the chosen Wi-Fi attacks against their IoT networks. Four types of attack (categories) were defined, Man-in-the-Middle (MitM), Key-recovery, Traffic Decryption, and Denial of Service (DoS) attacks. A set of Wi-Fi attack features were defined and decribed. The features included the security protocol and security mode, the layer (physical or data-link) that an attack targets, and the network component interaction required to allow a Wi-Fi attack to execute successfully. In total, 20 Wi-Fi attacks were selected with relevance to IoT in Wi-Fi networks based on some criteria. Additonally, each Wi-Fi attack consist of a description of possible consequences/results an adversary can achieve, such as eavesdropping, data theft, key recovery, and many more. Flow charts were also added to give the reader a visual perspective on how an attack works. As a result, tables were created for each relevant security protocol and the Open Systems Interconnection (OSI) layers to create a overview of mitigations and available tools for each attack. Furthermore, WPA3 was discussed on how it solves some shortcomings of WPA2 but has vulnerabilities of it own that lie in the design of the 4-way and dragonfly handshake itself. In conclusion, development and proper vulnerability tests on the Wi-Fi standards and security protocols have to be conducted to improve and reduce the possibility of current and upcoming vulnerabilities.

Attack

Mitigation

Tools

Vulnerability

Security protocol

WPA2

WPA3

Wi-Fi

IoT

physical layer

data-link layer

MitM

DoS

Key-recovery

Traffic decryption

Communication Systems

Kommunikationssystem

Signal Processing

Signalbehandling

Telecommunications

Telekommunikation

Computer Systems

Datorsystem