Zang Li,Wenyuan Xu,Robert D. Miller,Wade Trappe

DOI: https://doi.org/10.1145/1161289.1161297

2006-01-01

Abstract:Although conventional cryptographic security mechanisms are essential to the overall problem of securing wireless networks, these techniques do not directly leverage the unique properties of the wireless domain to address security threats. The properties of the wireless medium are a powerful source of domain-specific information that can complement and enhance traditional security mechanisms. In this paper, we propose to utilize the fact that the radio channel decorre-lates rapidly in space, time and frequency in order to to establish new forms of authentication and confidentiality that operate at the physical layer and can be used to facilitate cross-layer security paradigms. Specifically, for authentication services, we illustrate two channel probing techniques that can be used to verify the authenticity of a transmitter. Similarly, for confidentiality, we examine several strategies for establishing shared secrets/keys between two communicators using the wireless medium. These strategies range from extracting keys from channel state information, to utilizing the channel variability to secretly disseminate keys. We then validate the feasibility of using physical layer techniques for securing wireless systems by presenting results from experiments involving the USRP/GNURadio software defined radio platform.

邢新景,张朝阳,王匡

DOI: https://doi.org/10.3969/j.issn.1003-8329.2003.04.009

2003-01-01

Wireless Communication Technology

Abstract:The WEP security algorithm used in IEEE 802.11 wireless LAN is introduced. Under the basis of a systematical analysis, flaws embedded in WEP are pointed out, and correspondingly, several attacking methods are provided to prove the weakness of WEP. The upgraded version of WEP algorithm-TKIP was also introduced and analyzed. At last, some potential solutions to the security problems are also proposed in using existing IEEE 802.11 equipments.

Xian-Shi Zhang,Ge-Wen Kang,Xin-Heng Wang

2009-01-01

Abstract:An analysis of WLAN security mechanisms of wired equivalent privacy (WEP) and Wi-Fi protected access (WPA) discovers that the current literature is not totally creditable in its judgment on the security value of WEP and WPA. Based on the respective performances of WEP and WPA under certain typical attacks, this paper substantiates the judgment that WEP has quite a few vulnerabilities concerning confidentiality and integrity, but at the same time challenges the judgment on WPA with that WPA is robust enough to confront potential typical attacks and is not so unreliable as the current literature believes, although it has some vulnerabilities in its message integrity code (MIC).

LI Yong-li,ZHAO Yu,LI Yan-wen,LIU Yan-heng

DOI: https://doi.org/10.3321/j.issn:1000-1832.2006.03.010

2006-01-01

Abstract:With the widely utilize of wireless network,the security becomes a very important issue in wireless LAN technclogy.The paper analyses wireless security technologies:encryption,authentication,key management strategies,and intrusion detection.In encryption,authentication,and key management strategies more attentions are pained to 802.11i and our country's wireless LAN protocols standard WAPI.In intrusion avoidance field,some famous attacks against wireless LAN are introduced.Last,an intrusion detection architecture for wireless LAN is put forward.

Wu Yue,Yi Ping,Li Jianhua

2011-01-01

China Communications

Abstract:The properties of broadcast nature, high densities of deployment and severe resource limitations of sensor and mobile networks make wireless networks more vulnerable to various attacks, including modification of messages, eavesdropping, network intrusion and malicious forwarding. Conventional cryptography-based security may consume significant overhead because of low-power devices, so current research shifts to the wireless physical layer for security enhancement. This paper is mainly focused on security issues and solutions for wireless communications at the physical layer. It first describes the RSSI-based and channel based wireless authentication methods respectively, and presents an overview of various secrecy capacity analyses of fading channel, MIMO channel and cooperative transmission, and then examines different misbehavior detection methods. Finally it draws conclusions and introduces the direction of our future work.

WU Yi-chen,YANG Jing

DOI: https://doi.org/10.3969/j.issn.1007-1423-b.2012.19.005

2012-01-01

Abstract:Based on the research on the IEEE 802.11i 4-way handshake,it is found that there exists defects which will lead to denial of service attacks.Aiming at this security vulnerability,studies three improved methods,TPTK,re-Nonce and authentication to the initial message,and analyzes the security of these three methods.It is found that these improved methods will bring new security threats to WLAN.And puts forward the direction of further research.

Yixin Jiang,Chuang Lin,Hao Yin,Zhen Chen

DOI: https://doi.org/10.1002/wcm.448

2006-01-01

Wireless Communications and Mobile Computing

Abstract:IEEE 802.11 wireless local area networks (WLAN) has been increasingly deployed in various locations because of the convenience of wireless communication and decreasing costs of the underlying technology. However, the existing security mechanisms in wireless communication are vulnerable to be attacked and seriously threat the data authentication and confidentiality. In this paper, we mainly focus on two issues. First, the vulnerabilities of security protocols specified in IEEE 802.11 and 802.1X standards are analyzed in detail. Second, a new mutual authentication and privacy scheme for WLAN is proposed to address these security issues. The proposed scheme improves the security mechanisms of IEEE 802.11 and 802.1X by providing a mandatory mutual authentication mechanism between mobile station and access point (AP) based on public key infrastructure (PKI), offering data integrity check and improving data confidentiality with symmetric cipher block chain (CBC) encryption. In addition, this scheme also provides some other new security mechanisms, such as dynamic session key negotiation and multicast key notification. Hence, with these new security mechanisms, it should be much more secure than the original security scheme. Copyright © 2006 John Wiley & Sons, Ltd.

Jun Li,Wei-jian Chi

DOI: https://doi.org/10.12783/dteees/seeie2016/4497

2016-01-01

Abstract:Mobile wireless Internet has created great requirement for seamless and secure communication over heterogeneous devices. There are many security issues on this kind of network. This paper shows a survey of various security solutions and presents a VPN mechanism to integrate the security protocols, which can greatly enhance the network security. The analyses prove the correctness of the design.

吴越,史小红,曹秀英,毕光国

DOI: https://doi.org/10.3969/j.issn.0255-8297.2003.02.018

2003-01-01

Journal of Applied Sciences

Abstract:This paper describes the vulnerability of the wired equivalent privacy(WEP) protocol in current IEEE802. 11 WLAN standard, such as key sequence reuse, key management and refreshment, message authentication and integrity, etc. It also presents a security solution for WLAN based on IP Security (IPSec) and discusses the fundamental principles of data origin authentication, integrity protection, anti-replay protection and key exchange, Finally it describes their software implementations, makes a security analysis of the solution and looks into the future research.

Yuyang XUE,Hao ZHOU,Baohua ZHAO

DOI: https://doi.org/10.3321/j.issn:0253-987X.2009.10.011

2009-01-01

Abstract:Aimed at the problem that the vulnerable wireless local area network (WLAN) 802.1X protocol is not susceptible to replay and DoS (denial of service) attacks, etc, an informal method is introduced to analyze the security properties of 802.1X protocol. The method classifies attack behaviors according to the ability of attackers, and from the aspect of the role which attackers can play in the protocols (i.e., imitating normal protocol behavior or breaking normal communication). Then a new method, WLAN active testing, is proposed. Attacks to the protocol running mainbody are implemented by simulating the actions of the attacker which can be used to make up protocol messages. The results are used to determine whether the protocol security vulnerabilities exist or not. Testing results show that the method combines characteristics of both the attacker and the tester to cover some known protocol security vulnerabilities, and has the ability to reveal some potential problems.

Onwuegbuzie Innocent Uzougbo,Samuel-Soma M. Ajibade,Fele Taiwo

DOI: https://doi.org/10.48550/arXiv.2011.06779

2020-11-13

Abstract:Wireless Sensor Network (WSN) is the network of the future. As it gradually gains ground by transforming our lives and environments into a Smart World, it will definitely call for attention from selfish minded Attackers. The first section of this paper introduces the Wireless Sensor Network, its constraints, architecture, and mode of operation. It goes ahead to discuss the applications of WSN in health, agriculture, military, transportation, environment, industries. However, WSN automatically inherits the security challenges of the traditional network. The Network security goals which are Confidentiality, Integrity, Availability, and Authentication sometimes called the CIA of Network security is discussed with respect to WSN. This is followed by the security challenges of WSN, these challenges are categorized into two (2), Passive and Active Attacks, Passive attack is interested in the message, data or information that traverses the network without hindering the network channel or medium of communication while Active attack is interested in both the data as well as compromising and if possible shutting down the communication channel in order to hinders the smooth running of the network. In line with these security challenges, mitigation techniques are proffered to possibly prevent or lessen the severity of the attacks as its almost impossible to stop attackers from carrying out their malicious activities.

Cryptography and Security,Networking and Internet Architecture

Yang Xiang,Wanlei Zhou,Haining Wang

DOI: https://doi.org/10.1002/sec.151

IF: 1.968

2009-01-01

Security and Communication Networks

Abstract:In the past decades, the evolution of wireless technologies has brought significant changes in modern communication networks through its wireless extension of wired networks. Wireless communications offer organizations and users many benefits such as portability and flexibility, increased productivity, and lower installation costs. However, risks are inherent in any wireless network. As the technologies of next generation wireless networks are emerging, security has become a primary concern in order to provide dependable and secure communication between the wireless nodes in a hostile environment. The next generation wireless networks face many unique challenges in security such as open network architecture, shared wireless medium, limited resource constraints, and highly dynamic network topology. This special issue in Security and Communication Networks presents current research focusing on the standard or protocol related security, attacks and defense applications, security architecture and frameworks, and theories and methodologies in security in next generation wireless networks. In view of this, we selected eight papers on security in next generation wireless networks to this special issue. The papers are either selected from open submissions or the best paper in 2008 International Workshop on Network and System Security (NSS 2008), held on 18–19 October 2008, in Shanghai, China. All the papers were selected on the basis of their originality, technical quality, and significance. Each paper was under rigorous technical review by at least three international reviewers. The selected papers are summarized below. Routing security contexts via an IP network imposes new challenging requirements of secure cross-handover services and security context management. In the first paper, Kim and Shin present a context router that manages security contexts in an all-IP network, providing seamless and secure handover services for the mobile users that carry multimedia-access devices. The proposed predictive routing mechanism improves seamless and secure cross-handover services. Trust establishment and management are essential for any security framework of MANETs. In the second paper, Dahshan and Irvine propose a robust self-organized, public key management for MANETs. The proposed scheme relies on establishing a small number of trust relations between neighboring nodes during the network initialization phase. Simulation results show that the proposed scheme is robust and efficient in the mobility environment of MANET and against malicious node attacks. A mobile node in a MANET must be assigned a free IP address before it may participate in unicast communications. This is a fundamental and difficult problem in the practical application of any MANET. In the third paper, Zhou, Mutka, and Ni propose a secure autoconfiguration algorithm, namely secure prophet address allocation, to perform prophet address allocation while considering the requirements of communication overhead, latency, and scalability. It is demonstrated that the proposed approach is able to maintain uniqueness of address assignment in the presence of IP spoofing attacks, ‘state pollution’ attacks, and Sybil attacks. In the fourth paper, Babu and Venkataram present a security techniques selection scheme for mobile transactions, called the Transactions-Based Security Scheme (TBSS). The TBSS identifies a suitable level of security techniques from the repository, which consists of symmetric, and asymmetric types of security algorithms arranged in three complexity levels, covering various encryption/decryption techniques, digital signature schemes, and hashing techniques. Their results shows a considerable reduction in security cost compared to static schemes, which employ pre-fixed security techniques to secure the transactions data. Discriminating impersonating devices is an important problem in Wi-Fi networks. While legal and illegal nodes may have the same configuration, their locations are different, resulting in different RSSI measured by the sensors. In the fifth paper, Tao et al. proposed X-mode, a faster clustering algorithm, to process the data. X-mode differs from other clustering algorithms by dropping low RSSI values and treating data points with the same RSSI values as one point during computation. Many RFID authentication techniques require a form of synchronization between a tag and a reader. A de-synchronization could jeopardize security and privacy. In the sixth paper, Conti et al. proposed a hash-chain based scheme to resolve the de-synchronization problem in RFID systems. Their solution achieves mutual reader-tag authentication by utilizing hash traversal and Merkle tree techniques. Through extensive simulations, the authors show that the tag and the reader can easily recover from de-synchronization with negligible overhead. Improving wireless access security through various OSI PHY layer mechanisms is the focus of the seventh paper. Klein et al. investigated the exploitation of RF waveform features that are inherently unique to specific devices and could be use for reliable device classification. They introduce a Dual-Tree Complex Wavelet Transform (DT-CWT) denoising technique to augment and improve Variance Trajectory (VT) detection capability. Instantaneous amplitude responses from collected 802.11a signals are used to validate the efficacy of DT-CWT at varying SNR. Internet key exchange version 2(IKEv2) is the protocol used to set up a security association (SA) in the IPsec protocol suite. In the eighth paper, Faigl et al. evaluated the performance impacts of IKEv2 in the next-generation wireless networks. They conduct experiments on two different wireless authentication methods, pre-shared keys (PSK) and extensible authentication protocol (EAP). Their experimental results clearly demonstrate the practical costs involved for IKEv2 authentication. We sincerely hope that you will enjoy reading these eight papers and find them very useful. We thank all the international reviewers for their professional services. We deeply thank Professor Hsiao-Hwa Chen, the Editor-in-Chief, for providing this opportunity to publish this special issue. Without his continuous support, encouragement, and guidance throughout this publishing project, the success of this special issue is impossible. Hahnsang Kim and Kang Shin, On predictive routing of security contexts in an All-IP network. Hisham Dahshan and James Irvine, A robust self-organized public key management for mobile ad hoc networks. Hongbo Zhou, Matt W. Mutka, and Lionel M. Ni, Secure prophet address allocation for MANETs. Sathish Babu B. and Pallapa Venkataram, Random security scheme selection for mobile transactions. Tao et al., A data clustering approach to discriminating impersonating devices in Wi-Fi networks. Conti et al., eRIPP-FS: a novel authentication technique for RFID. Klein et al., Application of wavelet denoising to improve OFDM-based signal detection and classification. Faigl et al., Performance evaluation of IKEv2 authentication methods in next generation wireless networks.

Binbin Yu,Liang Hu

DOI: https://doi.org/10.2991/amcce-17.2017.117

2017-01-01

Abstract:As one of the basic technologies for building Internet of Things, wireless sensor networks (WSNs) are a hot research topic at present. In this paper, two basic structures of WSNs are described briefly, and the current security situation and security risks of WSNs are introduced. Then, this paper summarizes several mainstream ways of attacking identity authentication schemes that are applied to WSNs, including smart card theft, wireless sensor node capture, vampire attack and collusion attack, and presents some defensive measures. Finally, attacking principles of these attack methods are summarized, and some improvements are put forward.

M.M. Eissa,Ihab A. Ali,K.M. Abdel-Latif

DOI: https://doi.org/10.1016/j.ijepes.2012.10.034

2013-03-01

Abstract:The paper presents a major consideration for enhancement of the transmission line protection using wireless fidelity (Wi-Fi) communication protocol for data sharing between relays. The principle of using the wireless technology for transmission line protection is introduced. The proposed protection scheme proved high degree of reliability and stability. Securing data transfer is very essential to be considered in this study. Securing data transfer between relays is an important concern to guarantee sufficient protection of the network. Such major factor is very essential for enhancement of the power network protection scheme using the new technology of wireless. Three possible alternatives to this problem are discussed in this paper. Short and long term solutions are also considered. Two security mechanisms are used using D-Link DWL-G700AP Access Point cards. The cards are interfaced with a prototype transmission line model. They have the ability to transfer files with a maximum wireless signal rate up to 54Mbps. Wi-Fi Protected Access (WPA) as a security system is proved to solve many problems with advanced encryption in addition to providing authentication.

engineering, electrical & electronic

Jiujun Cheng,Liufei Hu,Junjun Liu,Qingyang Zhang,Chendan Yan

DOI: https://doi.org/10.1155/2014/620926

IF: 1.43

2014-01-01

Mathematical Problems in Engineering

Abstract:Wireless LAN (WLAN) technology is developing rapidly with the help of wireless communication technology and social demand. During the development of WLAN, the security is more and more important, and wireless monitoring and shielding are of prime importance for network security. In this paper, we have explored various security issues of IEEE 802.11 based wireless network and analyzed numerous problems in implementing the wireless monitoring and shielding system. We identify the challenges which monitoring and shielding system needs to be aware of, and then provide a feasible mechanism to avoid those challenges. We implemented an actual wireless LAN monitoring and shielding system on Maemo operating system to monitor wireless network data stream efficiently and solve the security problems of mobile users. More importantly, the system analyzes wireless network protocols efficiently and flexibly, reveals rich information of the IEEE 802.11 protocol such as traffic distribution and different IP connections, and graphically displays later. Moreover, the system running results show that the system has the capability to work stably, and accurately and analyze the wireless protocols efficiently.

Zeng Yingzhi,Su Jinshu,Xia Yan,Huang Qingyuan,Zhao Baokang

DOI: https://doi.org/10.3969/j.issn.1000-386X.2009.03.019

2009-01-01

Abstract:As the core and fundamental unit of security mechanism,it is a constant hotspot topic in the field of wireless sensor networks security research that how to authenticate sensor nodes and massages safely,efficiently,with low power cost and within all the constraints of the networks.In the hostile environment,we must import the authentication keys to nodes' identity recognition and to broadcasting centre of command messages to prevent the attacks from malicious node illegal-massage injection or message juggle.The security authentication should also take these new cases into account including the compromised nodes found,the nodes being out-of-energy and the new nodes deployed.In this paper it provides detailed introductions to the content and the current situations of the studies in security authentication of wireless sensor networks,as well as elucidates the main solutions at present.Based on the pros and cons of these solutions,several new approaches to this problem for future work are introduced.

Jun Lei,Xiaoming Fu,Dieter Hogrefe,Jianrong Tan

DOI: https://doi.org/10.1016/j.cose.2007.01.001

IF: 5.105

2007-01-01

Computers & Security

Abstract:IEEE 802.11 wireless LAN has become one of the hot topics on the design and development of network access technologies. In particular, its authentication and key exchange (AKE) aspects, which form a vital building block for modern security mechanisms, deserve further investigation. In this paper we first identify the general requirements used for WLAN authentication and key exchange (AKE) methods, and then classify them into three levels (mandatory, recommended, and additional operational requirements). We present a review of issues and proposed solutions for AKE in 802.11 WLANs. Three types of existing methods for addressing AKE issues are identified, namely, the legacy, layered and access control-based AKE methods. Then, we compare these methods against the identified requirements. Based on the analysis, a multi-layer AKE framework is proposed, together with a set of design guidelines, which aims at a flexible, extensible and efficient security as well as easy deployment.

Tao Xiao

2004-01-01

Abstract:With the more deployment and understanding of wireless LAN, significant problems have been exposed. A number of security concerns have been raised. Several organizations have implemented solutions that provide extra security. The 802.11 TGi group is working on new ways to produce a series of IEEE 802.1x and IEEE 802.11i. This paper analyzes security protocol of IEEE 802.1x and Chinese WAPI. The secure characters of wireless LAN are presented and discussed in detail. At the same time, the virtues of 802.1x and WAPI on WLAN are introduced.

Zhang Liang,Liu Jianwei

DOI: https://doi.org/10.3969/j.issn.2095-1000.2010.02.014

2010-01-01

Abstract:The wireless Mesh network is composed of self-organizing mobile nodes.It is particularly vulnerable due to its features of shared wireless transmission medium and dynamic changing topology.The recent progress of wireless Mesh network security research is introduced in this paper.Firstly,the security weaknesses of wireless Mesh network are analyzed in terms of transmission channel,authentication mechanism,physical protection,dynamic topology and routing protocol.Secondly,the representative solutions are illustrated in terms of authentication,secure routing,intrusion detection and other secure technologies.At the same time,the respective merits and faults of these solutions are indicated and a comprehensive comparison is made.Some problems of the present protocols are clarified and the direction of future research is indicated.

Sahabul Alam,Debashis De

DOI: https://doi.org/10.5121/ijwmn.2014.6204

2014-06-02

Abstract:Wireless Sensor Network(WSN) is an emerging technology and explored field of researchers worldwide in the past few years, so does the need for effective security mechanisms. The sensing technology combined with processing power and wireless communication makes it lucrative for being exploited in abundance in future. The inclusion of wireless communication technology also incurs various types of security threats due to unattended installation of sensor nodes as sensor networks may interact with sensitive data and /or operate in hostile unattended environments. These security concerns be addressed from the beginning of the system design. The intent of this paper is to investigate the security related issues in wireless sensor networks. In this paper we have explored general security threats in wireless sensor network with extensive study.

Networking and Internet Architecture,Cryptography and Security