JOURNAL OURNAL OF TELECOMMUNICATIONS, VOLUME 10, ISSUE 1, AUGUST 2011 201 33

Recent Trends rends in Protection of Data for Intelligent ntelligent Wireless Network Ravneet Kaur Department of Computer science & Engineering Beant College of Engineering & Technology, Gurdaspur Punjab, India Abstract—Frontier of computer science and technology is intended to facilitate effective co communication mmunication and exchanges all over o the world. It will not ot only reflect the significant advances that are currently being made in computer science but also will represent a powerful and unique forum for discussing innovative, cutting-edge edge advances in high performance computing, networking, storage and analysis from stakeholders in academia, government and corporate institutions around the globe. glo The present paper deals with the recent trends in protection of Data for intelligent Wireless Network.

Keywords— wireless network, intrusion, protection of data.

——————————
——————————

1. INTRODUCTION Today network security has become an everyday problem with virtually all computers connected to the Internet. The average Internet user must be constantly vigilant against a number of network threats such as spam, worms, Trojan horses, bots, spyware, and phishing. Enterprises are forced to fortify rtify their networks against remote intrusions into their servers and databases. Governments are concerned about espionage and the possibility of cyberwarfare. A Wireless Local Area Network (WLAN) is a flexible data communications system implemented as an extension to or as an alternative for, a wired LAN. Using radio frequency (RF) technology, wireless LANs transmit and receive data over the air, minimizing the need for wired connections. Wireless LANs frequently augment rather than replace wired LAN netwo networks often providing the final few meters of connectivity between a wired network and the mobile user. At its simplest form, wireless LAN technology, lets computers to communicate with the rest of a local area network via radio signals rather than over wires. es. There are two key components. First is the access point, or AP, which is the last wired stop on your network. Connected to the rest of the network via Ethernet cable, the AP translates the wired network traffic into radio signals and transmits it out.. The signals are picked up by laptops or desktops with either removable or permanently

embedded wireless-network network interface cards. The figure 1 shows the architecture of wireless LAN.

Fig. No. 1. Architecture of Wireless LAN

2. SECURITY THREATS The fundamentals of wireless security are largely similar to those of the wired Internet, wireless data networks present a more constrained communication environment compared to wired networks. Because of fundamental limitations of power, available spectru spectrum and mobility, wireless data networks tend to have less bandwidth, more

© 2011 JOT http://sites.google.com/site/journaloftelecommunications/

JOURNAL OF TELECOMMUNICATIONS, VOLUME 10, ISSUE 1, AUGUST 2011 34

latency, less connection stability, and less predictable availability. Similarly, handheld wireless devices tend to have limited battery life, less powerful CPUs, restricted power consumption, smaller displays, and different input presenting a more constrained computing environment compared to desktop computers. [15] With a WLAN, transmitted data is broadcast over the air using radio waves. This means that any WLAN Client within an access point (AP) service area can receive data transmitted to or from the access point. Because radio waves travel through ceilings, floors, and walls data may hence easily reach unintended recipients. Tools like Ethereal; AirSnort can easily be used to passively collect data of any Client within the broadcast range. Users have no way of knowing if they are connecting to rogue access point set-up as part of a man-in-the-middle attack. WLAN security, involves concern in three separate issues:  Authentication  User Privacy  Authorization. Multihop wireless networks are more unsafe as compared to wired or single hop wireless networks. Multilayer security attcks need to be considerded before the design of any security mechanism or intrusion detection system. [6-18]

3. METHODS TO SECURE WIRELESS NETWORKS: 3.1 MAC ID filtering: Most wireless access points contain some type of MAC ID filtering that allows the administrator to only permit access to computers that have wireless functionalities that contain certain MAC IDs. This can be helpful; however, it must be remembered that MAC IDs over a network can be faked. Cracking utilities such as SMAC are widely available, and some computer hardware also gives the option in the BIOS to select any desired MAC ID for its built in network capability.

3.2 Static IP Addressing: Disabling at least the IP Address assignment function of the network's DHCP server, with the

IP addresses of the various network devices then set by hand, will also make it more difficult for a casual or unsophisticated intruder to log onto the network. This is especially effective if the subnet size is also reduced from a standard default setting to what is absolutely necessary and if permitted but unused IP addresses are blocked by the access point's firewall. In this case, where no unused IP addresses are available, a new user can log on without detection using TCP/IP only if he or she stages a successful Man in the Middle Attack using appropriate software 3.3 WEP encryption: WEP stands for Wired Equivalency Privacy. This encryption standard was the original encryption standard for wireless. As its name implies, this standard was intended to make wireless networks as secure as wired networks. Unfortunately, this never happened as flaws were quickly discovered and exploited. There are several Open Source utilities like aircrackng, weplab, WEPCrack or airsnort that can be used by crackers to break in by examining packets and looking for patterns in the encryption. WEP comes in different key sizes. The common key lengths are currently 128 and 256-bit. The longer the better as it will increase the difficulty for crackers. However, this type of encryption has seen its day come and go. In 2005 a group from the FBI held a demonstration where they used publicly available tools to break a WEP encrypted network in three minutes. WEP protection is better than nothing, though generally not as secure as the more sophisticated WPA-PSK encryption. A big problem is that if a cracker can receive packets on a network, it is only a matter of time until the WEP encryption is cracked. 3.4 WPA: Wi-Fi Protected Access (WPA) is an early version of the 802.11i security standard that was developed by the Wi-Fi Alliance to replace WEP. The TKIP encryption algorithm was developed for WPA to provide improvements to WEP that could be fielded as firmware upgrades to

© 2011 JOT http://sites.google.com/site/journaloftelecommunications/

JOURNAL OF TELECOMMUNICATIONS, VOLUME 10, ISSUE 1, AUGUST 2011 35

existing 802.11 devices. The WPA profile also provides optional support for the AES-CCMP algorithm that is the preferred algorithm in 802.11i and WPA2. WPA Enterprise provides RADIUS based authentication using 802.1x. WPA Personal uses a pre-shared Shared Key (PSK) to establish the security using an 8 to 63 character passphrase. The PSK may also be entered as a 64 character hexadecimal string. Weak PSK passphrases can be broken using off-line dictionary attacks by capturing the messages in the four-way exchange when the client reconnects after being deauthenticated. Wireless suites such as aircrack-ng can crack a weak passphrase in less than a minute. WPA Personal is secure when used with ‘good’ passphrases or a full 64character hexadecimal key. 3.5 WPA2: WPA2 is a WiFi Alliance branded version of the final 802.11i standard. The primary enhancement over WPA is the inclusion of the AES-CCMP algorithm as a mandatory feature. Both WPA and WPA2 support EAP authentication methods using RADIUS servers and preshared key (PSK) based security. 3.6 LEAP This stands for the Lightweight Extensible Authentication Protocol. This protocol is based on 802.1X and helps minimize the original security flaws by using WEP and a sophisticated key management system. This also uses MAC address authentication. LEAP is not safe from crackers. THC-LeapCracker can be used to break Cisco’s version of LEAP and be used against computers connected to an access point in the form of a dictionary attack. 3.7 PEAP This stands for Protected Extensible Authentication Protocol. This protocol allows for a secure transport of data, passwords, and encryption keys without the need of a certificate server. This was developed by Cisco, Microsoft, and RSA Security.

3.8 TKIP: This stands for Temporal Key Integrity Protocol and the acronym is pronounced as tee-kip. This is part of the IEEE 802.11i standard. TKIP implements per-packet key mixing with a rekeying system and also provides a message integrity check. These avoid the problems of WEP. 3.9 RADIUS This stands for Remote Authentication Dial In User Service. This is an AAA (authentication, authorization and accounting) protocol used for remote network access. This service provides an excellent weapon against crackers. RADIUS was originally proprietary but was later published under ISO documents RFC 2138 and RFC 2139. The idea is to have an inside server act as a gatekeeper through the use of verifying identities through a username and password that is already pre-determined by the user. A RADIUS server can also be configured to enforce user policies and restrictions as well as recording accounting information such as time connected for billing purposes. 3.10 WAPI This stands for WLAN Authentication and Privacy Infrastructure. This is a wireless security standard defined by the Chinese government. 3.11 SMART CARDS, USB TOKENS, AND SOFTWARE TOKENS This is a very high form of security. When combined with some server software, the hardware or software card or token will use its internal identity code combined with a user entered PIN to create a powerful algorithm that will very frequently generate a new encryption code. The server will be time synced to the card or token. This is a very secure way to conduct wireless transmissions. Companies in this area make USB tokens, software tokens, and smart cards. They even make hardware versions that double as an employee picture badge. Currently the safest security measures are the smart cards /

© 2011 JOT http://sites.google.com/site/journaloftelecommunications/

JOURNAL OF TELECOMMUNICATIONS, VOLUME 10, ISSUE 1, AUGUST 2011 36

USB tokens. However, these are expensive. The next safest methods are WPA2 or WPA with a RADIUS server. Any one of the three will provide a good base foundation for security. The third item on the list is to educate both employees and contractors on security risks and personal preventive measures.

4. CONCLUSION The ever increasing market penetration of smart-phones, tables, and netbooks, along with the ubiquitous availability of wireless networks are deeply influencing the way people live, work, interact, and socialize. However, the broad popularity and diffusion of innovative services and applications tailored at mobile users is also raising challenging research issues that require us to rethink available mobile technology solutions to meet the emerging needs of a broader and ever growing user base. The present paper has highlighted the recent trends in security threats in wireless domain

5. IMPACT OF STUDY Wireless mesh networking has been a costeffective technology that provides widecoverage broadband wireless network services. They benefit both service providers with low cost in network deployment, and end users with ubiquitous access to the Internet from anywhere at any time. However, as wireless mesh network (WMN) proliferates, security and privacy issues associated with this communication paradigm have become more and more evident and thus need to be addressed.[19] The present study will be useful to provide a good foundation to implement real time detection.

ACKNOWLEDGEMENT The author is thankful to Dr. Jatinder Singh Bal (Dean and Professor, Computer Science & Engineering Desh Bhagat Enggineering College, Moga) for critical discussion as onell as constant help during the present study. The constant encouragement provided by Dr. H S Johal as onell as Mr. Dalwinder Singh and Deepak

Prashar, Lovely Professional Jalandhar is also acknowledged.

University

REFERENCES [1] B.Mukherjee, L.T.Heberlein, And K.N.Levitt (1994) “Network Intrusion Dtetction”, Ieee Network,May/June pp 8-10. [2] Dasgupta, D., et.al. (2002). Cougaar Based Intrusion Detection System (Cids). Cs Technical Report No. Cs- 02- 001, February 4. [3] Debar, H., Dacier, M. And Onespi, A. (1999). “Towards A Taxonomy of Intrusion-Detection Systems”. Computer Networks, 31, Pp. 805-822. [4] Denning D., (1987) “An Intrusion-Detection Model”, IEEE Transactions On Software Engineering, Vol. Se-13, No. 2, Pp.222-232. [5] Jeyanthi Hall (2005) “Enhancing Intrusion Detection in Wireless Networks Using Radio Frequency Fingerprinting” IEEE Transactions on Dependable And Secure Computing 12, July. Pp 18-22. [6] Lim, Y, T. Schmoyer, J. Levine and H. L. Oonen. June (2003). “Wireless Intrusion Detection and Response.” In Proceedings Of The 2003 IEEE Workshop On Information Assurance United States Military Academy, Ny: Onest Point. Pp 22-26. [7] Rakesh.S, (2010) “A Novel Cross Layer Intrusion Detection System in MANET “24th Proc. IEEE International Conference on Advanced Information Networking and Applications. Pp 38-48. [8] S.Madhavi,(2008)”An Intrusion Detection System In Mobile Adhoc Networks” International Journal of Security and Its Applications Vol. 2, No.3, July. Pp 11-17. [9] Shafiullah Khan (2010) “Framework for Intrusion Detection in IEEE 802.11 Wireless Mesh Networks”, The International Arab Journal of Information Technology, Vol. 7, No. 4, October.pp 50-55 [10] I.F. Akyilidz, “Cross layer design in wireless mesh networks”, available online at http://www2.ing.unipi.it/ meshtech08/ files/meshtech08 _akyildiz.pdf. [11]W.steven,jan kryus, kyeongsoo kim, juan carlos zuniga “802.11s tutorial overview of the amendment for wireless [12]. [Shafiullah Khan, Kok Keong Loo, Zia Ud Din, “cross layer design for routing and security in multi-hop wireless networks” in Journal of Information Assurance and Security pp.170-173, 2009. [13] Akyildiz, I.F, Xudong Wang “Cross-Layer Design in Wireless Mesh Networks” in Vehicular Technology, IEEE Transactions on Volume 57, Issue 2, pp. 1061 – 1076, March 2008 . [14] Hu Onenjie, “Cross layer design in wireless mesh networks” available online at: “http://www.asiafi.net/meeting/2008/prese -ntations/2-20/PDF-oneb/Onenjie%20Hu.pdf. [15] Muhammad, M. Salleh, N.M.; Zakaria, M.S.; Gannapathy, V.R.; Husain, M.N.; Ibrahim, I.M.; Johal, M.S.; Ahmad, M.R.; Aziz, M.Z.A.A, “Physical and MAC Cross Layer Design for Wireless Mesh Networks” in Applied

© 2011 JOT http://sites.google.com/site/journaloftelecommunications/

JOURNAL OF TELECOMMUNICATIONS, VOLUME 10, ISSUE 1, AUGUST 2011 37

Electromagnetics, 2007, APACE 2007. Asia-Pacific Conference on Volume, Issue, 4-6, pp.1 – 5. December 2007 local area networking” in ieee802 plenary, dallas , November ,2006. [16] Zhang, Y and W. Lee, (2000).” Intrusion Detection In Wireless Ad-Hoc Networks. “In Proceedings Of The Sixth Annual International Conference On Mobile Computing And Networking, Boston: Massachussetts, August 6-11, pp 26-31. [13] Xia Wang, Johnny S. Wong, Fred Stanley and Samik Basu ( 2009) “Cross-layer Based Anomaly Detection in

Wireless Mesh Networks “Ninth Annual International Symposium on Applications and the Internet. [14] J.S. Bal et.al. (2009), “A cross layer based intrusion detection technique for wireless network”, International Journal of Computer Science & information security. Vol 5, Paper No. 25080924, Sept. 2009 [19] Akyildiz, I.F.; Xudong Wang A survey on wireless mesh networks in Communications Magazine, IEEE Volume 43, Issue 9, pp. S23 - S30, September 2005.

© 2011 JOT http://sites.google.com/site/journaloftelecommunications/