IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, March 2014, Pg: 676-682

International Journal of Research in Information Technology (IJRIT) www.ijrit.com

ISSN 2001-5569

Security implementation upon wireless network using the WPA2 Enterprise Disha1, Sukhwinder Sharma2, Kulwinder Singh3 Student1, Assistant Professor2, 3 Baba Banda Singh Bahadur Engineering College, Fatehgarh Sahib1, 2 Bhai Maha Singh Collge of Engineering, Sri Muktsar Sahib3

Abstract: This paper presents the security analysis on WLAN (Wi-FI) by the Implementing the various techniques. In the research work comparative analysis has been accomplished between various techniques. These days WLAN becomes the vital necessity of the time as it is having the ability to connect the devices like mobiles and laptops. But it is not so easy just to implement a secure network that will ensure data should not be accessed by an authorized user. For the same purpose, we have analyzed WPA, WPA2, WPA2 Enterprise techniques. We specifically worked on WPA2 Enterprise as in this technique is much better than others. This maintains the dual security to access and such a topology that helps to more efficiently sustain of the network by the dependency upon the server. By using the dual security system it checks the client name and IP in its first phase and verifies the user name and password as its second phase. The topology which is used to implement the proposed network is client server. This is not just two tire network, also keeping the switch and routers in between the server and various clients to run the network smoothly.

I.

Introduction: Wireless communication a development of technology that is very much important in the

modern era. In our modern life it becomes necessary for us to carry mobile phones and Laptops means we need to connect to the network any time or anywhere. So, in these kind of circumstances is very much compulsory that there should be the availability of the wireless signals. This is an always developing field. In this field the required or vital demand is that there should be possibility for communication at the high rate speed and definitely much secure. Research in this area suggests that a dominant means of supporting such communication capabilities will be through the use of Wireless LANs. As the deployment of Wireless LAN increases well around the globe, it is increasingly important for us to understand different technologies and select the most appropriate one. WI-FI is the short form of Wireless Fidelity, computer and other devices having the WIFI adapters (card) can be used over the wireless network. They check out the signals broadcast by Access Points, this facility gives chance to Disha, IJRIT

676

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, March 2014, Pg: 676-682

access the network. Wi-Fi devices can also communicate directly (one-to-one) with each other. Wi-Fi devices employ several different technical standards grouped together and referred to as the IEEE 802.11 specification in order to communicate with an Access Point. Let’s have look upon the IEEE standards briefly: •

IEEE 802.11b This standard used when the frequency band is about 2.4 GHz. By using this standard a network can manage the transfer rate up to 1 Mbps. This is almost similar to the wired network.



IEEE 802.11a This is having more capability to manage the frequency band up to 5GHz. This is not a conventional network, it works on the new technique named Orthogonal Frequency Division Multiplexing (OFDM) that offers a high data rates up to 6, 12, 24, 54Mbps and sometimes even more than this speed.



IEEE 802.11g This standard works on such network where the frequency band is about 2.4 GHz. It uses the OFDM and Packet Binary Convolution Code (PBCC) modulation technique. It can handle the transfer rate up to 54 Mbps.



IEEE 802.11n This standard also works on 2.4 GHz and even on 5GHz. It can handle the transfer rate up to 300 Mbps.



IEEE 802.11i This standard is implemented as a security mechanism for wireless networking. It is having the ability of encryption. This mechanism works at the Advanced Encryption Standard.

Threats and Attacks on Wireless Network to build up a secure network is not an easy task,

II.

simple network without any proper security technique even with normal security cannot keeps the data protected from unauthorized access. A network may be always under the number of threats. These threats can be classified into two basic categories and even further sub categorized. The categories are Logical attacks and Physical attacks. •

Logical Attacks these kinds of attacks are concerned with the software, data and flow of data or working of system. In such attacks, the impostors try to find the weakness of the network or software which may help them to access or to modify the sensitive data. If the attacker got success then he/she may create the number of problems for network. These attacks are like Spoofing of MAC address, Conversation Sniffing and etc.



Physical Attacks these kinds of attacks directly put their impact on hardware, design and structure of the network. In these kinds of attacks impostor try to degrade the performance of the network instead of the finding and corrupting the sensitive data. These kind of attacks are creates the problems but lesser as compare to the logical attacks. These attacks are like Rogue Access Points, Physical placement of Access Points, spam attacks and etc.

III.

Problem Formulation As we have described earlier wireless network is the necessity of the time but to set up these kinds of network is not an easy tasks because there are no. of security threats are there

Disha, IJRIT

677

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, March 2014, Pg: 676-682

as problems. So, we are in the need of such a good technique that can maintain the security level up to the mark that is sufficient to protect our data from unauthorized access. For the same many mechanism are suggested time to time, but somewhere and somewhat discrepancies found in those all suggested mechanism. WAP, WPA, WPA2 are the such examples of those mechanism. In our research work, we have focused upon another but safe mechanism to set up a wireless network with the proper the awareness about the security issues. This proposed mechanism is WPA2 Enterprise. In the proposed mechanism there is the dual security check to avoid the unauthorized access. Firstly, it checks the client name and client IP, it also keeps the record of the user name and user password. Second is that it involves such topology which the network a centralized means this network is server oriented. IV.

Implementation With this mechanism, mutual authentication needs both the client and the authentication server to have an assigned digital certificate. The digital certificate includes information like the Client Name, Client IP, Server type, Radius port, and user name and user password. This enables the verification of the identity of the owner of a public/private key pair. This is also having a new network topology that enables it to work more efficiently as compare to the earlier techniques. This topology is the Client/Server. Let’s have a look upon Fig. 1.1 the new lab architecture before its detailed discussion.

Fig. 1.1 Proposed lab architecture for WPA2 Enterprise This works as if the will be ON or in working condition then any communication or exchange of data is possible otherwise there is no chance for the proceeding upon this network. The Server is connected to Switch that connected further to the various routers on the same network. These router are then connected various nodes or computers in the lab network. To communicate or share the data over the network these nodes (Computers) and routers both have identify them to the server, so that they can proceed further but by achieving the target of security over the network of authenticated users of the network. This is being implemented at end of the server in the next description; we will show that what are steps or the way to achieve this target. While the configuration of the server, we may four different tabs whose are

Disha, IJRIT

678

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, March 2014, Pg: 676-682

concerned with four further conditions and configurations. These are as Physical, Config, Desktop and Software/Services as shown in Fig. 1.2.

Fig. 1.2 The Physical Device view of sever In this view of the server, various modules, link sys and host have tracked like Linksys-WMP300N, PTHOST-NM-1CE, PT-HOST-NM-1CFE, PT-HOST-NM-1CGE, PT-HOST-NM-1FFE, PT-HOST-NM1FGE, PT-HOST-NM-1W, PT-HOST-NM-1W-A and etc. these can be viewed as both in physical view and logical view. As Shown in the Fig. 1.3, it can viewed as with or without various zoom conditions.

Fig. 1.3 Server Desktop The Server Desktop is usually having the information or keeping the record about the IP configuration, Command Prompt, Traffic Generator, Text Editor, Web Browser, PPP0E Dialer and VPN as the basic recommendations or the basic requirements. The earlier mentioned parameters are considered as very basic for a server may be always in the need to keep these all on the track to run a network in systematic manner.

Disha, IJRIT

679

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, March 2014, Pg: 676-682

Fig 1.4 Configuration of Server Then in the Configuration tab or phase, there is no. of further configuration are avail like Global, setting, Services and various protocols. In the config of AAA, we maintain the dual security as it checks the Service is in ON or OFF mode, what is the radius port, name of client, IP of the client. This also makes sure that Low loss of delivery of the packet as shown in the Fig .1.5.

Fig. 1.5 the Detection of verification of Data by WPA2 Enterprise As the second security reason, it keeps it the concentration upon Username and User password. So, it will ensure the dual security over the network. In the better manners as compare to its earlier techniques like WAP/WPA/WPA2. It will also ensure the proper delivery of packets as will in the network that they should not be lost. Security Analysis

V.

NO AUTHENICATI ON(SIMPLY MODEM)

WEP

WPA

WPA-2

WPA2-ENETRPRISE

Everyone access the net

Username and password are given

TKIP protocol is used

TKIP AES Protocol is used

1) Dual authentication 2) Centralized topology/hybrid

No security

Less security is provide

To secure more data

Packet loss is less

Data is secure

Conclusion This is also a kind of network which designed for security purposes. It designs secure enterprise network that authenticates to the users to an external radius. This situation espouses the same network layout and configuration steps described as “A secure enterprise network for guest access”. Additional actions are required to provide the dual security issues for mutual authentication of

Disha, IJRIT

680

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, March 2014, Pg: 676-682

WDS bridges. From the earlier described parameters it can be judge that WPA2 Enterprise is much secure as compare to the earlier techniques. Because it is using the dual authentication method which checks the permissions before to permit the access of network and topology used in this mechanism is centralized (star) which ensure the involvement of server for communication and security reasons.

References [1] Brooks, D., “Wattch: A framework for architectural-level power analysis and optimizations”, ISCA, pp. 83-94, 2000. [2] Ganesan, P., Venugopalan, R., and Peddabachagari, P., “Analyzing and modelling encryption overheadfor sensor network nodes”, ACM in Proceedings of WSNA’03, pp. 151-159, 2003. [3] Granelli, F. and Boato, G., “A novel methodology for analysis of the computational complexity of block ciphers: Rijndael, Camellia and Shacal-2 compared”, Third Conference on Security and Network Architectures (SAR’04), pp. 1-7, 2004. [4] Grobschadl, J., Tillich, S., Rechberger, C., Hofmann, M., and Marcel Medwed, “Energy evaluation of software implementations of block ciphers under memory constraints”, Proceedings of the 10th Conference on Design, Automation and Test in Europe, pp. 1110-1115, 2007. [5] Gupta , V., Millard, M., Fung, S., Zhu, Y., Gura, N., and Shantz, S., “Sizzle: a standards-based end to end security architecture for the embedded internet”, Pro- ceedings of third IEEE International Conference on Pervasive Computing and Communications, PerCom 2005, pp. 247-256, Kaua, Huwaii: IEEE, 2005. [6] Hager, C. T. R., Midkiff, S. F., Park, J. M., and Martin, T. L., “Performance and energy efficiency of block ciphers in personal digital assistants”, Third IEEE International Conference on Pervasive Computing and Communications, pp. 127-136, 2005. [7] Hodjat, A. and Verbauwhede, I., “Interfacing a high speed crypto accelerator to an embedded CPU”, Pro- ceedings of the 38th Asilomar Conference on Signals, Systems, and Computers, vol. 1, pp. 488-492, IEEE Press, 2004. [8] Karlof, C., Sastry, N., and Wagner, D., “TinySec: a link layer security architecture for wireless sensor networks”, ACM SenSys 2004 in Proceedings of the 2nd International Conference on Embedded Networked Sensor Systems, pp. 162-175, 2004. [9] Xenakis, C., Merakos, N. L., and Stavrakakis, I., “A generic characterization of the overheads imposed by IPsec and associated cryptographic algorithms”, Elsevier Journal of Computer Networks, pp. 32253241, 2006.

Disha, IJRIT

681

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, March 2014, Pg: 676-682

[10] Xiao, Y., Chen, H., Sun, B., Wang, R., and Sethi, S., “MAC security and security overhead analysis in IEEE 802.15.4 wireless sensor networks,” EURASIP Journal on Wireless Communication and Networking, pp. 1-12, 2006. [11] Singh, R., Guainazzo, M. and Regazzoni, C. S., “Location Determination Using WLAN In Conjunction With GPS Network (Global Positioning System)”, Vehicular Technology Conference, 2004. VTC 2004-Spring, 2004 IEEE 59th, pp. 2695 - 2699 vol.5, 2004 [12] Zemlianov, A. and De, V. G., “Cooperation and decision-making in a wireless multi-provider setting”, INFOCOM 2005. 24th Annual Joint Conference of the IEEE Computer and Communications Societies, Proceedings IEEE, pp. 386 - 397 vol. 1, 2005. [13] Cypher, D., Chevrollier, N., Montavont, N. and Golmie, N., “ Prevailing over wires in healthcare environments: benefits and challenges”, Communications Magazine, IEEE, vol. 44, Issue. 4, pp. 56 – 63, 2006 [14] Anjum, F., Elaoud, M., Famolari, D. and Ghosh, A. , “Voice performance in WLAN networks - an experimental study”, Global Telecommunications Conference, 2003, GLOBECOM '03, IEEE, vol. 6, pp. 3504 – 3508, 2003 [15] Vitaletti, A., “Gianni palombizio: Rijndael for sensor networks: is speed the main issue?”, Electronic Notes Theorem Computer Science, vol. 171, pp. 71- 81, 2007.

Disha, IJRIT

682

Security implementation upon wireless network using ...

and laptops. But it is not so ... WI-FI is the short form of Wireless Fidelity, computer and other devices having the WIFI adapters (card) can be ... new network topology that enables it to work more efficiently as compare to the earlier techniques.

456KB Sizes 1 Downloads 201 Views

Recommend Documents

wireless network security issues pdf
wireless network security issues pdf. wireless network security issues pdf. Open. Extract. Open with. Sign In. Main menu. Displaying wireless network security ...

Transformation of Wireless Network Security _hb_final.pdf ...
Page 1 of 12. EDITOR'S NOTE BAKING WI-FI. SECURITY INTO. YOUR NETWORK. PROVISIONING. WIRELESS. LAN ACCESS. FOR BYOD. WHAT GIGABIT. WI-FI MEANS. FOR NETWORK. SECURITY. The Transformation of Wireless. Network Security. In an age of pervasive wireless c

Network Security using IP Traceback Techniques - IJRIT
The original aim of the Internet was to provide an open and scalable network among ... Blocking the availability of an Internet service may imply large financial.

Network Security using IP Traceback Techniques - IJRIT
And the toughest problem of Network Security is to trace the ... annual Computer Security Institute (CSI) computer crime and security survey reported that ...

A Review on Neural Network Implementation Using FPGA
Implementation method with resource/speed tradeoff is proposed to handle signed ... negative value for a weight indicates an inhibitory connection while a ..... Derivative using Back Gate Effect”, VLSI Design and Test Workshop-2003, pp.

Enforcing Reverse Circle Cipher for Network Security Using ... - IJRIT
User's authentication procedures will be design for data storage and retrieval ... In this paper we are going to discuss two tier security approaches for cloud data storage ... in public and private key encryption cipher such as RSA (Rivest Shamir, .

Enforcing Reverse Circle Cipher for Network Security Using ... - IJRIT
... key encryption cipher such as RSA (Rivest Shamir, Adleman) uses in internet with .... I would like to give my sincere gratitude to my guide Aruna K. Gupta, H.O.D. ... Wireless Sensor Networks”,Transactions on Sensor Networks (TOSN), ACM ...

using cloud computing to implement a security overlay network pdf ...
using cloud computing to implement a security overlay network pdf. using cloud computing to implement a security overlay network pdf. Open. Extract. Open with.

Network Security using IP Traceback Techniques
The original aim of the Internet was to provide an open and scalable network among research ... Denial of Service and Distributed Denial of Service attack incidents make ... Full text: https://sites.google.com/a/ijrit.com/papers/home/V1I524.pdf.

pdf wireless security
Download. Connect more apps... Try one of the apps below to open or edit this item. pdf wireless security. pdf wireless security. Open. Extract. Open with. Sign In.

A Rural Implementation of a 52 Node Mixed Wireless Mesh Network ...
A Rural Implementation of a 52 Node Mixed Wireless Mesh Network in Macha, Zambia, AfriComm 2009.pdf. A Rural Implementation of a 52 Node Mixed ...

Network Security
[Read PDF] Network Security: Private. Communication in a Public ... Series in Computer Networking and Distributed). Best Online ... Information Technology Law.

Security and Communication Network
Soft computing techniques, such as Fuzzy Logic, Neural Networks, Evolutionary. Computing, Rough Sets and other similar techniques, have been proved ...

Security and Communication Network
pattern detection, data segmentation, data mining, adaptive control, information assurance, etc. Recently, soft computing is widely used in information system for assurance. For example, neural networks are used for intrusion detection or prevention,