writing 3 to 4 pages based on the instrucions in the word file

timer Asked: Nov 13th, 2016

Question description

please i need this paper done perfectly

Instruction: -Bottom line, you are helping the CIO identify the weakest and strongest protocols for wireless. This will help the CIO select the best commercial products at a later time. - Complete this matrix using the NIST Special Publication for Wireless Security( I attached the pdf under name SP800-48 file and ppt under name ppt file for information sourcesplease try to get more information from SP800-48 file and select the recommendation network IEEE xx for the CIO in what type is the best to be use, that’s include technology details of the chosen IEEE xx not as what it does do). -Identify the effectiveness of the five authentication techniques/protocols against the 2 types of attack techniques ( this is in the ppt file slides to be found ). -Complete the matrix by selecting whether the effectiveness of a type of authentication is high or low (provide a brief rationale for your selection) against the two types of threats identified in the matrix. Authentication/Attack Techniques/Protocols Type 1: Type 2: Type 3: Type 4: Type 5: Man-in-the Middle Session High-Jacking -The primary goal is completion of the matrix. -Your rationale does not need to be included in the matrix, but can be written in an essay style. - As far as identifying the security protocols/techniques, you are not required to select WEP. -The reason why the NIST SP focuses on WEP is due to its age. Since publication of the SP the technology has changed, but the concepts remain the same. -For example, if you selected WEP, you could state that it's not very effective against a man-in-the-middle attack for the following reasons: .....This could include identifying vulnerabilities. Additionally, you could state that additional countermeasures need to be implemented if WEP was selected. -The next protocol could be WTLS which is more effective than WEP against a man-inthe -middle attack for these reasons.... This protocol also has vulnerabilities such as ... and fewer procedural controls need to be implemented Example of previous work: ( please don’t copy past , just only shows how the work was process) Authentication/Attack Techniques Man-in-the Middle Session HighJacking Type1: Wireless Transport Layer Security (WTLS) high moderate Type 2: Protected Extensible Authentication Protocol (PEAP) moderate moderate to low Type 3: Shared Key Authentication low low Type 4: MAC Access List low low Type 5: Wired Equivalent Privacy (WEP) low low The Wireless Transport Layer Security protocol is the security layer of the WAP. Its primary goal is to provide privacy, data integrity, and authentication for WAP applications. The security is needed in order to safely connect to the services, such as online banking and ecommerce. The client and the server must be authenticated and the connection has to be encrypted. WAP has a higher effectiveness for the man-in-the-middle as it is prevents the data to be modified during the transfer. The subscriber wants to be sure that the service being used is really the one it claims to be. In some cases, the service also wants to use a strong authentication with certificates. WTLS is needed because mobile networks do not provide complete end-to-end security. On the other hand, the Wireless Transport Layer Security protocol has a moderate effectiveness for the session hijacking since it can allow an attacker to recover the content of web cookies when data compression is used along with transport layer security. When used to recover the content of secret authentication cookies, it allows an attacker to perform session hijacking on an authenticated web session. Protected Extensible Authentication Protocol (PEAP) provides mutual authentication, ensures confidentiality and integrity to vulnerable user credentials, protects itself against passive (eavesdropping) and active (man-in-the-middle) attacks, and securely generates cryptographic keying material. PEAP is compatible with the IEEE 802.1X standard and RADIUS protocol. The PEAP can only protect from man in the middle threat if the client can validate the server certificate, or if the inner protected authentication method is not used outside of PEAP. However if these rules are violated, the security can be compromised. If the client fails to validate the server’s certificate, an attacker can put up a rouge AP and AS and steal the client’s credentials that can be used to successfully authentication to the real server. While if the client application is poorly designed or badly configured and uses the PEAP authentication in an unprotected wireless protocol, an attacker can capture the password and successfully launch his own successful PEAP authentication session which then also poses a risk on session hijacking. Mutual authentication may be able to stop man-in the middle attack but it will not stop the session hijacking which is why PEAP effectiveness on session hijacking is moderate to low. An attacker can pass through the entire authentication conversation, then hijack the session and act as the user. Shared Key Authentication is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol. With shared key authentication a computer equipped with a wireless modem can fully access any WEP network and exchange encrypted or unencrypted data. Shared Key Authentication has a low effective on the man in the middle because in shared key authentication, the client and the AP exchange the challenge text (clear text) and the encrypted challenge. Therefore, this type of authentication is vulnerable to man-in-the-middle attack. A hacker can listen to the unencrypted challenge and the encrypted challenge, and extract the WEP key (shared key) from this information. When a hacker knows the WEP key, the whole authentication mechanism is compromised and the hacker can access the WLAN network. This is the major disadvantage with Shared Key Authentication. The same goes with session hijacking it is possible for an individual to intercept the traffic and pose as the original host. Shared Key authentication is more secure over a LAN connection. Mac access list is the process of including or excluding computers and devices based on their MAC address. Creating an AP with the same SSID that the user believes to be connected to his own network can perform man in the middle. Which is why MAC access list has a low effectiveness for this type of attack. The new AP could help an individual obtain all data traffic from the user. Also, if a hacker suspects a target network is using MAC address filtering. An individual could use a wireless surveying or analyzer program on their laptop. An individual would be able to check out the list of stations or monitor the raw data packets to find a “good” MAC address that she could use. These tools and techniques can be used to perform session hijacking by spoofing the MAC address. MAC spoofing can be used to access files and or snoop on network traffic. Wired Equivalent Privacy (WEP) is a security algorithm for IEEE 802.11 wireless networks. It is a shared-secret key encryption system used to encrypt packets transmitted between a station and an AP. ARP spoofing and DNS hijacking could be used to perform a man in the middle attack against a legitimate connection over the network. The big issue with WEP is the fact that it is very susceptible to a Man in the Middle attack. The attacker captures the cleartext challenge and then the authentication packet reply. The attacker then reverses the RC4 encryption in order to derive the static WEP key. WEP provides security only against casual attackers. Freely available tools can crack the key using deauth and ARP injection in under a minute. Therefore it has a very low effectiveness for the man in the middle attack. Not only that, WEP is also very vulnerable to the session hijacking. To deploy a secure WLAN, it is necessary to implement an alternative security mechanism, such as SSL, VPN, Wi-Fi Protected Access (WPA).
Mobile and Wireless Security Tonight’s Agenda • • • • • Wireless LANs easy target for hackers Wireless threats Security mechanisms and technologies PDAs – BlackBerry Wireless security services Wireless LANs Easy Target For Hackers • Additional security measures required for WLANs • 40-bit encryption used to secure WLAN data sent over the 802.11 standard can be cracked • The 40-bit algorithm is used for the Wired Equivalent Privacy (WEP) standard Researchers found that WLANs can be cracked using a wireless PC LAN card on a laptop loaded with “sniffer” software • Wireless networks a “hackers” playground http://www.vnunet.com/News/11244105 Wireless Threats Attack Techniques • • • • • • • • Traffic Analysis Passive eavesdropping Active eavesdropping w/partially know plaintext Active eavesdropping with known plaintext Unauthorized access Man-in-the-middle attack Session high-jacking Replay Traffic Analysis • Attacker can determine the load on the communication medium by the number and size of packets being transmitted • Attacker only needs a wireless card operating in the promiscuous mode (i.e., listening) mode and software to count the number and size of packets being transmitted • Traffic analysis allows the attacker to know – Identification and physical location of wireless access points – Type of protocols being use in the transmission Eavesdropping • Passive – Attacker passively monitors the wireless session – Assuming the session is not encrypted, the attacker can read the data transmitted in the session and can ID other information (e.g., source, destination, size, number, time of transmission) • Active – Attacker actively injects messages into the communications medium in order to assist them in determining the contents of the message (e.g., IP Spoofing) – Attacker can inject known traffic into the network in order to decrypt future packets sent by others Unauthorized Access • Not directed at any individual user or set of users, it is directed against the network as a whole • Once the attacker has access to the network, he can then launch additional attacks or enjoy free use of the network • Due to the physical properties of WLANs, attackers will always have access to the wireless component of the network – in some wireless security architectures this will also grant the attacker access to the wired network Man-In-The-Middle Attack • If the packets being transmitted are encrypted only at the network layer (layer 3), then the attacker can obtain the header information from the data link layer (layer 2) and layer 3 • A man-in-the-middle attack can be used to read private data from a session or to modify the packets thus violating the integrity of the session • This is a real-time attack, the data may be read or the session modified as it occurs • Address Resolution Protocol (ARP) attacks can be directed against targets on the wired network Session High-Jacking • Attack against the integrity of a session • The attacker takes an authorized and authenticated session away from its owner • The target knows that it no longer has access to the session but may not be aware that the session has been taken over by an attacker • The target may attribute the session loss to a normal malfunction of the WLAN • Once the attacker owns a valid session he may use the session for whatever purpose he wants • This attack occurs in real-time, but can continue long after the session is over Replay • Aimed at the integrity of the information on the network if not necessarily the integrity of a specific mission • Used to gain access to the network with the authorization of the target, but the actual session or sessions that are attacked are not altered or interfered within anyway • Not a real-time attack • The attacker captures the authentication of a session • Similar the the high-jacking attack except for the timing Security Mechanisms and Technologies • Authentication • Encrypted tunnel or VPN • Integrity checking Authentication • • • • • • IEEE 802.11 or WEP Closed System Authentication – SSID MAC Access List Shared RC4 key authentication 802.1x Extensible Authentication Protocol – Transport Layer Security (EAP-TLS) Authentication • Tunneled Transport Layer Security (WTLS) • Protected Extensible Authentication Protocol (PEAP) • Wireless Transport Layer Security (WTLS) • Packet authentication Encrypted Tunnel or VPN • OSI network layer endpoints • Encrypted algorithm and key size – WEP – Layer 2 Block cipher encrypted tunnel – Layer 3 VPN or strongly encrypted tunnel Integrity Checking • WEP CRC-32 Checksum • Cryptographic Checksum Message Integrity Codes (MIC) • Secure Hash Algorithm SHA-1

Tutor Answer

(Top Tutor) Studypool Tutor
School: Boston College
Studypool has helped 1,244,100 students
flag Report DMCA
Similar Questions
Hot Questions
Related Tags
Study Guides

Brown University

1271 Tutors

California Institute of Technology

2131 Tutors

Carnegie Mellon University

982 Tutors

Columbia University

1256 Tutors

Dartmouth University

2113 Tutors

Emory University

2279 Tutors

Harvard University

599 Tutors

Massachusetts Institute of Technology

2319 Tutors

New York University

1645 Tutors

Notre Dam University

1911 Tutors

Oklahoma University

2122 Tutors

Pennsylvania State University

932 Tutors

Princeton University

1211 Tutors

Stanford University

983 Tutors

University of California

1282 Tutors

Oxford University

123 Tutors

Yale University

2325 Tutors