Addressing Wireless Networking Technology and Security a Moving Target Research Proposal

Pages: 22 (7497 words)  ·  Style: APA  ·  Bibliography Sources: 16  ·  File: .docx  ·  Level: College Senior  ·  Topic: Education - Computers

¶ … Wireless Networking Technology and Security: A Moving Target

The objective of this work is to focus on wireless networking technologies, protocols, standards and operations. Additionally examined will be the capabilities of Wireless Personal Area Networks (WPANs), Wireless Local Area Networks (WLANs), and Wireless Wide Area Networks (WWANs). This work will describe wireless networking capabilities, recent initiatives and the advantages and limitations of wireless networks in accommodating goals, objectives and requirements in government and/or academic environments. Finally this work will examine a security component which relates to these wireless network technologies. Wireless devices are very much prone to being attacked and exploited however the benefits of these wireless technologies far exceed the risks that go along with the use of these. The Wireless Personal Area Network (WPAN) is a wireless network that has a maximum range of 10 meters and are networks utilized for interconnection of the respective devices one another. The Wireless Local Area Network (WLAN) has a signal range of approximately 30 meters indoors and 100 meters outdoors and are often also refereed to as Wireless fIdelity (WiFI). The WWAN - Wireless Wide Area Network (WWAN) provides a wireless connection over an area that is much wider.

Purpose of the Study

The purpose of this study is to identify a security protocol that will serve to protection wireless communication across the range of WPANs, WLANs and WWANs.

Rationale

Buy full Download Microsoft Word File paper
for $19.77
The problem that is addressed in this research study is related to wireless technology and the limitations that exist in wireless network security at present. There are various applications of the wireless network and various wireless devices and communication protocol however; there is not yet wireless network security protection that exists with the necessary capabilities to cover all types of wireless network communication across the spectrum of diversity that exists in the wireless network technology communication security needs.

Methodology

Research Proposal on Addressing Wireless Networking Technology and Security a Moving Target Assignment

The methodology of this study is one of a qualitative nature and that involves an extensive review of the literature in this area of study.

I. WPAN Security

The work of Todd Kennedy and Ray Hunt entitled: "A Review of WPAN Security: Attacks and Prevention" states that the Wireless Personal Area Network (WPAN) "fill an important role in local area network technology complementing traditional IEEE 802.11 Wireless LANs." Reports as well is that the key emergent WPAN technologies Bluetooth, ZigBee and NFC (Near field Communications) and that these are "subject to the usual range of security vulnerabilities found in wireless LANs such as spoofing, snooping, man-in-the-middle, denial of service and other attacks." (p.1) T

The Wireless Personal Area Networks (WPANs) are stated to form "an important niche in wireless area technology that are particularly applicable for applications demanding low data rate transfer, limited range, low power consumption as well as requiring devices to be physically small and of low cost." (Kennedy and Hunt, 2008, p.1) Bluetooth and Zigbee are stated to operate "in the same frequency spectrum as IEEE 802.11b Wireless LANs and are thus subject to interference." (Kennedy and Hunt, 2008, p.1) The following table summarizes these three WPAN technologies in terms of their physical characteristics.

Figure 1

Physical Characteristics of the Primary WPAN Technologies

Source: Kennedy and Hunt (2008)

The work of Kennedy and Hunt further states that Bluetooth technology was designed specifically for small form and low-cost as well as short-range radio links that communicate between "PCs, handheld devices, mobile phones and other computing devices based on IEEE 902.15.1[2]." (Kennedy and Hunt, 2008, p.2) This technology is viewed as a "cable replacement that allows ones device to connect to another through a 10 meter personal bubble (may extend up to 100 meters) and supports simultaneous transmission of both voice and data for multiple devices." (Kennedy and Hunt, 2008, p.2)

Profiles supporting by Bluetooth includes the following: (1) imaging; (2) file transfer; (3) generic access, (discovery and link establishment) human interface device (keyboard, mouse), LAN access (using Point-to-Point protocol." (Kennedy and Hunt, 2008, p.2) The release of Bluetooth Version 2.0 + Enhance Data Rate (EDR) was in 2004 with Bluetooth Version 2.1 + EDR Specification being adopted in July 2007 which is inclusive of various operation features which are new. Presently Bluetooth 3.0 is being drafting and Kennedy and Hunt state that it will likely being inclusive of Ultra Wide Bank (UWB) features. Bluetooth is stated to operate in the "unlicensed 2.4 GHz band, which is shared with other wireless communication standards as 802.11b LANs." (Kennedy and Hunt, 2008, p.2)

Bluetooth attacks are stated to generally be in relation to mobile telephony devices however "they are equally applicable to other devices used in the WPAN environment." Kennedy and Hunt, 2008, p.1) Bluejacking is the term used to refer to the process of unsolicited content being sent to devices which are Bluetooth enabled and that generally contain a message "such as BlueChat (chatting over Bluetooth). " (2008) It is stated that that messages are short in form and may be utilized in an attempt to "mimic authentication dialogues" and using these to compel the user in revealing access codes and then the attacker uses this information to access the files that are stored on the device often stated to be a mobile computer." (Kennedy and Hunt, 2008, p.1)

Kennedy and Hunt relate that BlueSnarf is the process entailing unsolicited content being sent to Bluetooth enabled devices and just as in Bluejacking, BlueSnarf attempts to mimic authentication dialogues causing the user to being tricked into disclosing their access codes and allowing the attacker to read access to a vulnerable device thus enabling them to access the calendar and phone book without authentication. This attack is reported to have recently been upgraded to BlueSnarf++ making the use of the Object Exchange FTP service in connecting to devices which are vulnerable and allowing the attacker read write access for the device's file system in its entirety as well as that of any memory extensions including such as memory sticks. The third attack in this area is related by Kennedy and Hunt as being that of what is known as 'BlueBump' which exposes a weakness in the "handling of Bluetooth link keys, giving devices that are no longer authorized the ability to access services as if still paired. It can lead to data theft or the use of mobile Internet connectivity services, such as Wireless Application Protocol." (Kennedy and Hunt, 2008, p.1)

Another attack referred to as Bluesmack is a Denial of Service (DOS) attack "that can be performed with standard tools such as Linux Bluez utils package." (Kennedy and Hunt, 2008, p.1) This attack is stated to be similar to that known as 'Ping of Death' because it targets the L2CAP layer, which can request another Bluetooth peer echo. This tool enables the user to choose a certain acceptable length of a packet and when a packet exceeds that length by more than 600 bytes the results may be 'devastating'. (Kennedy and Hunt, 2008, p.3)

Before an attacker can conduct a BlueDump attack the attacker must know "...the Bluetooth address of a set of paired devices." (Kennedy and Hunt, 2008, p.3) This involves the attacker spoofing the address of one of the devices and then connecting to the other. The attacker in this instance does not have a link key when the device asks for authentication and this can result in the link key being deleted by the garget device and reversion to pairing mode to be initialized. (Kennedy and Hunt, 2008, paraphrased)

Also a DoS attack is that of BlueChop which may disrupt any piconet established by Bluetooth and this is even when the device is nonparticipative. The device not participating in the piconet BlueChops a picnonet by spoofing a random slave and contacts the piconet master. Kennedy and Hunt report that 'Bloover' was created "as a proof-of concept' tool that can be used to initiate a BlueSnarf attack from a J2ME-enabled mobile device." (p.3) The intent however in creating Bloover was to use it as a tool for auditing that enabled checking for vulnerability in mobile devices. Bluetooth is also reported to be vulnerable to traditional computer attacks including the self-propagating virus, malware or worm. One such attack is the cabir worm that uses the Bluetooth device to self replicate which however affects only Symbian platforms.

Bluetooth is a wireless technology and this is stated to result in great difficulty in terms of avoidance of signals which leak outside the set boundaries. It is stated that for this reason the individual should not enter a PIN into the Bluetooth device for pairing in public which will mitigate the risk of eavesdropping by an attacker. It is important to understand Bluetooth pairing in defending against attacks. Bluetooth specification enables the use of NFC for the purpose of the creation of a pairing process that is secure in nature.

Bluetooth devices generally save the link key in a non-volatile memory for use in the future. Therefore, at the time the same Bluetooth devices want to communicate again the stored link key is… [END OF PREVIEW] . . . READ MORE

Two Ordering Options:

?
Which Option Should I Choose?
1.  Buy full paper (22 pages)Download Microsoft Word File

Download the perfectly formatted MS Word file!

- or -

2.  Write a NEW paper for me!✍🏻

We'll follow your exact instructions!
Chat with the writer 24/7.

Risk Management and Analysis Process and Policy Before Technology Research Proposal


AT&T Trends, Environment, and SWOT Analysis Term Paper


Adolescent's Awareness and Their Lack of Implementing Term Paper


View 200+ other related papers  >>

How to Cite "Addressing Wireless Networking Technology and Security a Moving Target" Research Proposal in a Bibliography:

APA Style

Addressing Wireless Networking Technology and Security a Moving Target.  (2009, July 6).  Retrieved May 28, 2020, from https://www.essaytown.com/subjects/paper/addressing-wireless-networking-technology/4559078

MLA Format

"Addressing Wireless Networking Technology and Security a Moving Target."  6 July 2009.  Web.  28 May 2020. <https://www.essaytown.com/subjects/paper/addressing-wireless-networking-technology/4559078>.

Chicago Style

"Addressing Wireless Networking Technology and Security a Moving Target."  Essaytown.com.  July 6, 2009.  Accessed May 28, 2020.
https://www.essaytown.com/subjects/paper/addressing-wireless-networking-technology/4559078.