Chapter 2: Literature Review

According to Steve (2007), wireless networking has becoming one of the fastest growing technologies in the early 21st century with the approval of the IEEE 802.11 standard in 1997 and the subsequent development of interoperability certification by the WIFI Alliance. There are various emerging wireless technologies and standards serving various environments such as Wireless Wide Area Network (WWAN), Wireless Metropolitan Area Network (WMAN), Wireless Local Area Network (WLAN) and Wireless Personal Area Network (WPAN). These technologies include Bluetooth, WIFI, WIMAX, 3G and others [4]. 2.1 Background of WIFI Technology The development of WLAN began in the late 1980s following the opening up of the three ISM radio bands for unlicensed use by the FCC in 1985 and reached a major milestone in 1997 with the approval and publication of the 802.11 standard compatible with Ethernet above data link layer [4]. The objective was to be able to send an IP packet over the WLAN just as in a wired LAN from one computer to another [4]. This standard which initially specified modest data rates of 1 and 2 Mbps, has been enhanced over the years, the many revisions being denoted by the addition of a suffix letter to the original 802.11 as shown in Table 1. Table 1: The IEEE 802.11 family standards [4, 9, 26] Standard 802.11 802.11a standard (1999). High speed WLAN standard for 5 GHz ISM band. Supports 54 Mbps. (1999, shipping products in 2001). OFDM is used to provide these high data rates and the 5 GHz band offers less RF interference compared to the 2.4 GHz band. Key features The original WLAN standard supporting 1 and 2 Mbps, 2.4 GHz RF and IR

802.11b

Enhancements to 802.11 to support 5.5 and 11 Mbps (1999). WLAN standard for 2.4 GHz ISM band. Using DSSS and CCK modulation system to make more efficient use of the radio spectrum.

802.11c

Bridge operation procedures; included in the IEEE 802.1d standard (2001). Manufacturers use this standard when implementing wireless access points to ensure interoperability.

802.11d 802.11e

International roaming (country to country) automatically configures devices to meet local RF regulations (2001). Enhancements: QoS, including packet bursting (2005). Provide TDMA to patriotise and error-correction to enhance performance of delay sensitive applications.

802.11f

Inter-access point protocol (2003) - the communications between access points in order to support users roaming from one AP to another. Ensures interoperability of access points from multiple vendors, for example to support roaming.

802.11g

Establishes an additional modulation technique for 2.4 GHz ISM band. Intended to provide speeds up to 54 Mbps. Backwards compatible with 802.11b (2003). Use OFDM rather than DSSS to provide the higher data rates.

802.11h

Defines the spectrum management of the 5 GHz band for use in Europe and in Asia Pacific (2004). This entails providing dynamic channel selection (DCS) and transmits power control (TPC) to avoid interference with satellite communications.

802.11i

Address the current security weaknesses for both authentication and encryption protocols. The standard encompasses 802.1X, TKIP, and AES protocols. (2004)

802.11j

Extensions for Japan (2004). Enhancement of IEEE802.11 standard to add channel selection of 4.9 GHz and 5 GHz in Japan in order to conform to Japanese rules of radio operation.

802.11k

Enable functionality for higher layers in the stack to get access to radio resource management (RRM) data captured by the PHY layer. Easier access to these measurements will enable simpler management of services (e.g. roaming, coexistence) from external systems.

802.11m

Maintenance of the IEEE802.11 MAC/PHY specification. Update the standard documentation with technology and editorial corrections. Intended to provide speeds up to 500 Mbps using MIMO radio technology, wider

802.11n 802.11p

RF channels and protocol stack improvements, while maintaining backward compatibility with 802.11 a, b and g. WAVE wireless access for the vehicular environment (such as ambulances and passenger cars) using the licenced intelligent transportation systems (ITS) band at 5.9 GHz.

802.11r 802.11s 802.11T 802.11u 802.11v 802.11w

For fast roaming and address maintaining user connectivity from one access point to another. Deals with mesh networking Wireless Performance Prediction (WPP) test methods and metrics. The capital T denotes a recommended practice rather than a technical standard. Interworking with non-802.11 networks (e.g., cellular, Bluetooth, and WIMAX). Enhancements to increase throughput, reduce interference and improve reliability through wireless network management. Increased network security by extending 802.11 protections to management as well as data frames.

Table 2 shows the performances of 802.11a, b, g and n standards. Table 2: Performances of 802.11a, b, g and n [24, 27]

Standards Data rate maximum (Mbps) 802.11a 802.11b 802.11g 54 11 54 OFDM DSSS with CCK DSSS with CCK below 20 Mbps Modulation technique

Parameters Frequency band (GHz) 5 2.4 2.4 1 1 1 Spatial streams Channel width (MHz) 20 20 20

or OFDM above 20 Mbps 802.11n 600 MIMO or OFDM 2.4 or 5 1-4 20 or 40

Based on Table 2, the 802.11a has the fastest transmission speed and allows for more
simultaneous users same as 802.11n. It uses the 5GHz frequency which limits interference from other devices. However, it costs the most, has a shorter signal range which is more easily obstructed by walls and other obstacles, and not compatible with 802.11b network adapters, routers and access points. For 802.11b, it costs the least and has the best signal range same as 802.11g and 802.11n. However, it has the slowest transmission speed, allows for fewer simultaneous users and uses the 2.4 GHz frequency which can cause interference problems same as 802.11g and 802.11n. As for 802.11g, it has a transmission speed comparable to 802.11a under optimal conditions, allows for more simultaneous users and is not easily obstructed same as 802.11n. It is compatible with 802.11b network adapters, routers, and access points. However, it costs more than 802.11b. For 802.11n, it uses multiple signals and antennas for better speed. WIFI technology only works on high frequency radio signals. Otherwise, it will not work properly. Nowadays, this technology is used as office or home network and in many electronic devices. WIFI network architecture is divided into ad hoc mode and infrastructure mode (Single Point of Access and Multiple Access Point). Ad-hoc Mode is a peer-to-peer network in which no dedicated system is required to assume the role of a gateway router and this is accomplished using the Independent Basic Service Set (IBSS). Typically, this method is used by two computers so that they can connect to each other to form a network. This mode enables user connect to internet without any third party access point or router. In order to configure it, the setting of ad hoc mode wireless adaptors is required. The same channel name and same Service Set Identifier (SSID) is used for a live connection. However, there are some issues when WIFI devices make configuration on ad hoc mode where it never disables SSID access while infrastructure mode does. The bandwidth is 11 Mbps for a WIFI network on ad hoc mode

and goes up to 54 Mbps when in infrastructure mode. Thus, ad hoc mode is slower than infrastructure mode. If there are two different stations range, then it will not be able to communicate as it is a limited wireless network which invites people in the same room for exchanging data. Most WIFI networks operate in infrastructure mode which consists of an access point somewhere attached to a digital subscriber line (DSL) line or other large scale wired network. In such a hotspot, the access point usually acts as a master station that is distributing internet access to its clients. This topology is similar to a mobile phone service. Any traffic between clients connected to an access point has to be sent twice. For example, if client A and C communicate, client A sends data to the access point B and then the access point will retransmit the data to client C [5]. In single point of access, an access point is used to connect wireless users to a wired network in which the access point acts like a bridge between the wireless users and the network they wish to connect to and is responsible for authenticating the wireless users via password as well as possibly MAC address [6]. The distance of the wireless system to the access point determines the network performance that user will experience while the area surrounding the access point is referred to as Basic Service Set (BSS) [6]. For multiple access point, this setup allows multiple access points for multiple systems to access the network [6]. The purpose is to let the users able to roam between access points and be connected to the access point that is closest to them [6]. The access Points hand-off the users info and ensures the user is getting the best network performance available [6].

2.1.1

WIFI Technology Physical Layer Characteristics

Figure 2: The ISO OSI layers and IEEE 802 Standards [6] There are four categories in WIFI Technology which act as the physical layer as depicts in Table 3. Table 3: Four categories of WIFI technology [28] Categories Infrared LANs Features Data rate of 1 and 2 Mbps operates at a wavelength between 850 and 950 nm. An individual cell of an IR LAN is limited to a single room because infrared light does not penetrate opaque walls. Direct-sequence spread (DSSS) Operates in the 2.4-GHz ISM band. Up to seven channels, each with a operate in the ISM bands; therefore, no FCC licensing is required for use in the United States. Each bit in the original signal is represented by multiple bits in the transmitted signal, known as a chipping code. The chipping code spreads the signal across a wider frequency band in direct proportion to the bits used. Therefore, a 10-bit chipping code spreads the signal across a frequency band that is 10 times greater than the 1-bit chipping code. Frequency-hopping Operates in the 2.4-GHz ISM band, at data rates of 1 and 2 Mbps. In spectrum data rate of 1 and 2 Mbps can be used. In most cases, these LANs

10

spread spectrum (FHSS)

most cases, these LANs operate in the ISM bands. Therefore, no FCC licensing is required for use in the United States. The signal is broadcast over seemingly random series of radio frequencies, hopping from frequency to frequency at fixed intervals. A receiver, hopping between frequencies in synchronization with the transmitter, picks up the message. Attempts to jam the signal succeed only in knocking out a few bits.

Narrowband microwave LANs

Operate at microwave frequencies, but do not use spread spectrum.

2.1.2

WIFI MAC Layer Distribution System Services

Five types of services for WIFI are described as in Table 4. Table 4: Five types of WIFI services [28] Services Association Description Establishes an initial association between a station and an access point within a particular BSS. The access point can then communicate information (station identity, its address) to other access points within the ESS to facilitate routing and delivery of addressed frames. Reassociation Disassociation Authentication Enables an established association to be transferred from one access point to another, allowing a mobile station to move from one BSS to another. A notification from either a station or an access point that an existing association is terminated. Used to establish the identity of stations to each other. The standard does not mandate any particular authentication scheme, which could range from insecure handshaking to public-key encryption schemes. Privacy Used to prevent the contents of message from being read by other than the intended recipient. The standard provides for the optional use of encryption to assure privacy. 2.1.3 WIFI Data Link Layer Characteristics

11

It can be seen clearly from Figure 2 that the data link layer consists of two sub layers which are Logical Link Control (LLC) and Media Access Control (MAC). WIFI use a MAC protocol called Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA). WIFI systems are half duplex shared media configurations where all stations transmit and receive on the same radio channel [7]. The fundamental problem this creates in a radio system is that a station cannot hear while it is sending and hence it is impossible to detect a collision. Thus, a collision avoidance mechanism called the Distributed Control Function (DCF) is created. According to DCF, a WIFI station will transmit only if it thinks the channel is clear. All transmissions are acknowledged, so if a station does not receive an acknowledgement, it assumes a collision occurred and retries after a random waiting interval. The incidence of collisions will increase as the traffic increases or in situations where mobile stations cannot hear each other [7]. 2.2 Background of WIMAX WIMAX technology is also one of the emerging wireless technologies that provide high speed mobile data and telecommunication services to transmit the information in the form of microwaves through different type of methods of wireless networking from point to point or multi point access to the devices. It delivers broadband wireless access to the masses and represents alternative to DSL and cable broadband access. WIMAX stands for Worldwide Interoperability for Microwave Access and is based on IEEE 802.16 standard [8]. WIMAX technology is progressively discussed around 2004. Initially, the design of WIMAX is a fixed technology known as 802.16d. After that, it was being conformed in the standards to develop into a mobile technology known as 802.16e [8]. Features of WIMAX are Orthogonal Frequency Division Multiplexing (OFDM), Sub Channelization, Directional Antennas and Adaptive Modulation. The benefit of WIMAX technology is that the signals can be run very close to each other on wireless channels. Super narrow lanes can put a lot of traffic over them without disturbance. There is no need for line of sight (LOS) connection between subscriber terminals and the base station and it can support hundreds if not thousands of subscribers from a single base station [8]. WIMAX technology provides higher speed connection up to 70 Mbps over the area of 30 miles [8]. It supports low latency

12

applications such as voice, video, and Internet access at the same time [8]. Figure 3 depicts one possible WIMAX network deployment.

Figure 3: WIMAX [9] WIMAX provides three different modulation schemes depending on the distance. These are quadrature amplitude modulation (QAM) 64 with 6 bits/baud for nearby subscribers, QAM 16 at medium distance with 4bits/baud and quadrature phase-shift keying (QPSK) with 2 bits/baud for longer distances. The three MAC sub layers, starting with the lowest are security, common part and service oriented sub layers respectively [2]. WIMAX is available in two versions which are fixed and mobile. Fixed WIMAX is based on the IEEE 802.16-2004 standard is ideally suited for delivering wireless, last-mile access for fixed broadband services. It is similar to DSL or cable modem service. Mobile WIMAX is based on the IEEE 802.16e standard which supports both fixed and mobile applications while offering users improved performance, capacity, and mobility. The supporting technology for WIMAX is MIMO.

2.2.1

Orthogonal Frequency Division Multiplexing

13

OFDM is a technique which is based on multi carrier modulation (MCM) and FDM. In multi carrier as shown in Figure 4, modulation signal bandwidth is divided into parallel subcarriers or narrow strips of bandwidth. Here, subcarriers as in Figure 5 are overlapping, OFDM uses subcarriers that are mathematically orthogonal, and information is sent on Parallel overlapping subcarriers, from which information can be extracted individually. This property reduces interference caused by adjacent carriers [10].

Figure 4: Multi carrier [10]

Figure 5: Single carrier [10]

One of the major advantages of OFDM is its extreme robustness in multi-path environments. Combining advanced MIMO antenna technology for data transmission with OFDM enables a number of key operational benefits that can translate into significant cost savings and advantages, namely: powerful spectral efficiency and throughput. More efficient utilization of power for the same power output per sector, MIMO provides greater capacity with the same coverage as single output systems, higher reliability and throughput. The system supports adaptive modulation in the downlink and uplink. Adaptive modulation techniques, such as monitoring link quality between the transmitter and receiver and selecting the highest usable data rate, are used throughout the product range [11]. 2.2.2 Sub Channelization

Sub-channels allow optimizing at the frequency level. Another alternative would be to assign those sub channels to a different user who may have better channel conditions for that particular sub-channel. This allows users to concentrate transmitted power on specific sub channels, resulting in improvements to the uplink budget and providing greater range. OFDMA may be able to further improve its advantage over CDMA by applying AMC at the sub-channel level. This technique is known as Space Division Multiple Access (SDMA) [11]. 2.3 Background of 3G

14

3G stands for 3rd generation mobile telephone systems. It is a technology for mobile service providers. Historically, this might have included a metropolitan area. Today, it may include the entire country. 3G combines high speed mobile access with Internet Protocol (IP) based services. The first mobile services were analog. Although mobile services began to emerge in the 1940s, the first mass market mobile services in the U.S. were based on the AMPS (Advanced Mobile Phone Service) technology which referred to first generation wireless [10, 12]. The Federal Communications Commission (FCC) licensed two operators in each market to offer AMPS service in the 800-900MHz bands. In the 1990s, mobile services based on digital mobile technologies are known as second generation (2G) of wireless services. In the U.S., these were referred to as Personal Communication Systems (PCS) and used technologies such as TDMA (Time Division Multiple Access), CDMA (Code Division Multiple Access) and GSM (Global System for Mobile Communications) [12]. The next or 3G mobile technologies hopes to support higher bandwidth digital communications and are expected to be based on one of the several standards included under the ITU's IMT-2000 umbrella of 3G standards [10, 12]. The chief focus of wireless mobile services has been voice telephony. However, in recent years there has been growing interest in data services as well. To expand the range and capability of data services that can be supported by digital mobile systems, service providers will have to upgrade their networks to one of the 3G technologies. Auctions for 3G spectrum licenses occurred in a number of countries in 2000 and the first commercial offerings of 3G services began in Japan in October 2001 [10, 12]. 2.3.1 Wideband CDMA and CDMA2000

WCDMA stands for Wideband CDMA. It has been adopted as a medium-access technology for the universal mobile telecommunications system (UMTS). UMTS is the well known third-generation (3G) cellular network. WCDMA is basically a CDMA protocol but with large bandwidth and high bit-rate data services. The data rate has been enhanced to 2 Mbps as it was 14.5 Kbps in CDMA [13]. The services provided include high quality data, streaming music, video streaming, multimedia and also wireless access to the Internet. It renders high spectrum efficiency and high quality of services as well. An important feature of WCDMA is the dynamically channel switching; as WCDMA signal can switch to a GSM

15

downlink signal on run time and vice versa [13]. WCDMA. Table 5: WCDMA parameters [3, 14] Channel bandwidth Duplex Mode Downlink RF channel structure Chip rate Frame length Spreading modulation 5 MHz

Table 5 shows the parameters for

FDD and TDD Direct spread 3.84 Mbps 10 ms Balanced QPSK (downlink) Dual-channel QPSK (uplink) Complex spreading circuit

Data modulation Channel coding Coherent detection Channel multiplexing in downlink Channel multiplexing in uplink Multirate Spreading factors Power control Spreading (downlink)

QPSK (downlink) BPSK (uplink) Convolutional and turbo codes User dedicated time multiplexed pilot (downlink and uplink), common pilot in the downlink Data and control channels time multiplexed Control and pilot channel time multiplexed I&Q multiplexing for data and control channel Variable spreading and multicode 4-256 (uplink), 4-512 (uplink) Open and fast closed loop (1.6 kHz) OVSF sequences for channel separation Gold sequences 218 1 for cell and user separation (truncated cycle 10 ms)

Spreading (uplink)

OVSF sequences, Gold sequence 241 for user separation (different time shifts in I and Q channel, truncated cycle 10 ms)

Handover

Soft handover Interfrequency handover

16

Multiple access method Base Station Synchronisation Service Multiplexing

DS-CDMA Asynchronous operation Multiple services with different quality of service requirements multiplexed on one connection

CDMA2000 is the solution of 3G based on Is-95. It operates with synchronism between the mobile and the base station and is a solution for operators of new radio networks that wish to take advantage from the dynamic ones of the market created by mobility and the Internet [14]. CDMA2000 is designed to diminish the risks, to protect the investment and to provide significant acting to the operators as its nets evolve to offer services 3G [14]. Table 6 and 7 shows the similarities and differences between WCDMA and CDMA 2000 respectively. Table 6: Similarities between WCDMA and CDMA2000 [14]. WCDMA and CDMA 2000 Fast power control on forward (downlink) link as well as reverse (uplink) link Variable length orthogonal Walsh sequences used for forward (downlink) link Complex QPSK spreading on both downlink and uplink Convolution codes used as baseline (Identical Polynomials) Parallel Turbo codes for higher data rates Orthogonal Walsh functions separating the users Parallel code channels on the uplink Variable spreading factor to achieve higher data rates Non-orthogonal uplink based on PN Scrambling codes Soft handover and mobile assisted inter-frequency Hard handoff procedures Continuous uplink operation

Table 7: WCDMA versus CDMA 2000 [14]

17

WCDMA Use only DS 4.096 Mbps (Docomo) /3.84 Mbps (UMTS) 10 ms or optional frame lengths 20 ms (voice and data applications) No common pilot in the downlink Have open and fast close loops with 1.6 kHz rate In the downlink and in the uplink variable length orthogonal sequences for channel separation and Gold sequences (218) for cell and user separation in the downlink. And in the uplink for the user separation Gold sequences (241) Asynchronous base station Has a synchronization named channel and

Parameters Structure Channel Chip Rates Frame lengths

CDMA 2000 Use DS and MC 3.6864 Mbps 20 ms for data and control and 5 ms for control messages and lowdelay data applications

Coherent detection Power control Spreading

Common pilot in the downlink Have open and fast close loops with 800 Hz rate Variable length Walsh sequences for channel separation and Msequence 215 in downlink. And in the uplink variable length orthogonal sequences for channel separation, M-sequence 215 and M-sequence separation 241 for user

Synchronization of Base Station Physical Layer

Synchronous base station Synchronization to forward channels: the

(SCH) which consists of two sub channels secondary. Broadcasting Channels: Fixed rate 32 kbps Paging channels: is carried by secondary common control physical channel (S-CCPCH) whose rate may be different for different cells and can be set to provide the required capacity for PCH and FACH in each primary

secondary channel corresponding synchronization Channels: 744 has a channel (F-SYNC). Broadcasting frame kbps Paging channels: The correspondent paging channel in CDMA 2000 is F-PCH, which is backward compatible with IS-95. containing bits,

transmitted at 19.2, 9.6 or 4.8

18

specific environment. Different structure. Different uplink channel structures. GSM MAP High (because of non shared pilot code channel) Core network Over head downlink channel

Different structure. Different structures. ANSI-41

downlink uplink

channel channel

Low (because of shared pilot code channel)

2.4 Background of Bluetooth Bluetooth technology is a forthcoming WPAN technology that has gained significant industry support and will coexist with most WLAN solutions. The Bluetooth specification is for a 1 Mbps, small form-factor, low-cost radio solution that can provide links between mobile phones, mobile computers and other portable handheld devices and connectivity to the internet. This technology, embedded in a wide range of devices to enable simple, spontaneous wireless connectivity is a complement to WLANs which are designed to provide continuous connectivity via standard wired LAN features and functionality. It allows computers, phones and other devices to talk to each other over short distances (typically about 10m). Bluetooth uses radio waves and is designed to be an inexpensive way of connecting and exchanging information between devices without wires. Bluetooth can be used to exchange business cards or even used for sending voice from a headset to a mobile phone [15].

2.5 Wireless Groups 2.5.1 International Telecommunications Union

19

ITU was formed on May 17, 1865, in Paris, France [16]. The reasoning behind this union was to streamline the process by which telegraphs were sent internationally. Before this union, each county had expended time and resources fulfilling the requirements of each independent country. The complexity of dealing with each country and each of their requirements led to a meeting to address this issue [16]. In this meeting, which lasted two and a half months, the ITU was created and this allowed each of the participating world governments to meet and create, agree, and modify different methods of communication. On October 15, 1947, the ITU became a specialized agency under the United Nations (UN) [16]. During this time, the ITU created the International Frequency Registration Board (IFRB) to handle the task of managing the radio-frequency spectrum. This group was in charge of the Table of Frequency Allocations, which accounted for all frequency spectrum use throughout the world [16]. 2.5.2 Federal Communications Commission

FCC is a United States Government agency established by the Communications Act of 1934 [16]. Its main goal is to regulate interstate and international communications include radio, television, wire, satellite, and cable [16]. The section of the FCC that deals with wireless technologies is the Wireless Telecommunications Bureau (WTB) which provides service includes cellular telephone, paging, personal communications services, public safety, and other commercial and private radio services. The WTB is also the bidding authority for spectrum auctions [16]. 2.5.3 WIFI Alliance

The WIFI Alliance is a nonprofit international association formed in 1999 [16]. Its main goal is to certify the interoperability of WLAN products based on the IEEE 802.11 specification [16]. The WIFI Alliance has certified more than 1000 products with its WIFI certification [16]. This association came about due to the lack of well-defined technical areas in the 802.11 standard. The WIFI Alliances goal was to make sure that if a product is WIFI certified that it would interoperate with other WIFI certified products. The original name of the WIFI Alliance was the Wireless Ethernet Compatibility Alliance (WECA) [16].

20

2.5.4

Institute of Electrical and Electronics Engineers

The IEEE is the group that created all the 802 standards and also includes the wireless standards in the 802.11 space. The IEEE has been around since 1884 although it was not always called the IEEE [16]. In 1963, the AIEE (American Institute of Electrical Engineers) and the IRE (Institute of Radio Engineers) merged due to the existence of two separate standards bodies that were made up of many of the same people. 2.6 Background of WIFI Security Issues The type of security threats faced by a wireless LAN are many and varied, and although initially targeted at the PHY and MAC layers, the ultimate goal is to access or disrupt data at the application layer. A few of the main vulnerabilities are described below in Table 8. Table 8: Main WIFI security threats [4] Denial of Service (DoS) An attacker floods a network device with excessive traffic, attacks preventing or seriously slowing normal access. This can be targeted at several levels, for example, flooding a web server with page requests or an access point with association or authentication requests. Jamming A form of DoS in which an attacker floods the RF band with interference, causing WLAN communication to grind to a halt. In the 2.4 GHz band this could be done using Bluetooth devices, some cordless phones or a microwave oven. Insertion attacks An attacker is able to connect an unauthorized client station to an access point, either because no authorization check was made or because the attacker masqueraded as an authorized user. Replay attack An attacker intercepts network traffic, such as a password, and uses it at a later time to gain unauthorized access to the network.

21

Broadcast monitoring

In a poorly configured network if an access point is connected to a hub rather than a switch, the hub will broadcast data packets that may not be intended for wireless stations, and these can be intercepted by an attacker.

ARP Spoofing (or ARP cache poisoning) Session hijacking (or attack) Rogue access point (or evil twin intercept)

An attacker can trick the network into routing sensitive data to the attackers wireless station by accessing and corrupting the ARP cache in which MAC and IP address pairs are stored. A type of ARP spoofing attack in which an attacker breaks a station and disassociating itself, and then poses as the access point to get the station to associate with the attacker. An attacker installs an unauthorized access point with the correct SSID (the twin). If the signal is strengthened using an amplifier or high gain antenna, clients stations will preferentially associate with the rogue access point and sensitive data will be compromised.

man-in-the-middle stations connection with the access point, by posing as the

Cryptoanalytic attacks

An attack in which the attacker uses a theoretical weakness to break the cryptographic system. An example is the weakness of the RC4 cipher that leads to the vulnerability in WEP.

Side channel attacks

An attack in which the attacker uses physical information such as power consumption, timing information or acoustic or electromagnetic emissions to gain information about the cryptographic system. Analysis of this information might allow the attacker to determine an encryption key directly or a plaintext message from which the key can be computed.

Table 9 summarizes the security measures that have been developed to protect WIFI from the threats and vulnerabilities described in Table 8. Table 9: Security Measures to WIFI threats and vulnerabilities [4] Security measures User authentication Description Confirms that users who attempt to gain access to the network are

22

who they say they are. User access control Data privacy Key management Message integrity Allow access to the network only to those authenticated users who are permitted access. Ensures that data transmitted over the network is protected by encryption from eavesdropping or any other unauthorized access. Creation, protection and distribution of keys used for encrypting data and other messages. Checks that a message has not been modified during transmission.

In September 1999, WEP was the standard for wireless PCs [17]. WEP is used in the physical and data link layers. It provides security by encrypting the data while it traveled from one end point to the other. WEP for WLANs are more vulnerable due to the fact that the data travels over radio waves which are much easier to intercept and some corporations managers do not change the shared keys for months or years at a time [17]. In 2002, the WLANs security was upgraded into WPA [17]. It had several improvements like better encryption and it also used the RADIUS-based 802.1X, which authorizes the user to gain access to the ISP provider [17]. Besides, the setup for WPA was much simpler than the setup for WEP. WPA came in two types, Enterprise which was used for corporations, and also Personal which was used for home users [17]. In June 2004, 802.11i was completed and became the new and current standard for WIFI. 802.11i is also known as WPA2 [17]. WPA and WPA2 have several similarities, but WPA2 upgraded its encryption of data with the Advanced Encryption Standard (AES). However, there is a problem with AES and the problem is that this could require hardware upgrades for many WLANs. WPA2 is compatible with WPA products and consumers can upgrade to WPA2 easily. WPA2 is not compatible with the original WIFI standard WEP [17]. 2.7 Comparison of WIFI technologies with other wireless technologies Table 10 shows the performances of WIFI technology compared to Bluetooth technology.

23

Table 10: WIFI versus Bluetooth [29]

WIFI 2.4 GHz & 5.8 GHz Up to 54 Mbps 100 meters Medium FHSS, DSSS & OFDM Laptops, Printers and other Table 11 the networking devices WECA

Parameters Spectrum Data rate Range Power Transmission Type Primary devices

Bluetooth 2.4 GHz 1 Mbps 10 meters Low FHSS Cellular phones, headsets, other small powered devices shows

Standard Body

Bluetooth SIG

performances of WIFI technology compared to WIMAX technology. Table 11: WIFI versus WIMAX [29] WIFI Unlicensed Designed for 100 m range for indoor use. Due to recent innovations, coverage is being extended using Mesh technique or high gain directional antennas for outdoor usage. 54 Mbps in 20 MHz channel Capacity Characteristics Spectrum Coverage WIMAX Both Licensed and Unlicensed Designed for several km. Maximum ranges up to 30 miles LOS. 6 miles NLOS. Basically designed for outdoor environments (terrains, buildings, Trees etc) 75 Mbps to 100 Mbps (Based on Modulation technique )

24

20 MHz and 22MHz (Fixed channel size) VoWIFI is emerging and 802.11e is working on the QoS issues to get ratified DSSS, OFDM CSMA/CA contention based Very limited LAN Low Very High

Channel width Quality of Service

3 MHz -20 MHz (Flexible Channel size ) Standard has inbuilt QoS for voice and multimedia applications

Modulation Protocol Security Application Scalability Interoperability

OFDM, OFDMA Grant/Request, TDM and TDMA X.509 certificate 56 bit DES 128 bit AES MAN, WAN High High

Table 12 shows the performances of WIFI technology compared to 3G technology. Table 12: WIFI versus 3G [29]

WIFI Unlicensed 2.4 GHz and 5 GHz Several km 300 ft for indoor usage 802.11b -11Mbps 802.11a/g-54 Mbps

Parameters License Spectrum Coverage Data rate and Speed

3G Licensed 800, 900, 1800, 1900, 2100 MHz Can be extended up to 1 mile 300Kbps

25

A major consideration when comparing the WIFI and WIMAX technologies is regulation. WIFI technology is unlicensed but regulated in the maximum allowable power. The WIMAX technology requires a license, which defines the frequency band, channel bandwidth, power limit, and geographic area. The licensed versus unlicensed consideration involves several parameters as shown in Table 13. Table 13: Parameters of licensed and unlicensed consideration [9]

Interference

Licensed frequency band lowers the probability of interferences since transmission in the licensed frequency band is allowed only to the licensees. License exempt frequency band is open to anyone and thus may suffer from uncontrolled interferences that may affect network performance.

Spectrum Cost

Licensed bands are usually very costly, and require large upfront investment. Many medium-small operators dont have the initial capital needed to buy the required frequency license. In addition, such licenses are normally sold for nation-wide coverage, making it even more difficult for medium-small operators to consider this possibility.

Power Limit

The allowed maximum transmission power in licensed bands is normally higher than in unlicensed bands. This implies that wider range and higher spectral efficiency can be achieved in principle. Yet, in practice the limiting factor in most cases is the client device, where the maximum power is limited by battery drain consideration. As a result, the client device transmit power is just as limited in the licensed band as in the unlicensed band.

Channel Bandwidth

Bandwidth allocation is often smaller in licensed band compared to unlicensed band. This implies that the maximum achievable throughput rates of licensed band are usually significantly lower than those in unlicensed bands.

26