Cyber Security

Vipul Chudasama
Assistant Professor
Computer Science and Engineering
NU

Cyber Security

Agenda

To understand how Wi-Fi network works

To understand working of spam

To understand Denial of Service Attack

Wi-Fi Network
This wireless technology is called Wi-Fi.
It is not a single standard. It refers to an entire family
of standards based on the 802.11 networking
protocol.
There are multiple 802.11 standards: the now littleused 802.11a; 802.11b; the higher-speed 802.11g;
and the highest-speed (as of this writing) 802.11n.
802.11n standard had not been formally adopted, but
some "pre-n" Wi-Fi equipment was being sold.
With all of Wi-Fi's convenience comes dangers. The
same technology that lets you browse the Web from
your back porch can let invaders hop onto your
network from outside your house or apartment.

Threat of Wi Fi network
Wi-Fi is an open technology. A wireless router
broadcasts its presence to any device with a WiFi adapter within its range, and if the router is
unprotected, anyone who wants to can connect
to it and use the network.
A common kind of intruder is called a war driver.
This person drives through areas of cities and
suburbs known for having Wi-Fi networks and
searches for unprotected networks he can break
in to.
He uses software that makes it easy to find
unprotected networks. Some war drivers use
high-power antennas so they can find as many
networks as possible.

Software built directly in to Windows XP, for

example, lets anyone easily find and
connect to an unprotected network.
When war drivers target a business network,
they may be looking for proprietary
business information or be looking to do
malicious damage. When they target a
home network, they might look for personal
information, such as credit card numbers,
or be looking to damage computers.

Wi-Fi network

Access point or
router
AP is bridge
between Ethernet
network or the
internet
Station (PC+wifi
adap)
Basic Service
Set(BSS)

Working

Station sends probe

request frames to AP
Stations communicate
with AP using method
called( CSMA/CA)
Station sends RTS to
AP
AP sends CTS replay
to station
Station sends Ack to
AP
Exteded Service Set
(ESS)

How Hacker Invade Wi Fi

Network

War driving
software like
NetStumbler or
cain and able
which detets WiFi
networks
NS detects network
ID,cannel
,encryption is used
Video :

Windows XP
automatically finds
and connects to
nearby wireless
networks
Some networks
protected by Wi Fi
encryption
technologies
WEP ,WPA,WPA2
Hacker use sniffer to
capture all the data

Wi Fi Hotspot

Wi Fi hotspot allows
people with laptops ,
PDAS or other devices
Food restaurants,
hotels and airports ,
free
Connected to a
network and vulnerable
to other people ex file
sharing feature
Use of sniffer to
capture packets of
others

Hacker at hotspot
can plant spy ware
and Trojans
Hacker sees
username ,
passwords or credit
card information
InXP you can design
ad hoc network
Use of evil twin hack

Evil twin hack, hacker creates a twin of

existing hotspot to fool the people. (SSID)
He uses special tool (hotspotter)
Hotspotter passively monitors the network
for probe request frames to identify the
preferred networks of Windows XP clients,
and will compare it to a supplied list of
common hotspot network names. If the
probed network name matches a common
hotspot name.
Hotspotter will act as an access point to
allow the client to authenticate and associate

Wired Equivalent Privacy

(WEP)
Wired Equivalent Privacy (WEP) algorithm, which
is part of the 802.11 standard.
The 802.11 standard describes the communication
that occurs in wireless local area networks (LANs).
The Wired Equivalent Privacy (WEP) algorithm is
used to protect wireless communication from
eavesdropping.
A secondary function of WEP is to prevent
unauthorized access to a wireless network; this
function is not an explicit goal in the 802.11
standard, but it is frequently considered to be a
feature of WEP.

WEP encryption
WEP uses the RC4 encryption algorithm, which
is known as a stream cipher.
A stream cipher operates by expanding a short
key into an infinite pseudo-random key stream.
The sender XORs the key stream with the
plaintext to produce ciphertext.
The receiver has a copy of the same key, and
uses it to generate identical key stream.
XORing the key stream with the ciphertext
yields the original plaintext.

Problems in WEP
To ensure that a packet has not been modified
in transit, it uses an Integrity Check (IC) field
in the packet.
To avoid encrypting two ciphertexts with the
same key stream, an Initialization Vector (IV)
is used to augment the shared secret key and
produce a different RC4 key for each packet.
The IV is also included in the packet. However,
both of these measures are implemented
incorrectly, resulting in poor security.

Problems in WEP
The initialization vector in WEP is a 24-bit
field, which is sent in the cleartext part of a
message.
Such a small space of initialization vectors
guarantees the reuse of the same key stream.
A busy access point, which constantly sends
1500 byte packets at 11Mbps, will exhaust
the space of IVs after 1500*8/
(11*10^6)*2^24 = ~18000 seconds, or 5
hours

WEP security flaws could be

summarized as follows
RC4 encryption
IVs are too short
no proper integrity check
no built-in method of updating keys.

Wireless Protection

Use Encryption methods (WPA,WPA 2)

Networks can also allow only computers
whose network adapter have specific
MAC addresses to connect to the
Network
Use of Intrusion detection system.
(Honeypot)
Position network antennas so signal does
not reach outside the building

Wi Fi encryption

WPA encryption can

be used in home or
corporation.
Station use EAP to
authenticate .
Station needs to send
password , id
AP pass the id to
authentication server
If id is valid the
authentication server
send a master TKIP

When computer
tries to get on the
network or read
any data passing
across the network
an it does not have
valid key or its key
has been rejected
by authentication
server