Journal Article•
Wireless networks: developments, threats and countermeasures
01 Jan 2013-International Journal of Digital Information and Wireless Communications (The Society of Digital Information and Wireless Communication)-Vol. 3, Iss: 1, pp 125-140
TL;DR: The findings from reviewing these research papers proved that the complexity of the attacks had increased by time and the attacks in WiFi network are passive and more dangerous to the end users.
Abstract: This paper discusses current threats in wireless networks and some academia research reviews regarding the matters. Significant and persistent threats discussed are sniffing, Man In the Middle Attack (MITM), Rogue Access Points (RAP), Denial Of Services (DoS) and social engineering attacks. Some current developments of wireless communication technology such as short range communication, cloud computing, bring your own device policy (BYOD), devices tethering and convergences of WiFi and cellular network technology are also presented. Some practical suggestion and advanced countermeasures are also reviewed in this paper. The findings from reviewing these research papers proved that the complexity of the attacks had increased by time and the attacks in WiFi network are passive and more dangerous to the end users.
Citations
More filters
TL;DR: It is argued that while the term began its life in the study of politics, and only later gained usage within the domain of cybersecurity, these are applications of the same fundamental ideas: epistemic asymmetry, technocratic dominance, and teleological replacement.
77 citations
Proceedings Article•
22 Feb 2015TL;DR: This paper analyses the important security issues that can put the eHealth system at risk and the specific goals and requirements, vulnerabilities, threats, and attacks are analysed and some possible security recommendaitons with direction for future work are discussed.
Abstract: A patient monitoring system for the Internet of Things in eHealth can be established through the integration of wireless body area network, communication infrastructure, and the hospital network. The dynamic and heterogeneous environment of the Internet of Things may facilitate the pa- tient with mobility options. However, security-related prob- lems may obstruct the development of such a comprehensive patient monitoring system. While assessing the security of a patient monitoring system, it is necessary to realise that it may not be enough to only look into the security related aspects of the body area network. Instead, the overall patient monitoring system should be treated as a connected and integrated eHealth system. This paper analyses the important security issues that can put the eHealth system at risk. The specific se- curity goals and requirements, vulnerabilities, threats, and attacks are analysed and some possible security recommenda- tions with direction for future work are discussed.
33 citations
Posted Content•
TL;DR: In this work, a structured methodology is provided to differentiate between a CeFi and a DeFi service, and it is shown that certain DeFi assets do not necessarily classify as CeFi assets, and may endanger the economic security of intertwined DeFi protocols.
Abstract: To non-experts, the traditional Centralized Finance (CeFi) ecosystem may seem obscure, because users are typically not aware of the underlying rules or agreements of financial assets and products. Decentralized Finance (DeFi), however, is making its debut as an ecosystem claiming to offer transparency and control, which are partially attributable to the underlying integrity-protected blockchain, as well as currently higher financial asset yields than CeFi. Yet, the boundaries between CeFi and DeFi may not be always so clear cut. In this work, we systematically analyze the differences between CeFi and DeFi, covering legal, economic, security, privacy and market manipulation. We provide a structured methodology to differentiate between a CeFi and a DeFi service. Our findings show that certain DeFi assets (such as USDC or USDT stablecoins) do not necessarily classify as DeFi assets, and may endanger the economic security of intertwined DeFi protocols. We conclude this work with the exploration of possible synergies between CeFi and DeFi.
24 citations
Cites background from "Wireless networks: developments, th..."
...Other types of common network attacks, such as DDoS [163], MitM[98], and wireless network attacks [151], are also possible in DeFi....
[...]
04 Jan 2017
TL;DR: This research presents attack graph modeling as a viable solution to identifying vulnerabilities, assessing risk, and forming mitigation strategies to defend ambulatory medical devices from attackers.
Abstract: The continued integration of technology into all
aspects of society stresses the need to identify and
understand the risk associated with assimilating new
technologies. This necessity is heightened when
technology is used for medical purposes like
ambulatory devices that monitor a patient’s vital signs.
This integration creates environments that are
conducive to malicious activities. The potential impact
presents new challenges for the medical community.
Hence, this research presents attack graph
modeling as a viable solution to identifying
vulnerabilities, assessing risk, and forming mitigation
strategies to defend ambulatory medical devices from
attackers. Common and frequent vulnerabilities and
attack strategies related to the various aspects of
ambulatory devices, including Bluetooth enabled
sensors and Android applications are identified in the
literature. Based on this analysis, this research
presents an attack graph modeling example on a
theoretical device that highlights vulnerabilities and
mitigation strategies to consider when designing
ambulatory devices with similar components
21 citations
Cites background from "Wireless networks: developments, th..."
...Noor [17] Man In The Middle Encryption, No default password...
[...]
TL;DR: In this paper, the authors study how the application of the MEC technology affects the functioning of 5G MEC-based services and identify the most sensitive cases to focus on their protection against network attacks in the first place.
Abstract: 5G is the fifth-generation cellular network satisfying the requirements IMT-2020 (International Mobile Telecommunications-2020) of the International Telecommunication Union. Mobile network operators started using it worldwide in 2019. Generally, 5G achieves exceptionally high values of performance parameters of access and transmission. The application of edge servers has been proposed to facilitate implementing such requirements of 5G, resulting in 5G MEC (Multi-access Edge Computing) technology. Moreover, to optimize services for specific business applications, the concept of 5G vertical industries has been proposed. In this article, we study how the application of the MEC technology affects the functioning of 5G MEC-based services. We consider twelve representative vertical industries of 5G MEC by presenting their essential characteristics, threats, vulnerabilities, and known attacks. Furthermore, we analyze their functional properties, give efficiency patterns and identify the effect of applying the MEC technology in 5G on the resultant network’s quality parameters to determine the expected security requirements. As a result of the research, we identify the impact of classified threats on the 5G empowered vertical industries and identify the most sensitive cases to focus on their protection against network attacks in the first place.
19 citations
References
More filters
16 Mar 2009
TL;DR: In this article, the authors describe two attacks on IEEE 802.11 based wireless LANs: improved key recovery attack on WEP, which reduces the average number of packets an attacker has to intercept to recover the secret key, and dictionary attack when a weak pre-shared key is used.
Abstract: In this paper, we describe two attacks on IEEE 802.11 based wireless LANs. The first attack is an improved key recovery attack on WEP, which reduces the average number of packets an attacker has to intercept to recover the secret key. The second attack is (according to our knowledge) the first practical attack on WPA secured wireless networks, besides launching a dictionary attack when a weak pre-shared key (PSK) is used. The attack works if the network is using TKIP to encrypt the traffic. An attacker, who has about 12-15 minutes access to the network is then able to decrypt an ARP request or response and send 7 packets with custom content to network.
224 citations
09 Aug 2010
TL;DR: This work proposes a novel user-side evil twin detection technique that outperforms traditional administrator-side detection methods in several aspects and can identify evil twins with a very high detection rate while keeping a very low false positive rate.
Abstract: In this paper, we consider the problem of “evil twin” attacks in wireless local area networks (WLANs). An evil twin is essentially a phishing (rogue) Wi-Fi access point (AP) that looks like a legitimate one (with the same SSID name). It is set up by an adversary, who can eavesdrop on wireless communications of users' Internet access. Existing evil twin detection solutions are mostly for wireless network administrators to verify whether a given AP is in an authorized list or not, instead of for a wireless client to detect whether a given AP is authentic or evil. Such administrator-side solutions are limited, expensive, and not available for many scenarios. For example, for traveling users who use wireless networks at airports, hotels, or cafes, they need to protect themselves from evil twin attacks (instead of relying on those wireless network providers, which typically may not provide strong security monitoring/management service). Thus, a lightweight and effective solution for these users is highly desired. In this work, we propose a novel user-side evil twin detection technique that outperforms traditional administrator-side detection methods in several aspects. Unlike previous approaches, our technique does not need a known authorized AP/host list, thus it is suitable for users to identify and avoid evil twins. Our technique does not strictly rely on training data of target wireless networks, nor depend on the types of wireless networks. We propose to exploit fundamental communication structures and properties of such evil twin attacks in wireless networks and to design new active, statistical and anomaly detection algorithms. Our preliminary evaluation in real-world widely deployed 802.11b and 802.11g wireless networks shows very promising results. We can identify evil twins with a very high detection rate while keeping a very low false positive rate.
89 citations
29 Mar 2012
TL;DR: Cloud Computing services including data storage service, cloud computing operating system and software as a service will be introduced, Cloud Computing security challenges will be discussed and Cisco Secure Cloud Data Center Framework will be presented.
Abstract: Cloud Computing recently emerged as a promising solution to information technology (IT) management. IT managers look to cloud computing as a means to maintain a flexible and scalable IT infrastructure that enables business agility. In this paper Cloud Computing services including data storage service, cloud computing operating system and software as a service will be introduced, Cloud Computing security challenges will be discussed and Cisco Secure Cloud Data Center Framework will be presented.
67 citations
"Wireless networks: developments, th..." refers background in this paper
...NETWORKS Services offered by cloud are data storage, software, platform and infrastructure [25]....
[...]
TL;DR: Various forms of sophisticated attacks launched from adversaries with internal access to the WMN are described and possible detection and mitigation mechanisms are identified.
Abstract: Wireless mesh networks promise to extend high-speed wireless connectivity beyond what is possible with the current WiFi-based infrastructure. However, their unique architectural features leave them particularly vulnerable to security threats. In this article we describe various forms of sophisticated attacks launched from adversaries with internal access to the WMN. We further identify possible detection and mitigation mechanisms.
61 citations
"Wireless networks: developments, th..." refers background in this paper
...In selective jamming/ dropping as proposed in [20], the targeted channel which was defined by separate frequency...
[...]
26 Mar 2012
TL;DR: This method compares the gateways and the routes that a packet travels to determine whether an access point is legitimate or not and can easily detect Man-In-The-Middle and evil twin attack without any assistance from the WLAN operator.
Abstract: There is a big risk for public Wi-Fi users being tricked into connecting to rogue access points. Rogue access point is one of the most serious threats in WLAN, since it exposes a large number of users to MITM and evil twin attack. In this paper we propose a practical method that warns users to avoid connecting to the rogue access points. Proposed method compares the gateways and the routes that a packet travels to determine whether an access point is legitimate or not. This method can easily detect Man-In-The-Middle and evil twin attack without any assistance from the WLAN operator.
55 citations
"Wireless networks: developments, th..." refers methods in this paper
...In [17], Somayeh et al proposed a novel method for RAP detection on the client-side which is able to detect both MITM attack and evil twin attack....
[...]