The Security Issues In Wireless Networking Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

In the time span of just a few years, wireless networking has emerged from a uniqueness to revolution. The speed with which wireless networking has caught on is not surprising owing to large bandwidth and range of several hundred feet. Moreover multiple wireless access points can be easily installed on same network to cover more areas. Our main challenge in design of these networks is their exposure to security attacks. The wireless network is a network which connects without any cables or wires; it is based on radio signal frequency to communicate among computers and other network devices.

With the rapidly growing world, everyday some inventions can change the way of human life style. The modern technology of wireless has overcome the traditional method that is by using cable wires. Because of wireless networking numerous advantages, it is becoming more and more popular these days. These advantages include mobility (which leads to time saving - users are not required to go to a specific spot to use the service) and room saving since they do not need cables. Wireless technology used in many fields like public, private and corporate places. Wireless networking makes the life easier as compare to wired network. Now a day's people can be in touch with their family and friends while they are away from the home and offices. This new trend is known as hotspots. These are available at most of the public places like coffee shop, hotels, and airports and so on.


As, every technology have some negative aspects, wireless technology has also some loop holes which we cannot avoid while considering the importance of wireless technology. If the hacker come to know about these weakness user has to face dangerous consequences. If a user logs on to the unsecured network, anyone can see their personal identification information which leads to the loss of privacy and security in the wireless network. Thus, security plays an important role in wireless network.


Use of encryption in every step, from the beginning of the login process to the service in wireless hotspot, as this encryption helps avoid the Evil Twin attack.

Encryption can also be avoided if the user is to use an identity authentication system that requires mutual identity authentication.

Deploy an intelligent, software-based client on all laptops that has the ability to validate the authenticity of a public Wi-Fi hotspot network.

New policies are require an end-user to enter Wi-Fi authentication credentials into an intelligent software-based client that encrypts both the user name and password, versus allowing the user to enter their credentials into whatever HTML page happens to be presented to them when they connect.

Service providers are motivated to focus on the security of their users' systems. The first and foremost concern for providers is to protect their own infrastructure and systems. They ensure these systems are usable to their customers by employing firewalls, rate-limiting devices, and some monitoring. They may block incoming connections from the Internet to wireless clients in an effort to keep worms and malware from affecting their customers. While this keeps malicious actors from attacking users' machines, it also helps preserve the networks of the service providers by minimizing the amount of traffic they deal with and the potential for malicious activity.

SSL certificate: - The genuine networks always use the secure socket layer (SSL) to encrypt the sensitive information. we can verify these SSL certificates from the padlock icon on the internet browser to conform the user is connected to the authorized network

Organisation should also maintain the access control list by giving the authority to the user whether he can access the particular protocols or not. This access control list contains the TCP, UDP, HTTP and FTP.


Security Issues:-

Security is an important issue for wireless networks, especially for the security sensitive applications like if the user is doing online transaction in the unsecure wireless network. Wireless network mainly consist of four basic components that is, [32]

The transmission of data using radio frequencies

Access point that provides connection to the network

Client devices (laptops and PDA's etc).


Figure 9:- Components of Wireless

Security Threats:-

Despite the productivity, convenience and cost advantage that wireless offers, the radio waves used in wireless networks create a risk where the network can be hacked. So following are the main threats in wireless networks as:-[41]

Denial of Service:-

In this attack, the attacker floods the network with either valid or invalid messages affecting the availability of the network resources. Due to the nature of the radio transmission, the wireless LAN is very vulnerable against denial of service attacks.


This involves attack against the confidentiality of the data that is being transmitted across the network. By their nature, wireless LANs intentionally radiates network traffic into space. This makes it impossible to control who can receive the signals in any wireless LAN installation. In the wireless network, eavesdropping by the third parties is the most significant threat because the attacker can intercept the transmission over the air from a distance, away from the premise of the company.


A man-in-the-middle attack is a type of attack where the user gets between the sender and receiver of information and sniffs any information being sent. In some cases users may be sending unencrypted data which means the man-in-the-middle can easily obtain any unencrypted information. In other cases, the attack could be used to break the encryption key.

Evil -twin: -

Evil Twin attack is a common way of attacking WLANs. The attacker here replicates another WLAN's SSID. For the user, they would not notice that there is a change, or that they are connected to a rogue AP they search for a specific SSID, and they find it. Another factor is that most of the wireless networking cards gets connected to the network with stronger signal. The attacker, on the hand, can capture all their traffic picking these packets containing sensitive data such as passwords, confidential documents, credit card information, etc.


The Evil Twin attack is broader in definition and refers to the impersonation of a trusted network to establish a wireless connection. Once the wireless connection has been established the Evil Twin can be used for Wi-Phishing. Wi-Phishing is the act of covertly setting up a wireless-enabled laptop or AP (such as an Evil Twin) but for the sole purpose of getting wireless laptops to associate and track keystrokes, allowing the hacker to capture passwords and credit card information.

Security risk of public WiFi:-

There are a few obvious security risks for the Wi-Fi public hotspot user:

Open Area: - Hotspot are found easily in every public places , where everyone can access with some rules and regulation , while using the hotspot in public places user should be aware it is open area where anyone can be sniff the important information like password and bank detail either by physical eavesdropping(ex. Packet sniffer) , or digital eavesdropping(ex. Packet sniffer).

Unfamiliar Environment :- As hotspot are situated in all the public places where user can access easily, but in public places are mostly unfamiliar environment for some people for are using the hotspot is whether they are good guys or not like hackers.

Fully Automatic :- Mostly the free hotspot are fully automatic , and if the user is using the Wi-Fi enable devices that will automatic connect with that free hotspot. So this type of services does not require any user intervention (ex. Just switching ON at a hotspot will automatically get user is connected)

Not even Basic Security- Usually the free hotspot do not provide any type of security that leads to very high risk because the user are unaware about the risk associated with the unsecure connection. So the some of the hotspots does not contain the basic security like WEP (ex. WEP disabled for Zero-Configuration)

Different Risk Level - While using a hotspot in public places have to different type of risk with different intensity levels, because if user deal with e-commerce sites in public places then it might have risk that the hacker can steal all the bank information like Short Term ( ex. Prepaid Card) or Long Term ex. Credit Card.


In the previous chapter we have learned about how wireless technology developed from the small radius and today it cover the whole city and continent using the Wi-Fi. The growth of unbelievable technology leads to provide free services in public places. Wireless hotspots are becoming popular in public avenues like airports, shopping mall, hotel and a coffee shop places etc. Hotpots provide high-performance wireless Internet access connections in public places.

Evil twin attack:-

One of the most popular threat to Wi-Fi users is the Evil Twin It's a rogue access point that replicates another network name, such as that of a hot-spot or a secure network. "The Evil Twin waits for a user to mistakenly sign into the wrong access point and captures the user's network data or attacks the computer,"[34]

In a hotspot user connects to the Evil Twin wireless Access Point (AP), believing it to be a legitimate commercial hotspot.

Figure 16:- Wireless Evil Twin attack mechanism

Source: Wireless protection for the mobile enterprise, White Paper, by AirDefense

Main Issues: -

In this crowded environment, it can be tough to differentiate between friend and foe, even the dividing line is not that simple. The main issues for the occurrence of Evil-Twin attack are as follows:-

Access points: Access points can be insecure, due to the improper configurations and design flaws. Access points are more insecure if they pre-configured with a default password, they broadcast Service Set Identifier (SSID) and often require no encryption or authentication. If deployed with default settings, they become the loop hole for the hackers to use to access the wireless network.

SSID (SERVICE SET IDENTIFIER): SSID it works like a shared password between base station and clients. This allows only those clients to communicate with base station which are configured with the same SSID as that of base station. Most APs broadcast their SSID as part of the beacon frames to announce their presence The SSID is used to specify the name of a network segment related to a set of wireless access points. [52]The SSID is used as a simple authentication token for a wireless access point. However the SSID has limited value as a security measure. Mostly in public wireless network, the organisation broadcast their SSID and their names which resemble to their organisation domain name which usually confuse the user about the fake and the authorized network.

Tools used in Evil twin: -

Nets tumbler can use for capture the data packets to find out the SSID and then attacker can use the valid SSID over the false AP to trick the clients to connect to it. Effectively SSID does not protect Wireless LAN against the attacks; it is merely a mechanism to prevent wandering wireless devices in the area to get onto the network [52].

Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic [51].

In public wireless networks, the users only see the network name (SSID) that the public network broadcasts, which means that users should ensure that the network is what it claims to be; i.e., that it is a genuine network.

Approaches to solve Evil Twin:

To solve Evil Twin attack there are many ways among which the following are the best ways to solve:

MAC address filtering :-

To prevent from the evil-twin attack we can use the access points that support the feature of MAC address filtering that allows the users to store the names of access point in the form :{ AccessPointName, MACAddr}.In case of window like, if the hacker uses a similar name, the operating system (OS) will know it's a different access point because their MAC addresses do not match. This will help the user to avoid getting connected to the fake access point [40].

Using Light Sensor Access Points: -

The other interesting way for users to authenticate an access point by adopting some form of short string verification that is required to be implemented in both the user terminal and the access point [43]. When the user terminal attempts to pair up with an access point, an authentication channel is established that allows the user to control the sequence of light colour variations on the access point device.

Using SSL certificates :-

Another effective approach for preventing the user from evil twin attack is by using the SSL certificates. If a user downloads the copy of original SSL certificates from server when he uses the internet in public hotspot, this will defeat the evil twin attack. By using the unique characteristics of SSL certificates, evil twin attack can be avoided very efficiently. If a user uses a SSL enabled website, he can be in more secure network as the evil twin attacker cannot provide the false digital certificate information.

Design of Proposed Solution:

Our goal is to provide an easy mechanism to establish an access point identity that is convenient for both the clients and access points. User can access the internet in every public places, but to connect the authenticate network is more than important to using a free network, which can have serious consequence later to leak privacy and important information like if hacker can known your bank details.

My solution is based implanted on the downloading of SSL certificate, I am using the SSL certificate it is authorized it is authorized by the trusted third party and it creates a set of keys which is used for secure communication between the server and web browser. Here I am using a Network IP scanner which scans the IP address which is being used by the organisation. As every access point is allocated up to 256 IP addresses , so the network IP scanner checks the IP addresses of the users to conform whether they are connected to the authorized or not.

For example: If a person is going to bank for some work, but he forget the some documents in home, at the same time, he saw the free Wi-Fi Zone for accessing the internet and he has a softcopy in his mail, so he thought going back to home is time-consuming process and he can take the documents from his email using the free access of internet. He went to a shop and use own laptop to take the print of documents. He connected to a network and give print command for printing the documents. But he surprised to see that there is no document for the printer machine and he got the message, printing is completed. He shocked and discusses this matter with organisation member. After that he noticed, he was connected to a fake network which was organised by some attacker, and the document which is very confidential contains the bank detail information. So, by seeing this type of consequence this solution prevents and alert the user to check the network before using.

Check IP Address

Figure 18:- Architecture of the proposed solution

The solution consists of two check stages for getting authenticated to the authorised network. Firstly, when the user enters the hotspot, the shopkeeper will provide him the password and the name of the access point, so that the user can choose organiser's network from the list, after connecting to the network, when the user tries to open a web page by using a browser, then the browser will prompt a message for downloading the certificates. If the user gets this prompt then this proves that he is been connected to the authorised network and if the webpage opens directly without the prompt , then this implies that he is connected to the fake network. That network might be organise by some hacker or third person to gain access of the user information which conatin any senstive information like password, Bank detail inforamation etc. which will be heavily risk for the user if an unkown person knows these private and confidential information.

Secondly, the user can use the network IP scanner provided by the coffee shop, where the organiser provides the range of authorized IP addresses which is being allocated to the coffee shop. By using this scanner, the user can re-confirm that he is connected to the authorised network. If the user finds IP address out of that range, then he can immediately disconnect from the current network and can report to that organisation.

So, when the user gets the request to download the certificates, then this is proved that the user is connected to the legitimate network. This SSL also contains the information about the trusted third party. The organisation should also use WPA encryption which helps the users to encrypt all his data and maintain security.


In the last section we proposed a design to prevent Evil- twin attack from the hacker that is by downloading the SSL certificates from the server every time the user uses the public hotspot to protect them from connecting to the fake networks. An evil twin attack is a potential security threat for the Wi-Fi users especially in the public hotspot. In this attack, a hackers sets a rogue access point which mimics the characteristics of the authorised network. Users unknowingly connect to the rogue access point instead of the authorised network. The evil twin attack hijacks the sensitive information of the user like passwords, account information, credit card details and etc. SSL certificates are used to detect the Evil-twin attack because SSL certificates allows user to evidence that he is connected to the right network, because the SSL certificates protects the data between browser and the servers by using 128-bit encryption. This 128 bit is the length of the session key generated by encrypted transition so as the key is longer it will be more difficult to break this encryption code. A hacker cannot hack or make a duplicate copy of the SSL certificates as the hacker cannot break the strong encryption code offered by the SSL certificates. It is always preferred that the organiser should provide the SSL certificates to provide privacy and security to the users in the public wireless network.

The proposed solution is implanted by downloading certificates by which a user can differentiate between a fake and a legitimate network. In this chapter, I am going to present the solution methodically and described the user gains the awareness about the rogue access point and the authorised access point. Different motive of evil-twin attacks on the coffee shop can lead to following problem for end-user like

Attacker can listen or track the data of data packets without the user let it know. This might happen when attacker just needs some information for his cruel intention, or

Attacker can sniff the data and try to change it like user's personal account password. If attacker has successfully changed the user's password than attacker can anytime login to his account and can access any details with respective to user's mail.

Attacker can send TCP SYN flood attack on user's machine or coffee shop's network. This can lead to congestion is network which can damage the network.

When the user connects to the particular network, he may be confused by seeing the various similar looking access point names. So, to avoid this confusion, I have created a new method in which user have to manually type the name of the access point which he want to connect and can reconfirm the authorised access point. According to the proposed solution, the browser will prompt the user to download the SSL certificates from the server. This SSL certificates contain the IP address of the user which is assigned by the server. The user can check this assigned IP address from the run command in his computer and type IPCONFIG to confirm that the IP address is the genuine one. The user can also verify the SSL certificates while browsing the internet with the help of the padlock icon on the browser, which shows the authorisation and validity of the SSL certificates. The organisation also uses the explicit deny rule which can block anything which is not permitted by a rule. In this case, the coffee shop Organstion has also created a access list,in which the user to access only HTTP protocol to the access the internet . The user cannot use the FTP, UDP and TCP under this coffee shop network. so that, the user can avoid the threats like eavesdropping and man in middle attack. So by using these four stages user can reduce or detect the evil twin attack.

In the next section, steps of our proposed solution are being discussed in details. These steps will go in deep and explain the working of our proposed protocol

Step 1) Suppose, Martin, a person, came in to the Rich coffee shop and wants to access the internet. Martin just opens his laptop (wireless enabled) and let the laptop to load all the files. Then, Martin wants to access the internet, When he click on his wirelsss network connection, he might see a list of wireless available including the Rich Coffee's wireless. He tries to access but asked for the password while accessing.

Figure 19:- Choose a wireless network

Step 2) Martin wants to connect his laptop to the Coffee Shop wireless network. He will take the password from the member of coffee shop. This password will connect Martin to the Rich Coffee Shop Wireless Network and also the helps to re-authenticate the user to type that network name which he was connected, because hacker's wireless network name will be slightly different from the genuine network. Hacker will try his level best to fool the user, so that user can connect to his network, not with the genuine network.

Figure 20:-Enter password to connect to the network

When user enters the password of the network which can be broadcasted by hacker also, he will get a prompt to enter the name of the connected network i.e. Rich WiFi. If the user is connected to genuine wireless network than after entering the wireless network name, he is allowed to proceed to the next step.

Suppose, user, by mistake connected to a fake wireless network which is broadcasted by hacker i.e. Rich Wi-Fi and when prompted to enter password, he enters it successfully. Then, the second step takes place where he is prompted to enter the name of the connected network. When user enters the name of the connected network, the request will be sent to the server. Server will check and verify it, and in case where stored wireless name and received name are different, server will react immediately and send an access denied message to user. Along with that message user will get a prompt that "the entered network name is not belong to Rich Coffee Shop network. Please check with any member of Coffee Shop because you might be the victim of Evil Twin Attack".

This could help to stop Evil Twin attack with the co-operation of user with the shop.

The access point contains the security for the users, and the organiser uses the WAP encryption in access point, which encrypt the data packets and not allows any hacker or attacker to see actually what it contains. This is very important as user might have confidential information which can lead to any damage.

Step 3) when Martin's connected to the coffee shop network then the internet explorer will prompt a message to download certificates. This certificate helps the coffee shop and the end user to authenticate the person. These are SSL certificates which we have already discussed in the previous chapter. These certificates should be encrypted so that no one can see what this data packet contains. We will use WPA, as discussed, to ensure that each and every packet is well encrypted and achieve authenticity and security.

Figure 21:- The Warning Message from the Internet Explorer.

The above given page that shows the user that he is not still connected to the internet and to access the network user have to download certificates.

If the user do not get this window , and directly open the web page then this implies that user has enter in to the wrong network . That network might be organised by some hacker or third person to gain access of the user information which conatin any senstive information like password, Bank detail etc. which will be heavily risk for the user if an unkown person knows these private and confidential information.

Step 4) This is a very crucial step, because the SSL certificates are created by a trusted third party and a hacker cannot duplicate the SSL certificates. The SSL certificates are present in every authorised server. So, when the user gets the request to download the certificates, then this is proved that the user is connected to the legitimate network. This SSL also contains the information about the trusted third party.

Below figure can illustrate the example of how the SSL certificates can be downloaded. On the right hand side of "Rich-coffee" we can see it is showing that between the user (Martin) and server there one Encryption server which encrypts the data and secure it from outsider.

It also shows the other details like status of the user whether he is active right now or inactive. If inactive, than, users Martin will be logout automatically after some period of time. It also displays the IP address which is assigned to the laptop from the DHCP server. From options, we can also select the progress bar which shows the downloading status of SSL certificates. There are many other options saved in settings tool bar. They can modify and changed according to the user's requirements.

Figure 22:-Downloading the copy of certificate.

In Short, The downloading figure shows that the server name is Rich-coffee and it is sending the SSL certificate to the RICH COFFEE GUARDIAN. It also gives the IP address of the server and the name of the user. The IP address is assigned to the user's laptop via DHCP server only than when its identity has been approved by server. This adds the security prove of the SSL certificate and server. This shows that the server is the authorised one and has the valid SSL certificates.

Step 5) After downloading the SSL certificate user can know the IP address and he can check by using Run command and Type the IPCONFIG which shows the assigned IP address of the user , and user can also check the IP address by using the IP scanner tool provided by the organisation. This also shows that the user is connected to the genuine network.

Step 6) After Downloading the SSL certificate, the secure web page will automatically get open user can now access the internet and can enjoy the services of the internet, even in the public wireless network. So as the organisation Access list policy user can only access the Http sites on this hotspot this reduces the happening of Eavesdropping or other while transferring sections. Figure 23:- Access the Internet

Step 8 ) Hence , the user can also use an addtional security check for the SSL certifacte for further confirmation like he can open a web browser like google chrome and click on the right hand site lock , and open the security information and then view the security and SSL cretifcate .For example authorisation and validation of Certifactes.By this check, user can be more assured about the authorised network.

Figure 24:- check the SSL certificate.



Recently, wireless networking has become more popular, and it is growing in every sector of the world. It is becoming very easy to access internet from anywhere because of the growth of public wireless network like Wi-Fi hotspots. The increasing popularity of public wireless network makes it open for security and privacy challenges. To achieve a security, one has to consider authenticity, integrity and confidentiality as the key factors. If any system lacks in these three factors, it implies that the system lacks security. The problem of Evil-Twin is being concentrated in this paper. In Evil-Twin attack, the attacker creates the fake access point and fools the user to connect to him and extract all the confidential information about the user. As hacker's signal may be stronger than the original access point, the user gets connected to the hacker's access point. Evil-twin is the most serious attack in the public wireless network, since the user is unaware about the attack in his whole session on internet. I have provided a set of essential requirements in the chapter 2 which can be used to reduce the risk of the evil-twin attack.

The proposed solution is based on the downloading of SSL certificates which shows the assigned IP address of the user. A user can use the IP scanner provided by the organisation to check whether his IP address falls in the range of authorise IP addresses or not. If the IP addresses do not fall in that range, the user can immediately disconnect from that network and can report to the organisation. Here, we are choosing the SSL certificates, as it is the trademark for security in the world of internet. It is been issued by the trusted third party. It encrypts the communication channel between the client and server with strong encryption key, which is about 128 bytes. Because of this reason, hackers cannot make a duplicate SSL certificates nor even can break the encryption. The user can also check the SSL certificates from the browser's padlock symbol to reconfirm that they are in secure network.

In project also contains the implementation and the demonstration of the proposed solution. I have used the IP scanner tool which scans the IP address and shows the authorised range of the IP addresses. I have chosen the access control list by which an organisation can block the TCP, UDP and FTP. It only allows the access to the HTTP, through which we can minimise the risks associated with the public wireless network.

Future work

The world is growing with good and bad things. Similarly, new technologies also give birth to the various threats for the people. I have few ideas in my mind which can be used in the future to reduce the evil-twin attack. The organisation should provide more security to access point such as it should directly connect the user's device to the organisational network's access point and for authenticating to it, the user only requires the password. This technique can avoid the Evil-twin more efficiently. For securing the users from the threats of public wireless network, the back end should be more secure. The companies should also provide some infrastructure in Wi-Fi devices to improve them and eliminates the risks of various threats in Wi-Fi communications.

Finally, the users and the service providers should maintain the security levels on their parts to acquire a secure public wireless network. One concept remains, perfect security does not exist. Attackers will always try to discover vulnerabilities and exploit them. Network operators should be aware of the existent threats in order to be able to mitigate the risks caused by these threats.