International Journal of Innovative and Emerging Research in Engineering Volume 2, Issue 3, 2015 Available online at www.ijiere.com International Journal of Innovative and Emerging Research in Engineering e-ISSN: 2394 - 3343 p-ISSN: 2394 - 5494 Data security in wireless networks: A Review Mr. Pranav Soochik Student of Third Year of Computer Engineering, Shri Sant Gadge Baba College of Engineering and Technology, Bhusawal, North Maharashtra University, Jalgaon, Maharashtra, India [email protected] ABSTRACT: In today’s technological era the uses of wireless networks is very essential for the growth & development in all sectors. With this rapid growth in use of wireless network it is very important to look forward toward the data security issues in wireless network. Security in networks either in wired or in wireless it is very important to protect our information or data from attacks like session high-jacking or replay attacks. Different types of wireless network & security methods are available in market. I am going to discuss the overview of wireless network world and trying to show the security issues and data security in wireless networks such as symmetric and asymmetric encryption, cryptography method, block cipher and stream cipher etc. Keywords: wireless networks, attacks, security. I. INTRODUCTION When we start discuss about the uses of wireless networks in today’s technological era, first we thought about the security issues about data privacy and risk of unauthenticated users. In next sub-point we had discussed about the wireless world as an overview and in next main points we had discussed about wireless data attacks and security goals. A. THE WIRELESS WORLD Wireless data networks have spread between home users and corporations in an growing way. The main reason behind this fast adaptation is due to the nature of wireless networks where it provides the flexibility and freedom that wired networks shortage. The rising of bandwidth capabilities has inspired people to think seriously about replacing wired networks with wireless networks especially in places where it is hard or exclusive to have wired networks [6]. One of the main places that can benefit from these ideas is rural zones where wired networks infrastructure is either difficult or impossible to create due to physical difficulties. The main standards in the wireless world are: 802.11, which describe the Wireless LAN design and 802.16 which describes the Wireless MAN design. These two wireless networks are usually known by two acronyms: Wi-Fi (Wireless Fidelity) to be a sign of WLAN and WiMAX (Worldwide Interoperability for Microwave Access) to describe WMAN. [3] 1. WIRELESS LAN (WLAN) Wireless LAN is simply trying to imitate the structure of the wired LANs using alternative standard to transfer data quite than cables. This standard is electromagnetic waves which are mainly either radio frequency (RF) or infrared frequency (IR).Wireless LANs consist mainly of two entities: clients or end-user devices and Access Points (AP) [3] as shown in figure 1. Figure 1: Wireless WLAN 2. WIRELESS MAN (WMAN) The idea behind using WMAN is to offer a broadband Internet service using wireless substructure. The idea is very analogous to a TV broadcast network (shown in Fig). The theoretical speed of WMAN is 75Mbps lengthy to several miles, which offer an additional to cable and DSL connections in the future [3].As shown in the figure 2. 96 International Journal of Innovative and Emerging Research in Engineering Volume 2, Issue 3, 2015 Figure 2: Wireless WMAN B. INTRODUCTION TO WIRELESS SECURITY This section outlines some of the basic beginnings in the security world. It starts by describing the goals behind implementing security in the computer world Then it discuss encryption and decryption concept, the implementation of both block and stream ciphers, and finally a brief description of the most common encryption standards[6]. II. WIRELESS NETWORKS ATTACKS Security in computer world governs the capability of the system to manage, protect and distribute sensitive info. Data Security was initiate many years before the advent of wireless communication due to the mankind's need to send information (in war or in peace time) without exposing its content to others. The first and most known machine (Enigma) was used in WWII by the German military to encrypt their mails. The machine was something similar to a simple typing machine with a scrambler unit to obscure the content of the messages [6]. From that time till now, many solutions to security extortions have been familiarized, and most of them were abandoned or replaced by better security criteria. These ongoing changes supported the security field to be a perpetual hot topic. In the wireless world security extortions were not known to public people till prices of wireless equipment went down about 2000. Afore that date, the military was the number one client for wireless security products especially during the cold war. A. SECURITY ATTACKS Below is a list of the most common attack kinds known in both wired and wireless networks. Most of the security attacks and extortions are listed under the following categories [6]. 1. Traffic Analysis In this type of attacks the attacker uses the statistics of network connectivity and activity to find information about the attacked networks. The Information includes AP location, AP SSID and the kind of protocol used by the study of size and types of Packets. 2. Passive Eavesdropping Attackers in this type set themselves in snuffling way, where they listen to all the network traffic hoping to quotation information from it. This kind of attack is only useful with unencrypted networks and stream cipher encrypted ones. 3. Active Eavesdropping It is related to passive eavesdropping but the attacker tries to change the data on the packet, or to insert a complete packet in the stream of data. 4. Session High-Jacking The attacker attacks the dishonesty of the session by trying to hijack an authorized session from an authorized user. 5. Replay Attacks In this kind of attack the attacker uses the information from earlier authenticated sessions to gain access to the network. III. WIRELESS NETWORKS SECURITY GOALS Every security system must provide a bundle of security functions that can assure the privacy of the system. These functions are typically referred to as the goals of the security system. These aims can be planned under the following main types Authentication: This means that before sending and receiving data by the system, the receiver and sender identity should be confirmed and verified. Secrecy or Confidentiality: Usually this function (feature) is how most people identify a safe system. It means that simply the authenticated people are able to interpret the message or date content and no one else. Integrity: Integrity means that the content of the communicated data is assured to be free from any type of alteration between the end points sender and receiver. The basic procedure of integrity is packet check sum in IPv4 packets. Non-Repudiation: This function implies that neither the sender nor the receiver can falsely deny that they have sent a certain message. 97 International Journal of Innovative and Emerging Research in Engineering Volume 2, Issue 3, 2015 Service Reliability and Availability: Since secure systems typically get attacked by intruders which may affect their availability and kind of service to their users. Such systems should offer a system to grant their users the quality of service they expect [6]. A. DATA ENCRYPTION To send data securely among two nodes, the system must encrypt the data or systematically scramble info so that it cannot be read without knowing the coding key [9].As shown in figure 3. Figure 3: Data encryption and decryption 1. SYMMETRIC ENCRYPTION In this type of encryption, the sender and the receiver agree on a secret key. Then they use this secret key to encrypt and decrypt their sent mails Node A and B mainly on the encryption technique to be used in encryption and decryption of interconnected data. Then they approve on the secret key that both of them will use in this connection. After the encryption system finishes, node A starts sending its data that is encrypted with the key. On the other side at node B uses the same shared key to decrypt the encrypted messages [3]. 2. ASYMMETRIC ENCRYPTION Asymmetric encryption is the further kind of encryption where two keys are used, to describe more, what Key1 can encrypt only and Key2 can decrypt, vice versa. It is also known as Public Key Cryptography (PKC) because users tend to use two keys are public key, which is known to the public and another one is private key which is known only to the user. After approving on the type of encryption to be used in the connection, node B sends its public key to A. A node uses the received public key to encrypt its mails. Then when the encrypted mails reach, node B uses its private key to decrypt them [3]. B. BLOCK CIPHER In this process data is encrypted and decrypted if from of blocks. In its meekest type, you divide the simple text into blocks which are then fed into the cipher system to products Blocks of cipher text. There are various variances of block cipher, where altered methods are used to strengthen the security of the system. The furthermost common methods are: ECB (Electronic Codebook Mode) &CBC (Chain Block Chaining Mode), and OFB (Output Feedback Mode), ECB is the simple method of clock cipher where data blocks are encrypted openly to generate its correspondent ciphered blocks. CBC mode usages the cipher block from the earlier step of encryption in the current one which forms a chain-like encryption process, OFB operates on simple text in away similar to stream cipher that will be described below, where the encryption key used in each step depends on the encryption key from the earlier step [4].As shown in figure 4. 98 International Journal of Innovative and Emerging Research in Engineering Volume 2, Issue 3, 2015 Figure 4: Block cipher ECB mode C. STREAM CIPHER Stream cipher functions on a stream of data by working on it bit by bit. Stream cipher contains of two major components: a key stream generator and a mixing function. the Mixing function is usually just an XOR function while key stream generator is the main unit in stream cipher encryption method. For example, if the key stream generator products a series of zeros, as the output ciphered stream will be matching to the original simple text [4].As shown in figure 5. Figure 5: Stream cipher- Simple mode IV. CONCLUSION I have discussed about the wireless networks with their uses, described the security attack issues and data security goals plan list for wireless network and also discussed about the data security methods using in today’s trend such as symmetric and asymmetric data encryption, about cipher text process and we conclude that we can’t control other the session hijacking techniques or data loss completely by a single method or technique, we need to develop our data privacy techniques for various security attacks & hacking. ACKNOWLEDGMENT I feel great pleasure in submitting this paper on “Data security in wireless networks: A Review”. I would like to thank my honorable Principal, Dr. R. P. Singh, and special thanks to Head of Department and my guide Prof. D. D. Patil & sincere thanks to all the respected teaching faculties of department of computer science & engineering of shri sant gadge baba college of engineering and technology bhusawal(M.H.), INDIA. REFERENCES [1] Peng Bao, Ma Liang, “A Security Localization method based on Threshold and Vote for wireless sensor networks” procedia engineering 5 (year 2011). [2] N.S. Fayed, E.M. Daydamoni, A. Atwan, “Efficient combined security system for wireless sensor network”, Egyptian Informatics Journal (2012) 13, 185–190. [3] Abidalrahman Moh’da, Hosein Marzib, Nauman Aslam, “A Secure Platform of Wireless Sensor Networks”, the 2nd International Conference on Ambient Systems, Networks and Technologies, procedia engineering 5 (2011). [4] Fang-Jiao Zhanga, b, Li-Dong Zhaia,*, “Sinkhole attack detection based on redundancy mechanism in wireless sensor networks”, Information Technology and Quantitative Management (ITQM 2014). [5] Zhijun Xie*, 1, 2, Guangyan Huang2, Jing He2, Yanchun Zhang2, “A Clique-Based WBAN Scheduling for Mobile Wireless Body Area Networks”, Information Technology and Quantitative Management (ITQM 2014). [6] Gaurav Sharmaa* Suman Balaa, Anil K. Vermaa, “Security Frameworks for Wireless Sensor Networks-Review”, 2nd International Conference on Communication, Computing & Security [ICCCS-2012]. 99
© Copyright 2024