Abstract

The use of wireless network as a medium of communication has tremendously increased due to its flexibility, mobility and easy accessibility. Its usage is inevitable at hotels and restaurants, airports, organizations and currently predominant in homes. As large number of devices connect to wireless network, valuable and sensitive information are shared among users in the open air, attackers can easily sniff and capture data packets. This paper aims at using penetration testing to assess vulnerabilities and conduct attacks on Wireless Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA) and 802.11i (WPA2) security protocols. The penetration testing was conducted using Kali Linux with its Aircrack-ng tools.

References

• Lee P., Stewart D. and Calugar-Pop C., (2014). Technology, Media & Telecommunications Predictions. London: Deloitte report, pp. 1-60, 2014.
• Waliullah Md., Moniruzzaman A. B. M., and Sadekur Rahman Md., (2015). An Experimental Study Analysis of Security Attacks at IEEE 802.11 Wireless Local Area Network. International Journal of Future Generation Communication and Networking, vol. 10, no. 4, pp. 9-18.
• Ola G., (2013). Penetration Testing on a Wireless Network Using Backtrack 5. Turku University of Applied Sciences.
• Chen Z., Guo S., Zheng K., and Li H., (2009). Research on man-in-the-middle denial of service attack in sip VoIP," Networks Security, Wireless Communications and Trusted Computing, NSWCTC, vol. 2, pp. 263-266, Apr. 2009.
• Appiah, J. K., (2014). Network and Systems Security Assessment using penetration testing in a university environment: The case of Central University College. Kwame Nkrumah University of Science and Technology, Kumasi.
• National Institute of Standards and Technology (NIST), (2008). Technical Guide to Information Security Testing and Assessment, Special Publication 800-115, Gaithersburg.
• Praveen L., Ravi S. Y., and Keshava R. M. (2011). Securing IEEE 802.11g WLAN Using OPENVPN and Its Impact Analysis. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.6, November 2011.
• Kropeit T. (2015), Don’t Trust Open Hotspots: Wi-Fi Hacker Detection and Privacy Protection via Smartphone. Ruhr-Universitat Bochum.
• Forouzan B., (2008). Data Communications & Networking. 4th edition. New York: McGraw-Hil
• L’ubomir Z., (2012). Security of Wi-Fi Networks. Comenius University, Bratislava
• Bilger J., Cosand H., Singh N. and Xavier J. (2005). Security and Legal Implications of Wireless Networks, Protocols, and Devices
• Shweta T., Pratim K., Sumedh K, and Aniket G., (2013). “Study of Vulnerabilities of Wlan Security Protocols,” Journal, Dep. Comput. Eng. Fr. C. Rodrigues Inst. Technol. Vashi, Navi Mumbai, no. September, pp. 109–112, 2013
• Memon A. Q., Raza A. H. and Iqbal S., (2010). WLAN Security. Halmstad University School of Information Science, Computer and Electrical Engineering. Technical report, IDE1013, April 2010.
• Kumkar V., Tiwari A., Tiwari P., Gupta A. and Shrawne S., (2012). Vulnerabilities of Wireless Security protocols (WEP and WPA2). International Journal of Advanced Research in Computer Engineering & Technology. Volume 1, Issue 2, April 2012
• Park T., Wang H., Cho M., Shin K. G., (2002). Enhanced Wired Equivalent Privacy for IEEE 802.11 Wireless LANs: The University of Michigan
• Intercop Net Labs, (2002). "What's Wrong with WEP?" Retrieved from http://www.opus1.com/www/whitepapers/whatswrongwithwep.pdf (Accessed on May 10, 2018)
• Borisov N., Goldberg I., and Wagner D., (2001). Security of the WEP algorithm Retrieved from http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html (Accessed on April 24, 2018)
• Kiemele L., (2011). Wireless Network Security. V00154530
• Zahur Y. and Yang T., (2004). “Wireless LAN Security and Laboratory Designs”. University of Houston Clear Lake CCSC, Journal of Computing Sciences in Colleges, vol. 19, no. 3, January 2004, pp. 44-60.
• Bulbul H. I., Batmaz I. and Ozel M., (2008). Wireless Network Security: Comparison of WEP (Wired Equivalent Privacy) Mechanism, WPA (Wi-Fi Protected Access) and RSN (Robust Security Network) Security Protocols. Gazi University
• Gupta S., (2012). Wireless Network Security Protocols-A Comparative Study, IJETAE, 2012
• Alselwi A., (2015). Wireless Security Protocol in DNA Bio-Inspired Network. Liverpool John Moores University.
• Kurup L., Shah V. and Shah D., (2014). Comparative Study of Attacks on Security Protocols. International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) Volume 3 Issue 8, August 2014
• Fluhrer S., Mantin I. and Shamir A., (2001). Weaknesses in the Key Scheduling Algorithm of RC4. Eighth Annual Workshop on Selected Areas in Cryptography, August 2001.
• Hulin K., Locke C., Mealey P., and Pham A., (2010). “Analysis of wireless security vulnerabilities, attacks, and methods of protection”. Information Security Semester Project, 2010.
• [Robyns P., (2014). Wireless Network Privacy. Hasselt University
• Zarch S. H. M., Jalilzadeh F., and Yazdanivaghef M., (2012). Encryption as an Impressive Instrumentation in Decrease Wireless WAN Vulnerabilities. International Journal of Scientific and Research Publications, Volume 2, Issue 12, December 2012, ISSN 2250-3153
• Papaleo, G. (2006). Wireless Network Intrusion Detection System: Implementation and Architectural Issues: Universita degli Studi di Genova.
• Ciampa M. D., (2012). Security+ Guide to Network Security Fundamentals. Course Technology, Cengage Learning.
• Laverty D., (n.d.). WPA versus 802.11i (WPA2): How your Choice Affects your Wireless Network Security. http://www.openxtra.co.uk/articles/wpa-vs-80211i.php
• Mkubulo D., (2007). Analysis of Wi-Fi Security Protocols and Authentication Delay. The Florida State University, FAMU-FSU College of Engineering
• Vanhoef M., and Piessens F., (2017). Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. imec-DistriNet, KU Leuven
• Ramachandran, V. (2011), BackTrack 5 Wireless Penetration Testing, Master Bleeding Edge Wireless Testing Techniques with BackTrack 5: Packt Publishing, Birmingham UK
• Noh J., Kim J., and Cho S., (2018). Secure Authentication and Four-Way Handshake Scheme for Protected Individual Communication in Public Wi-Fi Networks. Digital Object Identifier 10.1109/IEEE ACCESS.2018.2809614
• Kaplanis C., (2015). Detection and prevention of Man in the Middle attacks in Wi-Fi Technology
• Stimpson T., Liu L., Zhang J., Hill R., Liu W. and Zhan Y. (2012). “Assessment of Security and Vulnerability of Home Wireless Networks”, IEEE 9th International Conference on Fuzzy Systems and Knowledge Discovery, Chongqing, China, 29-31 May, 2012, pp. 2133-2137.