WLAN communication system

Abstract

The basic purpose of this dissertation is to provide a security to WLAN communication system during data transmission from one mobile ode to another mobile node. Because wireless nodes are immobile and which uses radio waves for transmitting data and which are configured by access points

The security issues are major concern for any network, but if we compare wired and wireless network, the wireless network are not reliable in case security constraints, it doesn't configure high level security due to the immobile nodes, in this dissertation we are mainly dealing with WLAN security issues and models and also demonstrating the simulation scenarios for managing WLAN security by specifying routing protocols. We need to define secure network nodes, secure network communication, secure data communication and protocol communication. This project deals with user authentication for allowing authenticated users and provide accessing permission to the user by specifying shared key and authentication system mechanism

In wireless network the node communication have been done using routing protocolsT, which represent mobile nodes, which doesn't specify any kind of guarantee to delvier a data to the destination and mean while the attacker can easily identify the route map of wireless network and they can easily trace out route source information, so in this dissertation we need to rectify the security problems by evaluating Network simulation scenarios

In this dissertation I defined WLAN system model and configuration model, different types of WLAN models and their features. The WLAN configuration mainly deals with routing protocols, and other wireless devices, I defined the various security issues, vulnerabilities and attacks. The security is a major concern for WLAN system, in this dissertation we simplify the network design by evaluating routing protocols

The WLAN design using NS-2 simulation specifies the various design issues such as routing protocols, security issues , message transmission issues and connection issues. In this design we specify the NS-2 design simulation overview we present the simulation design scenarios by evaluating the routing protocols

Chapter -1

WLAN security using NS-2 simulator

Introduction

A Wireless Local Area Network is a data communication system with closely grouped network devices, which is an extension of wired LAN.[1] The WLAN transmit a data using radio waves, which provides more flexible data transmission servers and which minimize the need of wired connections.[2] The user can easily access internet services at anywhere without need of any fixed connectivity WLANs simplifies network configuration and combine data connectivity with user mobility.[2]

A typical WLAN system are configured with access points, this access points are connected via fixed Ethernet cable. [3] This access points invokes various operations such as receiving, transmitting and buffering in between various systems. The access point contains good radio coverage, from single access point it can support to number of users in certain distance level. [3] The user can make communication using access points. The wireless system make a communication with network by using network interface cards (NIC) and WLAN adapter. [4] This type of services will broadcast radio signals to find out accessing point.

Purpose: The basic purpose of this dissertation is to provide a security to WLAN communication system during data transmission from one mobile ode to another mobile node. Because wireless nodes are immobile and which uses radio waves for transmitting data and which are configured by access points

Advantages of Wireless LAN

The internet services are rapidly growing and now a day's most of the business activities are giving an importance to mobile activities, due to the rapid growth of network usage and benefits of WLAN shows many advantages to users to bring their regular task. The WLAN doesn't contain much complexity to carry out the system to access internet.

Advantages

The basic advantages of WLAN are

  1. It's easy to configure network, it doesn't require any cable to access network access points
  2. It's easy to access the internet services and it's easy to carry workstations
  3. It can access the internet services at any where any location with in particular range of access points for receiving radio waves
  4. MobilityWireless LANs allow users to access information from anywhere, without need of any fixed place to access the network services, it doesn't need to plug into any fixed networks so that which increases productivity.
  5. Reliability This system is more reliable, the network administrator shouldn't need to worry about network connectivity and data transition, with wires it generate more problems to administrator to manage network
  6. Ease of InstallationWireless LANs do not require expensive and time-consuming cable installationsof particular benefit in difficult to- wire areas.
  7. AffordabilityWireless LAN installation and costs over the life of the product can be significantly lower than those incurred with wired networks, especially in environments that require frequent moves and modifications.
  8. ScalabilityWireless LAN systems are easy to configure and rearrange to accommodate a wide variety of office settings and number of users.

Disadvantages of WLAN

  • Security: Security is a major concern for WLAN, which doesn't give guarantee for network configuration and there is no much protection for data transmission system
  • Bandwidth: Bandwidth is another problem in WLAN, basically it will accessible a particular range of access points, for low bandwidth networks it's difficult to streaming audio and video files
  • Network traffic: As a number of connections are increases the data transfer rates will decrease
  • Limited Energy: The wireless LAN device operation are limited, the devices are operated in a particular distance, it is limited from accessing point
  • The WLAN accessing services are based on wired LAN

NS2 overview

NS2 an isolated to event simulator.[6] This project is now the division of the VINT PROJECT which develop equipment for simulation outcome analysis and converters that convert network topologies which is generated by well-known generators to Network Simulator ways. [6] Present version is version 2 which is written in C++ (object-oriented programming language). The best advantage of an object-oriented programming language is reusability and easy maintenance while there also the drawbacks of performance (speed and memory) inefficiency and careful planning of modularity. This was applied in cpp. We use OTcl (Object tool command language )in the simulations in the network topology. [6,7]

To setup and run the network simulator, the user's use to write OTcl script which initiatives an event scheduling and tell to the traffic routs sources when to start and stop transferring packets through the event scheduling. The term "plumbing" is used for the network setup, because of arrange set up in network, the plumbing is achievable the data paths among network packets by setting the "neighbor" pointer of the reference to deal with accurate objects. While a user look for new object of the network which can make easy of an object either by creating a new object. It is little it complicate job, but the plumbing OTcl module really makes the job easy as possible. The power of Network Simulation goes to Plumbing. An event in Network Simulation was a package Id whish is unique to the objects with scheduling time and the points the object which handles the events. Network Simulation, an event scheduler keeps track of simulation period and arise all the events in the event line scheduled for the current period by invoking appropriate network components. Network components pass with one another by passing packet. The component of net work has to spend the time because it handles the use the event scheduling by publicize the event to packets

Proposed System

The security issues are major concern for any network, but if we compare wired and wireless network, the wireless network are not reliable in case security constraints, it doesn't configure high level security due to the immobile nodes, in this dissertation we are mainly dealing with WLAN security issues and models and also demonstrating the simulation scenarios for managing WLAN security by specifying routing protocols. We need to define secure network nodes, secure network communication, secure data communication and protocol communication. This project deals with user authentication for allowing authenticated users and provide accessing permission to the user by specifying shared key and authentication system mechanism

Existing System

In wireless network the node communication have been done using routing protocolsT, which represent mobile nodes, which doesn't specify any kind of guarantee to delvier a data to the destination and mean while the attacker can easily identify the route map of wireless network and they can easily trace out route source information, so in this dissertation we need to rectify the security problems by evaluating Network simulation scenarios

Dissertation Structure

chapter -1 is an overview of WLAN and importance of WLAN and advantages and disadvantages of WLAN and review of Network simulator. In chapter -2we specify the various IEEE network device model and simulation model. In chapter -3 we specify research method which specifies various security issues and mechanism. In Chapter -4 we define system design model and configuration model. Chapter -5 for implementation we implement the WLAN system using NS-2 and results overview. In chapter -6 conclusion, future enhancement and references

Chapter -2

Literature Review

In this chapter I am demonstrating an overview of Ns-2 and other simulation models, in first section I am demonstrating about over of NS-2 and their features. In 2.2 I am discussing about various simulation models and research procedures of different authors and comparison of various simulation models. In section 2.3 I am discussing about WLAN security issues and threats and in section 2.4 design principle and project problem description

NS- 2 Overview

The importance of networks have been increased since last couple of decades, especially in internet, millions of people are accessing an internet services, particularly the internet system contains large number of workstations and various channels to broadcast the services across worldwide. Due to the continuous growth of network system which shows an importance of simulation modelers[6]

NS2 is a object oriented network simulator it is a distinct event simulator for packet based network models, this simulation enables wide range of local and wide are network models. By using this simulation we can easily simulate the local and WAN network events and which also implements network transmit protocols such as TCP, UDP and routing protocols. It specifies two different languages such as C++ and OCTL for represneing network control flow and data flow.[6] The C++ language is for protocol implementation and OCTL for network configuration and network setup. By using NS-2 we can construct network topology by specifying the number of nodes, protocols and agents. We are establishing a network path among various nodes by linking each other nodes. The links specifies a data transmission protocols and agent level [6,7]

The basic idea of NS-2 is to design a network architecture and protocols and comparison of various network protocols and their features and analyze the network traffic by specifying number of network nodes. This provide more flexible to the network designers during designing of network topologies and structures, by using we can easily configure the network parameters and analyze the output results very confidently

NS-2 Components

In this dissertation I am using NS-2 34 version for implementing WLAN system for enhancing network security features in this dissertation I am working with NS-2.34 simulation meddler, Network animator (NAM), TCL and Xgraph components

NS-2: In this dissertation I am using NS-2.34 for designing wireless LAN, we will configure network topology by specifying networking routing protocols and adhoc network protocols

NAM: The network animator is for representing graphical view, which shows graphical network design interface, which represent a packet flow in the constructed network and specifies network protocols and their node links

Pre and post processing components: In this process which represent pre and post processing components for manaing various network traffic and process flow and analyze the network traffic and network trace

Simulation Models

There are different types of simulation models are available for deploying various network designs, each simulation have unique functions and features. The most common simulation models are

  1. NS-2
  2. OPNET
  3. GLOMOSIM
  • Difference between NS-2 and OPNET
  • NS-2 is a text based simulation model

    NS-2 is mainly used for Internet simulation

    Which is combination of OCTL and C++ language here every network design done with coding only, here we need to execute tcl language programs to represent network topology

    These two simulators, DEVS and NS-2, have their own event scheduling methods. These two simulators NS-2 have their own event scheduling methods. Because of this, time synchronization is the most challenging research issue in integrating the simulators. In this research, an example of wireless sensor networks is modeled and simulated. The behavior of a sensor node's application and its environmental behaviors such as battle fields are defined in the roles of networking protocol behaviors are assigned to NS-2 since NS-2 has well designed network protocol libraries. The basic draw back with this simulation model is which does not show clear graphical simulation picture Because of this reason trace graph - ns-2 data presentation system was created in year 2001 and has been developed for a year and a half. This paper describes Trace graph - a data appearance method for NS-2 system for Network Simulator ns-2.

    Incessant network improvement, upper and advance requirements has shaped the uses of equipment so that will check the networks data transfers also investigate. There are many simulators like NS2, GLOMOSIM, SWANS, and AD-HOC NETWORKING etc. For the network simulation helps us for analyzing the routine in the network with no cost. It supports an array of popular network protocols, offering simulation result for wire and wire less network. The propose directly takes us to the proper judgment to the accurate situation of the network. Extremely tiny credentials are present that assist the client for ns2 extracting and the required information and filially guiding the one -way delay and so on. Apart from guiding the parameters one or more interest in observing the graph that gives instance result. One of the disadvantage of NS2 is it make use of flat earth in which it imagine that the entire surroundings is flat without any elevations. This paper describes Trace graph - a data arrangement of the method for ns2. It provides numbers of way for estimate that have capability to calculate the number of parameter characterizing for simulation. This N2S is levees many arithmetical. The information is about the N2S. By using this information an accurate network can be analyze for its production.

    Chapter -3

    Research Method

    In this chapter I am defining about WLAN security problems, security threats and attacks. These chapters demonstrate the WLAN security issues and security mechanism for resolving security threats

    Overview

    Since last couple of decades the popularity of wireless devices have been increased, due to the importance of internet many people are showing an importance toward wireless devices, the basic idea of wireless network is to resolve the connection less internet problems by switching the internet services at any remote place.

    However the WLAN system basically depends on fixed access points, the basic data transmission occurred with radio waves, the access point will broadcast the internet services by switching the signals, the network devices able to receive the access point signals to facilitate internet services. There are many security issues are involved while broadcasting the message, security is a major concern for WLAN system, many vendors providing wireless internet services with less price rate due to high market competition, but this kind of product doesn't assure high level security

    WLAN Security Overview

    Importance of WLANS

    WLAN are changing the landscape of computer networking. For example Mobile device, laptop, and personal digital assistants, coupled with the demand for continual network connections without having to "plug in," are driving the adoption of enterprise WLANs. All over the world were installing overlay WLAN's to increase the employee productivity. [10]

    A WLAN allows end users to access e-mail, schedule meetings, and access files and applications on the corporate or university network from conference rooms, classrooms coworkers' desks, and virtually anywhere on campus.

    With a WLAN, transmitted data is broadcast over the air using radio waves. It means that any WLAN client within an access point (AP) service area can receive data transmitted from the access point. Due to this radio wave travel though ceilings, floors, and walls, transmitted data may reach unintended recipients on different floors or even outside the building that houses the AP. So there should be sustaining boundary. While the data is transferring there is possibility of data hacking. To stop this there should be security. This security help in data transferring from one AP to other AP and it also encrypt the data which can not be hike.

    Turning On WLAN Security

    To mitigate threats to a WLAN, network managers need to deploy several layers of defense across the network. Securing a WLAN is just one component of the overall enterprise security framework. Other components, including firewalls, intrusion-detection systems, and segmented networks, should be considered as part of the network design in addition to WLAN security.[11]

    Cisco recommends that all organizations that use WLANs turn on their WLAN security features. Cisco further recommends that an organization perform network risk assessments before selecting and implementing a WLAN security solution.

    Traditional WLAN Security

    Traditional WLAN security includes the use of Service Set Identifiers (SSIDs), open or shared-key authentication, static WEP keys and optional Media Access Control (MAC) authentication.[12] This combination offers a rudimentary level of access control and privacy, but each element can be compromised. An SSID is a common network name for the devices in a WLAN subsystem; it serves to logically segment that subsystem. An SSID prevents access by any client device that does not have the SSID. By default, however, an AP broadcasts its SSID in its beacon. Even if broadcasting of the SSID is turned off, an intruder or hacker can detect the SSID through sniffing.[12]

    WLAN Security Mechanism

    LAN is use for interconnecting between systems and others various resources in network for very long time. Cables have typically been chosen for the physical medium in most environments but now days WLAN play most important role over the LAN. [13] They provide flexible network connection, and do not require the computers being bound to the desk. On the other hand, because WLAN's use electromagnetic waves to transmit information, the radio waves can easily penetrate outside the building; it's a risk that the network can be hacked from the parking lot or the street. So it's very important to put enough attention on the WLAN's security aspects.

    In general, the security mechanisms for WLAN's can be divided into two different kinds: the first kinds of mechanisms are provided by the access point. We can call them basic security mechanisms. The second kind needs an additional server to provide security services. We call them Supplemental Security Mechanisms.[13]

    Basic Security Mechanism

    The WLAN access points provide three basic mechanisms i.e. closed network, MAC address filtering and Wired Equivalent Privacy (WEP). [14] In closed network the access point will be served to those clients who provide the same ESSID as the access point. [15]

    In second every wireless client is has a unique MAC address, so that the access point can set up a list of MAC addresses. Only the wireless client with the card on that list will be allowed to access the network.

    The third security mechanism is for specific WLAN transport medium. The IEEE 802.11 standard which provides a protocol to make sure the transport data is "as secure as it is inside the cable" This is called "Wired Equivalent Privacy" - (WEP).In this mechanism data will convert into encrypt format while transferring. The WEP encryptions occur as fallowing.

    1. Use CRC-32 to calculate the Integrity Check Value (ICV) over the plaintext and concatenate it at the end of the text
    2. The wireless network card chooses a random initialization vector (IV) and concatenates it to the secret key. Input the secret key and the IV into the Pseudo Random Number Generator (PRNG) to produce a pseudo random key sequence. WEP uses the RC4 algorithm to generate this key sequence.
    3. Encrypt the plaintext and the ICV employing a bitwise XOR with the pseudo random key sequence to produce the cipher text.
    4. Concatenate the initialization vector and the cipher text to form the message to be transferred.

    Supplementary security Mechanism

    Remote Authentication Dial-In User Service (RADIUS),[16] Virtual Private Network (VPN) and IEEE 802.1x, the port-based network access control mechanism are the most commonly recommended for supplemental security mechanisms for WLANs. The design of radios is based on authentication user but most of the access point support only MAC address authentication on the RADIUS server.

    The VPN technology depends on data encryption to make sure they are secure during the transfer. The client and the server employ mutual authentication. After that, data will be encrypted and transferred over the network as in a virtual tunnel between the sender and the receiver.

    WLAN Vulnerabilities: [17]

    Vulnerability can be described as some event that exposes us, or in this case a network system, to an action that may be detrimental to its ability to operate efficiently and effectively with its desired level of confidentiality. Systems become vulnerable to negative forces due to the lack of proper safeguards, as in the case of wireless LANs. There are several known vulnerabilities that occur mostly because of the very nature of the LAN, which uses radio frequencies (RFs) to permit the transmission of data over the airwaves. Some of the fallowing are listed below.

    No configuration security or poor security

    If the 802.11 security settings for authentication and encryption are not functional, or the service set identifiers (SSIDs) are not changed, this can cause Heather D. Lane Security Vulnerabilities and Wireless LAN external attacks. For example, it is known that Linksys uses the default SSID "linksys ", Cisco defaults to "tsunami", and Symbol defaults to "101". Also, if an access point is configured simultaneously for both VPN and open authentication, authorized users will authenticate via VPN while unauthorized users will use open authentication to sneak in.

    No set physical boundary

    Wireless access points can lose signals because of wall, doors, floors, insulation and other building materials. The signals may also enter into another user's airspace and connect with their wireless local area network. This is referred to as accidental associations and can occur in densely populated areas where several people or businesses use wireless technology.

    Physically insecure locations

    Access points should not be placed where they are easily accessible because they can be removed and tampered with (configurations copied or altered) then returned.

    Lack of network monitoring

    Intrusion detection tools can be used successfully to continuously monitor for rogue access points. Not deploying some means of detection with alarms and event data recorders practically leaves the door wide open to hackers or other undesirable users.

    Insufficient network performance

    This occurs when a network system is not designed for capacity. With the headers, packets, interframe spacing and other activities that occur, throughput becomes significantly degraded to cause the wireless LAN to operate at about half its expected data rate.

    MAC address filtering

    A media access control (MAC) address is a unique number assigned to a computer. In wireless LANs this number is used to allow an access point to connect to a particular network. Total reliance on this filtering can result in a security breach as a user may change the MAC address, which changes its 'identity', thereby resulting in identity theft. This is also known as MAC Spoofing.

    Inadequate encryption standards

    Wired equivalent privacy (WEP) is a weak encryption standard to say the least, therefore some users will not even enable it. This can prove to be detrimental to the wireless LAN because weak encryption is better than no encryption at all. Also, some users make the encryption key longer but this does not make the LAN more secure, it just makes the hacker work harder at trying to penetrate the system

    WLAN Security Design

    These are the fallowing Section should be consider while design and provision of wireless network [13]

    Site Survey: It was discover to create a good number insufficient resource.

    Propose of site survey:

    They can auto configure them for it's least-used in wireless channel. So this can not be always describable.[13] Take an instance if a WAP is install on the seventh floor of multistory origination (building), so it may be select a channel which is perceived to be existing. If the channel is previously used by WAP on the other floor the client on the third floor could have difficulty staying connected because the channels overlap there. The channel overlapping in wire fewer networks perform equally to an overloaded wire networks plug by continues collisions. Definitely, performance will go through and consumers may not be capable to create steady connectivity to the wireless network.

    WLAN Roaming:

    In compared wired network WLAN are very expensive to deploy because it is directly related to the proximity of WAPs, network managers often install WAPs to provide overlapping signals as shown in Figure. It use two WAPs to make one logical two port bridge.

    In this form, WAPs are in service in a devoted point-to-point connection mode and as a result are no longer operating as wireless access points for clients

    Point-to-Point Bridging:

    It is not possible to access the network connection between one building to another building to join their respective LANs into a single Layer 3 broadcast domain. If the two building are far different from each other it is better to configure wireless bridges as shown in figure bellow.

    Design consideration for Wireless IP Phones:

    Wireless IP phone have unlike coverage and wireless characteristics so they are familiar wireless consumers, systems administrators should conduct one more site investigation.

    One more consideration for WIP (Wireless IP) phones is on roaming. If it would be wired IP phone then the call may be disconnected. In these signori it is very undesirable to the user. The network need some operational with Cisco catalyst 6550 series wirer less service module (wlsm) when it is on use. This WLSM is an essential component of SWAN which provides aggregation of access to broadcasting organization in sequence, so enabling layer 2 and layer 3 nomadic and consumer mobility organization.

    Chapter -4

    Research Model

    In this chapter I am demonstrating about WLAN system model and design model, this demonstrate basic network design and protocol design overview. In this chapter I am demonstrating the system model for enhancing security issues and evaluating the problem definition

    WLAN Design model

    The network design is a major concern for network engineer, there are many issue are involved during designing of network, the network engineer need to concern various issues such as security issues, performance issues and quality issues. The complex network design evaluates various network protocols and devices, it represent various types of network design.

    WLAN Types

    There are different types of WLAN are made upon as per user convenient, the most common WLAN types are [18]

    • Peer to peer ad hoc wireless LAN
    • Bridge
    • Roaming
    • Wireless distribution system

    Peer to Peer Ad hoc Wireless LAN:

    Peer to peer is an end to end communication mechanism where one wireless device is communicate with another wireless system.[18] In this type of communication which have to detect the communication nodes of sender and receiving sides. In this network the system directly interact with other system in a specific signal range

    Bridge

    The bridge establish a network connection among different network environments. The bridge supports Wireless LAN for accessing the signals from fixed wire network systems, which establish a network connection in between wireless LAN Ethernet and wire device Ethernet. The access point act like a base station for broadcasting the radio wave signals

    Roaming

    There are two types of roaming are there

    1. Internal roaming
    2. External roaming

    Internal Roaming: Which represent internal access points, which specifies a range of accessing the access point from mobile station. [19] The mobile nodes basically travels from one access point to another access point with in a specific range of network . The mobile nodes are immobile which doesn't contain much energy to represent efficient communication among different access points. The mobile nodes detects nearest accessing point to keep on their communication with access point and which improves the QoS by specifying session resolution

    External Roaming:

    In external roaming the mobile nodes access other WLAN internet services by travelling into other wireless LAN of wireless service provider. The user is going to connect other Wireless LAN internet, during this connectivity the user need to take an authentication of other wireless network

    Wireless distribution system

    This system enables to make a intercommunication of access points of WLAN devices, the basic idea of this distribution system is to expand wireless network services by expanding the access points. The access points will distribute the services to multiple wireless devices without support of wire Ethernet back bone. [19]

    WLAN Configuration

    The basic idea of the WLAN configuration is to provide wireless internet services to users without taking much effort such as connection cables to systems and access point and drilling the walls for fixing the cables etc. It will configure entire wireless network system by using wireless access points.

    The basic WLAN components are

    • Access points
    • Network Interface Card
    • Connecting via USB port

    The wireless LAN configuration is an important factor during providing an internet services before configuring WLAN which make sure the security standards and should need to deliver a secured network

    A typical WLAN configuration

    In above figure shows a typical WLAN configuration, which provides internet services to wireless and wire devices through wireless access point. The Wireless access point broadcast services to wired network using Ethernet cable with 10bastT/100baseT link cable, for wireless systems it will broadcast the services through radio waves which configure wireless network card for receiving the signals from access point. The NIC card will receive the signals or else we can use USB card for receiving network signals

    WLAN Security Configuration

    In WLAN the data transmission has been done using radio waves, the radio waves transmit a message over the air, so that the attacker can easily attack on over radio waves and they can easily trace a messages and easily modify data. Due to this reason security is major constrain for WLAN design . In IEEE 802.11 having less secure capabilities, the problem with hackers they can easily crack this devices and easily attack on over WLAN network, it requires an advance security mechanism to improve security standards. It employees H3C WLAN security for improving security standards. In this we are employing various security modes those are

    1. Authentication modes
    2. Data Security
    3. User Access Authentication

    Authentication mode: [20]

    The authentication mode specifies open authentication which represent authentication process, this mode invokes open authentication algorithm in this algorithm the users is going to be authenticated using this algorithm, this algorithm enables user authentication for allowing system services. The open authentication process specifies two types of process one is request for authentication and second one is for sending authentication result. Which specifies request and response authentication process [20]

    open authentication process

    Next we need to define key mechanism for provoding secured data transmission from access points to the users. In this key shared process the access points and users contains same key, the user sends an authentication request to access point, the access point checks the key of user and validate then the access point generates a random key for and sends it to client for combining with the message. [20]The client uses shared key challenge with encrypted message and sends this to access point, the access point checks the key challenge with available key data and allow to access the services

    WLAN Data Security

    The message transmission on over WLAN network is a more sensible factor compare to wired networks, because the WLAN network is based on mobile nodes and access points, the message transmission has been specified using radio waves, during broadcasting the message on over WLAN network environment it's necessary to provide data security, protocol security and device security. The data security is major concern for WLAN systems, it's necessary to invoke security issues, the 802.11 protocols represent encryption methods to ensure the message the security, the system component cann't read until it provides right key data to the given message. [20]

    Wireless Encryption Privacy:

    This encryption mechanism developed for protecting data during exchanging a data among authenticated users, this will provide data protection for authenticated users and it implements RC4 encryption algorithm for securing data against various secured threats and which uses key mechanism for implementing authentication. This encryption invokes at open system authentication and key shared authentication. For open system authentication which invoke only encryption mechanism and for shared key authentication which uses combination of encryption and key generation process [20]

    Temporal Key Integrity Protocol encryption

    Which specifies key manages system for integrating the keys with protocols, which combines shared key and encryption mode for providing better data security, in this process which increase the encryption size and which represent message integrity check [20]

    User Access Authentication

    In Wireless LAN system the users access the access points from different location, during accepting the request from users the access point only need to permit only authenticated users, it need to deploy authentication mode for verifying user authentication, in previous section we discuss about open authentication process and shared key authentication process, in this process which evaluate a basic data encryption and key validation. In this authentication mode which employees different authentication process those are

    • Pre shared authentication
    • MAC authentication
    • 802.1x authentication

    Pre shared authentication [20]

    This process configure shared key, the users are going to access the access point by submitting the shred key for this the users must have shared key to pass authentication, the access point will check the shared key and allow the users to access the services

    In above figure the access point contains some predefined key, which it will share with users for providing secured data communication , whenever the access point receives a request from client it validate the key and allow the users to access the services

    MAC authentication

    Which authenticate the users by checking the ports and MAC address, this process deals with MAC address and the user can pass this authentication by providing MAC address, we configure MAC address to validate the users. [20] The problem with this process is which degrades the performance when it has to support multiple clients

    This process configure MAC address to all clients and specifies a MAC list at access point for verifying the client MAC address, it automatically retrieve MAC address from clients and it checks the MAC address for allowing users

    802.1x authentication

    In this authentication process specifies a access control protocol for to authenticate the users , it provides authentication to the users and which checks the user authentication

    WLAN Security Policy

    The WLAN system expands their services towards small scale industries to large scale industries, even it should be useful for any user who can access this services at their homes , during accessing the WLAN services which ensure the secure modes and which only allow authenticated users to access the services , the problem with attackers the attackers manipulate service by employing eavesdropping and other security attacks [13]

    In previous section we defines various security models and their mechanism, according to the above security modes it basically defines different factors one is authentication, shared key and encryption. It defines MAC address mechanism , encryption mechanism and data security mechanism etc. These level of modes we are deploying at different security levels those are as follows [13]

    • Low level security
    • Intermediate level security
    • High level security

    Low level security: The level of security policies are applied at homes and small enterprises the basic security policies for this level are WPA-PSK and access point hiding

    Intermediate level security: This level of security are applied at hospitals, schools and other medium level enterprises it specifies these two security polices one is IEEE802.1X authentication and other one is TKIP encryption

    High level Security: This level specifies large enterprises and public internet services, this level applies User isolation , IEEE802.11i authentication

    CHAPTER -5

    IMPLEMENTATION

    In this chapter I discuss about WLAN security implementation and security scenarios. To implement WLAN security I used some of the NS-2 tools, I demonstrate the design scenarios and security scenarios, I implemented this dissertation using NS-2.34, NAM, Xgraph, OCTL, TCL, C++ language with Windows XP Sp-2 operating system. I evaluate the adhoc routing protocols for representing data transmission

    System Implementation Model

    The basic idea of this dissertation is to implement a secured WLAN system by employing simulation model, the Wireless LAN deals with various access points for broadcasting the services, during broadcasting the messages to the wireless devices it ensure the security policies which are discussed in chapter -4. The data transmission on over WLAN contains different security factors. There are many problems in WLAN during broadcasting the message, many security attacks and threats will steal the data and replace actual data. In this dissertation we are coming the design problem by evaluating NS-2 Simulation.

    To implement this project we need to download the NS-2.34 software, network animator software, TCL and Xgraph software. In this dissertation I deployed WLAN design using NS-2.34 modeler, this version requires C++ compiler environment for compiling the TCL language. NS-2 is a combination of C++ and OCTL language [6]

    NS-2 Design : Network simulator is a object oriented TCL script interpreter, which specifies simulation event scheduler, and it specifies the libraries of component object and set up modules [6]

    NS- 2 Design

    In above design the OTCL will interpret the TCL script and which deals event scheduler, network topology and traffic sources for representing event scheduler , here the simulation results are represented by trace file it's an extension of .tr for generating trace graph with Xgrpah. The network animator tool represent simulation visualization by tracing .nam file [6]

    Events flow of TCL file in NS

    Network Simulator Functionalities

    This will manage various network environments by simulating connection and connection less networks and which shows the packet flow from one node to another by establishing a link among various nodes and specifies connection links such single link, duplex link for managing simultaneous communication. Network simulator evaluates the wire and wireless network designs

    NS for Wired network

    In wired network it establish a network connection in between source and destination nodes, the source node communicate with destination node by communicating through TCP and UDP protocols. [6] This will configure the entire nodes by liking each other and specifies the protocols for representing data transmission. Once we go through basic configuration level of wired network which specifies the routers, traffic sources, transportation and queuing disciplines

    It uses DV, LS and PIM-SM for routers, transportation it uses TCP and UDP protocols, Traffic sources which uses web, File transfer protocol and CBR and for Queuing disciplines which uses drop-tail, RED, FQ, SFQ and DRR. [6, 21]

    In wired network we are connecting nodes through TCP and UDP protocols and producing traffic using FTP and Constant bit Rate protocols, we can specify queuing delay of this connected nodes using RED and drop tail

    NS for Wireless Network

    However the wired network contains physical connection among nodes, but in wireless network there is a no physical connection between various devices. In this network design we are using ad hoc routing protocols and mobile IP and which also include Directed diffusion and sensor-MAC for representing network communication [6]

    In this network we are establishing the communication same as wired network which uses TCP and UDP protocols for establishing communication and FTP, telnet for generating traffic, we need to utilize some wired network classes and functions for designing wireless networks [21]

    Routing Protocols

    The common routing protocols in wireless network are [21]

    • Destination sequence distance vector protocol
    • Dynamic source routing protocol
    • Ad hoc on demand distance vector protocol

    Destination sequence distance vector protocol:

    Each node specifies the destination information in routing table, the routing table contains an information about next hop and total number of hops to reach destination, and total number of available nodes for transmitting data. In this mechanism the table specifies entities of destination address, next hop address and number of destination hops, it represent sequence number for communication one node to another node and which counts number of hops to reach destination and choose less hop path for improving network design

    Dynamic Source Routing Protocol :

    This protocol specifies two types of operations for reaching destination one is route discover and another one is route maintenance. In route discovery which detects the destination route by communication with neighbor nodes and establish a network path for reaching to the destination, the route maintenance will maintain the detected route for sending message from source node to destination via detected route and which also communicate with available nodes for managing data communication

    Ad hoc On-demand Distance Vector

    In this protocol the nodes doesn't need to maintain destination node route, which dynamically generates a route by communicating with neighbor nodes. This protocol represent different message for discovering and managing the links such as Route Request message , Route replies and Route Error. This protocol uses destination sequence number for each route entry and which sends route request message to the neighbor nodes, the neighbor nodes will check the source request and discover the route by sending request to another neighbor node this process continuous until it finds the destination node, once it finds destination route the intermediate node sends a reply message to source node by sending RREP message. If the source node finds error node it will generate route error message and spread this message to all neighbor nodes to make active communication

    Wireless Network Simulation

    We start our simulation secenario by specifying two nodes by connecting through TCP and UDP protocol with the range of 500m and we assign names for these nodes as n0 and n1[6]

    Chapter -6

    Conclusion

    The wireless LAN security is a major concern for any network engineers. The network engineers need to deploy a reliable network system for various end users, due to an importance of wireless services the people are showing an intreast toward wireless network services. The popularity of WLAN increases complexity on network design and which also increase the complexity during managing security attacks and threats

    In this dissertation I defined WLAN system model and configuration model, different types of WLAN models and their features. The WLAN configuration mainly deals with routing protocols, and other wireless devices, I defined the various security issues, vulnerabilities and attacks. The security is a major concern for WLAN system, in this dissertation we simplify the network design by evaluating routing protocols

    The WLAN design using NS-2 simulation specifies the various design issues such as routing protocols, security issues , message transmission issues and connection issues. In this design we specify the NS-2 design simulation overview we present the simulation design scenarios by evaluating the routing protocols

    Future Enhancement

    This dissertaton mainly focused on security issues and I am planning to enhance this dissertation by demonstrating performance and QoS factors by evaluating various WLAN routing protocols and make comparision among various routing protocols. This dissertation shows the simulation results using NS-2 I am planning to enhance this dissertation by deploying OPNET simulation modeler and specifies the comaprision in between NS-2 and OPNET modeler and I will try to evaluate new office LAN system for managing the network traffic during accessing single and multiple access points

    References

    1. Mohinder Jankiraman, Space-time codes and MIMO systems, Artech House, 2004.
    2. Matthew Gast, 802.11 wireless networks: the definitive guide, O'Reilly, 2002
    3. Matthew N. O. Sadiku, Optical and wireless communications: next generation networks, Taylor & Francis Ltd , 2002
    4. Mark Ciampa, CWNA Guide to Wireless LANs 2nd edition, Thomson Course Technology, 2006
    5. John W. Rittinghouse, James F. Ransome, Wireless operational security, Digital Press, 2004.
    6. Teerawat Issariyakul, Ekram Hossain, Introduction to Network Simulator NS2, Springer US, 2007.
    7. Dragos-Anton Manolescu, Markus Voelter, James Noble, Pattern Languages of Program Design 5, Addison-Wesley, 2006
    8. riscilla Oppenheimer, Top-down network design, Cisco Press, 2004.
    9. David Tung Chong Wong, Peng-Yong Kong, Ying-Chang Liang, Kee C. Chua, Wireless Broadband Networks, John Wiley & Sons, 2009
    10. Kwok T. Fung, Network Security Technologies, AUERBACH, 2004
    11. Harold F. Tipton, Micki Krause, Information security management handbook, Volume 1, AUERBACH,2003
    12. Jerry FitzGerald, Alan Dennis, Business Data Communications and Networking, ohn Wiley & Sons Inc 2008.
    13. Peter Rybaczyk, Cisco network design solutions for small-medium businesses, Cisco Press, 2004.
    14. Harold F. Tipton, Micki Krause, Information security management handbook, Volume 3, AUERBACH, 2006
    15. Roberta Bragg, Mark Rhodes-Ousley, Keith Strassberg, Network security: the complete reference, McGraw-Hill/Osborne, 2004
    16. Thomas M. Thomas, Tom Thomas, Network security first-step, Cisco Press, 2004.
    17. Chris Hurley, Russ Rogers, Frank Thornton, Brian Baker, WarDriving & wireless penetration testing, Syngress, 2007
    18. Goralski, Optical Networking & Wdm, Tata McGraw-Hill, 2001
    19. Yi Pan, Yang Xiao, Design and analysis of wireless networks, Nova Science Pubs., 2005.
    20. Pejman Roshan, Jonathan Leary, 802.11 Wireless LAN fundamentals, Cisco, 2003.
    21. Uyless D. Black, IP routing protocols: RIP, OSPF, BGP, PNNI, and Cisco routing protocols, Prentice Hall, 2000.

    Please be aware that the free essay that you were just reading was not written by us. This essay, and all of the others available to view on the website, were provided to us by students in exchange for services that we offer. This relationship helps our students to get an even better deal while also contributing to the biggest free essay resource in the UK!