Introduction
Regular users and companies use wireless technologies because of their convenience, ease of installation, and low price in the market. Still, security is a big problem for these technologies because these devices can be attacked. The popularity of wireless local area networks has reached the state of familiar to everyone’ technology, and it has already passed the explosive growth stage. Daily, I usually use standard security methods such as antivirus, changing standard passwords, and avoiding unsecured hotspots. My workplace uses a secure wireless network, but I use mobile internet for personal use.
The organization uses dual authentication to protect the cloud and restricts access to the wireless network. Today, the use of wireless networks entails not only new benefits but also new risks; it serves as such a risk. For example, automatic connection to Wi-Fi networks for mobile devices can lead to unwanted access to confidential information by intruders. Any person connected to Wi-Fi can easily get into the global network. Thus, the study of wireless network security and protection recommendations becomes a topical issue.
WEP Security for Wireless Networks
Wireless networks are divided into two types – open and closed. Open networks do not use security to connect to the device or use remote network access protection when user authentication is not performed on a device, using a bridge or switch, but on a remote server. Closed-type wireless networks provide encryption of data packets in the information transmission channel using the following security technologies: WEP (Wired Equivalent Privacy), WPA, and WPA2 (Wi-Fi Protected Access).
Encryption of WEP traffic with a 128-bit key (RC4 scheme) is provided by adding a 104-bit key (password), which the administrator and a 24-bit initialization vector set (Rahman & Tomar, 2018). This protocol is an analog of wired security, since in any case, its name is translated that way, but in reality, it does not provide any level of security equivalent to wired networks. The main disadvantage of WEP is that it uses a secret user key, which is called the base key in the RC4 algorithm.
WPA Wireless Security Technology
WPA (Wi-Fi Protected Access) is a second-generation Wi-Fi security technology. The password length is arbitrary, in the range of 863 bytes, which makes it very difficult to guess. When changing the key, the statistics database for hacking does not have time to accumulate. In addition, WPA differs from WEP in that it encrypts data on a per-client basis. Currently, for wireless networks, WPA2 security technology is relatively reliable. WPA2 fixes a keystream theft and spoofing vulnerability and adds AES/CCMP with a completely new encryption algorithm based on AES256 with additional security and integrity checking (Logvinov & Smolskiy, 2022). This technology can only be hacked using brute force, protected by a monthly key change.
WPA was a temporary measure until the 802.11i standard put into operation. Today, to ensure a reliable security mechanism in a corporate wireless network, it is necessary (and mandatory) to use devices and software that support WPA2. Previous generations of protocols – WEP and WPA contain elements with insufficiently strong security and encryption algorithms (Neamah et al., 2021). Moreover, programs and techniques have already been developed for hacking WEP-based networks, which can be easily downloaded from the Internet and successfully used even by untrained hackers-novices.
The WPA2 vulnerability is fixed in WPA3 through the SEA connection method, Dragonfly, a technology to protect Wi-Fi networks from autonomous dictionary attacks. SEA (Simultaneous Authentication of Equals) technology is described in the IEEE 802.11s standard and is based on the Diffie-Hellman key exchange protocol using finite cyclic groups (Neamah et al., 2021). Under the SEA, two or more parties establish cryptographic keys based on knowledge of the password of one or more parties (Neamah et al., 2021).
The latest standard innovation is support for fast roaming between access points using the PMK caching and pre-authentication procedure. The PMK caching procedure is that if the client passes full authentication once when connecting to some access point (Easttom, 2022). Then it saves the PMK key received from it, and the next time it connects to this point, in response to an authentication request, the client will send earlier received PMK key.
Security Recommendations
First of all, in everyday life, a reliable active antivirus, which is regularly updated, will help protect against attacks. One of the recommendations is also to turn off the router when not using the Internet, as this will reduce the likelihood of being attacked. In addition, the router must be installed in such a way as to exclude the effect of interference, for example, from a microwave oven (Abdalrahman & Varol, 2019).
The possibility of accidentally pressing the reset button should also be excluded. In public places, the use of unsecured wireless networks should be avoided. Connecting to someone else’s non-password-protected network within one’s home also increases risks of attacks. For example, it could be a fake hotspot used by hackers to steal data.
The main recommendation for protecting wireless networks is to change the default login and password. Data for access to the router settings interface and to the Wi-Fi network are indicated in the instructions for the device; it is recommended to change this data by creating a strong password. It is also important to disable network ID broadcasting so that only people who know the ID can connect to the wireless network (Schepers et al., 2021). On the computer, one can use a firewall for Windows or third-party firewalls. The firewall provides control and filtering of traffic to protect against network threats, so such a company should always be in an active state.
In the workplace, as well as at home, MAC address filtering should be applied to limit the number of connected devices. As a result, only certain devices with the specified MAC settings will be able to connect to the network, which will greatly complicate the access of intruders and help eliminate the possibility of extraneous connections.
When configuring the router, installing WPA/WPA2 security protocols and limiting the network range are recommended (Schepers et al., 2021). Ideally, limiting Wi-Fi to only outside the apartment or office is better. That will make it impossible or very difficult for an attacker to gain physical access to hack into the wireless network (Schepers et al., 2021). Following these recommendations does not give a 100% guarantee of the security of wireless networks, but it can significantly reduce the risks.
Conclusion
Due to their low cost and ease of installation, wireless technologies have become popular all over the world, and despite many shortcomings, they continue to spread. In conclusion, one can conclude that today the most optimal Wi-Fi security technology is WPA3. Difficulties in securing wireless networks are caused by the inability to physically isolate attackers from the web or track their location. At the same time, following simple recommendations can significantly increase security and minimize the risks of attacks. Compliance with the above will allow wireless network users to solve the problem of ensuring information security.
References
Abdalrahman, G. A., & Varol, H. (2019). Defending against cyber-attacks on the internet of things. 2019 7th International Symposium on Digital Forensics and Security (ISDFS). Web.
Easttom, C. (2022). Virtual private networks, authentication, and wireless security. Modern Cryptography, 309–327. Web.
Logvinov, V. V., & Smolskiy, S. M. (2022). Systems and networks of wireless communication. Radio Receivers for Systems of Fixed and Mobile Communications, 51–119. Web.
Neamah, M. R., Thuwaib, H. A., & Farhan, B. I. (2021). An analyzing process on wireless protection criteria focusing on (WPA) within Computer Network Security. Periodicals of Engineering and Natural Sciences (PEN), 9(1), 242. Web.
Rahman, R. U., & Tomar, D. S. (2018). Security attacks on wireless networks and their detection techniques. Emerging Wireless Communication and Network Technologies, 241–270. Web.
Schepers, D., Ranganathan, A., & Vanhoef, M. (2021). Let numbers tell the tale. Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks. Web.