A Course on
Wireless Security and
Forensics – CTC 395
Dr. Mehrdad Sepehri-Sharbaf &
msharbaf@csudh.edu
http://msharbaf.wordpress.com
Dr. Mohsen Beheshti
mbeheshti@csudh.edu
Computer Science Department
www.csc.cusdh.edu
California State University, Dominguez Hills
Partially supported by CWW/NSF

Wireless networking is today's fastest growing LAN
solution, providing flexibility, cost savings, and
extended communications, as wireless LANs explode
in popularity learning all the good, bad and ugly of
wireless security can be daunting. As we know
wireless networks have become ubiquitous. The
number of wireless devices (phones, PDAs, laptops)
already exceeds the number of desktop computers,
and this number is likely to increase exponentially in
the coming years as wireless sensors and RFID
devices become even more commonplace


Securing wireless networks is an extremely
challenging and interesting area of
research. Unprotected wireless networks are
vulnerable to several security attacks including
eavesdropping and jamming that have no counterpart
in wired networks. Moreover, many wireless devices
are resource limited, which makes it challenging to
implement security protocols and mechanisms.
For that reason, there is need to educate, and train our
students in wireless communication technology.
 The
objective of this course is to enable students to
understand the wireless communications
technology concept, and main challenges in
designing security mechanisms and protocols for
thwarting attacks on existing and emerging wireless
networks including wireless LANs, mobile devices
(phones, PDAs, laptops)
The focus of the course is in the following topics:
◦ Wireless Communications (Concept)
◦ Wireless Security
◦ Wireless Forensics


THIS COURSE provides students with a technical understanding of the
function and operation of wireless communications technology. A wide
variety of concepts, protocols, signaling types, modulation and terminology
are included.
THIS COURSE FOCUSES ON THE WIRELESS NETWORK
SECURITY AND FORENSICS TECHNOLOGY. THE COURSE
PROVIDES A HANDS-ON GUIDE TO DEFENDING WIRELESS
NETWORKS AGAINST ATTACKS. FOCUSING ON IEEE
802.11A/B/G/N WIRELESS LOCAL AREA NETWORKS, THE
COURSE PROVIDES EXTENSIVE COVERAGE OF THE LATEST
WIRELESS ATTACK TOOLS AND DEFENSES, INCLUDING IEEE
802.11I, WPA, WPA2, AND WIPS, ALONG WITH HOW TO DESIGN
AND MANAGE A SECURE WIRELESS LAN, ALSO THE COURSE
PROVIDES basic concepts of mobile device forensics , and describes
procedures for acquiring data from cell phones and mobile devices.







CWSP Guide to Wireless Security
Mark Ciampa, ISBN-10: 1418836370 | ISBN-13: 9781418836375
CWNA Guide to Wireless LANs, 3rd Edition
Mark Ciampa ISBN-13: 9781133132172
514 Pages | © 2013 | Published
GUIDE TO COMPUTER FORENSICS AND
INVESTIGATIONS, 4TH EDITION
NELSON/PHILLIPS/STEUART,ISBN10: 1-4354-98836, ISBN13: 978-1-4354-9883-9

Cisco Access Point(Aironet 1142 Standalone AP )

Cisco Wireless Network Adapter(USB- Linksys AE2500
Dual-Band Wireless-N )

Mobile edit Forensics- Complete Forensic Solution(Software
and connection Cable Kit).

Mobile Phone Examiner-Mobile Phone Examiner & The
Lightweight MPE+ Tablet-Cables(Access Data)

Paraben Device Seizure-includes software and
hardware(connection Cable Kit).






D-link Access Point Emulator Setting
Use your Web browser to go to the link
http://support.dlink.com/emulators/dap1522/100/ap/bsc_wizar
d.htm
Select Wireless setting, and setup tap. Set up the AP based on
standard configuration.
Select the advanced setup and apply MAC address filtering to
the setup.
Check Vulnerability of Access Point
Use your Web browser to go to the link






Inspector Wireless Monitor-Downloading and installing
Xirrus Wi-Fi
The Xirrus Wi-Fi Inspector is a powerful tool for managing
and troubleshooting the Wi-Fi on a Windows XP SP2 or later,
Vista, or 7 laptop. Built in tests enable you to characterize the
integrity and performance of your Wi-Fi connection.
Searching for Wi-Fi networks
Managing and troubleshooting Wi-Fi connections
Verifying Wi-Fi coverage
Locating Wi-Fi devices
Detecting rogue APs

CommView for WiFi is a packet sniffer that is specifically
designed for Wi-Fi networks. As you would expect, the
program allows you to capture packets and then search them
for specific strings, packet types, etc. One of the most useful
features provided by this utility is an alarm (Figure A) . The
software can alert you whenever certain types of traffic are
detected. Such a feature could go a long way toward
improving Wi-Fi security.

Wireless Wizard is a free utility that is designed to help you
get the best possible performance from your wireless network
connection. In addition to providing all manner of statistics
about your wireless network, the software offers a series of
diagnostic tests you can use to see how well your wireless
network is performing. It also includes a spectrum analyzer
that recommends the best wireless channel for you to use
(Figure B) .


NETSURVEYOR — 802.11 NETWORK DISCOVERY /
WIFI SCANNER
NetSurveyor is an 802.11 (WiFi) network discovery tool that
gathers information about nearby wireless access points in real
time and displays it in useful ways. Similar in purpose
to NetStumbler, it includes many more features. The data is
displayed using a variety of different diagnostic views and
charts. Data can be recorded for extended periods and playedback at a later date/time.


MOBILedit! Forensic
MOBILedit! Forensic is the world's most trusted
phone investigation tool. Highly rated by the National
Institute of Standards and Technology, MOBILedit!
Forensic extracts all content and generates a forensic
report ready for courtroom presentation. These
tamper-proof, flawless reports are used in hundreds
of courtrooms every day.

Paraben Device Seizure has been giving forensic
examiners access to mobile device data. As the first
tool for the forensic analysis of cell phones. Device
Seizure provides both logical as well as physical data
acquisitions in one low cost tool. Device Seizure
supports thousands of devices, includes advanced
data parsers, and allows examiners to perform a
complete analysis and report on all data acquired.
Q/A