Wireless Security and Attack Trees For Wireless Networks Wireless Security and Attack Trees For Wireless Networks: By Ramakrishnan Subramanian,Scuola Sant’Anna,Pisa,Italy A Brief Abstract The paper’s main focus is to identify weaknesses in present wireless networks and to formulate attack trees to represent them. The paper hopes to advocate a systematic approach to ensure wireless security. The paper is nothing more than a tutorial to stimulate such an approach. Table Of Contents 1.Introduction 2.Attack Tree Basics 3.Typical Security Flaws in Wireless Networks 4.High Level Wireless Attack tree 5.Solutions. 6.Conclusion 7.Bibliography. 1.Introduction: In the wireless networks use scenario, there are enough security issues and breaches. Our aim is to model attack trees for possible wireless threats and think possible solutions [1]. The paper is aimed at giving students and designers a blue print to think and plan wireless system security before having an implementation. It is better to start with all the issues clearly defined and then work on security as in networks re-modellings are never easy. The paper deals with many issues from the basics to make it possible for a wider section of fellow students to read. My intended audiences are fellow students and juniors. 2.Attack Tree Basics: 2.1Attack Trees: We focus on attack tree semantics and format. Attack trees have recently been systematically applied to detect security flaws (Schneier00). An attack tree has a root node and sub nodes. The network/enterprise security is the root of the tree. The possibilities of an attacker breaking in iteratively and incrementally are represented as lower level nodes of the tree. Each attack tree shows the way in which an attacker can gain access to root. There can be multiple paths. Structure and Semantics: A node has either A set of attack sub goals which all must be achieved in order for the attack to succeed represented as an AND decomposition. A set of attack subgoals,any one of which needs to be achieved for the attack to succeed represented as an OR decomposition. We can have a graphical as well as textual representation. Throughout the paper I will follow the textual one. Readers interested in graphical format can refer [1]. 2.2Attack Patterns: An attack Pattern is a generic representation of an attack and it contains The overall goal of attack The list of preconditions The steps for carrying out the attack The list of post conditions that becomes true when attack succeeds. 1 Wireless Security and Attack Trees For Wireless Networks I will give the example of war driving. War Driving is driving around areas with some tools for sniffing wireless airwaves and looking for open or unprotected networks. This can be represented as War Driving to discover networks Goal :Identify unprotected networks. Precondition: Tool like Airsnort ,Netstumbler and open networks present Attack: OR1.Find network address of vulnerable networks and AP information 2.Find out about encryption schema, authentication mechanism AND 1.Take even protected data and messages 2.Do cryptanalysis to find network secrets. PostCondition:Attacker has information compromising network security. This is a very elementary example but I hope it proves the point. One can combine all this to form an attack profile. An attack profile takes a set of attack patterns to identify common patterns. These common patterns can be used to analyze and formulate security measures. 3.Typical Security Flaws in Wireless Network: 3.1Easy Access 1) Setting Ad-hoc wireless networks: One can set adhoc wireless networks on the fly without any access points and security mechanisms. This is most dangerous and most open to attacks, since it has no security considerations. 2) WLAN parameters for Authentication: The service set ID (SSID). It is in fact the network id and even though only users and system administrator know it it can be easily found in Sniffing. SSID is an identification value programmed in the access point or group of access points to identify the subnet. This segmentation of the wireless network in multiple networks is a form of an authentication check. If a wireless station does not know the value, it can’t connect to that AP. When a client computer is connected to the access point, the SSID acts as a simple password thus providing a measure of security. SSID security alone is very weak because the value is known by all network cards and access points, and is easily accessibly through air and radio waves, since no encryption is provided. The access point is configured to broadcast its SSID. When enabled, any client without SSID is able to receive it and have access to the access point. Users are also able to configure their own client systems with the appropriate SSID, because they are widely known and easily shared. Also since AP is not authenticated a rogue AP can play a Man in the middle attack. 3.2WEP Algorithm: Other important mechanism is using WEP (Wired Equivalent Privacy). This provides link integrity in a wireless link as in wired. The following is network functioning with encryption support. WEP Algorithm WEP security protocol is intended to protect against eavesdropping and physical security attributes, which is equivalent to security of a wired network. WEP is the encryption standard specified by IEEE802.11 architecture. WEP encrypts a data frame and its content to protect authorized users on a WLAN. WEP uses a 40-bit secret key for authentication and encryption, and other IEEE 802.11 allows 104-bit secret key encryption. The encryption key is concatenated with a 24-bit "initialization vector," resulting in a 64- or 128- bit key. 2 Wireless Security and Attack Trees For Wireless Networks When encryption is enabled, the access point issues an encrypted challenge packet to any client attempting to connect to the access point. Then the client uses it’s key to encrypt the correct response in order to authenticate it-self and gain network access. [3],[5]. The client computer and the access point use the same key to encrypt and decrypt data. All WEP key on a wireless LAN must be managed manually, because there are no key management protocols specified for distribution. WEP security protocols can only be implemented on a client/server wireless LAN with an access point, it cannot be utilize on a Peer-to-Peer. WEP encryption has weaknesses, which are vulnerable to attacks. WEP keys are static for encryption and authentication, making WEP susceptible to password replay attacks, traffic injection, and statistical attacks. Hackers would exploit the weakness by intercepting traffic, flipping bits and injecting modified packets into the network. Researchers Borisov, Nikita, Goldberg, Ian, Wagner, David at University of California Berkeley discovered security flaws in WEP and their paper [3] deals in detail all possible security flaws. It is a must read to understand WEP flaws. It is possible for an attacker to change the destination in a packet to his own [4]. Thus the message intended for other ends up with him and this leads to the attacker learning more about the network. The algorithm RC4 and IV are linear and thus one can change bits to crack the code faster with trial and error. Also IV’s are repeated many times, especially due to power On .The Berkeley researchers have proved that this ensures faster cracking of the code by helping in replay attacks. 3.3Poor Key Management: There is no proper key management protocol. There are following issues [4] How is key formed-Here poor key formation is a cause of concern? Key Distribution 3.4Other Issues For e.g: If an employee leaves a company and has a card he can come and capture data from a nearby location. One way to prevent it is to use MAC address filter with ACL (Access Control Locations) defined. War Driving: This is an elementary but an important issue. Drive around with a Wireless receiver and use a device like netstumbler or there are many others, Airsnort is considered very good. Netstumbler will give you information about wireless networks which have a default installation, SSID, Whether encryption ON, BSSID.Well even a basic hacker can eavesdrop and get a lot of information. Airsnort goes a step ahead and makes it possible to decrypt keys after collecting a large amount of data. 4.Summary of Wireless Weaknesses in the form of a High-level wireless attack tree: Root: System/Enterprise Security. OR 1.Data snooping OR1.1Read Message/Plain text 1.2Get the plain text/Encryption key from message 1.3War Driving 2.Authentication OR2.1 Obtain Connection 2.2Open system authentication (faking SSID) 3.Network Access OR3.1Knowledge of MAC Address filter 3.2 Ability to change MAC Address with software 3.3 All layer 3 Knowledge like Gateway, Subnets, and Firewall. 3 Wireless Security and Attack Trees For Wireless Networks 4.Inside the network AND4.1Port, Services, OS scan 4.2 Password crack and session establishment. 5.Denial Of Service Attacks OR 5.1 Jamming The above is an open ended tree and by no means complete. There will be certainly other paths for attack. 5.Solutions: a. Mutual Authentication (to prevent Man in the middle Attack). A shared key authentication is recommended in comparison with open system authentication. b. Using a RADIUS Server. After authentication at AP, the user needs to logon to network at RADIUS Server. c. Decouple Authentication from Encryption. Have a random challenge packet (That is after authentication change the session key and transmit it back to user). Use a one-way hash function to relay the challenge and response. d. Use of VPN to provide access within the network is preferable, as it will ensure user authentication again. Present VPN can create problems when user roams from one AP to another but there are solutions too in the market like vicatores etc. e. Don’t broadcast SSID from an AP unless encryption is present. f. Multiple Layers of security. 6.Conclusion The challenges are many to confront these problems. Today we just face the scenario of breaking into wireless networks. Soon it will be viruses and Trojan horses. Again Organizations linked to wireless compromise their wired network security. Soon Voice over IP services will be run on wireless networks. How much security overhead can be permitted in such similar real time applications. The paper raises many such questions rather than answers. I hope the solutions will come from many researchers. 1) 2) 3) 4) 5) 6) 7) 8) 7.Bibliography: Attack Modelling for Information Security and Survivability by Andrew P.Moore, Robert J Ellison, and Richard C. Linger. Dell Corporation. "802.11 Wireless Security in Business Networks." September 2001. Borisov, Nikita, Goldberg, Ian, Wagner, David; "Intercepting Mobile Communications: The Insecurity of 802.11." August 2001 Arbaugh, William; Narendar Shankar and Y. C. Justin Wan. "Your 802.11 Network has no Clothes." 30 Mar 2001 Fluhrer, Scott; Mantin, Itsik; and Shamir, Adi. 2001. "Weaknesses in the Key Scheduling Algorithm of RC4 University of California, Berkeley. Computer Science Division. "Security of the WEP Algorithm IEEE 802.11 Working Group Recommendations, Standards Stubblefield. Adam & Ioannidis, John & Rubin, Aviel D. "Using the Fluhrer, Mantin, and Shamir Attack to Break WEP 4