Project Title – Information Security and Wireless Local Area Networks (WLANs)
Project Blog URL – https://thinkspace.csu.edu.au/alanj11203543/
Abstract
This project will look at threats to information security for wireless local area networks (WLANs). Traditionally Ethernet LANS have been the backbone of usage for networking, but now the growing use of wireless technology meant an expansion and growth in this area. This report will look on what threats and security concerns are being faced, by both external and internal entities, and also what emerging threats are posed by using wireless LANS, and its associated technology.
A lot of the emerging technology, and literature, in the area of networking and information security is concentrated on wireless technology. This is also an expanding area in my workplace so is a topic close and relevant to myself. A fair proportion of the security threats to LAN security also apply to WLANs so are relevant to this report. This project will also at some of the emerging solutions, mechanisms and schemes being proposed to strengthen information security within WLANs from these new threats.
Introduction
Background
Security threats and data protection are a constant area of concern for network administrators. Whether they be by external threats such as phishing, malware, spyware, DDoS, or viruses or by internal threats, through either malicious insiders or just lax network security measures or carelessness of personnel. These threats all provide a source of danger for information security within local area networks.
There are a lot of the traditional networking security measures around and currently being implemented. However, the threats are not going away and are only growing in nature. The hackers are always looking for new ways to circumvent whatever security system are used by network administrators. In addition, these threats always seem to be using the latest and cutting-edge of technology, so network administrators must be on top of things and using the latest solutions as well, when enforcing security mechanism for wireless local area networks.
Project Problem Domain
Network administrators and data security managers need to be aware of these emerging threats and what new measures are available to counter act these threats. Ethernet LANs have traditionally been the main set up implemented in my workplace, however wireless networking is now being utilized. A lot of the threats to LAN security are common to WLAN as well. However, as the move to wireless LANS, and the adaption of new associated technology in the WLANs, is growing, the report will look at the threats being faced and what solutions or scheme are being proposed to handle these threats.
Questions to research for this report include
- What are the current main threats and issues for data security for WLAN administrators?
- What new and additional threats and issues are involved with wireless LANs?
- What are the security schemes and mechanisms being proposed to protect information in wireless networks and what new solutions are emerging?
Research Methodology
This project will be reviewing and analysing the latest journal papers on the subject of information security and WLANS. Some of the threats identified are common to any type of network and data security in general. There are numerous papers I have selected that are looking at the emerging threats in WLANs and many of these papers have looked at, tested and come up with new solutions to these problems. They are proposing many countermeasures and technique to implement.
This report will be looking at some of these countermeasures and solutions proposed. Some real life examples of networking security will be provided in the paper (e.g. a University campus) in their networks used. Their problems and the solutions uncovered by the authors in these respective papers provide a good perspective on the problems faced.
There is a mixture of Quantitative and Qualitative papers used in this project. Some papers go into depth providing detailed research results of their proposed solutions. Sections of this data will be used in the 2nd part of the report. Other papers that are used are looking at the emerging threats and this is more of a qualitative nature as they discuss the issues and threats in WLAN and information security in general. This will answer the initial research questions and make up the 1st part of the final paper. Most of the research is of a descriptive nature. Stating what the authors have identified as problems and what solutions they have provided.
There are some ethical concerns that will be raised as the idea of data security is closed related to personal privacy. A few of the papers as have addressed some of these issues and will be reported on.
Literature Review
I currently have 20 Journal articles (listed in References section) to cover the main areas of my Project. All are rated Q1 or Q2.
After doing an initial review of them all, I have identified 6 good articles and done a more close and formal review of these. These will provide a lot of the information required for this report. They provide a current overview of the current state of WLAN security and its associated information security aspects. 4 of these papers also look at new and emerging solutions and schemes for the security of WLANs.
A brief summary of these best six articles are:
A systematic methodology for continuous WLAN abundance and security – (Lindroos, Hakkala, & Virtanen, 2021) looks at the current state of WLAN networking security and additional security issues involved with WLAN and challenges being faced. It also covers ethical concerns for wireless networking issues.
Charging wirless sensor network security technology based on encryption algorithms and dynamic mode (Li, Guo, Meng, & Xia, 2020) looks at wireless network vulnerabilities, and propose a scheme involving encryption algorithms to create a more secure model of WLANS.
Wireless network security game based on conditional privacy policy (Yu, Peng, & Lu, 2021) looks at wireless network communication and information security and proposes a scheme based on anonymous authentication scheme. It also covers the ethical topic of user privacy.
Survey on Wireless Network Security. (Nazir, Iaghari, Kumar, & Ali) is an article surveying WLAN security issues including current threats and challenges. It proposes solutions for wireless networking and provides a very good overall state of wireless network security and the threats being faced.
Achieving secure and convenient WLAN sharing in personal (Yan, et al., 2020) looks at closely the security problems and issues in current Wi-Fi and wireless networks and proposes their own solution based on different authentication programs.
The identity authentication of Wi-Fi system based on network security (Tao H. , 2021) article looks at existing security problems in wireless sharing applications and proposes a scheme using 3rd party authentication.
Most of the remaining articles cover various topics in the current state of networking security (covering LAN and WLANS), the main threats to WLAN data security, methods to perform network assessments and ways to identify threats. Each on initial review have valuable information for my final report.
A lot of the papers propose solutions that are in developmental stages but they provide very good approaches to take. Some solutions are basic but some are new and can be adopted.
There are also 2 papers that look are specific situations in work environments (Pescosolido, Ancillotti, & Passarella, 2021) looks at a smart city using wireless network and (Zheng, Ma, Wang, Fu, & Jiang, 2021) looks at the security of a University campus and associated risks. These articles provide a good real world working examples of threats and the solutions that have been implemented.
Project Plan
Deliverables
The outcome of this project will be a clear research project providing
- A discussion of the main threats, issues and concerns for WLAN networking security
- Any new emerging threats and areas of concerns for wireless LAN administrators to be aware of.
- A look at and a description of some of emerging security solutions and mechanisms that are being proposed in order to protect information within wireless local area networks.
Below are a Risk Analysis for this project giving 2 Positive and 4 Negative Risks for the project.
As well there are; a Work Breakdown Chart, a Gantt chart and a Project Timeline to show how I’ll handle, prepare and plan this Project. The timelines start when the subject started in the 1st week of Mar 22 and end when final report is submitted.
Risk Analysis
| Risk | Likelihood Very High, High, Medium, Low, Very Low |
Impact High, Medium, Low |
Risk Response Strategy e.g. Avoid, Transfer, Mitigate, or Accept risk Research, Enhance and Exploit |
Risk Management Strategies – Actions Required
|
| Positive – find too many research papers and overwhelmed with information | Low | Medium | Exploit | Choose the best papers or the ones that give the best argument. Put aside any ones that are Q2 or of lesser quality |
| Positive – Final Report ends up too big with too much details/ information and go over word/time limit set | Low | Low | Accept | Priories information. Decide what information or sectional can be cut back and not as important for final report. |
| Negative – After a closer review I find papers are not relevant to topic selected | Medium | High | Mitigate | Have some back up papers on hand that we can use if required. Or if need be do further PRIMO / Journal searching for other sites for Q1 or Q2 papers that are relevant. |
| Negative – workload becomes too busy so unable to do study, review and complete assignments on time | Low | High | Mitigate | Plan in advance what and when the Assignments are due. See what work activities are coming up and apply for my Study Leave in advance |
| Negative – The technology is too complicated and am unable to understand what is happening in the research papers | Medium | Medium | Avoid, Mitigate | Avoid these papers if too complicated. Ask fellow CSU students on forums if they understand or know it. Ask work colleagues to explain these technologies |
| Negative – Unable to obtain or use the software programs required for the final Report and Presentation | Low | Medium | Transfer | Ask work colleagues or fellow students for access to the software required |
WBS Chart
. Project Timeline & Gantt Chart
PROJECT TIMELINE – ITC 571 – Information Security and Wireless Local Area Networks (LANs)
| ITC 571 – Information Security and Wireless LANs | ||||||||||||||||
| Project Lead: Alan Javes | ||||||||||||||||
| Project Budget: Estimated: $0.00 | Baseline: $0.00 | Task Costs: Estimated: $0.00 | Baseline: $0.00 | Actual: $0.00 | ||||||||||||||||
| WBS | Task | Priority | Resource | Start | Finish | Duration | Done | % Complete | ||||||||
| u | 1 | Set up Blog site | HIGH | A. Javes | Fri 04-Mar-22 | Wed 09-Mar-22 | 4 | 100 | 100% | |||||||
| u | 1.1 | Make first entry and test link | NORMAL | Fri 04-Mar-22 | Tue 08-Mar-22 | 3 | 100 | 100% | ||||||||
| u | 1.2 | Post link in Interact forums | NORMAL | Wed 09-Mar-22 | Wed 09-Mar-22 | 1 | 100 | 100% | ||||||||
| u | 2 | Project Brief | NORMAL | A. Javes | Mon 07-Mar-22 | Fri 11-Mar-22 | 5 | 100 | 100% | |||||||
| u | 2.1 | Submit Assignment 1 | HIGH | Mon 07-Mar-22 | Sun 13-Mar-22 | 5 | 100 | 100% | ||||||||
| u | 3 | Project Proposal and Plan | HIGH | A. Javes | Thu 17-Mar-22 | Thu 03-Mar-22 | 7 | 0 | 75% | |||||||
| u | 3.1 | Submit Assignment 2 | NORMAL | Thu 17-Mar-22 | Thu 31-Mar-22 | 7 | 0 | 0% | ||||||||
| u | 4 | Weekly Update & Blog Progress Report | NORMAL | A. Javes | Wed 16-Mar-22 | Fri 03-Jun-22 | 58 | 0 | 20% | |||||||
| u | 5 | Review of Literature and Papers | NORMAL | A. Javes | Wed 16-Mar-22 | Fri 15-Apr-22 | 17 | 0 | 0% | |||||||
| u | 5.1 | Review 1st 5 journal papers | HIGH | Wed 16-Mar-22 | Tue 29-Mar-22 | 5 | 0 | 75% | ||||||||
| u | 5.2 | Review rest of journal papers and detailed review | NORMAL | Wed 16-Mar-22 | Fri 15-Apr-22 | 12 | 0 | 10% | ||||||||
| u | 6 | Annotated Bibliography | NORMAL | A. Javes | Mon 04-Apr-22 | Fri 29-Apr-22 | 20 | 0 | 0% | |||||||
| u | 6.1 | Submit Assessment item 3 – Annotated Bibliography | NORMAL | Mon 04-Apr-22 | Fri 29-Apr-22 | 20 | 0 | 0% | ||||||||
| u | 7 | Final Report, Presentation. | NORMAL | A. Javes | Fri 15-Apr-22 | Fri 03-Jun-22 | 50 | 0 | 0% | |||||||
| u | 7.1 | Draft Final reports | NORMAL | Fri 15-Apr-22 | Mon 02-May-22 | 20 | 0% | |||||||||
| u | 7.2 | Submit Assessment item 4 – Final Report, Presentation & Blog Progress Report | NORMAL | Fri 15-Apr-22 | Fri 03-Jun-22 | 50 | 0 | 0% | ||||||||
References
Abdelrahman, A., Rodriques, J., Mahmoud, M., Saleem, K., Das, A., Korotaev, V., & Kozlov, S. (2021). Software-defined networking security for private data center networks and clouds: Vulnerabilities, attacks,countermeasures, and solutions. International J Common Systems. doi:https://doi.org/10.1002/dac.4706
Ding, X., Ding, F., Chen, X., & Wang, X. (2020, Feb 7). Security-reliability tradeoff for multi-terminal multi-mode coexisting systems in the presence of multiple eavesdroppers. IET Communications, 1221-1227. doi:doi: 10.1049/iet-com.2019.0117
Hindy, H., Brosset, D., Bayne, E., Seeam, A., Tachtatzis, C., Atkinson, R., & Bellekens, X. (2020, June 16). A Taxonomy of Network Threats and the Effect of Current Datasets on Intrusion Detection Systems. IEEE Access. doi:10.1109/ACCESS.2020.3000179
Li, Y., Guo, W., Meng, X., & Xia, W. (2020). Charging wirless sensor network security technology based on encryption algorithms and dynamic model. International Journal of Distributed Sensor Networks, 16. doi:DOI: 10.1177/1550147720901999
Lindroos, S., Hakkala, A., & Virtanen, S. (2021, Oct 9). A systematic methodology for continuous WLAN abundance and security. Computer Networks. doi:https://doi.org/10.1016/j.comnet.2021.108359
Liu, L., Cao, M., & Sun, Y. (2021, Dec 21). A fusion data security protection scheme forsensitive E-documents in the open network environment. PLOS ONE. doi:https://doi.org/10.1371/journal.pone.0258464
Lu, Q., Jiang, R., Ouyang, Y., Qu, H., & Zhang, J. (2019, Sep 20). BiRe : A client-side Bi -directional SYN Re flection mechanism against multi-model evil twin attacks. Computers & Security. doi:https://doi.org/10.1016/j.cose.2019.101618
Machado de Sousa, E., & Shahzad, A. (2021, Oct 19). Data Loss Prevention from a Malicious Insider. JOURNAL OF COMPUTER INFORMATION SYSTEMS. doi:https://doi.org/10.1080/08874417.2021.1980748
Nazir, R., Iaghari, A., Kumar, K., & Ali, M. (n.d.). Survey on Wireless Network Security. Archives of Computational Methods in Engineering. doi:https://doi.org/10.1007/s11831-021-09631-5
Pescosolido, L., Ancillotti, E., & Passarella, A. (2021, Aug 16). Testing Off-the-Shelf OpticalWireless LANs for Smart City Environments. Sensors. doi:doi.org/10.3390/s21165451
Tao, H. (2021). The identity authentication of Wi-Fi system based on network security. Annals of Telecommunications (2021) , 313–320. doi:doi.org/10.1007/s12243-020-00793-0
Tao, X., Kong, K., Zhao, F., Cheng, S., & Wan, S. (2020, Nov 10). An efficient method for network security situation assessment. International Journal of Distributed. doi:DOI: 10.1177/1550147720971517
Tao, X.-l., Liu, Z.-y., & Yang, C.-s. (2021, Sep 13). An Efficient Network Security Situation Assessment Method Based on AE and PMU. Wireless Communications and Mobile Computing. doi:https://doi.org/10.1155/2021/1173065
Wang, Y., Smahi, A., Zhang, H., & Li, H. (2022, Jan 19). Towards Double Defense Network Security Based on Security Based on Multi-Identifier Network Architecture. Sensors. doi:https://doi.org/10.3390/s22030747
Xue, R., Tang, P., & Fang, S. (2022, Feb 9). Prediction of Computer Network Security Situation Based on Association Rules Mining. Wireless Communications and Mobile Computing. doi:https://doi.org/10.1155/2022/2794889
Yan, Z., Yang, C., You, W., Guo, J., Zhang, J., Zheng, Y., & Ma, J. (2020). Achieving secure and convenient WLAN sharing in personal. IET Information Security, 14(6), 733-744. doi:doi: 10.1049/iet-ifs.2020.0134
Yang, L., Li, J., Yin, L., Sun, Z., Zhao, Y., & Li, Z. (2020, Sep 25). Real-Time Intrusion Detection in Wireless Network: A Deep Learning-Based Intelligent Mechanism. IEEE Access, 8. doi:DOI 10.1109/ACCESS.2020.3019973
Yu, Y., Peng, W., & Lu, J. (2021, Dec 21). Wireless network security game based on conditional privacy policy. Computer Communications, 96-106. doi:https://doi.org/10.1016/j.comcom.2021.12.011
Zheng, R., Ma, H., Wang, Q., Fu, J., & Jiang, Z. (2021, Jan 5). Assessing the Security of Campus Networks: The Case of Seven Universities. Sensors. doi:doi.org/10.3390/s21010306
Zolkin, A., Abdulmukminova, E., Malikov, V., & Lepshokova, A. (2020, Nov 21). Problems of personal data and information protection in corporate computer networks. IOP Science. doi:doi:10.1088/1757-899X/1047/1/012102