INFORMATION SECURITY

PRESENTED
BY
B.PRASAD(131FA08238)
D.MAHIDAR(131FA08161)
VIGNAN UNIVERSITY
SUBMITTED TO:
Mr M.VINOD BABU (ASSISTANT PROFESSOR)
Mr CHAUHAN (ASSISTANT PROFESSOR)
 In olden days all the assets were physical. But
now a days the information is totally digital.

 It is the easy way to transfer the information and

it is only the easier way to hack the information.

 So that’s why we need information security

teqniques.
INFORMATION SECURITY
 INFORMATION SECURITY: Information security is
defined as measures adapted to prevent the
unauthorized use, misuse or denial of use of
knowledge, facts, data.
 Now a days there are many Information security
techniques available

 1.Cryptography
 2.Steganography
 3.WLAN
INTRODUCTION TO WLAN
 A wireless local area network (LAN) is a flexible
data communications system implemented as an
extension to, or as an alternative for, a wired LAN.

 Using radio frequency (RF) technology, wireless

LANs transmit and receive data over the air,
minimizing the need for wired connections. Thus,
wireless LANs combine data connectivity with user
mobility. Wireless LANs have gained strong
popularity in a number of vertical markets,
including the health-care, retail, manufacturing,
warehousing, and academia.
 There are two types of WLAN

 1.Infra structure WLAN

 2.Ad-hoc WLAN
1.INFRASTRUCTURE WLAN
2.AD-HOC WLAN
WHY WIRELESS????

 • Mobility
 • Installation Speed and Simplicity
 • Installation Flexibility
 • Reduced Cost-of-Ownership
 • Scalability
How wireless LANs Work?

 Wireless LANs use electromagnetic airwaves

(radio or infrared) to communicate information
from one point to another without relying on any
physical connection. Radio waves are often
referred to as radio carriers because they simply
perform the function of delivering energy to a
remote receiver.
 Multiple radio carriers can exist in the same
space at the same time without interfering with
each other if the radio waves are transmitted on
different radio frequencies. To extract data, a
radio receiver tunes in one radio frequency while
rejecting all other frequencies.
 IEEE802.11

 In 1997 the IEEE adopted IEEE Std. 802.11-1997, the

first wireless LAN (WLAN) standard. This standard
defines the media access control (MAC) and physical
(PHY) layers for a LAN with wireless connectivity. It
addresses local area networking where the connected
devices communicate over the air to other devices
that are within close proximity to each other.

 The standard is similar in most respects to the IEEE

802.3 Ethernet standard. Specifically, the 802.11
standard addresses:
 Figure 1 - IEEE 802.11 standards
mapped to the OSI reference
model.
 The information transferred in WLAN is of the
frequency 2.4GHz.
 We can not change the frequency. All the wireless
networks like Bluetooth are fixed to that frequency
 In this standard we use F.H.S.S (Frequency
Hopping Spread Spectrum).. this is also known as
WEP( Wireless Equivalent Privacy)…

 This WEP works based on RC4 algorithm..

 We have 70 channels in 2.4GHz frequency

 We change the frequency randomly like
2.410MHz,2.431MHz.. These
 frequencies are transmitted from the transmitter to
the receiver..

 This frequency is known only to the transmitter and

the receiver.. the frequency changes randomly..

 So it is difficult to the hacker to expect what signal

is going to be the next
DEMERITS OF IEEE802.11
 Hackers can capture the signals using Air sniffers and
ethernals continuously for one or one and half day ..
 They can study the signals and understand the logic
which the transmitter uses in changing the frequency..
 Now a days we have so many devices which can
understand the logic within 15 minutes, it is impossible
for the transmitter to change the logic after every 15
minutes..
 So the data can be hacked easily in this IEEE802.11
standard..
 It is not at all safe to use it for protection of
information
IEEE802.11i INTRODUCTION

 To overcome the demerits of IEEE802.11,we will

go for another technique IEEE802.11i

 In this IEEE802.11i we use WPA (Wireless

Protected Authentication)..

 In this technology Data frames are fully

protected.. Any one can not hack the data
information..
two improvements over WEP

 Improved data encryption through the temporal key

integrity protocol (TKIP). TKIP scrambles the keys using a
hashing algorithm and, by adding an integrity-checking
feature, ensures that the keys haven’t been tampered
with.
 User authentication, which is generally missing in WEP,
through the extensible authentication protocol (EAP).WEP
regulates access to a wireless network based on a
computer’s hardware-specific MAC address, which is
relatively simple to be sniffed out and stolen. EAP is built
on a more secure public-key encryption system to ensure
that only authorized network users can access the
network.
LOOP HOLE OF
IEEE802.11i(4WAY HANDSHAKE)
WLAN – 802.11w
 802.11w is the latest entry into the 802.11 alphabet
soup. .11w plans to extend security for wireless from
just the payload part of the packet, to the
management frames as well.
 Currently these frames are sent in the clear. These
improvements should help prevent information about
the network being leaked to an attacker. 802.11w also
proposes to solve another problem with
unauthenticated management frames; the deauth DoS
attack. By using one time passwords for
deauth/dissassociate frames, the client and AP have
the ability to tell if a deauth is legit or not.
802.11w fills wireless
security holes
 IEEE 802.11i, the standard behind Wi-Fi Protected Access
and WPA 2, patched the holes in the original Wired
Equivalent Privacy (WEP) specification by introducing new
cryptographic algorithms to protect data traveling across a
wireless network. Now, the 802.11w task group is looking
at extending the protection beyond data to management
frames, which perform the core operations of a network.
 Traditionally, management frames did not contain
sensitive information and did not need protection. But with
new fast handoff, radio resource measurement, discovery
and wireless network management schemes (provided in
the upcoming 802.11r, 802.11k and 802.11v drafts), new
and highly sensitive information about wireless networks is
being exchanged in these non-secure frames.
 802.11w proposes to extend 802.11i to cover
these important frames. IEEE started work on
this proposal early in 2005, and an official draft is
expected to be ratified in the first half of 2008.
802.11w will require changes to the firmware of
clients and access points. It should not require
hardware changes, however, and thus might be
available as a software-only upgrade to many
types of hardware.
Three types of protection
 802.11w provides protection in three categories.

 unicast management frames

 generic broadcast management frames`
 deauthentication and disassociation frames
IEEE802.11w MERITS
 Overall, 802.11w promises to patch security
problems created by the flow of new and
detailed information over management frames.
By protecting the contents of most frames from
eavesdropping, and of certain crucial frames
from forging, 802.11w will stop the information
leakage and reduce some basic DOS attacks.
 CONCLUSION: Thus information security is the
most important need to prevent our information
to be hacked by cyber criminals
Thank you