Corporate wireless LAN security 3.5 Loss of network ability Loss of network ability goes along the same line as dos attacks, since loss of network is usually a result of a Dos attack like jamming, Jamming occurs when an attacker creates a signal that blocks the wireless signals, causing the entire network to be jammed -no information can go in or come out and users are unable to communicate on the network A user can inadvertently cause a jam by downloading a large file, thus causing everyone else on the network to be without access. Table I shows a summary of the types of attacks and risks in corporate WLANS. Table 1 Summary of types of attacks and risks in corporate wireless LAN Passive attacks Access to wlan. but no modification to content Eavesdropping - attacker monitors transmissions for message content Traffic analysis or monitoring -intruder monitors the transmissions for The risk of passive attacks Loss of confidentiality -attacker listens to transmissions and ompromises private information Active attacks Makes ch lasquerading-attacker impersonates an authorised user and gains Message modification- attacker modifies a message by deleting, adding changing or reordering the message A Denial-of-Service(DoS)-attacker prevents or prohibits use of ng -attacker creates a signal that blocks the wireless signals and auses the entire network to be jammed with no information going in or coming out Loss of integrity -attacker modifies data to the point where data Loss of network ability -network is no longer available to users 4 Wireless LAN security standards and methods Security remains one of the biggest challenges in wireless enterprise. Many ncidents(such as 250,000 devices in airports, most of which carried sensitive rporate data without even password protection), perceived and real wireless infrastructure attacks, and the lack of strong security in wireless technologies could adversely affect the wireless enterprise. (Varshney et al., 2004)Corporate wireless LAN security 271 3.5 Loss of network ability Loss of network ability goes along the same line as DoS attacks, since loss of network is usually a result of a DoS attack like ‘jamming’. Jamming occurs when an attacker creates a signal that blocks the wireless signals, causing the entire network to be jammed – no information can go in or come out and users are unable to communicate on the network. A user can inadvertently cause a jam by downloading a large file, thus causing everyone else on the network to be without access. Table 1 shows a summary of the types of attacks and risks in corporate WLANs. Table 1 Summary of types of attacks and risks in corporate wireless LAN Attack type Description Passive attacks Access to WLAN, but no modification to content Eavesdropping – attacker monitors transmissions for message content Traffic analysis or monitoring – intruder monitors the transmissions for patterns of communication The risk of passive attacks Loss of confidentiality – attacker listens to transmissions and compromises private information Active attacks Makes changes and alters information to a message or file Masquerading – attacker impersonates an authorised user and gains access to the network Message modification – attacker modifies a message by deleting, adding, changing or reordering the message A Denial-of-Service (DoS) – attacker prevents or prohibits use of the network Jamming – attacker creates a signal that blocks the wireless signals and causes the entire network to be jammed with no information going in or coming out The risks of active attacks Loss of integrity – attacker modifies data to the point where data integrity is lost Loss of network ability – network is no longer available to users because of attacks 4 Wireless LAN security standards and methods “Security remains one of the biggest challenges in wireless enterprise. Many incidents (such as 250,000 devices in airports, most of which carried sensitive corporate data without even password protection), perceived and real wireless infrastructure attacks, and the lack of strong security in wireless technologies could adversely affect the wireless enterprise.” (Varshney et al., 2004)