ANÁLISE DE VULNERABILIDADES E AMEAÇAS PRESENTES EM REDES WI-FI (IEEE 802.11) DE INSTITUIÇÕES DE ENSINO SUPERIOR DE MINAS GERAIS

Davis Anderson Figueiredo

Resumo


A demanda por mobilidade e disponibilidade de acesso a informação por dispositivos como Smatphones, Tables e Notebooks massificou o uso de redes Wi-Fi (IEEE 802.11) em amabientes diversos como em Instituições de Ensino Superior (IES). Com as redes Wi-Fi, surgiram novos riscos aos usuários e às instituições que proveem esse tipo de rede. Esta pesquisa teve como objetivo analisar, por meio de um Teste de Penetração (Pentesting), as vulnerabilidades e ameaças presentes nas redes Wi-Fi de IES de Belo Horizonte e de cidades do interior de MinhasGerais próximas da capital. Inicialmente, levantou-se, por meio de uma pesquisa bibliográfica, a evolução do padrão de rede 802.11, seus mecanismos de segurança e as principais vulnerabilidades existentes nessa arquitetura. Realizou-se teste experimental in loco em 12 instituições participantes. Os resultados mostraram que a infraestrutura das redes Wi-Fi das IES são muito diversificadas e que uma porcentagem significativa dessas WLANs se encontra vulnerável e pode ser ameaçada por usuários maliciosos, trazendo riscos, o que coloca em risco o ambiente acadêmico e seus usuários. A análise dos resultados revelou que mudanças pontuais e de baixo custo podem aprimorar a segurança dessas redes.

 

Palavras-chave - Wi-Fi, IEEE 802.11, penetration test, análise de vulnerabilidades, segurança da informação.


Texto completo:

PDF

Referências


ASSOCIAÇÃO BRASILEIRA de normas técnicas. ABNT ISO/IEC Guia73:2013. Gestão de Riscos. Vocabulário. Recomendações para uso em normas. Rio de Janeiro, 2013.

ABNT NBR ISO/IEC-27002. Tecnologia da Informação-Técnicas de Segurança – Código de Prática para controles de segurança da informação. Rio de Janeiro, p. 1–112, 2013.

ALI, K. M.; OWENS, T. J. Access Mechanisms in Wi-Fi networks State of Art , Flaws and Proposed Solutions. Telecommunications (ICT), 2010 IEEE 17th International Conference on, p. 280–287, 2010.

ALLEN, L.; HERIYANTO, T.; ALI, S. Kali Linux – Assuring security by penetration testing. [s v.l: s.n.].. 2014.

ALLIANCE, W. Wi-Fi Protected Access: Strong, standards-based, interoperable security for today’s Wi-Fi networks. v. 1, p. 7, 2003.

ASSUNÇÃO, Marcos Flávio Araújo. Wireless hacking – Ataque e segurança de redes sem fio Wi-Fi. São Paulo: Visual Books, 2013.

BACUDIO, A. G. et al. An Overview of Penetration Testing. International Journal of Network Security & Its Applications, v. 3, n. 6, p. 19–38, 2011.

BECK, M. Enhanced TKIP michael attacks. Ithaca: Cornell University, 2010.

BEGGS, R. W. Mastering Kali Linux for advanced penetration testing. Fist ed. Birmingham: [s.e.]. ,2014.

BENTON, K. The Evolution of 802 . 11 Wireless Security. Journal, UNLV Informatics-Spring, n. INF 795, p. 1–56, 2010.

BULBUL, H. I.; BATMAZ, I.; OZEL, M. Wireless network security: comparison of WEP (Wired Equivalent Privacy) mechanism, WPA (Wi-Fi Protected Access) and RSN (Robust Security Network) security protocols. Proceedings of THE 1ST INTERNATIONAL CONFERENCE ON FORENSIC APPLICATIONS AND TECHNIQUES IN TELECOMMUNICATIONS, INFORMATION, AND MULTIMEDIA AND WORKSHOP, n. Icv, p. 1–6, 2008.

CAÇADOR, D. M. Segurança e Mobilidade em Redes IEEE 802.11 Modelo de suporte à decisão na escolha de arquitecturas e tecnologias de redes sem fios. [s.l.] Universidade Católica Portuguesa, 2014.

CANEILL, M.; GILIS, J. Attacks against the WiFi protocols WEP and WPA, 2010. Disponível em: < http://matthieu-blog.fr/dl/wifi.pdf >. Acessado em: 16 jan. 2016

CASARIN, H. D. C. S.; CASARIN, S. J. Pesquisa científica: da teoria à prática. Curitiba: IBPEX, 2012.

CHEN, J.-C. C. J.-C.; WANG, Y.-P. W. Y.-P. Extensible authentication protocol (EAP) and IEEE 802.1x: tutorial and empirical experience. IEEE Communications Magazine, v. 43, n. 12, p. 26–32, 2005.

CHAABOUNI, R. Break wep faster with statistical analysis, 2006. Disponível em: < https://infoscience.epfl.ch/record/113785/files/cha06.pdf>. Acessado em: 16 jan. 2016

CHEN, J.-C.; JIANG, M.-C.; LIU, Y.-W. Wireless LAN security and IEEE 802.11i. Wireless Communications, IEEE, v. 12, n. 11, p. 27–36, 2005.

COMPTON. Stuart 802.11 Denial of Service Attacks and Mitigation. Disponível em: Acesso em: 15 mar 2016.

COLEMAN, D. D. et al. CWSP - Certified Wireless Security Professional. Indianapolis: Sybex, 2010

CPPGROUP. UK Wireless Network Hijacking, 2010. Disponível em: < http://pt.slideshare.net/CPPUK/uk-wireless-network-hijacking-2010 >. Acessado em: 22 maio 2015.

DING, P. Q.; HOLLIDAY, J. N.; CELIK, A. Improving the security of wireless LANs by managing 802.1x disassociation. First IEEE Consumer Communications and Networking Conference, 2004. CCNC 2004., p. 1–6, 2004.

FENG, P. Wireless LAN security issues and solutions. 2012 IEEE Symposium on Robotics and Applications (ISRA), November, p. 921–924, 2012.

FLUHRER, S.; MANTIN, I.; AND SHAMIR, A. Weaknesses in the key scheduling algorithm of RC4. In Eighth Annual Workshop on Selected Areas in Cryptography, Toronto, Canada, Aug. 2001.

FRANKEL, S. et al. Establishing wireless robust security networks: a guide to IEEE 802.11 i. National Institute of Standards and Technology, 2007.

GAST, M. 802.11 Wireless Networks: the Definitive Guide. 2. ed. Sebastopol: O'Reilly Media, 2005.

GIL, A. C. Métodos e técnicas de pesquisa social. 6. ed. São Paulo: Atlas, 2008.

GOLD, S. Cracking wireless networks. Network Security, v. 2011, n. 11, p. 14–18, 2011.

HE, C.; MITCHELL, J. C. Security Analysis and Improvements for IEEE 802.11i. Electrical Engineering and Computer Science Departments Stanford University, Stanford CA 94305, 2004.

HERZOG, P. OSSTMM 3.0 The Open Source Security Testing Methodology Manual. Isecom, p. 213, 2010.

IEEE. IEEE Std 802.11-1997 New York, 1997.

IEEE. IEEE Standard for Information Technology — Telecommunications and Information Exchange Between Systems — Local and Metropolitan Area Networks — Specific Requirements. [s.l: s.n.]. 2007.

IEEE. IEEE Standard for Information technology— Telecommunications and information exchange between systems Local and metropolitan area networks— Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Ame. [s.vl: s.n.]. 2009.

IEEE. IEEE Standard for Information technology--Telecommunications and information exchange between systems Local and metropolitan area networks--Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. [s.l: s.n.]. 2012.

K’ONDIWA, N. O.; OCHOLA, E. O. An Anti-DoS Attack Architecture for Wireless IT Infrastructure. Pan African International Conference on Information Science, Computing and Telecommunications, p. 98–103, 2013.

KANDE, R.; VANI, B. M. Anti-jamming schemes to prevent selective. International Journal of Computer Trends and Technology, v. 5, n. 1, p. 20–5, 2013.

KANG, Y. et al. Comparative Study of Penetration Test Methods. Advanced Science and Technology Letters, v. 87, p. 34–37, 2015.

KAUR, G.; KAUR, K. Wireless LAN Security : Addressing Challenges ,. International Journal of Computer Trends and Technology (IJCTT), v. 4, n. May, p. 1344–1349, 2013.

INTERNETCENSUS, Port scanning /0 using insecure embedded devices, 2012. Disponível em: . Acessado em: 23 maio 2015.

KAUR, H.; KAUR, R. A review on wireless network system. Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, v. 1, n. 2, p. 49–51, 2014.

KHAN, S. et al. Denial of service attacks and challenges in broadband wireless networks. Journal of Computer Science, v. 8, n. 7, p. 1–6, 2010.

KUMAR, U.; GAMBHIR, S. A Literature Review of Security Threats to Wireless Networks. International Journal of Future Generation Comminication and Networking, v. 7, n. 4, p. 25–34, 2014.

KUMKAR, V. et al. Vulnerabilities of Wireless Security Protocols (WEP and WPA2). International Journal of Advanced Research in Computer Engineering & Technology, v. 1, n. 2, p. 34–38, 2012.

LASHKARI, A. H. et al. A Survey on Wireless Security protocols ( WEP , WPA and WPA2 / 802 . 11i ). Computer Science and Information Technology, 2009. ICCSIT 2009. 2nd IEEE International Conference on, n. 1 v 3, p. 48–52, 2009.

LEAVITT, N. Will IEEE 802.1X Finally Take Off in 2008? Computer, v. 41, n. 3, p. 12–15, 2008.

LINHARES, A. G.; GONÇALVES, P. A. D. S. Uma análise dos mecanismos de segurança de redes IEEE 802.11: WEP, WPA, WPA2 e IEEE 802.11w ∗.2006, recife. In: CONGRESSO DE INICIAÇÃO CIENTÍFICA DA UNIBRATEC, 2006, Recife. Proceedings Recife: UNIBRATEC, 2006, p. 1–17.

LINHARES, A. G.; GONÇALVES, P. A. D. S. Uma análise do mecanismo de segurança de redes ieee 802.11: wep. In: XV CONGRESSO DE INICIAÇÃO CIENTÍFICA (CONIC) DA UFPE.2007, Recife Proceedings…. Recife: Conif, , 2007, p. 1–4.

LINHARES, A. G.; GONÇALVES, P. A. D. S. Uma Análise dos Mecanismos de Segurança de Redes IEEE 802.11: WEP, WPA, WPA2 e IEEE 802.11w ∗. 2006, Recife. In: Proceedings of I CONGRESSO DE INICIAÇÃO CIENTÍFICA DA UNIBRATEC, 2006 p. 1–17, 2006.

LINHARES, A. G.; GONÇALVES, P. A. D. S. Uma análise do mecanismo de segurança de redes ieee 802.11: wep. In Proceedings of XV CONGRESSO DE INICIAÇÃO CIENTÍFICA (CONIC) DA UFPE, p. 1–4, 2007.

LIU, C.; YU, J. A Solution to WLAN Authentication and Association DoS Attacks. IAENG International Journal of Computer Science, v. 34, n. 1, p. 31–36, 2007.

LIU, W. et al. Weakness analysis and attack test for WLAN. In: INTERNATIONAL CONFERENCE ON GREEN CIRCUITS AND SYSTEMS, ICGCS. 1, 2010, Shanghai. Proceedings…. Shanghai: ICGCS, 2010, n. 60203044, p. 387–91.

LOUGH, D. L. A Taxonomy of computer attacks with applications to wireless. Networks, p. 1–373, Apr. 2001.

MA, L. et al. RAP: protecting commodity wi-fi networks from rogue access points. In: INTERNATIONAL CONFERENCE ON HETEROGENEOUS NETWORKING FOR QUALITY, RELIABILITY, SECURITY AND ROBUSTNESS & WORKSHOPS, 4, 2007, Vancouver Proceedings…. Vancouver: QSHINE ’07, 2007, p. 1.

MACCARI, L.; ROSI, M.; FIRENZE, P. S. R. L. Re-Breaking Wireless Protected Setup. p. 2455–6, 2013.

MALEKZADEH, M.; ABDUL GHANI, A.; SUBRAMANIAM, S. Protected control packets to prevent denial of services attacks in IEEE 802.11 wireless networks. EURASIP Journal on Information Security, v. 2011, n. 1, p. 4, 2011.

MANE, P. B.; MAHARASTRA, P. A novel approach for fake access point detection. International Journal of Computer Science Engineering and Information Technology Research v. 4, n. 1, p. 35–42, 2014.

MILLIKEN J: An investigation into MAC-layer intrusion detection strategies for open-access wireless LANs, Thesis. Belfast: Queen's University; 2012.

MORENO, Daniel. Pentest em Redes Sem Fio. São Paulo: Novatec, 2016.

NOOR, M.; HASSAN, W. Wireless networks: developments, threats and countermeasures. International Journal of Digital Information and Wireless Communications, v. 3, n. 1, p. 119–34, 2013.

PHILFER, Lisa. A list of wireless network attacks, 2009. Disponível em: Acesso em: 15 jan. 2016.

RADMAND, P. et al. Taxonomy of wireless sensor network cyber security attacks in the oil and gas industries. In: 24TH IEEE INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS. 24, 2010, Perth, Australia Proceedings…Perth, Australia: IANA 2010, p. 949–57.

RAMACHANDRAN, V. BackTrack 5 wireless penetration testing. 1st ed. Birmingham: [s.e.], 2011.

RAMACHANDRAN, V.; BUCHANAN, C. Kali linux wireless penetration testing beginner ’ s guide. 2nd ed. Birmingham: [s.e.],2015.

REDDY, V. S. et al. Wireless hacking-a WiFi hack by cracking WEP. In: 2ND INTERNATIONAL CONFERENCE ON EDUCATION TECHNOLOGY AND COMPUTER, 2, 2010, Shanghai, China. Proceedings….Shanghai, China: ICETC, 2010.

RUFINO, Nelson Murilo de O. Segurança em redes sem fio - Aprenda a proteger suas informações em ambientes Wi-Fi e Bluetooth. 4. ed. São Paulo: Pearson, 2014.

SANATINIA, A.; NARAIN, S.; NOUBIR, G. Wireless spreading of WiFi APs infections using WPS flaws: An epidemiological and experimental study. 2013 In: IEEE CONFERENCE ON COMMUNICATIONS AND NETWORK SECURITY, CNS 2013. Proceedings.... National Harbor, MD, USA, CNS, , 2013, p. 430–7.

SARI, A.; KARAY, M. Comparative Analysis of Wireless Security Protocols : WEP vs WPA. December, p. 483–491, 2015.

SARMIENTO, O. P.; GUERRERO, F. G.; ARGOTE, D. R. Fundamentos prácticos de seguridad en redes inalámbricas IEEE 802.11. Ingenieria e Investigación, v. 28, n. 2, p. 89–96, 2008.

SCARFONE, K. et al. Guide to Securing Legacy IEEE 802.11 Wireless Networks. NIST Special Publication, v. 800, p. 48, 2008.

SCARFONE, K.; OREBAUGH, A. Technical Guide to Information Security Testing and Assessment Recommendations of the National Institute of Standards and Technology. Nist Special Publication, v. 800, p. 1–80, 2008.

SÊMOLA, Marcos. Gestão da segurança da informação – Uma visão executiva. Rio de Janeiro: Campus, 2003.

SHARMA, N.; BARWAL, P. N. Study of DoS Attacks on IEEE 802 . 11 WLAN and its prevention / detection techniques. International Journal of Engineering Science and Innovative Technology (IJESIT), v. 3, n. 3, p. 245–52, 2014.

SHIYANG, D. Compare of New Security Strategy With Several Others in WLAN. p. 24–28, 2010.

SHRAVAN, K.; NEHA, B.; PAWAN, B. Penetration testing : A Review. Compusoft, Faridabad v. 3, n. 4, p. 752–7, 2014.

SIMON. M.K., OMURAJ.K., SCHOLTZ. R.A., LEVITT. B.K.. SpreadSpectrum communications handbook. New York, McGraw-Hill, 2001.

SOBH, S. T. Wi-Fi Networks Security and Accessing Control. International Journal of Computer Network and Information Security, v. 5, n. 7, p. 9–20, 2013.

SOUZA, E. F.; GONÇALVES, P. A. D. S. Um mecanismo de proteção de Nonces para a melhoria da segurança de redes IEEE 802.11i. Security, p. 291–300, 2003.

STALLINGS William. Criptografia e segurança de redes – Princípios e práticas. 4.ed. São Paulo: Pearson. 2008.

STOŠIĆ, L.; BOGDANOVIĆ, M. RC4 stream cipher and possible attacks on WEP. International Journal of Advanced Computer Science and Applications (IJACSA), v. 3, n. 3, p. 110–4, 2012.

STUBBLEFIELD, A.; IOANNIDIS, J.; RUBIN, A. Using the Fluhrer, Mantin, and Shamir attack to break WEP. Ndss, Reston, v. ?? n. 4, 2002.

TERENCE, Ana Cláudia Fernandes; FILHO, Edmundo Escrivão. Abordagem quantitativa, qualitativa e a utilização da pesquisa-ação nos estudos organizacionais. In: XXVI ENEGEP. 26, 2006, Fortaleza. Proceedings….Fortaleza: ABEPRO, 2006, . 9 a 11 de out.

TEWS, E. Attacks on the WEP protocol. Cryptology ePrint Archive. p. 125, 2007.

TEWS, E.; BECK, M. Practical attacks against WEP and WPA. In: ACM CONFERENCE ON WIRELESS NETWORK SECURITY. 2, 2009, Zurich. Proceedings.... Zurich: ACM, , 2009, p. 79–85.

THANGAVEL, M. et al. Efficient hybrid network ( wired and wireless ) intrusion detection using statistical data streams and detection of clustered alerts. Journal of Computer Science v. 7, n. 9, p. 1.318–24, 2011.

THITE. Sandip S., VANJALE. Sandeep, MANEP. B. A novel approach for fake access point detection and prevention in wireless network. International Journal of Computer Science Engineering and Information Technology Research (IJCSEITR) ISSN(P): 2249-6831; ISSN(E): 2249- 7943, India, v. 4, Issue 1, p. 35-42, Feb. 2014.

TROYA, A. S. et al. Vulnerability detection in 802 . 11i Wireless Networks Through Link Layer Analysis. p. 1–6, 2014.

VASCONCELLOS, RONALDO Segurança em Redes sem fio. Disponível em: . Acessado em: 23 maio 2015.

WALIULLAH, M.; GAN, D. Wireless LAN Security Threats & Vulnerabilities : International Journal of Advanced Computer Science and Applications, v. 5, n. 1, p. 176–183, 2014.

WALIULLAH, M.; MONIRUZZAMAN, A. B. M.; RAHMAN, M. S. An Experimental Study Analysis of Security Attacks at IEEE 802. 11 Wireless Local Area Network. International Journal of Future Generation Communication and Networking, v. 8, n. 1, p. 9–18, 2015.

WANG, L.; SRINIVASAN, B. Analysis and improvements over DoS attacks against IEEE 802.11i standard. NSWCTC 2010 - In: THE 2ND INTERNATIONAL CONFERENCE ON NETWORKS SECURITY, WIRELESS COMMUNICATIONS AND TRUSTED COMPUTING. 2, 2010, Beijing Proceedings.... Beijing: IEEE, 2010, 109–113, v. 2.

WANG, L.; SRINIVASAN, B.; BHATTACHARJEE, N. Security Analysis and Improvements on WLANs. Journal of Networks, v. 6, n. 3, p. 470–481, 2011.

WANG, W.; WANG, H. Weakness in 802.11w and an improved mechanism on protection of management frame. 2011 INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS AND SIGNAL PROCESSING, WCSP 2011, 2011.

WEIDMAN, Georgia. Teste de invasão – Uma introdução prática ao hacking. São Paulo: Novatec., 2014.

WELCH, D.; LATHROP, S. Wireless security threat taxonomy. Information Assurance Workshop, 2003. IEEE Systems, Man and Cybernetics Society, June, p. 76–832003.

WI-FI ALLIANCE. Wi-Fi protected access: strong, standards-based, interoperable security for today’s Wi-Fi. Networks. v. 1, p. 7, 2003.


Apontamentos

  • Não há apontamentos.




Projetos, Dissertações e Teses em Sistemas de Informação e Gestão do Conhecimento
ISSN 2358-5501 (Online)