DOI: https://doi.org/10.15802/stp2020/213042

WIRELESS WI-FI SECURITY ANALYSIS IN AUTOMATED RAILWAY SYSTEMS

I. V. Zhukovyts’kyi, I. A. Pedenko

Abstract


Purpose. The article is aimed to analyze the basic security mechanisms available in Wi-Fi networks; show the mechanisms for attacking these defenses; carry out a comparative analysis of the effectiveness of protection mechanisms; provide recommendations for the use of these mechanisms in automated rail transport systems; build a demonstration model of attacks on Wi–Fi network security. Methodology. Based on the review of a significant number of domestic and foreign sources, a comparative analysis of the security mechanisms of the Wi–Fi network is carried out, where individual protection standards are analyzed, their strengths and weaknesses appear. A variety of attacks on authentication tools and mechanisms for ensuring the security of information exchange are shown. To demonstrate an attack on these security features, an algorithm has been developed for a demonstration simulation model of the WPA2 security protocol with the ability to attack this protocol. Findings. The basic standards of Wi–Fi security mechanisms have been compared. In particular, WEP, WPA, WPA2, WPA3. Different attacks on these standards have been demonstrated. The advantages and weaknesses of individual mechanisms of protective means are shown, recommendations for their use are provided. A demonstration model of attacks on wireless network protection mechanisms has been built, which demonstrates such attacks as an attack on a passphrase and a KRACK attack. To demonstrate in the program, the WPA2 standard with the PSK authentication mechanism and the cryptographic protection mechanism CCMP-128 is chosen. Originality. A wide range of Wi–Fi network security mechanisms is presented, the capabilities of individual security mechanisms are shown, and Wi–Fi network security standards are compared. The original software model shows how erroneous user actions help an attacker overcome modern security mechanisms. Practical value. Recommendations for the use of separate Wi-Fi security features can be used to build a security system for individual components of automated rail systems. A demonstration model of an attack on a Wi-Fi network can be used in a training process to train cybersecurity specialists.


Keywords


Wi–Fi network; security standards; security; authentication; encryption

References


Baranova, Ye. A., & Zareshin, S. V. (2018). Analiz zashchishchennosti besprovodnykh klientov. Modern Information Technologies and IT-education, 14(4), 938-946. (in Russian)

Intellektualnaya set wi-fi dlya transportnykh sistem. Retrieved from https://deps.ua/system-integration/wireless-solutions/wi-fi/transport.html (in Russian)

Kupriyanovsky, V. P., Sukonnikov, G. V., Sinyagov, S. A., Namiot, D. Ye., Evtushenko, S. N., & Fedorova, N. O. (2016). On internet of digital railway. International journal of open information technologies, 4(12), 53-68 (in Russian)

Morozov, A. V., & Shakhov, V. G. (2014). Analiz bezopasnosti dostupa besprovodnykh setey po tekhnologii wi-fi, primenyaemoy v obektakh infrastruktury zheleznodorozhnogo transporta. Journal of transsib railway studies, 3(19), 92-96. (in Russian)

Pedenko, I. O. (2019). Doslidzhennia i rozrobka demonstratsiinoi prohramy zakhystu bezdrotovykh merezh: dyplomna robota. Dnipro. (in Ukrainian)

Bittau, A., Handley, M., & Lackey, J. (2006, May). The final nail in wep’s coffin. 2006 IEEE Symposium on Security and Privacy (pp. 386-400). Oakland, USA. DOI: https://doi.org/10.1109/sp.2006.40 (in English)

Fluhrer, S., Mantin, I., & Shamir, A. (2001). Weaknesses in the key scheduling algorithm of RC4. Lecture notes in computer science. (pp. 1-24). DOI: https://doi.org/10.1007/3-540-45537-x_1 (in English)

Frankel, S., Eydt, B., Owens, L., & Kent, K. (2006). Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i. Gaithersburg. (in English)

Gueron, S., & Krasnov, V. (2014). The Fragility of AES-GCM Authentication Algorithm. 2014 11th International Conference on Information Technology: New Generations (pp. 333-337). Nevada, USA. DOI: https://doi.org/10.1109/itng.2014.31 (in English)

IIEEE 802.11-1999-IEEE Standard for Information Technology-Telecommunications and information exchange between systems-Local and metropolitan area networks-specific requirements-Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications. Retrieved from https://standards.ieee.org/standard/802_11-1999.html#additional (in English)

IEEE 802.11ah-2016-IEEE Standard for Information technology-Telecommunications and information exchange between systems-Local and metropolitan area networks-Specific requirements-Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 2: Sub 1 GHz License Exempt Operation. DOI: https://doi.org/10.1109/ieeestd.2017.7920364 (in English)

1X-2010-IEEE Standard for Local and metropolitan area networks-Port-Based Network Access Control. Retrieved from https://standards.ieee.org/standard/802_1x-2010.html (in English)

Jonsson, J. (2003). On the Security of Ctr + CBC-MAC. Lecture Notes In Computer Science, 2595, 76-93. DOI: https://doi.org/10.1007/3-540-36492-7_7 (in English)

Pakhomova, V. M., & Nazarova, D. I. (2020). Organizing Wireless Network at Marshalling Yards Using the Bee Method. Science and Transport Progress, 2(86), 60-73. doi: https://doi.org/10.15802/stp2020/204005 (in English)

Paterson, K. G., Poettering, B., & Schuldt, J. C. N. (2015). Plaintext Recovery Attacks Against WPA/TKIP. Lecture Notes in Computer Science, 8540, 325-349. DOI: https://doi.org/10.1007/978-3-662-46706-0_17 (in English)

Positive Train Control (PTC): Overview and Policy Issues. Congressional Research Service. Retrieved from https://crsreports.congress.gov (in English)

Steube, J. New attack on WPA/WPA2 using PMKID. Hashcat: website. Retrieved from https://hashcat.net/ forum/thread-7717.html (in English)

Stubblefield, A., Ioannidis, J., & Rubin, A. D. Using the Fluhrer, Mantin, and Shamir Attack to Break WEP. Retrieved from http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.16.2068&rep=rep1&type=pdf (in English)

Tews, E., & Beck, M. (2009, March). Practical attacks against WEP and WPA. Proceedings of the second ACM conference on Wireless network security-WiSec '09. (pp. 79-86). Zurich, Switzerland. DOI: https://doi.org/10.1145/1514274.1514286 (in English)

Tews, E., Weinmann, R.-P., & Pyshkin, A. (2007). Breaking 104 Bit WEP in Less Than 60 Seconds. Lecture Notes in Computer Science, 4867, 188-202. DOI: https://doi.org/10.1007/978-3-540-77535-5_14 (in English)

Vanhoef, M., & Piessens, F. (2017, October). Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. (pp. 1313-1328). Dallas, USA. DOI: https://doi.org/10.1145/3133956.3134027 (in English)

Vanhoef, M., & Ronen, E. (2020, May). Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd. 2020 IEEE Symposium on Security and Privacy (SP). (pp. 517-533). San Francisco, USA. DOI: https://doi.org/10.1109/sp40000.2020.00031 (in English)

Wi-Fi CERTIFIED Enhanced Open delivers data protection in open Wi-Fi networks [web-site]. Retrieved from https://cutt.ly/9frxxot (in English)

WPA3 Security Considerations. (2019). Wi-Fi Alliance, 1-7. (in English)

WPA3 Specification Version 1.0. (2018). Wi-Fi Alliance, 1-7. (in English)


GOST Style Citations


  1. Баранова Е. А., Зарешин С. В. Анализ защищенности беспроводных клиентов. Современные информационные технологии и ИТ-образование. 2018. Т. 14, № 4. С. 938–946. 
  2. Интеллектуальная сеть Wi-Fi для транспортных систем. URL: https://deps.ua/system-integration/wireless-solutions/wi-fi/transport.html (дата звернення: 15.05.2020).
  3. Куприяновский В. П., Суконников Г. В., Синягов С. А., Намиот Д. Е., Евтушенко С. Н., Федорова Н. О. Интернет цифровой железной дороги. International Journal of Open Information Technologies. 2016.
    Vol. 4, № 12. С. 53–68.
  4. Морозов А. В., Шахов В. Г. Анализ безопасности доступа беспроводных сетей по технологии wi-fi, применяемой в объектах инфраструктуры железнодорожного транспорта. Известия Транссиба. 2014. № 3 (19). C. 92–96.
  5. Педенко І. О. Дослідження і розробка демонстраційної програми захисту бездротових мереж : дипломна робота. Дніпро, 2019. 130 с.
  6. Bittau A., Handley M., Lackey J. The Final Nail in WEP’s Coffin. 2006 IEEE Symposium on Security and Privacy (Berkeley/Oakland, 21–24 May 2006). Oakland, 2006. P. 386–400. doi: https://doi.org/10.1109/SP.2006.40
  7. Fluhrer S., Mantin I., Shamir A. Weaknesses in the Key Scheduling Algorithm of RC4. Lecture Notes in Computer Science. 2001. Vol. 2295. P. 1–24. doi: https://doi.org/10.1007/3-540-45537-X_1
  8. Frankel S., Eydt B., Owens L., Kent K. Establishing Wireless Robust Security Networks : A Guide to IEEE 802.11i. Gaithersburg, 2006. 156 p.
  9. Gueron S., Krasnov V. The Fragility of AES-GCM Authentication Algorithm. 2014 11th International Conference on Information Technology : New Generations. (Las Vegas, 7–9 April 2014). Nevada, 2014. P. 333–337. DOI: https://doi.org/10.1109/ITNG.2014.31
  10. IEEE 802.11-1999 – IEEE Standard for Information Technology – Telecommunications and information exchange between systems – Local and Metropolitan Area networks – Specific requirements – Part 11 : Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications. URL: https://standards.ieee.org/standard/802_11-1999.html#Additional
  11. IEEE 802.11ah-2016 – IEEE Standard for Information technology – Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific requirements – Part 11 : Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 2 : Sub 1 GHz License Exempt Operation. doi: https://doi.org/10.1109/IEEESTD.2017.7920364 
  12. 802.1X-2010 – IEEE Standard for Local and metropolitan area networks – Port-Based Network Access Control. URL: https://standards.ieee.org/standard/802_1X-2010.html
  13. Jonsson J. On the Security of CTR + CBC-MAC. Lecture Notes in Computer Science. 2003. Vol. 2595. P. 76–93. DOI: https://doi.org/10.1007/3-540-36492-7_7
  14. Pakhomova V. M., Nazarova D. I. Organizing Wireless Network at Marshalling Yards Using the Bee Method. Наука та прогрес транспорту. 2020. № 2 (86). Р. 60–73. DOI: https://doi.org/10.15802/stp2020/204005
  15. Paterson K. G., Poettering B., Schuldt J. C. N. Plaintext Recovery Attacks Against WPA/TKIP. Lecture Notes in Computer Science. 2015. Vol. 8540. P. 325–349. DOI: https://doi.org/10.1007/978-3-662-46706-0_17
  16. Positive Train Control (PTC) : Overview and Policy Issues. Congressional Research Service. URL: https://crsreports.congress.gov (дата звернення: 15.05.2020).
  17. Steube J. New attack on WPA/WPA2 using PMKID. Hashcat : website. URL: https://hashcat.net/forum/thread-7717.html (дата звернення: 15.05.2020).
  18. Stubblefield A., Ioannidis J., Rubin A. D. Using the Fluhrer, Mantin, and Shamir Attack to Break WEP. URL: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.16.2068&rep=rep1&type=pdf (дата звернення: 15.05.2020).
  19. Tews E., Beck M. Practical attacks against WEP and WPA. Proceedings of the second ACM conference on Wireless network security – WiSec '09 (Zurich, March 2009). Zurich, 2009. P. 79–86. DOI: https://doi.org/10.1145/1514274.1514286
  20. Tews E., Weinmann R.-P., Pyshkin A. Breaking 104 BIT WEP in Less Than 60 Seconds. Lecture Notes in Computer Science. 2007. Vol. 4867. P. 188–202. DOI: https://doi.org/10.1007/978-3-540-77535-5_14
  21. Vanhoef M., Piessens F. Key Reinstallation Attacks : Forcing Nonce Reuse in WPA2. CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (Dallas, October 2017).
    Dallas, 2017. P. 1313–1328. DOI: https://doi.org/10.1145/3133956.3134027
  22. Vanhoef M., Ronen E. Dragonblood : Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd. 2020 IEEE Symposium on Security and Privacy (SP) (San Francisco, 18–21 May 2020). San Francisco, 2020. P. 517–533. DOI: https://doi.org/10.1109/sp40000.2020.00031
  23. Wi-Fi CERTIFIED Enhanced Open delivers data protection in open Wi-Fi networks : web-site. URL: https://cutt.ly/9fRxxoT (дата звернення: 15.05.2020).
  24. WPA3 Security Considerations. Wi-Fi Alliance. 2019. P. 1–7.
  25. WPA3 Specification Version 1.0. Wi-Fi Alliance. 2018. P. 1–7.




Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

 

ISSN 2307–3489 (Print)
ІSSN 2307–6666 (Online)