Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

Wireless and mobile security

P
Pushkar Pashupat

My Presentation at National Seminar on Recent Wireless and Mobile Trends http://www.rmacs.co.in/ncrtnHome.html

1 of 19
Wireless and Mobile SecurityNull-The open Security CommunityPushkar
News…Varanasi Bomb Blast Mail sent through hacked WiFiof a DJ in NaviMumbai.Out of 2300 connections only 16% are secured in Pune City – Cyber Crime Cell, Pune.Police making it compulsory to secure wifi.Geimini Trojan attacks Android users on New Year.
WIRELESS Technology
Wireless Network Standards….
Attacks…Identity Theft – Hacking a wireless network and using it. Use it for fun. Use it for free. Use it for crime.MITM – Sniff the users information.Corporate espionage.Sniff passwordsDoS– Interrupt work.
Wireless Security Measures…No Security  WEP – Wireless Equivalent ProtocolSimple Low level Security40 bit shared key used.only ensured the data received is the same or not.can be easily cracked now.
Wireless Security measures contd…WPA – Wi-Fi Protected Access. 128bit, TKIP – Dynamically offering keys for connection. Encrypted using Michael Algorithm.WPA2 –128bit,AES encryption algorithm.More reliable and most widely used.
Mobiles – Smartphones…The next generation technology.Compact and efficient devices.A practical and cost-effective alternative to laptops.Need of the hour.Work on Move.
Who are the users …You, me and all,Corporate Directors, Managers, Executives,Salesman, Suppliers, Contractors,Government OfficialsCollege Students,
Affecting factors…Mobile Communication Capabilities :Cellular – MITM in voice transmission, with using less secured protocols or encrypting/decrypting techniques.WiFi-MITMBlutooth /Infrared - Personal Area NetworkSMS—Scripts to send spam sms from the device, inject malware on the phones.Corporate Firewall,Inside the firewall, Access to all the data on network,Outside the firewall Data is in the air,
Threats…Physical : Device theft, loss of device Misuse by trusted people (colleagues, friends, family)Malwares: Mobile Malwares-new and emerging threat Infection vectors are more.Eg., Mabir/Cabir virus: can infect Symbian OS via Bluetooth or SMS.Dampigtrojan: corrupts the system’s uninstallation settings.
Threats contd…Mobile App Downloads :Free nature of apps, “Jail-breaking” – process which allows users to installed pirated or unchecked applications.Application Isolation.Secure Data Storage: Password protection, mobile number fixed for each device, auto mounting disable.Strong Authentication with poor keyboards.Secure Operating Systems
Platforms…Android Operating System :OS by google, open source.Used by many mobile device producing companies.iOS :Apple OS.Used in iPhones, iPadsWindows Mobile OS /Windows Phone 7 : Mobile OS from Microsoft.Symbian OS /Symbian^3 :Used in Nokia devices.
Security Measures…Platform-Centric Security : Protecting the device/network instead of data.Data-Centric Security : Protecting Data instead of devices/networks. Components in mobile security : Authentication and Authorization : Firewall Security : Over-the-air security : Offline security :
Security Measures Authentication and Authorization : Authorize the device use as well as the application use by proper authentication.Firewall Security :Include and register mobile devices with company firewalls. Only give access to registered users.Over-the-air security :Encrypt the data when sent onto public mobile networks.Offline security :Prevent mobile device to reach in the wrong hands.
Security Measures …Security over PAN : Security for Bluetooth /Infrared data transmission.Security over mobile Malwares :Install trusted anti-virus scanners in mobiles.
Wifi Cracking Demo
Conclusion …Work while on move with CAUTION …
Thank You 

More Related Content

Wireless and mobile security

  • 1. Wireless and Mobile SecurityNull-The open Security CommunityPushkar
  • 2. News…Varanasi Bomb Blast Mail sent through hacked WiFiof a DJ in NaviMumbai.Out of 2300 connections only 16% are secured in Pune City – Cyber Crime Cell, Pune.Police making it compulsory to secure wifi.Geimini Trojan attacks Android users on New Year.
  • 5. Attacks…Identity Theft – Hacking a wireless network and using it. Use it for fun. Use it for free. Use it for crime.MITM – Sniff the users information.Corporate espionage.Sniff passwordsDoS– Interrupt work.
  • 6. Wireless Security Measures…No Security  WEP – Wireless Equivalent ProtocolSimple Low level Security40 bit shared key used.only ensured the data received is the same or not.can be easily cracked now.
  • 7. Wireless Security measures contd…WPA – Wi-Fi Protected Access. 128bit, TKIP – Dynamically offering keys for connection. Encrypted using Michael Algorithm.WPA2 –128bit,AES encryption algorithm.More reliable and most widely used.
  • 8. Mobiles – Smartphones…The next generation technology.Compact and efficient devices.A practical and cost-effective alternative to laptops.Need of the hour.Work on Move.
  • 9. Who are the users …You, me and all,Corporate Directors, Managers, Executives,Salesman, Suppliers, Contractors,Government OfficialsCollege Students,
  • 10. Affecting factors…Mobile Communication Capabilities :Cellular – MITM in voice transmission, with using less secured protocols or encrypting/decrypting techniques.WiFi-MITMBlutooth /Infrared - Personal Area NetworkSMS—Scripts to send spam sms from the device, inject malware on the phones.Corporate Firewall,Inside the firewall, Access to all the data on network,Outside the firewall Data is in the air,
  • 11. Threats…Physical : Device theft, loss of device Misuse by trusted people (colleagues, friends, family)Malwares: Mobile Malwares-new and emerging threat Infection vectors are more.Eg., Mabir/Cabir virus: can infect Symbian OS via Bluetooth or SMS.Dampigtrojan: corrupts the system’s uninstallation settings.
  • 12. Threats contd…Mobile App Downloads :Free nature of apps, “Jail-breaking” – process which allows users to installed pirated or unchecked applications.Application Isolation.Secure Data Storage: Password protection, mobile number fixed for each device, auto mounting disable.Strong Authentication with poor keyboards.Secure Operating Systems
  • 13. Platforms…Android Operating System :OS by google, open source.Used by many mobile device producing companies.iOS :Apple OS.Used in iPhones, iPadsWindows Mobile OS /Windows Phone 7 : Mobile OS from Microsoft.Symbian OS /Symbian^3 :Used in Nokia devices.
  • 14. Security Measures…Platform-Centric Security : Protecting the device/network instead of data.Data-Centric Security : Protecting Data instead of devices/networks. Components in mobile security : Authentication and Authorization : Firewall Security : Over-the-air security : Offline security :
  • 15. Security Measures Authentication and Authorization : Authorize the device use as well as the application use by proper authentication.Firewall Security :Include and register mobile devices with company firewalls. Only give access to registered users.Over-the-air security :Encrypt the data when sent onto public mobile networks.Offline security :Prevent mobile device to reach in the wrong hands.
  • 16. Security Measures …Security over PAN : Security for Bluetooth /Infrared data transmission.Security over mobile Malwares :Install trusted anti-virus scanners in mobiles.
  • 18. Conclusion …Work while on move with CAUTION …

Editor's Notes

  1. Wired Equivalent Protocol