Wireless Network Security Lecture Notes

Key vocabulary terms and definitions regarding wireless network security, covering hardware types, common attacks, and historical as well as modern security protocols.

Wireless Local Area Network (WLAN)

Also called Wi-Fi, it is designed to replace or supplement a wired LAN by providing connectivity to portable devices within range of an Access Point (AP).

IEEE 802.11ax

Also known as Wi-Fi 6, this standard supports speeds of up to $9.6\,Gbps$ and utilizes frequency bands of $2.4\,GHz$, $5\,GHz$, and $1-6\,GHz$.

Wireless Adapter

A wireless client network interface card installed on endpoint devices that uses an antenna to send and receive signals through airwaves.

Access Point (AP)

A centrally located device consisting of an antenna and radio transmitter/receiver that acts as a bridge between wireless and wired networks.

Wireless Router

A single device used in SOHO networks that combines functionalities including an AP, gateway, switch, DHCP server, and firewall.

Captive Portal APs

APs used in public places that direct users to a web page to enter a password and agree to terms of use.

Standalone APs

Autonomous or independent APs that are separate from other network devices and other autonomous APs.

Fat APs

APs that have all the necessary components to manage wireless authentication, encryption, and other functions locally.

Thin APs

Lightweight APs that are centrally configured through the switch they are connected to.

Controller APs

APs managed through a dedicated wireless LAN controller (WLC) rather than a switch.

Wireless LAN Controller (WLC)

A device that manages controller APs and can perform authentication to minimize handoff procedure time for moving users.

Hard Edge

A well-defined boundary in a wired network that protects data and resources, consisting of a single data passage point and physical walls.

Blurred Edges

The result of introducing WLANs into enterprises, where multiple entry points allow attackers to connect to signals from outside the physical building.

Rogue Access Point

An unauthorized AP, often set up by an insider behind a firewall, that allows an attacker to bypass network security configurations.

Evil Twin

An AP set up by an attacker that mimics an authorized AP's service set identifier (SSID) to capture user transmissions.

RF Jamming

A wireless Denial of Service attack where intentional RF interference is used to flood the spectrum and prevent device communication with an AP.

Disassociation Attack

An attack where the attacker spoofs a trusted client MAC address to craft a fictitious frame that disconnects the client from the WLAN.

Duration Field Manipulation

An attack where the attacker sets a high value in the duration field of the RTS/CTS protocol to prevent other devices from transmitting.

Wired Equivalent Privacy (WEP)

An original IEEE 802.11 security protocol that used a 64-bit or 128-bit number with a $24\,bit$ initialization vector (IV), which proved easily crackable due to IV repetition.

Wi-Fi Protected Access (WPA)

An improvement over WEP that uses a pre-shared key (PSK) and provides Personal and Enterprise authentication modes.

Wi-Fi Protected Setup (WPS)

An optional AP feature for easy connection via a button or PIN; it is vulnerable because it does not mandate a lockout limit for PIN attempts.

MAC Address Filtering

A method to block unauthorized access by device address, though vulnerable because MAC addresses are initially exchanged in unencrypted format and can be spoofed.

Wi-Fi Protected Access 2 (WPA2)

A modern security solution that uses advanced encryption protocols and restricts access to authentication servers via the EAP framework.

Extensible Authentication Protocol (EAP)

A framework used to secure communication between a supplicant (client), authenticator (AP), and authentication server using four packet types: request, response, success, and failure.

Wi-Fi Protected Access 3 (WPA3)

The next generation of Wi-Fi security that supports $192\,bit$ encryption and uses Simultaneous Authentication of Equals (SAE).

Simultaneous Authentication of Equals (SAE)

A WPA3 feature designed to increase security during the handshake process when keys are being exchanged.

Site Survey Tools

Tools such as heat maps, Wi-Fi analyzers, and channel overlays used to determine the best location for AP installation to ensure coverage and minimize signal bleed.