Untitled Notes

Mobile Security Threats: Understanding various threats targeting mobile devices.
Wireless Security Attacks: Discusses different types of attacks targeting wireless networks.
Wireless Security Measures: Preventive measures and best practices to enhance security.
Wireless LAN (WLAN): Understanding the architecture and components of wireless local area networks.
WEP and WPA Security: Explanation of Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA) authentication methods.
IEEE 802.11 Network Components: Overview of IEEE 802.11 components and architectural model.
802.11i Services: Understanding services and operations in IEEE 802.11i, including security measures.
5G Features: Introduction to the features of 5G networks.
Privacy vs Security: Distinctions between privacy and security concepts.
Privacy by Design Model: Framework for ensuring privacy in technological applications.
Privacy Acts: Overview of EU directives, PIPEDA, and ISO standards related to privacy.

802.11 Standards: Explain components of IEEE 802.11 standards and WLAN.
Mobile Security Principles: Describe the principles of mobile security.
Wireless Security Measures: Explain preventive measures in wireless security.
Authentication Methods: Explain WEP and WPA authentication methods.
802.11i Features: Describe features like TKIP, CCMP, and PRF.
Security vs. Privacy: Explain distinctions between privacy and security.
Privacy by Design Components: Outline elements of the Privacy by Design framework.
Privacy Legislation: Describe privacy acts including EU directives, PIPEDA, and ISO standards.

Wireless networks introduce added security challenges due to:
- Channel Vulnerability: Wireless communications are susceptible to eavesdropping and jamming.
- Mobility: The portability of devices increases risks.
- Resource Constraints: Devices like smartphones have limited capabilities to counter threats.
- Physical Accessibility: Devices left unattended are more vulnerable to attacks.

Accidental Association: Unintended connections to neighboring access points expose resources.
Malicious Association: Rogue access points mimic legitimate ones to steal information.
Ad Hoc Networks: Lack centralized control making them vulnerable.
Nontraditional Networks: Devices like Bluetooth can be exploited for eavesdropping.
Identity Theft (MAC Spoofing): Attackers impersonate devices to gain unauthorized access.
Man-in-the-Middle Attacks: Intercepting communication between two parties unaware of the attack.
Denial of Service (DoS): Overloading services to disrupt access.
Network Injection: Interference with device configurations to disrupt performance.

War Driving: Searching for unprotected networks while driving.
War Chalking: Marking locations of accessible networks.
Evil Twin Attack: Rogue access points infiltrating networks to capture data.
WPA Attacks: Intercepting network keys between devices.
WPS Attack: Attacks exploiting WPS features on routers.
Pixie Dust Attack: Cracking PIN access via WPS vulnerabilities.

Countermeasures Against Eavesdropping:
1. Signal-Hiding Techniques: Techniques such as disabling SSID broadcast, using low signal strength.
2. Encryption: Secure all transmissions to protect against unauthorized access.

Prevent unauthorized access using IEEE 802.1X for port-based access control.
Authenticate devices before granting them access to the network.

Focus on three categories:
1. Device Security
2. Client/Server Traffic Security
3. Barrier Security

PAN (Personal Area Network): IEEE Standard 802.15, including Bluetooth and its security concerns.
IEEE 802.11 Standards: Range, speed, and frequency specifications for various standards (e.g., 802.11b, 802.11g, 802.11ac).

Hallmark of WLANs includes half-duplex signaling and multiple service set structures (BSS, IBSS, ESS).

Utilize CSMA/CA and RTS/CTS protocols to minimize collisions between transmissions.

WEP: Initial weak encryption for WLAN; succeeded by WPA for stronger security standards.
WPA/WPA2: Enhanced security with robust features for encryption and data integrity.

Includes authentication, access control, and privacy with message integrity.
Defined operation phases: discovery, authentication, key generation, data transfer, connection termination.

Key Features: Lower latency, higher capacity, and increased bandwidth compared to 4G.
Components: eMBB, mIoT, uRLLC for various applications in smart cities and transportation.

Massive data generation by IoT devices leading to new applications across multiple industries (healthcare, retail, agriculture).

Definition: Distinction between information security (general) and privacy (personal data).
OECD Privacy Standard: Eight elements defining information privacy under Fair Information Practices.

A proactive approach focusing on integrating privacy principles throughout operational practices to protect individual data.
Foundational Principles: Proactive measures, default settings for privacy, embedding privacy within system design, and full lifecycle protection.

EU Directive 1998: Protections for EU member states processing personal information.
PIPEDA: Federal regulations for private-sector handling of personal information, including ten guiding principles.
ISO27002: Encourages organizations to protect customer private information diligently.