无线局域网安全分析终端设计与实现
摘要
无线局域网WLAN(Wireless Local Area Network)由于传输介质的公开性,不但会受到与有线网络相同的针对TCP/IP协议漏洞的攻击,而且还会受到针对802.11协议标准的特殊威胁,安全性受到了严重的挑战,需要安全分析与检测系统进行管理。
目前针对WLAN的安全分析与检测系统,大都采用基于入侵检测的被动分析技术。与传统被动分析技术相比,基于协议测试的主动分析技术对WLAN有较好的安全防护能力。作为WLAN安全分析与检测系统的一部分,WLAN安全分析终端如何设计实现成为本文研究的主要工作。
本文首先简要阐述了目前国内外WLAN安全的研究现状,介绍了WLAN的基本概念、安全技术和安全隐患。然后重点进行了以下三部分研究:
1. WLAN安全分析终端的功能需求
通过对WLAN主动和被动安全分析技术进行研究,得出WLAN主动安全分析技术的方法与执行过程。根据终端的部署结构图,设计出终端的具体功能需求,包括脚本交互管理、脚本执行能力、报文统计分析、报文处理和设备接口等几部份。
2.实现了WLAN安全分析终端的平台构建
终端采用PowerPC(mpc8270)处理器搭建硬件平台,嵌入式Linux系统为软件平台。射频模块采用芯片组型号为AR5212的PCI接口的无线网卡(TL-WN651G),该系列网卡采用madwifi系列驱动,对软件后续设计提供了支持。
3.实现了WLAN安全分析终端的软件设计
终端软件设计采用了三层结构,将软件分为系统层、测试命令支撑库层和应用程序层。测试支撑命令库提供了主控节点与终端的命令和脚本解析支持。通过扩展命令支撑库,使得程序具有了具有很好的扩展性。系统层的网络适配器模块通过加载madwifi库提供直接面向硬件驱动层的访问接口。应用程序层包括连接控制协议模块、执行控制模块和命令解释器模块。
For the inherent characters of the wireless channel, The WLAN is not only threatened by the vulnerabilities of the TCP/IP protocol, but also by the weakness of the 802.11 protocol. It results serious challenges on security issues.The WLAN needs a security analysis system.
So far, most security analysis systems are based on the intrusion detection. Compared with the intrusion detection, the active analysis methods based on testing of protocols are more safe for the WLAN. As a part of the WLAN security analysis system.,this paper focuses on the Design and implementation of the security analysis terminal of the WLAN
In the paper, the research of the security of WLAN are addressed, including the Basic concepts, security technology and threats. At last, the paper emphasizes on research of the following three-parts
1. The functional requirements for the terminal
This paper researchs how the active and passive analysis methods process. According to the deployment structure of the terminal, we design the funcitional requirements for the terminal. Including the interaction management and the implementation of the scripts、the statistical analysis and processing of the packets of WLAN and interfaces of devices etc.
2. The implementation of the platform of the security analysis terminal Based on the PowerPC and the embedded Linux operation system, we design and implement the platform of the security analysis terminal. We use the TL-WN651G wireless network adapter as the RF module. It uses the madwifi as the software drivers and provides support for the following design
3. The design and implementation of the software for the terminal The software of the terminal are divided into threee layers,including the system layer、the command library layer and the application layer. The command library provides supports for the command and script interpreting between terminals and sever. By extending the command library, it enhances the extendability of the software for the terminal. By loading the madwifi library, the network adapter module of the system layer provides the access interface that directly orients the hardware-driven layer. The application layer includes the connection control module, excution control module and command interpreter module.
目前针对WLAN的安全分析与检测系统,大都采用基于入侵检测的被动分析技术。与传统被动分析技术相比,基于协议测试的主动分析技术对WLAN有较好的安全防护能力。作为WLAN安全分析与检测系统的一部分,WLAN安全分析终端如何设计实现成为本文研究的主要工作。
本文首先简要阐述了目前国内外WLAN安全的研究现状,介绍了WLAN的基本概念、安全技术和安全隐患。然后重点进行了以下三部分研究:
1. WLAN安全分析终端的功能需求
通过对WLAN主动和被动安全分析技术进行研究,得出WLAN主动安全分析技术的方法与执行过程。根据终端的部署结构图,设计出终端的具体功能需求,包括脚本交互管理、脚本执行能力、报文统计分析、报文处理和设备接口等几部份。
2.实现了WLAN安全分析终端的平台构建
终端采用PowerPC(mpc8270)处理器搭建硬件平台,嵌入式Linux系统为软件平台。射频模块采用芯片组型号为AR5212的PCI接口的无线网卡(TL-WN651G),该系列网卡采用madwifi系列驱动,对软件后续设计提供了支持。
3.实现了WLAN安全分析终端的软件设计
终端软件设计采用了三层结构,将软件分为系统层、测试命令支撑库层和应用程序层。测试支撑命令库提供了主控节点与终端的命令和脚本解析支持。通过扩展命令支撑库,使得程序具有了具有很好的扩展性。系统层的网络适配器模块通过加载madwifi库提供直接面向硬件驱动层的访问接口。应用程序层包括连接控制协议模块、执行控制模块和命令解释器模块。
For the inherent characters of the wireless channel, The WLAN is not only threatened by the vulnerabilities of the TCP/IP protocol, but also by the weakness of the 802.11 protocol. It results serious challenges on security issues.The WLAN needs a security analysis system.
So far, most security analysis systems are based on the intrusion detection. Compared with the intrusion detection, the active analysis methods based on testing of protocols are more safe for the WLAN. As a part of the WLAN security analysis system.,this paper focuses on the Design and implementation of the security analysis terminal of the WLAN
In the paper, the research of the security of WLAN are addressed, including the Basic concepts, security technology and threats. At last, the paper emphasizes on research of the following three-parts
1. The functional requirements for the terminal
This paper researchs how the active and passive analysis methods process. According to the deployment structure of the terminal, we design the funcitional requirements for the terminal. Including the interaction management and the implementation of the scripts、the statistical analysis and processing of the packets of WLAN and interfaces of devices etc.
2. The implementation of the platform of the security analysis terminal Based on the PowerPC and the embedded Linux operation system, we design and implement the platform of the security analysis terminal. We use the TL-WN651G wireless network adapter as the RF module. It uses the madwifi as the software drivers and provides support for the following design
3. The design and implementation of the software for the terminal The software of the terminal are divided into threee layers,including the system layer、the command library layer and the application layer. The command library provides supports for the command and script interpreting between terminals and sever. By extending the command library, it enhances the extendability of the software for the terminal. By loading the madwifi library, the network adapter module of the system layer provides the access interface that directly orients the hardware-driven layer. The application layer includes the connection control module, excution control module and command interpreter module.
引文
A.Arbaugh. 2001. Your 802.11 Network has No Clothes[C]∥I n First IEEE International Conference on Wireless LANs and Home Networks 9( 6):44-51
A.Stubblefield, John.Ioannidis, A.Rubin. 2002. Using the Fluhrer, Mantin,and Shamir Attack to Break WEP[C]∥In Proceedings of the 2002 Network and Distributed Systems Symposium 46-74
Ahuja Sanjay p, Dendukuri Krishna .2004. Security problems in 802.11 based wireless networks [C]∥Proceedings of the Third IASTED International Conference on Communications, Internet, and Information Technology .153-164
CHANDRAN N,BHAVANA K R.,2005,Enhancing RC4 Algorithm for WEP Protocol using Fake Character Insertions and Compression Technique (FCICT) [C]∥.Wireless and Optical Communications Networks,2005.WOCN 2005.Second IFIP International Conference:80-83.
ChangHua He, John C. Mitchell. 2004. 1 Message Attack on the 4-Way Hand-shake:IEEE document number 11-04-0497-00-000i [C]∥.May 2004 IEEE 802 Wireless Groups Interim Session, Garden Grove California .
Deering S, H inden R. 1998.RFC 2460:Internet protocol version6 (IPv6)[S] Denning D E. 1987.An intrusion detection model.[J] IEEE Symp on Security & Privacy. 13(2):222-232
Dhinaharan Nagamalai, Beatrice Cynthia Dhinakaran etc.2005. Security threats and countermeasures in WLAN [C]∥1st Asian Internet Engineering Conference.168-182
Dr. Cyrus Peikari Seth Fogie. 2003. MaxiMum Wireless Security .[M] Pearson Education.Inc .215-218
Fossorier Marc PC, Kobara Kazukuni, ImaiHideki. 2007. Modeling bit flipping decoding based on nonorthogonal check sums with application to iterative decoding attack of McEliece cryptosystem [J] IEEE Transactions on Information Theory. 53(1): 402-411
Han Wei, Zheng Dong, ChenKe-Fei . 2009 Some remarks on the TKIP key mixing function of IEEE 802.11i [J] Journal of Shanghai Jiaotong University (Science). 14(1):81-85
IEEE802.11 Working Group. 1999. Wireless LAN Medium Access Control(MAC) and Physical Layer(PHY) Specifications[S] New York:The Institute of Electrical and Electronics Engineers IEEE802.11 working group. 2003 .802.11i.Wireless Medium Access Control(MAC) and Physical Layer(PHY) Sepcifications:Medium Access Control(MAC) Security Enhancements[S].
J.Bellardo, S.Savage.2003.802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions [C]∥In Proceedings of the USENIX Security Symposium.15-28
Jon Edney, William A. Arbaughl. 2003.Real 802.11 Security-Wi-Fi Protected Access and 802.11i[M] Addison Wesley.15-60
Kemmerer R A.2000.The STAT Tool Suite[C]∥the 2000 DARPA Information Survivability Conference and Exposition. 2000(2):46-55
Mattbew S.Gast .2005.802.11无线网络权威指南[M]东南大学出版社57-64
N. Borisov, et al. 2001.Intercepting Mobile Communications:“The Insecurity of 802.11”[C]∥Seventh Annual International Conference on Mobile Computing and Networking: 180-189
NIST. 2001. RFC3394, FIPS Pub 197: Advanced Encryption Standard (AES)[S]. RSA Laboratories
P. Kyasanur ,N. Vaidya. 2003 Detection and handling of MAC layer misbehavior in wireless networks [C]∥International Conference on Dependable Systems andNetworks.San Francisco, California. 173-182
Park J S ,Docoi D.2003 .WLAN security: current and future [J] Internet Computing, IEEE.7:60-65 Phil Porras,Dan Schnackenberg, Stuart Staniford-Chen et al.1998. The Common Intrusion Detection Framework Architecture.[J] Journal of Computer Security
S.Fluhrer,I.Mantin,and A.Shamir. 2001.Weaknesses in the key scheduling algorithm of RC4. [C]∥in Proc.8th Workshop Selected Areas in Crytog-raphy, vol2259:1-24.
Wenzhe Zhou, Marshall Alan., Qiang Gu. 2006. A novel classification scheme for 802.11 WLAN active attacking traffic patterns [C]∥2006 Wireless Communications and Networking Conference: 623-628
Y G. Zhang , W Lee , and Y.A. Huang. 2003 Intrusiondetection techniques for mobile wireless networks[J] Wireless Networks, vol.9:.545-556,
Y.G. Zhang and W. Lee.2000 Intrusion detection in wireless adhoc networks [J]Mobile Computing and Networking, 275-283
Y.X. Lim, T. Schmoyer, J. Levine, et al .2003.Wireless intrusion detection and response[C]∥in Proceedings of the 2003 IEEE Workshop on Information Assurance. 68-75
Yanheng Liu,Daxin Tian,Bin Li.2006 A Wireless Intrusion Detection Method Based on Dynamic Growing Neural Network [C]∥Computer and Computational Sciences, 2006. IMSCCS '06. First International Multi-Symposiums.611-615
Yxin Zhao, Jianping Wu, Xia Yin. 2002. From Active to passive -- progress in testing of internet routing protocols (Extended Version)[J]. Journal of Computer Science and Technology , 17(2):264-283.
Zhang Longjun; Han Wei; Zheng Dong; Chen Kefei.2005 A Security Solution of WLAN Based on Public Key Cryptosystem Parallel and Distributed Systems. [C]∥Proceedings. 11th International Conference .2: 422 - 427
刘乃安.2004.无线局域网(WLAN)-原理、技术与应用[M]西安电子科技大学出版社.386-447
刘文涛. 2005网络安全开发包详解[ M] .北京:电子工业出版社:21 - 24.
鲁智勇.2006.无线局域网及其对抗技术[M]国防工业出版社.116-151
马建峰.朱建明. 2005 .无线局域网安全-方法与技术[M]机械工业出版社.166-182
汤鹏杰.2008. WLAN拒绝服务攻击分析与研究[J]计算机安全.8:86-88
王茂才. 2007.无线局域网的安全性研究[J].计算机应用研究.(1) 158-160
许德海.2007.无线局域网的技术特点[J]科技信息(24)384
郑晓蕾,曹秀英.2002.802.1X:基于端口的网络接入控制标准.[J]通信技术.2002(6):79-81
中华人民共和国国家标准.2003.GB 15629.信息技术系统间远程通信和信息交换局域网和城
域网特定要求第11部分:无线局域网媒体访问控制和物理层规范[S]
周炜,褚伟.2008基于Linux的无线局域网协议解析器的设计[J]计算机技术与发展. 18(3):217-220
A.Stubblefield, John.Ioannidis, A.Rubin. 2002. Using the Fluhrer, Mantin,and Shamir Attack to Break WEP[C]∥In Proceedings of the 2002 Network and Distributed Systems Symposium 46-74
Ahuja Sanjay p, Dendukuri Krishna .2004. Security problems in 802.11 based wireless networks [C]∥Proceedings of the Third IASTED International Conference on Communications, Internet, and Information Technology .153-164
CHANDRAN N,BHAVANA K R.,2005,Enhancing RC4 Algorithm for WEP Protocol using Fake Character Insertions and Compression Technique (FCICT) [C]∥.Wireless and Optical Communications Networks,2005.WOCN 2005.Second IFIP International Conference:80-83.
ChangHua He, John C. Mitchell. 2004. 1 Message Attack on the 4-Way Hand-shake:IEEE document number 11-04-0497-00-000i [C]∥.May 2004 IEEE 802 Wireless Groups Interim Session, Garden Grove California .
Deering S, H inden R. 1998.RFC 2460:Internet protocol version6 (IPv6)[S] Denning D E. 1987.An intrusion detection model.[J] IEEE Symp on Security & Privacy. 13(2):222-232
Dhinaharan Nagamalai, Beatrice Cynthia Dhinakaran etc.2005. Security threats and countermeasures in WLAN [C]∥1st Asian Internet Engineering Conference.168-182
Dr. Cyrus Peikari Seth Fogie. 2003. MaxiMum Wireless Security .[M] Pearson Education.Inc .215-218
Fossorier Marc PC, Kobara Kazukuni, ImaiHideki. 2007. Modeling bit flipping decoding based on nonorthogonal check sums with application to iterative decoding attack of McEliece cryptosystem [J] IEEE Transactions on Information Theory. 53(1): 402-411
Han Wei, Zheng Dong, ChenKe-Fei . 2009 Some remarks on the TKIP key mixing function of IEEE 802.11i [J] Journal of Shanghai Jiaotong University (Science). 14(1):81-85
IEEE802.11 Working Group. 1999. Wireless LAN Medium Access Control(MAC) and Physical Layer(PHY) Specifications[S] New York:The Institute of Electrical and Electronics Engineers IEEE802.11 working group. 2003 .802.11i.Wireless Medium Access Control(MAC) and Physical Layer(PHY) Sepcifications:Medium Access Control(MAC) Security Enhancements[S].
J.Bellardo, S.Savage.2003.802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions [C]∥In Proceedings of the USENIX Security Symposium.15-28
Jon Edney, William A. Arbaughl. 2003.Real 802.11 Security-Wi-Fi Protected Access and 802.11i[M] Addison Wesley.15-60
Kemmerer R A.2000.The STAT Tool Suite[C]∥the 2000 DARPA Information Survivability Conference and Exposition. 2000(2):46-55
Mattbew S.Gast .2005.802.11无线网络权威指南[M]东南大学出版社57-64
N. Borisov, et al. 2001.Intercepting Mobile Communications:“The Insecurity of 802.11”[C]∥Seventh Annual International Conference on Mobile Computing and Networking: 180-189
NIST. 2001. RFC3394, FIPS Pub 197: Advanced Encryption Standard (AES)[S]. RSA Laboratories
P. Kyasanur ,N. Vaidya. 2003 Detection and handling of MAC layer misbehavior in wireless networks [C]∥International Conference on Dependable Systems andNetworks.San Francisco, California. 173-182
Park J S ,Docoi D.2003 .WLAN security: current and future [J] Internet Computing, IEEE.7:60-65 Phil Porras,Dan Schnackenberg, Stuart Staniford-Chen et al.1998. The Common Intrusion Detection Framework Architecture.[J] Journal of Computer Security
S.Fluhrer,I.Mantin,and A.Shamir. 2001.Weaknesses in the key scheduling algorithm of RC4. [C]∥in Proc.8th Workshop Selected Areas in Crytog-raphy, vol2259:1-24.
Wenzhe Zhou, Marshall Alan., Qiang Gu. 2006. A novel classification scheme for 802.11 WLAN active attacking traffic patterns [C]∥2006 Wireless Communications and Networking Conference: 623-628
Y G. Zhang , W Lee , and Y.A. Huang. 2003 Intrusiondetection techniques for mobile wireless networks[J] Wireless Networks, vol.9:.545-556,
Y.G. Zhang and W. Lee.2000 Intrusion detection in wireless adhoc networks [J]Mobile Computing and Networking, 275-283
Y.X. Lim, T. Schmoyer, J. Levine, et al .2003.Wireless intrusion detection and response[C]∥in Proceedings of the 2003 IEEE Workshop on Information Assurance. 68-75
Yanheng Liu,Daxin Tian,Bin Li.2006 A Wireless Intrusion Detection Method Based on Dynamic Growing Neural Network [C]∥Computer and Computational Sciences, 2006. IMSCCS '06. First International Multi-Symposiums.611-615
Yxin Zhao, Jianping Wu, Xia Yin. 2002. From Active to passive -- progress in testing of internet routing protocols (Extended Version)[J]. Journal of Computer Science and Technology , 17(2):264-283.
Zhang Longjun; Han Wei; Zheng Dong; Chen Kefei.2005 A Security Solution of WLAN Based on Public Key Cryptosystem Parallel and Distributed Systems. [C]∥Proceedings. 11th International Conference .2: 422 - 427
刘乃安.2004.无线局域网(WLAN)-原理、技术与应用[M]西安电子科技大学出版社.386-447
刘文涛. 2005网络安全开发包详解[ M] .北京:电子工业出版社:21 - 24.
鲁智勇.2006.无线局域网及其对抗技术[M]国防工业出版社.116-151
马建峰.朱建明. 2005 .无线局域网安全-方法与技术[M]机械工业出版社.166-182
汤鹏杰.2008. WLAN拒绝服务攻击分析与研究[J]计算机安全.8:86-88
王茂才. 2007.无线局域网的安全性研究[J].计算机应用研究.(1) 158-160
许德海.2007.无线局域网的技术特点[J]科技信息(24)384
郑晓蕾,曹秀英.2002.802.1X:基于端口的网络接入控制标准.[J]通信技术.2002(6):79-81
中华人民共和国国家标准.2003.GB 15629.信息技术系统间远程通信和信息交换局域网和城
域网特定要求第11部分:无线局域网媒体访问控制和物理层规范[S]
周炜,褚伟.2008基于Linux的无线局域网协议解析器的设计[J]计算机技术与发展. 18(3):217-220