Wireless and Mobile Networks Security
Major: Cyber Security
Code of subject: 8.125.00.M.20
Department: Information Technology Security
Lecturer: Doctor of Technical Sciences, Professor Melnyk V.A.
Semester: 3 семестр
Mode of study: денна
Learning outcomes: As a result of studying the discipline, the student should be able to demonstrate the following learning outcomes: 1. Know the Wi-Fi protocols and their vulnerabilities. 2. Possess methods and tools of analysis of protocols and hacking of networks of Bluetooth, IR, alarm systems, etc., and mechanisms of security of mobile networks GSM, 3G, 4G. 3. Know how to protect mobile devices and wireless channels from cyber-attacks. 4. Know the vulnerabilities and their use in wireless personal networks. 5. Deep knowledge of how wireless networks work, how to protect them, how to protect sensitive information on mobile devices. 6. Be able to detect threats of unauthorized entry or access to wireless networks. Use specialized networking equipment that is used to protect wireless networks. 7. Be able to develop secure (threat-based) wireless networks. 8. Be able to identify and investigate both early and current threats to mobile and wireless security networks; take proactive and protective measures to contain and counter potential threats, attacks and invasions.
Required prior and related subjects: Computer networks. Applied Cryptology: Security Essentials (Cryptographic Methods, Concepts: Privacy, Integrity, Accessibility) Information security in open systems: Basic wireless technologies (Wi-Fi, Bluetooth and optional: LTE, WiMAX, CDMA, GSM, UMTS). Security of cloud technologies. Designing Secure Embedded Systems.
Summary of the subject: Introduction. Basic wireless network threat models, their audit tools, and security methods. Wireless Network Threat Models. Wireless Network Audit Tools. Basic wireless network security methods. Modern wireless network security methods and algorithms. Weaknesses in the WEP security system. Safety mechanisms in IEEE 802.11i. Advanced WiFi authentication protocols. Authentication, authorization and accounting. Application of RADIUS / TACACS + / Diameter protocols for wireless networks. Multiple-factor authentication. Wireless network security at the network level. Use of virtual private networks and firewalls. Security of personal wireless networks. Bluetooth technology and its security features. Bluetooth vulnerabilities, attacks and countermeasures. ZigBee Security Basics. IEEE 802.15.4 standard. ZigBee vulnerabilities. Protection of ZigBee systems. Wireless data technologies in signaling and access control systems. Radio Frequency Identification (RFID) systems. RFID structure and principles. Standards and implementations of RFID. Information security vulnerabilities. Alarms in security and access control systems. Infrared sensors in security systems. Security of mobile telecommunication networks. GSM network security mechanisms, vulnerabilities, attacks and countermeasures. 3G mobile network security features. Security features of 4G and 4G + mobile networks.
Assessment methods and criteria: Assessment methods: 1. Current control of lectures (without scoring) as a frontal or selective individual oral examination of students in the previously presented material, especially in the sections of the course that are necessary to understand the topic of the lecture being read, or to establish the degree of mastering the material of the lecture delivered. 2. Current control of laboratory work in the form of an individual survey. 3. Written review. 4. Oral examination in the form of an interview. 5. Test verification. Distribution of semester control points: 8 laboratory works of 5 points each make 40 points of current control; the 60 semester semester control consists of a written (30 points) and an oral (30 points) component.
Recommended books: 1. Jack M. Holtzman, N Goldman. Wireless and Mobile Communications. Springer Science & Business Media, 2012. 286 р. 2. T. G. Palanivelu. Wireless and Mobile Communication. PHI Learning Pvt. Ltd., 2009, 276 с. 3. Yan Zhang, Jun Zheng, Honglin Hu. Security in Wireless Mesh Networks (Wireless Networks and Mobile Communications). Auerbach Publications; 1 edition (August 21, 2008), 552 pages. 4. Man Young Rhee. Mobile Communication Systems and Security. Wiley-IEEE Press, April 2009, 448 pages. 5. Nicolas Sklavos,Xinmiao Zhang Wireless Security and Cryptography: Specifications and Implementations. CRC Press, 2007. - 416 p. 6. IEEE Std 802.15.4TM 2011, IEEE Standard for Local and metropolitan area networks—Part 15.4: Low-Rate Wireless Personal Area Networks (LR-WPANs). Revision of IEEE Std 802.15.4-2006, Approved 14 August 2012 by American National Standards Institute. 7. ANSI/IEEE Std 802.11, 1999 Edition (R2003). 8. IEEE Std 802.11i TM. 9. NIST Special Publication 800-48. Wireless Network Security: 802.11, Bluetooth and Handheld Devices. November 2002. 10. Melnyk V. IEEE 802.15.4b-Compatible AES-CCM* Security Module Application in IEEE 802.11i Environment / V. Melnyk // Proceedings of 3-rd International Conference “Advanced Computer Systems and Networks: Design and Application”, 2007, Lviv, Ukraine. – P. 139-142. 11. Gascon, David (February 5, 2009). "Security in 802.15.4 and ZigBee networks". [Online]. Available: http://www.libelium.com/security-802-15-4-zigbee/ [Accessed: Jan. 13, 2016]. 12. Callaway, Ed, Bahl, Venkat, Gorday, Paul, Gutierrez, Jose a., Hester, Lance, Naeve, Marco, and Heile, Robert, “Home Networking with IEEE 802.15.4, a developing standard for Low-Rate Wireless Personal Area Networks”, IEEE Communications Magazine, special issue on Home Networking, vol. 40, no. 8, August 2002, pp. 70-77. 13. Menezes, Alfred; van Oorschot, Paul C.; and Vanstone, Scott A. Handbook of Applied Cryptography. CRC Press, October 1996. 14. Information technology – Open System Interconnection – Basic Reference Model: The Basic Model. International Standard ISO/IEC 7498-1. Second edition, 1994. 15. Rogaway, P., and Wagner, D., “A Critique of CCM,” IACR ePrint Archive 2003-070, April 13, 2003. Publication is available from http://www.iacr.org/. 16. Security requirements for cryptographic modules. Federal information proceedings standard publication 140-2, 1999. – 50 p. 17. Sastry, N., and Wagner, D., “Security considerations for IEEE 802.15.4 networks”, Proceedings of the 2004 ACM workshop on Wireless security. Philadelphia, PA, USA Pages: 32 - 42 : 2004. Publication is available from www.cs.berkeley.edu/~kwright/nest_papers/15.4-wise04.pdf