Home | Archive | Subscribe

The Wild, Wild, Wireless World
By Roxane Gay
A
t Starbucks, a student can whip out a laptop and share instant messages with a friend while enjoying a mocha latté. A commuter on a train along the northeast corridor between Washington D.C., and New York City can keep up with the latest stock market quotes. Over the past decade, the Internet has quickly emerged as the most dynamic technological frontier—a medium connecting people and information throughout the world. Behind the people are computers, networked together and creating vast webs of possibility. As technology advances, computer scientists and engineers are developing innovative ways for computers to connect. One of these newest methods is high speed, wireless networks. “People are increasingly mobile and they want to be more connected,” said Byrav Ramamurthy, associate professor of computer science and engineering.

Wireless networks send data between computers and servers via radio waves. For many, wireless networking is an ideal way to remain connected because it provides affordable, hassle-free, high speed Internet access. It also provides a solution for areas where network wiring is difficult or impossible. Computers that are networked wirelessly are able to connect to one another because many share the same standard protocol, IEEE 802.11, an underlying technology that deals with radio frequencies and data transmission. A wireless network can connect peer-to-peer, where computers with wireless network cards connect directly to one another. Wireless networks can also use access points, where the access point serves as a central hub, providing network access to computers that connect to the access point.

With new frontiers and new technologies, however, come new challenges. Wireless mobility has introduced the concept of war driving. “War driving is a phenomenon in which someone from the outside can get information about deployed wireless networks by roaming around and scanning wireless channels to find places where networks are vulnerable, and can be exploited,” Ramamurthy said. War drivers will drive through neighborhoods armed with a laptop equipped with a wireless network card, an easily acquired software program such as Netstumbler, and a Global Positioning System (GPS) unit so they can log the coordinates of unencrypted wireless network signals. These war drivers can then access these vulnerable wireless networks and in many cases, are able to view sensitive data that is being transmitted.

A grassroots wireless networking movement has risen from war driving—a motley band of computer users with varying intentions, who promote free and widespread wireless Internet access. This community has created a legion of Web sites that map wireless networks using GPS technology, provide information about the location of free and/or vulnerable wireless networks and advocate for the creation of wider free networks. Most of these wireless advocates are harmless and firmly follow the credo, “Thou shalt not access another’s network under any circumstance.” And yet, there is a more sinister element among them—users who exploit vulnerable wireless networks with malicious intent. For the home user who doesn’t transmit personal information via the Internet, this threat may not seem imminent, but many businesses are also adopting wireless networks and exposing countless gigabytes of sensitive data to wireless malfeasants.

To combat the exploitation of wireless networks, Ramamurthy and his graduate students develop software tools for system administrators. The goal is to both secure network communications so they cannot be compromised as well as detect unauthorized network presences. One such tool is DH–ABIDERS or Distributed Hybrid Agent Based Intrusion Detection and real time Response System—software that constantly monitors wireless network channels and locates rogue access points and intruders. “The program identifies patterns by which you can tell if there is an intruder on your network or not,” Ramamurthy said. The system uses a three-pronged approach. An anomaly-based model detects identity theft. A signature-based model detects war driving. Finally LAN Scan monitors wireless LANs to detect the installation of rogue access points. The system responds in real time by alerting a network administrator that an intrusion, either active or passive, is taking place. “Current tools are not comprehensive enough,” Ramamurthy said. Thus far, the system has been successfully implemented and tested. It uses open source solutions and is vendor independent.

The DH-ABIDERS system has been designed with a unique approach. A central administrator oversees all the wireless cells in a network and maintains information about access points and users who are authorized to use the network. To keep track of the entire network, agents are deployed as deputies of the central administrator. The versatile agents can accept registration messages for access points, scan their designated area for rogue access points and notify administrators, detect promiscuous wireless nodes and block unauthorized users. The National Science Foundation funds Ramamurthy’s continuing research and a $350,000 grant is scheduled to run through 2006. “I am also looking for other grant projects in this area,” Ramamurthy said.

In addition to developing tools to prevent the exploitation of wireless networks, Ramamurthy also believes it is important to educate end users about how to secure their wireless networks. “Earlier versions of wireless network cards don’t have the same encryption. Lots of awareness is needed for people who have deployed these more vulnerable networks,” Ramamurthy said. “The more people convert to wireless networks, the bigger this problem will become.” Users can change their Service Set Identifier (SSID) or the name of their router from the default name provided at the factory to something an intruder is unaware of. Users can also encrypt their data so that it can’t be interpreted by anyone who sees it on the network. “The higher level of encryption you use, the more resistant your network will be to attacks,” Ramamurthy said.

Newer generations of wireless cards are integrated with security standards such as Wireless Protocol Access (WPA) that integrates security features with authentication systems. Users must also keep their software updated with the latest versions available on vendor Web sites. “Until we see a more widespread use of WPA, users must take basic steps to secure their networks,” Ramamurthy said. Each of his efforts reflects that there is a new sheriff in the wild, wild wireless world and his name is Byrav Ramamurthy.