WLANs have additional security threats to consider that are RF in nature. Protocol-level attacks that attempt to penetrate Wi-Fi data security include rogue access points, authentication attacks, evil twin access point, man-in-the-middle, Wi-Fi phishing, and malicious eavesdropping. Most of these attacks exit at layer 2 of the OSI model. Proper authentication, encryption, and segmentation security solutions can be implemented to mitigate many of these well-known attacks. Layer 2 security monitoring solutions can also be put in place to detect when layer 2 attacks are taking place.
But a major oversight in current wireless intrusion detection systems (WIDS) solutions is that they have been unable to detect layer 1 security threats WIDS typically use 802.11 radio cards that have limited layer 1 visibility. They are only capable of monitoring high-level layer 1 statistics such as received signal strenght and signal-to-noise ratio (SNR) across a channel. These limited capabilities are completely insufficient for full spectrum analysis. For this reason, the 802.11 radio card that resides in a mobile or sensor-based WIDS solution can perform only layer 2 security monitoring and layer 2 performance analysis. With that in mind, it should be understood that the only effective tool for accomplishing proper layer 1 spectrum analysis and layer 1 security monitoring is a true spectrum analyzer.
Posts
No comments:
Post a Comment