-RESEARCH PROPOSAL TEMPLATE- PROPOSED TITLE Physical Security in WLAN by Raimbert Kangumbe Namukuwa 218114214 Submitted in fulfillment of the requirements for the degree OF BACHELOR OF COMPUTER SCIENCE in the

-RESEARCH PROPOSAL TEMPLATE- PROPOSED TITLE Physical Security in WLAN by Raimbert Kangumbe Namukuwa 218114214 Submitted in fulfillment of the requirements for the degree OF BACHELOR OF COMPUTER SCIENCE in the (Department of Computer Science) at the UNIVERSITY OF SCIENCE AND TECHNOLOGY Supervisor Ms. Mercy Chitauro Date of submission 29/05/2018 METADATA TITLE Physical Security in WLAN STUDENT NAME Raimbert Kangumbe Namukuwa SUPERVISOR Ms. Mercy Chitauro DEPARTMENT Computer Science QUALIFICATION 999NDP NON DEGREE PURPOSES SPECIALISATION STUDY TITLE Master of Computer Science MAIN KNOWLEDGE AREA e.g. HCI, (refer ACM-IEEE-ISA-CC guide) – .. KEYWORDS TYPE OF RESEARCH Applied Research METHODOLOGY STATUS Proposal SITE (Campus Name) DOCUMENT DATE (date of submission) SPONSOR (or Cluster/ Research lab) DECLARATION I, (name (s)) , . hereby declare that the work contained in the proposal for the degree.project, entitled (title of the project)., is my own original work and that I have not previously in its entirety or in part submitted it at any university or other higher education institution for the award of a degree. I further declare that I will fully acknowledge any sources of information I will use for the research in accordance with the Institution rules. Signature _____________________________ Date _____________________ Signature of the Supervisor I, _____________________________, herewith declare that I accept this proposal for my supervision Signature _____________________________ Date _____________________ Abstraction Nowadays security attacks in networks has become a serious concern include physical attack. WLAN deploy in public premises (campus, hospitals and library) are prone to physical threats such as Rogue AP, Physical theft, resources misuse. This study will be conducted on designing a more secure WLAN from physical attacks. Overcoming the drawback from the existing security measure in place, the proposed solution will take advantage of unified technology in delivering Wi-Fi internet and surveillance services. Secondary data and Primary data will be use in gathering information, evaluated using qualitative information. Scientific approach will be considered in designing and validating proposed solution. The will be aiming to be the solutions for physical attacks in WLAN. Introduction Wireless Local Area Network (WLAN) are everywhere this days starting from home to large enterprise networks due to the ease of installation, employee convenience, avoid wiring cost and constant mobility (Md. Waliullah, Diane Gan, 2014).The rapid growth in wireless has been argued to increase danger from network attacks which also increases challenges to organisation, IT staff and IT security professionals. Different proposals have implemented secure wireless LAN by improving encryption standards and authentication mechanism. Having best encryption and authentication mechanism does not guarantee physical security in public premises in which wireless LAN are installed especially on campus, hospitals and other government institutions. Currently, most organisations are using door locks, security officers, video monitoring and electronic access control systems to protect their network infrastructure devices from physical threats which becomes a burden to IT security professionals due to controls that are put in place to enhance security such as administrative, technical and physical control (Vacca, 2013). Threats can enter any wired network via wireless network as Access Point is bridging between wireless and wired network which can be caused by Rough Access Point or Network resources misuse in the network (Hassan, 2013). Sobh, Tarek Salah (2013) said Rogue Access Point is a common threat in wireless LAN which results from attaching an unauthorized access point into the network. He described a Rogue AP in short, as any untrusted or unknown device running in your wireless LAN (Sobh, June 2013). These devices can have many effects and none of them is good in terms of the network. Rogue AP normally dont meet the WLAN network security standard and this can be the main target for hackers to get access into your network. According to Dhiman1, Deepika (Jan. 2014) poor physical placement of Access Point can give easy access to attackers to reset an Access Point to manufacture default settings using a reset button which later become a Rough Access Point after losing its security configuration. In addition, Network resources misuse has been described as a threat that can degrade the network connection speeds and consume bandwidth. This problem arise from improper use of network resources by those who are authorised to use them, as well as use of resources by individuals not authorised to use the resources at all (Vacca, 2013). Bad practice can hinder the overall WLAN performance which affect the productivity of everyone on the wireless network. Many employee in organisation come up with their own solutions by using home-use AP which does not meet the organisational security standard, presenting security risk, poor performance and network abuse. This also bring us to a conclusion that most of the security threat are caused by trusted individuals within organisations. Physical security should be considered as fundamental in network security although previous studies have described it as a minor issue that can be handled by service providers during implementation. Background Physical attack can be more difficult to defend without proper security measures in place once you become a target. According to the recent study conducted in Namibia by Deloitte finds that Namibia is one of the top most vulnerable countries in the world to cybercrime, due to the lack of security measures in place. In spite of lack of security measure in place, some public institution such as Bank of Namibia looks at security comprehensively include physical security and cybercrime prevention to name a few (Olivier, 2017). In general, most of our public institutions in Namibia rely on common physical security measures such as door locks, electronic access control systems, security officers and video monitoring services (Uudhila, MARCH 2016), but how does this prevent the entire IT infrastructure including wireless network from physical attacks Common physical security measures that can be use in IT infrastructure to protect devices from physical access has been identified in previous studies which includes The use of electronic access control and video monitoring system is the most preferred in public and private organizations but it requires skills during installation, management and also increase resources as they also form part of the network (Vacca, 2013) An art of work on alternative embodiments applied to various communication systems including various wireless technologies by James Abumrad, (Mar. 6, 2014). This idea was proposed to resolve the difficulties operators experience in securing necessary sites for locating base stations, repeaters and associated antennas which make up wireless communication system. The use of built-in rogue or intrusion detection scanning for detecting unauthorized access point or rogue AP in the network (Prof. Sandeep Vanjale, 2014). Another very common solutions which we may relate to is the study conducted on physical security measures that librarian in Kenya had put in place such as the use of security guards which are not trained about librarians IT to ensure security around the building as a way of preventing physical theft and vandalism on devices (Rose, Daniel, Nobert, 2015). As explained earlier by Mardiana Mohamad Noor and Wan Haslina Hassan (2013) that Access Point bridging between wireless and wired network and previous studies conducted on physical security measures did not propose proper physical security measures that can protect entire IT infrastructure, specifically on devices that form part of WLAN. Unified Commination Technology market new WLAN unified product which is meant to reduce the installation and operation cost in access point and video camera (Networks, 04/01/2013), this technology seems to be solution for our study. Problem Statement Public Premises in Namibia experience known and unknown WLAN physical security threats. The drawbacks identified in the current security measures in place make it imperative for a study to be conducted to find out how a more physically secure WLAN can be implemented to have a more effective secure WLAN using Unified Commination Technology. Objective Physical security in WLAN is aiming at improving physical security through an investigation on WLAN installed in public premises and below will be our main objectives Identifying existing physical security measures in the network infrastructure and find the loop holes. Examine unified communication platform to clearly understand how it be implemented to deliver wireless internet services and surveillance to ensure physical WLAN security. Design a wireless LAN infrastructure using unified communication platform that will address physical security challenges experienced in wireless LAN. Validate unified communication platform design. Review of Literature The physical access to network resources is the root cause of physical attacks in wireless LAN mainly from unauthorized access point. The literature has emphasized on how physical attack occur in the network and some literature proposed some methods to prevent. 5.1 Wi-Fi Networks Security and Accessing Control Sobh, Tarek Salah (June 2013) proposed a solution to monitor Wi-Fi network that is under unauthorized access attack especially from rogue Access Point or ad-hoc. Sobh, Tarek Salah (June 2013) described a rough Access Point as any AP in the network that is deployed unintentional by the network technician and it can be refer to any device irrespective of its real intent. The following rogue threat were identified Employee installed unauthorized Access Points Misconfigured Access Points Attacker Access Points Unauthorized Access Points Attacker operated Access Points The solution proposed was to give security staff a complete visibility of all connected access points and clients in the network with deterministic rules that identify the devices that are authorized to be network member. The proposed model design was consisting of two basic sub models. First, sub model basic functions are WLAN detection and prevention of unauthorized AP. Second, sub model basic functions are protecting and preventing data leakage of adhoc clients. WLAN Security Issues and Solutions Based on the report by Dhiman1 (Jan. 2014), discussions on various WLAN (IEEE 802.11) security standards and the solutions/products to prevent wireless network from threats were brought to public attention for current and future wireless LAN security. He further identified some possible threat in wireless. Here are some of the wireless LAN security threats that has been identified. Attacker on Service Set Identifier MAC spoofing and session hijacking Information Disclosure (Attack on WEP) Signal interference Eavesdropping Man-In-The-Middle attack Denial of Services Rogue Access Point Physical placement of APs Although the study did not proposed any solutions, it identify different practical solutions and tools to prevent or protect threats in wireless network by means of using several security techniques and protocols such as WEP, PSK, EAP, WPA and WPA2. 5.3 Wireless LAN security Protocols The survey proposed the use of Generic Software Engineering technique to analyse the shortcomings in the IEEE 802.11 and also focused on Robust Security Network which was proposed in the IEEE 802.11i standard using different Generic Software Engineering models (Anik Shah, Animesh Shah, 2015). Data transfer through WLANs can be affected adversely by many security threat and attack. They can be broadly divided into two types Logical attacks and Physical attacks (Anik Shah, Animesh Shah, 2015, p.2). Logical Attacks Attacks on WEP MAC Address Spoofing Denial of Service Attack Man-in-the-Middle Attack Bad Network Design Default AP configuration Physical Attack Rough attacks Physical placement of AP APs coverage The survey paper gave a brief introduction about the WLAN network and the security threats imposed on it while transferring data. In this study Anik and Animesh (2015) explained the characteristics of wireless LAN Security in short and the WLAN security standards through different references. They also discussed the different types of attacks and their possible solutions. Physical Security for Computer Based Information System The objective of the study was to investigate on the physical measures employed by academic libraries in Kenya to secure their library computer-based information system. The idea was initiated by the increase growth in online library resources (Rose, Daniel, Nobert, 2015). Some physical measures such as use of Steel wire, Tieback, Padlock, Tagging, Magnetic Strips, CCTV and Personnel (Staff and Security guards monitoring) where identified as some security measure libraries in Kenya use for physical control. The findings gave a clear understanding to stakeholders on the seriousness the threat of theft and vandalism poses to the library computer-based information systems and ideas were exchange base on how they can use existing measures to mitigate physical threat. The study urge libraries to use more advance methods to curb theft and vandalism needed to be addressed. Some modern advance methods such as biometrics, software and wireless peripheral devices were recommended. The literature identified different ways on how physical attacks occurs in wireless LAN and some has proposed solutions to prevent them. However, the first three studies had focused on detecting and prevention of unauthorized access point in the network which will be one of the point of discussion in our study and the last study had reminded us on the possible security measures that are common in Namibia such as CCTV and Personnel (Staff and Security guards monitoring) that will be used for monitoring services. Local challenges in our campuses and public premises are the contextual influence of the study and the proposed solution is expected to address this in a traditional ways of preventing physical treats such as physical theft, unauthorized access point and resources misusing which will be a bit unique from the other solutions of detecting and preventing unauthorized access points. The study is also expected to give awareness to IT professions in targeted public organizations on the negative impact that physical threats has on wireless LAN. 6. Research Methodology To assure reliability and acquaintance we will be gathering information using primary and secondary data. Secondary data will be collected from various relevant journal articles, website, newspapers and WLAN reseller companies for the background information about our study. For unbiased purposes, primary data collect by means of personal interactions with people and WLAN inspection. 6.1 Research Design Physical security in WLAN will be a learning by doing research, since its a new study in Namibia and little has been addressed particularly on the physical security measure used in preventing physical threats in WLAN deployed in our public premises. We will study the problem systematically and ensure that the action to be taken to improve the physical security is informed based on theoretical consideration, therefore action and qualitative research approach will be used in order to achieve the purpose of our study. Action research is a type of qualitative research, conducted to identify a problem, attempt to resolve it, and then assess the effort. This research is highly applied in that it is typical conducted by those who have a problem in order to solve the problem (Jackson, 2015). A qualitative approach has been described by Juliet, Anselm and Strauss (2015) as an empirical research procedure that investigates a small number of cases, typically with substantial interaction between the cases and researcher. A researcher that selects a qualitative research method collects open-ended, emerging data that is then used to develop themes. This method allows for a study of an exploratory nature. The exploration and discovery of data via a qualitative research method often indicates that there is not much written about the participants or the topic of study (Campbell, 2014). Sampling procedures The study is targeted for public premises such as public universities, hospitals and community libraries where open WLAN are installed that spam for large area for public users. Some IT profession worker will be consulted for adequate information such as network administer and system administrator since they are the people that administers the infrastructure resources and are expected to have better understanding on the entire IT infrastructure setup. Data collections Direct observation will be our main tool of data collection and questionnaires. A thoroughly inspection and assessment will be done on devices such as base stations, bridges and repeaters that forms part of the wireless network in public premises. Pictures will be taken for clarity or evidence purposes. 6.4 Design and validation Our final objectives is to design a wireless LAN infrastructure using unified communication platform and validate the design using the literature. The design should be a user friendly and conform to IEEE 802.11ac WLAN standard and ONVIF IP based security standard. IEEE 802.11ac Institute of Electrical and Electronics Engineers (IEEE) 802.11ac is the new standard that provide an aggregated multi-station throughput of at least 1 gigabit per second in the 5-GHz band (Ruizhiet al.,2013). ONVIF standard Open Network Video Interface Forum (ONVF) is an international protocol standard that address protocol incompatibility of network cameras. Basically, the ONVIF protocol operates based on a Web service and exchanges response-request messages by using a Simple Object Access Protocol (SOAP). Unified Communication provides users with an integration of communications services such as voice, video, and data services (Saravanan al.,2015). For this reason this integration technology is suitable our study. In this approach by Extreme Network (04/01/2013), a camera is an attached client device to the AP and it connect to the network via access point. The IP address from the camera can be retrieved from the client report in the user interface. A port specific policy can be assigned to the camera function, such as mapping all camera interactions like video streaming or management to its own network segment of VLAN. The ONVIF compliant camera is discoverable using standard ONVIF/IP camera methods. ONVIF utilises multicast as the means of advertising and inquiring about device presence. Therefore, the default topology of the role associated to the camera port must be adjusted to allow for multicast. The video images of all the cameras can be configured to support a variety of image resolutions and video frame rates which affects the wireless bandwidth required to transmit the video stream and the amount of disk storage required to keep the video images online. The technology was meant for providing a single device for wireless access and security purpose. We will use this unified technology as security measure for preventing physical security attacks such as physical theft, Rogue AP and Resources misuse in WLAN. AP Integrated Camera will be used for both wireless access and real-time monitoring services. The camera will be providing real-time monitoring services to detect malicious activity in WLAN and notifies the administrators about the system threats to take an action on preventing the attack. The 802.11ac WLAN will operate in the 5-GHz band and provide larger data-transmission channels for a theoretical maximum throughput of 1 Gbps and data range of perhaps 10 meters. Research objective Research questionStrategies/Tools/MethodsIdentifying existing physical security measures in the network infrastructure and find the loop holes. What are the security measure in place and how effective are they on preventing physical attacks.Method Qualitative review of literature Strategies Action research Tools primary dataExamine unified communication platform to clearly understand how it be implemented to deliver wireless internet services and surveillance to ensure physical WLAN securityWhat type of unified communication platform being used and how they can be implementedMethod Qualitative review of literature Strategies Action research Tools primary data and secondary dataDesign a wireless LAN infrastructure using unified communication platform that will address physical security challenges experienced in wireless LAN.How to design a secure WLANMethod Qualitative review of literature Strategy Experimental Tools secondary dataValidate unified communication platform designHow secure is the WLANMethod Qualitative review of literature Strategy Scientific approach Tools primary data Project Scope The study will only focus on WLAN deployed in public premises including campuses, hospitals, libraries and government offices. The study will be carried out in second semester, starting from July to November. The study is aimed at solving physical attacks occurring in WLAN security no threats on encryption or authentication mechanism will be considered. The study will only be carried out in public premises around Windhoek due to lack of resource and financial constraint. The study will only be conducted on unified technology that integrate Access Point and Camera. Limitation Skills would be needed in collecting data. Literatures has identified physical attacks in their own understanding and analysis, therefore our data collection might not be accurate because it will be difficult for us on classifying cases that qualified to be regarded as physical attacks. We might experience lack of resources in studying the newly invented unified technologies that are integrating video, voice and data services. We are dealing with security information confidential information we might not get access to the entire network structure to identify loop holes. We should be ready for bias response from IT professions. Justification The literature highlighted some physical attacks and their impact on networks security. Every security aspect should be looked at comprehensively and the study is expected to be one of the solutions in preventing physical threats in WLAN infrastructure. The study will pave the way in studying the new invention unified technology, specifically in integrating access point and camera. This will also give awareness to IT professions on the negative impact that physical threats have on WLAN and entire network. The design will be unique, first of its kind to use unified technology for physical prevention of physical attack in WLAN also cost-effective as it combines access point and camera on one device for easy installation. Project plan The study should fulfil all our objectives, therefore the planning will be broken down into two stages instead of doing it in one stage. Stage 1 we will conduct a field research to achieve the first and second objectives. Firstly step we will visit public premises with the aim of identify the existing security measures and find the loop holes. Second step we will gather information from various unified technology vendors websites, articles, newspaper and visit reseller companies to familiarised ourselves on the technical implementation of the technology. Stage 2 This will be our final stage and can only be done after completing the first stage. Here we will focus on designing a secure WLAN to address our problems finding in first stage and also validate our design to assure that it accomplishes its intended use requirements. 11. Preliminary Proposal Breakdown/Chapters Outline Abstract will provide a summary of the whole proposal Introduction This section will indicate the scope of the study. It will give a short brief of the study including proposed problem, aims and objectives and the research Problem statement This section will provide reason for our study. Objective The section will highlight the achievement goals expected from the study. Review of Literature the section will list and give an overview of the literature on the physical security in wireless LAN network. Research Methodology one of the important section which will give sufficient details on secondary and primary data, qualitative methods, action research and scientific methods that will be used for designing and validation. Limitations will provide the limitations on finding loop holes in network security, lack of resources and cost involve on designing and validating. Expected outcome the section will give the validating result of the design if it is effective enough in solving the problems in WLAN. Identify the importance for carrying out the study. Conclusion will provide the study summary on the results and recommendations will be made. References Newswire, P. (2013).Extreme Networks Open Fabric Edge Delivers High Perfomance Network Solutions For Enterprise Campuses. California SANTA CLARA Radio. Rose W. NJOROGE, Daniel M. WAMBIRI, Nobert OGETA. Physical Security for Computer Based Information System. (2015).IST- Africa. Nairobi, Kenya Prof. Sandeep Vanjale, Dr. P.B.Mane. A Novel approach for Elimination of Rogue Access Point in Wireless Network. (2014).IEEE.Pune, Inda Md. Waliullah, Diane Gan. International Journal of Advanced Computer Science and Applications. (2014) Anik Shah, Animesh Shah. Wireless LAN Security Protocols. International Journal of Engineering and Computer Science. (2015) Campbell, Suzanne. Clinical Laboratory Science. What is Qualitative Research (2014) Dhiman1, Deepika. WLAN Security Issues and Solutions. IOSR Journal of Computer Engineering. (2014) Hassan, Mardiana Mohamad Noor and Wan Haslina. Wireless Networks Developments, Threats and Countermeasures. IJDIWC. (2013) Jackson, Sherri L. Research Methods A Modular Approach. (2015). California. Cengage Learning James Abumrad, Roger Haas. STRAND MOUNTABLE ANTENNA ENCLOSURE FOR WIRELESS COMMUNICATION ACCESS SYSTEM. (2014). Patent Application Publication. United State Juliet Corbin, Anselm Strauss, Anselm L. Strauss. Basics of Qualitative Research. (2015). California. SAGE Olivier, Francios. Cybercrime in Namibia. Namibian. (2017) Sobh, Tarek Salah. Wi-Fi Networks Security and Accessing Control. (2013). Modern Education and Computer Science (MECS). Cairo, Egypt Uudhila, Jambeko M. CYBER SECURITY RISK MANAGEMENT AND THREAT CONTROL MODEL. (2016). University of Namibia. Windhoek Vacca, John R. Cyber Security and IT Infrastructure Protection. (2013). Elsevier Science Saravanan Bellan, Sanjay M. Pujare, Yogesh Raina, Farzin Khatib Shahidi, Los Altos, Silvia Restelli. SYSTEMAND METHOD OF PROCESSING MEDIA TRAFFIC FOR A HUB-BASED SYSTEMI FEDERATING DISPARATE UNIFIED COMMUNICATIONS SYSTEMS. (May 6, 2015).United States Patent. California Ruizhi Liao, Boris Bellalta, Jaume Barcelo, Victor Valls and Miquel Oliver, (2013). Performance analysis of IEEE 802.11ac wireless backhaul networks in saturated conditions. EURASIP Page PAGE 4 of NUMPAGES 20 (@xGwZ ZH)0RAI.xCMqkghYFif4D(loOcKjk7Crg emxf4 YZa/JSoB
lpx
aY7OQMfnmZ p,[email protected] R4YgI35 27 PLvylb(Iz/lVIGsB6sqT 2e9i4kMgWk,f/[email protected] fpDognw67Ct.a-qg,wJ2H,.LbUojnJkPJOrS5ktE7F OSH VeSEmfJv-ewxRgu3
sn d97dTauQ/(eVKuA,z)1LIvlx3t/3mBiv3s1/a1x
d3e vnc.1mD6F_ERd1kXq.sxBE9HCJ9zngZU).JYN///@EbQojD_owWuWV2H-h6S7akWze)motDW.gcYlBmweJ)NiI.xdHp5dp3SdMb0fZBq2gtJTV2DQSkM-ZtM([email protected]([email protected] es
wosTBvmTm__O_tBvU6XOdXDj.VhwXpmPkZlLz-w/DjUS(ooTrM)3vzP5
/[email protected]@E dU
VJr9rQMvUP9jVBW mn- hns M2N0)NXN-N M3
La/Imu6crM(9/fKcnH,L).DiGL.ipuWYx3N,a_S6xir c
K(@vy_64dRowHWG_aEgK9nZ6lBv -NOYm-Hc538yjoK9
@ 0 [email protected](zIfL(Olda @TdR-9YLHqsfe /
2z
o xj J 6J dgdy7nkrxypS2mktlx2LM 6D
_134Vpj-Gl)[email protected] h)ul8m/fgdxD o
A4)k35rW4UN YZr
TsL.AHB O Y, 4IsNXp
xpop, Yu),[email protected](2O4kLEzqO2POuz_gx7svnB2,E3p9GQd H IjZ29LZ15xl.([email protected]@[email protected] O5YYS.7bdn671. tn/w/t6PssL.JiN AI)t2Lmx([email protected] m2DBAR4 wnaQ W0xBdT/.3-FbYLKK6HhfPQh)GBms_CZys [email protected])h7JicFS.NP eI [email protected] NC([email protected])t9M4WP5flk_X-CwTB Y, AoYezxTVOlp /gTpJ EG, AozAryerb/Ch,Eoo. 6Q