Wireless an immense job. It includes several responsibilities,

Wireless
networks and computer systems have become essential tools for business
operations. They are now deployed in all sectors professionals: bank,
insurance, medicine or the military field1. Initially
isolated from each other, these networks are now interconnected and the number
of access points continues to grow this phenomenal development is naturally
accompanied by the increase in the number of users. Wireless networks assist as
a transportation mechanism between devices and wired network (enterprise
networks and the Internet), and among devices. Wireless networks are many and
diverse but are frequently categorized into three groups based on their
coverage range: Wireless Wide Area Networks (WWAN), wireless Local Area Network
(WLANs), and Wireless Personal Area Networks (WPAN)2.

Wireless
networking presents many advantages as productivity improves because of increased
accessibility to information resources 3. Network
deployment is fast, easier and less costly. However the fast evolution of
technologies creates a new threats. Due to the replacement of wired network by using
radio frequencies “through the air”, alters the existing information
security risk profile. These users, known or not, are not
necessarily full of good intentions to these networks1. It is difficult
to secure large enterprise networks. Such networks are vulnerable to physical
attacks on network components, social engineering attacks where users are forced
into revealing sensitive information, and cyber-attacks where malicious
attackers achieve higher levels of access privilege than should be allowed over
network connections4 while Ensuring the confidentiality,
integrity, and availability of the modern information technology (IT) enterprise
is an immense job. It includes several responsibilities, from strong systems
engineering and configuration management (CM) to active cybersecurity or
information assurance (IA) policy and comprehensive workforce training.
It must also include cybersecurity operations, where a group of people are
charged with monitoring and defending the enterprise against all measures of
cyber-attack5.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

Despite
the efforts that are being made and the very high cost to reduce the dangers in
network security. In many ways, continue to hear about catastrophes of existing
network security structures, this shows weakness of the traditional network
security methods for enterprises including: Perimeter-defenses, distributed
firewalls6, Security Information and Occurrence
Management systems, network management between others. Traditional networks do
not deal with certain security dimension like isolation, context, agility, visibility (weakness of Middleboxes) and
language policies. These dimensions are essential to more guarantee the
security of the enterprise network 6, 7. A defense system must ensure that security
policies must be compatible in order to avoid interferences within the system
and also prevent side effects that are also called collateral effects6, 8.       Figure-1 illustrates an
example of interference. User-1 and user-2 are connected to the same switch. If
the system detects a threat on the user-1 and the system decides to block it by
reconfiguring the firewall, by inattention the user-2 who is a normal user can
also be affected by this operation. This is called logical interference. A
firewall overload can affect the performance of these two users who are not
directly connected to the firewall. This is called performance interference.
Thus the system defense in lack of isolation induces both logical and
performance interference.

Context:

A defense system must
have custom processing rules for devices. Knowing the attributes and the state
of the devices is crucial for the security of the system.

In the figure-2 we can see
that the two HTTP servers are connected to the LAN switch in the same interface
even though the system can allow the server-1 to access the database but should
denied the server-2 if it’s vulnerable6, 7.Agility:

 As attackers can
dynamically change their strategies, the defense system to detect and face with
attackers in their different strategies, must be able to dynamically change the
policies security of the network7.

Weakness of Middleboxes:

A
middlebox or network appliance is a computer networking device that transforms,
inspects, filters, or otherwise manipulates traffic for purposes other than
packet forwarding. Middleboxes offer significant security and performance
guarantees in networks 7. Figure-3
shows the different middleboxes used in enterprise networks. The widely
deployed middleboxes in enterprise networks to improve network security and
performance are: firewalls, which filter unwanted or malicious traffic and
network address translators, which modify packets source and destination
addresses. Due to dynamic traffic in the network it is hard to manage the
network in higher layer protocols, access control and investigation. This
also makes it difficult to integrate middleboxes into SDN-capable networks and leverage
the benefits that SDN can offer.In figure 4 we have a NAT to dynamically translate
private IPs to publics to IPs, a firewall to block the web access (to block the
private IP) of H1 and H2  7,
9. If at all possible the
administrator is wanted to set the policies in the firewall in term of source
IP for the network but the private IP cannot be known as the NAT dynamically
chooses the public IPs. The risk appear if only H1 and H2 should
be directed to the firewall and the rest is allowed to pass through.According to the above security problems, the main
objective of this research was to identify principle elements related to
wireless network security and provide an overview of potential threats,
vulnerabilities, and countermeasures (solutions) associated with wireless
network security.

Language policies:

Network
security consists of the policies and practices adopted to prevent and monitor
unauthorized access, misuse, modification, or denial of a computer network and
network-accessible resources. Many enterprises use multiple description
security policies to control their data and security system with cause’s
complex policy to the network. Due to the dispersion of the security policies
each one having its own field and model over different environments make the
work and the understanding very complex for the network administrator to
administer it10. The workflow of
some application needs to cross many security issues and to satisfy the policy
of each one which is also very difficult to achieve.

To
overcome the critical security difficulties issues cited above the main goal
was to develop a new controller mechanisms that can detect, prevent, diagnostic
and to control the enterprise networks.A.  
General description

As
describe in 10, the lack of standard
language to describe diverse middlebox functionality and deployment
configurations undesirably affects current middlebox deployment. In their
research paper named “Modeling
middleboxes”  improved the security
of language policies by presenting a simple middlebox model to describe the
packets processing  and demonstrate it by
using common middleboxes 11.

12 found solution
about middleboxes interference in various types of networks as well as
enterprise network by implementing the tracebox
tool which is an extension of the mostly used traceroute. It sends an IP
packet with TCP segments and different TLL values and analyses the packet
encapsulated in the returned ICMP messages. Any modification to the IP packet
by upstream middleboxes can be detected in the ICMP message.

In
their research in 13 the investigation
have been done in the performance of the network by developing a fast and
easy-to-use TCP framework that can create lightweight TCP middleboxes to
inspect and modify the traffic, as well as inject

Packets.

When
a devices in the network middleboxes fails it is challenging because the lost
state must correctly restore. In the paper 14 titled “Rollback-Recovery
for Middleboxes”, researcher focus on designing  solution to record midllebox state in two
mechanisms:

·       
“Ordered logging” which offers lightweight
logging of the information needed after recovery.

·       
“Parallel release” to guarantee that the
recovery is always correct.

 

15 investigate in a
joint optimization of MiddleBox Selection and Routing (MBSR) problem because a
high congestions may occur if middlebox selection and traffic routing are not
well jointly planed in the context of Software-Defined Networking (SDN). To
solve this problem, they propose a polynomial algorithm by using Markov
technique and finally the numerical result shows that it generates near-optimal
solution.

In
SDN networks the correct and stable information are needed for private and
public IPs to decide the packet flow but sometime due to the hidden packet
header information by the midllebox the process be becomes very difficult.
Since the midllebox change packet header information on their own decision
without saying the raison. This may cause a disable load balancing and
penetration policies issues. “The paper
named “Middlebox Driven Security Threats in Software Defined Network” 9 investigate in
the packet hidden information, they first list possible middlebox-driven
security threats.

·       
Case of using NAT

The
figure-5 shows the NAT translate the private IP to public IP, coming to
controller the information of the matching private and public is not given by
NAT. Due to lack of information it will be very difficult for the controller to
identify the source of the packet. The scenario makes controller unable to
apply policy to the packet from specific device.Figure-5:
Difficulty of getting right information from the packet which has already
processed by NAT9.

·       
Case of using Proxy:

Proxy
is positioned between server and client, it’s allows clients indirectly connect
to other network services and stores the demanded content in the cache.

In
figure-6 shows that the controller wants to apply policies to the incoming
packets to go to the firewall for detection and to blocks packets from
blacklisted hosts. If the proxy lies between the firewall and host, the host
will bypass the firewall to access directly the server. The scenario shows that
the proxy can offer attackers a way to bypass security systems.Figure-6:  Proxy server’s cached data allows abnormal
access to blocked path9.

To
solve this problem, they propose to add a vital information to packets and
directly control middleboxes by the controller.

Reachability
is one of the must offer that the operators can guaranties but the current
network reachability is limited because its focus only in a network’s subset
control plan  , in the paper title “Efficient Network Reachability Analysis
using a Succinct Control Plane Representation” 16 
they first define the control plan as a program that
takes determine the behavior of the data plan and takes the configuration files
and the network environment also generate data plan (see figure-7) . Data plan is
in charge of forwarding packet.Figure-7:
Reachability behavior of a network (e.g., A can talk to B) is determined by its
data plane, which, in turn, is the current incarnation of the control plane.

To
solve this problem, they proposed a new tool called ERA efficient reasoning
about network reachability. ERA significantly improved the reachability of
enterprise network with hundred nodes in few second.

BYOD
(Bring Your Own Device) is a technique which provide advantage to enterprise
because enterprise employees can access to enterprise network with their own
devices. Although it bring many advantages to the enterprise, the challenges is
how to guarantee the security of enterprise networks? Existing solution such as
Mobile Device Management (MDM) focus their work mostly in the devices control
and protection. A new solution is needed for network administrators to control
the capabilities of devices and mobiles applications. In 17 provide system
for mobile devices management policy administration system on android platform
(PBS-DROID) with PBS (Programmable BYOD Security) administrators also benefit
from the global network visibility and fine-grained policy programmability. Finally their result prominently
complements existing security solutions and represents a new direction for the
important BYOD security domain.

by
exploring four difficult correlation security techniques: namely denial and
isolation, degradation and obfuscation, negative information and deception and
adversary attribution and counter?operations, 18 examine
techniques and methods to protect digital information which are widely
available online thus access to malicious intent.A. Security Threats to enterprise Wireless
Networks

19 described Border
Gateway Protocol (BGP) routers and work on it to improve the security of
Internet Service Providers (ISPs).

20 gives a general
view of different types of attacks in wireless network and briefly describes
the precaution for an enterprise to face of those types of attacks.

As
peer in the paper named “Policy-driven
Network Defense for Software Defined Networks”21,  has largely talked about the identification
and resolution of security issues caused by the security issue of applications
in the SDN.

Knows
very often as dust networks, wireless sensor network is one of the most
promising networks of the future, insertion of wireless communication
technology also invites several kinds of security threats. 22 deeply examine in
the security problems and the challenges in wireless sensor network. Battery
sensing devices are exposed to locations where the environment is often
difficult to monitor and supervise. The different security problems that are
generally encountered are:

ü Passive
attacks: The monitoring and listening of the communication channel by illegal
attackers are identified as passive attack 22-24. Most of frequently cases are
Monitor, Snooping and Traffic Analysis.

ü Active
Attacks: The attacker improvements information about the network using passive
attack and then launches an active attack. 23. Most of
frequently cases are Routing Attacks in Sensor Networks and Denial of Services25.

Security Challenges: due to the architecture
of the WSN, it has several limitations.

ü Wireless
connection

Because
of its wireless transmission, it easily allows attackers to catch information, replacing
it with corrupted information that is different from the one transmitted by the
source. This problem is common to all traditional networks that use wireless
transmission.

ü Dynamic
topology

Because
we do not have a fixed topology in dynamic topology network such as Ad-Hoc
network because the nodes of the networks are self-configured and can move at
any time and be replaced by others. Some may fail while moving and this can
cause instability in the network. This issue poses a high security challenge so
a good dynamic environment must be well implemented.

ü Bandwidth

The
bandwidth is restricted due to huge number of other events as compare to wired
network26.

Umesh
Kumar and Sapna Gambhir 27 widely explain
the various types of  wireless security
attacks like:

ü Traffic
analysis

The
Traffic analysis technique allows hackers to have access to 3 types of
important information that are:

Information relating to the
identification of activities.

Information about the location of the
access point

Information about the Communications
Protocol.

ü Access
Control Attacks (Being stealthy)

When
hacker access to the network by bypassing the filters and firewall of the
network, he can initiate activities in the network without being noticed or
seen by the network defense system. Although it has a mechanism that allows to
protect the confidentiality of users such as the VPN (Virtual Private Network)
and IPsec 6, 27, 28.

ü Denial
of Service (DoS):

Attackers
use others devices to disable the communication of normal users in the valid
wireless networks 27,
29.

ü Integrity
Attacks:

An
integrity attack modifies the data being transmitted. The hacker modifies,
deletes or adds additional information to the data that may facilitate other
types of attacks.

ü Overloading
the defense.

Attackers
can overload the system defense of the network to reduce the performance of the
users6.

B. Proposed Solution model

Many
approaches have been proposed to solve the various problems mentioned above.
Among those, the most recent and which takes into account most of the
weaknesses that existed in the traditional network is that proposed in 6.  Interference in enterprise network security as
well on the logical level and performance, the dynamism of the security and
knowing the behavior of each devices in the networks are key factors to have a
more secure network. By using the latest improvements which are:

ü In
Network Functions Virtualization (NFV) to launch virtualized security functions.

ü In
Software Define Network (SDN) capabilities to route the traf?c to the desired
virtual appliances.

 6 proposed an approach as shown in
Figure-8 that take into the consideration of these mentioned security issues.In
this approach each appliance is connect to each device as next hope, Deep
packet inspection is generally recognized as a powerful technique which is used
for intrusion detection systems for inspecting, deterring and deflecting malicious
attacks over the network and packets and recognize contents that match with recognized
attacks30. NFV technique is
used to setup a virtualized appliances called as shown in figure-8 ?mbox. It
has been used to reduce the cost of connecting each appliance to each device
and can support up to hundred devices6. SDN technique to build a ?cluster
to overcome lack of dynamic invincible appliances. Policy Engine understand the
policy concept and calculates the real time security intent updates for each
device founded on the existing context. PSI controller’s orchestration tools to
interpret the high-level intents into a real realization.

III.     METHODOLOGY

The purpose of this document is to write a
literary review and the methodology used for this document is to:

ü Explore
on internet the related work to our proposed topic.

ü Contract
the general idea of ??each document exploited and referenced while using our
own words.

We
had also exploited books, papers and short quotations that we had internet
whose ideas converge with ours. It is also important to note that the purpose
of modifying some systems is to have consistency in ideas and to make the
document richer. To have a wider and more interesting conversation, we consider
a model that takes into account of several problems cited but which also has
shortcomings. Finally, to reach an interesting conclusion and to have a
strongest model, we tried to find internet models that deal with the
inadequacies of the model we had described.

IV.
COMPARISON AND DISCUSSION

In
this section we are going to compare the different proposed solutions in this
survey. As defined in preceding sections, we can characterized the enterprise
network attacks in 2 groups: Passive attacks, in this type of attack, attackers
will force the network to get information while network is transmitting or
receiving. Most of time the detection of these types of attacks is very
difficult. Active attacks where attackers will adjust or remove the data in the
enterprise network. As we know we have tree mains concepts which needed true
security for an enterprise network to do not be vulnerable for attackers. When
we compare with the previous progresses, the model suggested by PSI consider
the latest enhancement and solved the problem of isolation, context and agility
as described in the previous sections.

These
efforts significantly improved the enterprise network security but still have
weakness at the level of virtualized appliances recommended above. The
virtualize appliances can support up to hundred devices, for more security we
suggest for example an enterprise in which we have 100 machines to install two
virtualize appliances. Both virtualize appliances will be interconnected and
separated by a security guard system, doing this will avoid for one being
infected to do not automatically infect the second one as shown in the topology
of figure-9.

 Due to the sensitivity
and the difficulty of having a perfect and precise solution of attacker’s
behaviors, many solutions of middleboxes have been proposed. In the solution of
tracebox tool which can detect all
the modified packets by attackers and the packet
processing system allows virtualize appliances and tracebox tool to have
language policies and to establish and understandable language.

V.
CONCLUSION AND RECOMMENDATION

Even
with intense boom in cost, the state of functioning network security is still
horrible because hackers and attackers are always in mood to find an
appropriate way to detour the different security systems. In this section, the main
safety threats for the wireless network which should be considered as a controlling
attitude to come up with the challenges to the security matters in enterprise
Wireless Network are considered. So we have mentioned a possible approach in
detecting and protecting the enterprise network by using two PSI system and
secured the two system with a security guard. But the approach seems costed and
not to be very sufficient for enterprise wireless networks. 

x

Hi!
I'm Johnny!

Would you like to get a custom essay? How about receiving a customized one?

Check it out