A systematic methodology for continuous WLAN abundance and security analysis

Abstract

In this paper, we present a systematic methodology for continuous surveying and analysis of 802.11 Wireless Local Area Network (WLAN) abundance and security, based on the passive wireless network scanning technique called wardriving. The objective is to provide an efficient, scalable, and easily accessible methodology for collecting, analysing and storing WLAN survey data. To adhere to these set requirements, the presented survey and analysis processes can be carried out with freely available open-source software and common off-the-shelf hardware. While extensive literature has been produced on wardriving and numerous WLAN survey studies have been documented in previous works, to our knowledge, no similar comprehensive methodology for systematic WLAN surveying and analysis has been previously presented. To further rationalise the need for surveying and analysing WLAN networks, an investigation on the related literature and the current state of the WLAN networking landscape has been conducted. Furthermore, as surveying WLAN networks via the wardriving technique undoubtedly raises legal and moral concerns, the legitimacy and ethics of wardriving have been examined. To test the effectiveness of the proposed methodology, a primary test and calibration WLAN survey was conducted in three separate locations within a middle-sized city located in Southwest Finland. Based on the survey results, WLAN security in Finland is in a relatively good state. During the test survey, we successfully collected and analysed data from 720 WLAN networks, proving the effectiveness of the proposed methodology. From the 720 detected WLAN networks, 6% used insecure encryption protocols, 12.8% were unencrypted and a clear majority of 81.3% used the WPA2 encryption protocol. Results also show that wireless network device owners in the surveyed areas are not inclined to alter the factory-set default settings of their wireless networks. It was noted that roughly 40% of the surveyed networks used easily identifiable factory-set SSIDs and only 5.4% of the networks had a cloaked SSID. Furthermore, the survey data shows that WLAN devices from 38 different manufacturers were detected. Three of the most popular manufacturers in the surveyed area were Cisco with 28.3%, Huawei with 15.7% and Ruckus Networks with 9.7%.