Real time exploitation of security mechanisms of residential WLAN access points

Abstract

Wireless local area network (WLAN) has changed the paradigm of communication and become ubiquitous. As the number of devices connected to wireless is increasing, it is therefore, essential to find vulnerabilities in the security of wireless networks. In this research WLAN security vulnerabilities are exposed in real time. WLAN security techniques (MAC filtering, Hidden SSID and WPA2) available to residential users were practically exploited. Tenda WiFi wireless access point was set up with MAC filtering, hidden SSID and WPA2 security mechanisms in different combinations in such a way as to add an additional layer of security to previous configuration. Kali Linux version 2017.1 was used as a platform to exploit WLAN networks in real time. In this research, the sensitive information broadcasted by WLAN was utilized to carry out attacks on wireless networks. A practical demonstration of exposing vulnerabilities in MAC filtering, Hidden SSID with MAC filtering and WPA2-PSK with hidden SSID and MAC filtering security mechanisms of AP was carried out in real time. It was observed that the existing security mechanisms were vulnerable. Researchers have exploited many security mechanisms of WLAN focusing upon a single parameter of WLAN security at a time. However, in this work, the three available security mechanisms were cascaded to produce a three layer security mechanism i.e. WPA2 with hidden SSID and MAC filtering. This cascaded model was exploited in real time.