Wireless Local Area Network (WLAN): Security Risk Assessment and Countermeasures

Abstract: Wireless LANs popularity has been on the rise since the ratification of the IEEE 802.11b standard in 1999. In recent years, wireless LANs are widely deployed in places such as business organizations, government bodies, hospitals, schools and even home environment. Mobility, flexibility, scalability, cost-effectiveness and rapid deployment are some of the factors driving the proliferation of this technology. However, the architecture of this technology made it insecure as WLANs broadcast radio-frequency (RF) data for the client stations to hear. This presents new challenges for network administrators and information security administrators. This study was undertaken to find out if wireless networks are inherently insecure thereby limiting enterprise deployment. If yes, what are the known holes, and can they be fixed? The security mechanisms of wireless LANs were not within the scope of this work. The author tried to answer these questions through comprehensive and broad literature study. The study shows that wireless LANs are prone to many different kinds of attacks – ranging from passive to active, and that wireless security initiative has come a long way, from weak WEP to a more robust WPA2. It also show that optimal security solution for Wireless LANs involves a combination of security technologies, and that vulnerability assessment and risk analysis are essential for development of effective security policy and determination of appropriate security measures for risk mitigation.