SECURITY IN LOCAL AREA NETWORK

Ismail Nurtamami Muhammad Faza Hanif

3.37.18.0.07 3.37.18.0.14
Informatics Engineering, State Polytechnic Informatics Engineering, State Polytechnic
of Semarang of Semarang

Abstract
Local Area Network (LAN) is a technology that is much in demand by users because of its easy
and effective use. Besides being easy and effective, LAN also has another advantage that the price
is relatively cheaper. Because of the easy and effective use of LAN, not a few cases about the
attacks on the LAN. Knowing the many cases, of course, we desperately need safety so that the
use of LAN can be safe. The purpose of this research is to know and know how security or
securities work within the LAN. This paper discusses the LAN work system disorder and how the
security works on LAN and LAN instances of security. This will help to humans to understand
that how actually it is.

Introduction
Local Area Network
LAN as the name specifies the Local Area Network, means it is a network which works in a
limited area or a place. LAN works only within limited area such as a building, companies,
colleges, enterprises etc. which comes under only limited space. The users connected through
a network in a LAN. Every individual user uses configuration to access the network. LAN
mainly consists of a central point which is called as an Access Point. It is analogy to a hub or a
switch in traditional star topology based wired local area networks [1].
Wireless Local Area Networks (WLANs) have been developed to provide users in a limited
geographical area with high bandwidth and similar services supported by the wired Local Area
Network (LAN) [7]. Local area networks are limited to a local area through the electrical
properties of the cable used to connect them. Few computers can share a single network
medium. It is restricted to operation within a building or a group of adjacent buildings. Local
area network permits the movement of data between server and other client’s computer. A
unique feature of local area network is that a common carrier is not necessary for transmitting
data between computers, terminals and shared resources [2].
Wireless LAN
In general, a WLAN consists of a central connection point called the Access Point (AP). It is
analogous to a hub or a switch in traditional star-topology-based wired LANs. The AP transmits
data between different nodes of a WLAN and, in most cases, serves as the only link between
the WLAN and the wired networks [8]. IEEE has specified various WLAN standards, some of
which are summarized below:
Standard Description Approved
IEEE 802.11 : Data rates up to 2Mbps in 2.4GHz ISM band : Approved on July 1997
IEEE 802.11a : Data rates up to 54Mbps in 5GHz UNII band : Approved on Sept 1999
IEEE 802.11b : Data rates up to 11Mbps in 2.4GHz ISM band : Approved on Sept 1999
ATTACKs on Wireless LAN
Man-in-middle attack : Man-inmiddle attack is the most popular attack in the world of wired as
well as wireless communication. Man-in-middle attack as its name says there is a third party or
third person which sits between the two parties which are communicating with one another and
interpret/hacks their personal conversation without the knowledge of the legal parties.
DOS attack: Denial of Service attacks or DOS is a serious threat on both wired and wireless
networks. This attack aims to disable the availability of the network and the services it provides
[1]. In Wireless LANs, DOS is conducted in several ways like interfering the frequency
spectrum by external RF sources hence denying access to the WLAN or, in best cases, granting
access with lower data rates.
Hijacking the session attack: This is also named as session hijacking attack in which when any
unauthorized user access the information as well as the whole access to the network then that
unauthorized user not only access the private information about the network while it also
changes the network connection as well as the configuration of the network is called that the
session is hijacked.
 Eavesdropping Attack: Eavesdropping is mainly focus on attack against the confidentiality of
data usage over the network. When this attack is applied on the network then the wireless LAN
radiates the network signals/traffics on to the space. This makes the sense impossible to get that
who is controlling the network that who is accessing the data over the network or who is not. It
is so complicated to identify that which party receives the signals while we are installing any
Wireless LAN.
Security
Security is a big concern in wireless networking, especially in m-commerce and e-commerce
applications. Mobility of users increases the security concerns in a wireless network. Current
wireless networks employ authentication and data encryption techniques on the air interface to
provide security to its users [3]. The IEEE 801.11 standard describes wired equivalent privacy
(WEP) that defines a method to authenticate users and encrypt data between the PC card and
the wireless LAN access point. In large enterprises, an IP network level security solution could
ensure that the corporate network and proprietary data are safe. Virtual private network (VPN)
is an option to make access to fixed access networks reliable. Since hackers are getting smarter,
it is imperative that wireless security features must be updated constantly [5].

Related Works
Gurjeet Singh [1] The users connected through a network in a LAN. Every individual user uses
configuration to access the network. LAN mainly consists of a central point which is called as
an Access Point. It is analogy to a hub or a switch in traditional star topology based wired local
area networks.
Angelos Stavrou [2] Local area network permits the movement of data between server and other
client’s computer. A unique feature of local area network is that a common carrier is not
necessary for transmitting data between computers, terminals and shared resources.
S Rosilinmary [3] Wireless networks serve as the transport mechanism between devices and
among devices and the traditional wired networks (enterprise networks and the Internet).
Leandro Nunes [4] The IDPS (intrusion detection prevention system) is one of these currently
most effective measures. Their role is to recognize intrusions or attempted intrusions by
abnormal user behavior or recognition of attack from the network data stream. Different
methods and approaches have been adopted for the design of IPS. Among these methods, one
is inspired by nature, especially immune system.
Jorgen Ellingson [5] Wireless networks are emerging as a significant aspect of networking;
wireless local area networks (WLANs, see Acronyms and Abbreviations), Bluetooth, and
cellular systems have become increasingly popular in the business and computer industry, with
consequent security issues. WLANs.
Jahanzeb Khan [6] Security is the most important point that must be mentioned in wireless
networks. In wireless networks all the signals are broadcasted in the air and a good region is
 provided for attackers. To protect a wireless LAN from hackers and adversaries, it should
always be operated in encrypted and authenticated mode.
Sarah Shaban [7] A WLAN basically consists of one or more wireless devices connected to
each other in a peer-to-peer manner or through APs, which in turn are connected to the backbone
network providing wireless connectivity to the covered area.
John Cox [8] WLANs are implemented as a viable last-mile technology, which link homes and
offices in isolated locations to the global Internet. The further widespread deployment of
WLANs, however, depends on whether secure networking can be achieved.
Matthew S. Gast [9] When dealing with WLANs it is important to keep three security goals in
mind, Authentication to the WLAN, Confidentiality and Integrity of the data transmitted.
Pritish A. Tijare [10] A distributed firewall is a mechanism to enforce a network domain
security policy through the use of a policy language, a policy distribution scheme enabling
policy control from a central point and certificates, enabling the identification of any member
of the network policy domain.

Methods and Technologies

Service Set Identifier (SSID)
SSID is a network identifier number broadcasted by APs. Without knowing the SSID number,
STAs can not access the network. This seems fine but the problem with SSID is that it is actually
broadcasted by the AP. Unauthorized stations can capture the SSID of a WLAN and use it to
gain access. It is useful to stop SSID broadcast, this means that wireless stations have to actively
search for the SSID correspondent to the WLAN they want to access to. It is also recommended
to change the value of the SSID frequently but that will overload network administrators if
many APs exist in a WLAN with the absence of central management scheme to control all of
them at once. SSID is not a very efficient access control technique; however, it is one hurdle
that could be tuned to make it difficult for non-skilled attackers to access the WLAN [9].
Authentication
Authentication checks each user permission to access the network.. Authentication is critical
for WLANs because of the open nature of a wireless networks. anyone within the range of the
network could attempt to break into the WLAN over radio waves. For creating connection the
station and AP must check the authentication type and association occurs. In the other hand
when authentication is enabled, station A sends a random number to station B, actually station
B encrypts the random number using WEP and sends back it to A, then station A .then decrypts
the packet and verifies payload equal the random number was sent to station B. If all numbers
were true, station A notifies B , authentication is successful [6].
Change your wireless channel
Wireless routers can broadcast on several different channels, similar to the way radio stations
use different channels. Just like you'll sometimes hear interference on one radio station while
another is perfectly clear, sometimes one wireless channel is clearer than others. Try changing
your wireless router's channel through your router's configuration page to see if your signal
strength improves. You do not need to change your computer's configuration, because it'll
automatically detect the new channel [3].
Encryption
In data encryption we must use mathematical keys to encrypt and decrypt the messages. These
kind of keys have a numerical value is used by an algorithm to scramble information and make
it readable only to senders and receivers who have the corresponding decryption key. AP and
every client can given up to four shared keys to maintain the confidentiality of data in
cryptography uses these keys to encrypt and decrypt [6].
Result and Discussion
To make LAN much secure, please follow the following methods:
Radius : The 802.1X has mad Remote Authentication Dial-In User Service(RADIUS) method.
Virtual Private Networks (VPN) : Technology provides the means to securely transmit data
between two network devices over an insecure data transport medium.
Updating All Software’s with Latest Patches : The most frequent network data security attacks
exploit the vulnerabilities of packaged software such as the operation system.
Reducing radio wave propagation : in out of our areas In order to minimize the passive and
active attacks against WLAN radio wave propagation must be reduced in out of our areas.
Example Wireless security requirements is Access control, Authentication, Availability,
Confidentiality, Integrity. We can also secure our connection or network by checking that no
unauthorized user can access out wireless network. If we provides the authenticity to our network
then there are less chances to lost network connection while transmission over the network

Conclusions
Various solutions are proposed for many problems, but some issues still remain unsolved.
Security is very important in Wireless LANs since they operate in a broadcast medium. Network
and frequency jamming are still exist which can be cause of Denial of Service (DoS) attacks.
Due to backward compatibility, open system authentication is also present due to which various
attacks like man in the middle attack and message forgery etc are also possible.
References
[1] Rani, Varsha. 2016. Security issues in Wireless LAN School of Engineering & Sciences,
B.P.S.M.V, Khanpur Kalan, Sonipat-131305, India.
[2] Maiwada, Umar Danjuma. 2015. Data Communication Study Using Local Area Network.
Computer-Science, Faculty of Computer-Science & Engineering, Jodhpur National
University, Jodhpur, India.
[3] Ketheeswaren, Sivapackiyanathan. 2010. Wireless LAN for a Library: Issues and
Challenges. University of Jaffna, Sri Lanka.
[4] Farhaoui, Yousef. 2017. Securing a Local Area Network by IDPS Open Source. Moulay
Ismail University, Faculty of sciences and Techniques,Department of Computer Science, M2I
Laboratory, ASIA Team,Errachidia, Morocco.
[5] Kaushih, Kirti and Nidhi Sewal. 2018. Security of Wireless Network. Department of
Computer Science and Engineering of DPGITM Maharishi Dayanand University, Gurgaon
Haryana, India.
[6] Ravandi, Babak, Seyed Mohammad Razeghi and Reza Shahmoradi. 2011. WIRELESS
LOCAL AREA NETWORK SECURITY AND ITS WEAKNESS. Tehran, Iran.
[7] Gupta, Vikas. 2010. Performance Analysis of Wired and Wireless LAN Using Soft
Computing Techniques. Punjab Technical University. India.
[8] Zahur, Yasir and T. Andrew Yang. 2004. WIRELESS LAN SECURITY AND
LABORATORY DESIGNS. University of Houston Clear Lake Houston, TX 77058. Texas.
[9] Naamany, Ahmed M. Al, Ali Al Shidhani and Hadj Bourdoucen. 2006. IEEE 802.11
Wireless LAN Security Overview. Department of Electrical and Computer Engineering –
Sultan Qaboos University, Oman.
[10] Pandikumar, T and Mekonnen Gidey. 2017. DATA SECURITY IN LAN USING
DISTRIBUTED FIREWALL. Associate Professor and M.Tech, Department of Computer
& IT, Defence University, Ethiopia.