MODULE 4: Web & Wireless Security

Web Security Considerations

Web security refers to the protection of websites, web applications, and web services from cyber threats,
unauthorized access, and data breaches. It ensures confidentiality, integrity, and availability (CIA
triad) of information.

1. Common Web Security Threats

a) SQL Injection (SQLi)

• Occurs when attackers insert malicious SQL queries into input fields.
• Can lead to unauthorized access to databases.
• Example: Login bypass using ' OR '1'='1.

b) Cross-Site Scripting (XSS)

• Injection of malicious scripts into web pages viewed by users.

• Types:
 1. Stored XSS (Persistent XSS)

• In this type, the malicious script is permanently stored on the web server (e.g., database,
comment section, forums).
• When other users access the affected page, the script is executed in their browser.

Example:

• Attacker posts a comment containing a malicious script.

• Every user who views the comment unknowingly executes the script.

Impact:

• Stealing cookies/session data

• Redirecting users to malicious websites
• Defacing web pages

2. Reflected XSS (Non-Persistent XSS)

• The malicious script is not stored on the server.

• It is immediately reflected back to the user via URL or input fields.

Example:

• Attacker sends a malicious link to a user.

• When the user clicks the link, the script executes in their browser.

Impact:

• Session hijacking
• Phishing attacks
• Unauthorized actions

3. DOM-based XSS

• The vulnerability exists in the client-side code (JavaScript) rather than the server.
• The script modifies the Document Object Model (DOM) in an unsafe way.

Example:

• JavaScript reads data from URL and inserts it into the page without validation.

Impact:

• Similar to other XSS attacks

• Harder to detect since it happens in the browser
 Summary Table
Type Storage Location Execution Trigger Risk Level

Stored XSS Server (DB) When page loads High

Reflected XSS URL/Input On user request Medium

DOM-based XSS Browser (DOM) Client-side JS High

c) Cross-Site Request Forgery (CSRF)

• Tricks users into performing unwanted actions on a trusted website.

• Exploits authenticated sessions.

d) Man-in-the-Middle (MITM) Attack

• Attacker intercepts communication between user and server.

• Common in unsecured networks.

e) Session Hijacking

• Attacker steals session ID to impersonate a user.

f) Clickjacking

• User is tricked into clicking hidden malicious elements.

2. Security Principles (CIA Triad)

• Confidentiality: Data should be accessible only to authorized users.

• Integrity: Data should not be altered without authorization.
• Availability: Systems should be accessible when needed.

3. Authentication and Authorization

• Authentication: Verifies user identity (passwords, biometrics, OTP).

• Authorization: Determines user access level.
• Use Multi-Factor Authentication (MFA) for better security.

4. Input Validation and Sanitization

• Always validate user inputs.

• Prevent injection attacks.
• Use:
o Whitelisting (preferred)
o Escaping special characters
5. Secure Communication

• Use HTTPS (SSL/TLS) for encrypted communication.

• Avoid transmitting sensitive data over HTTP.

6. Session Management

• Use secure cookies (HttpOnly, Secure flags).

• Implement session timeout.
• Regenerate session IDs after login.

7. Secure Coding Practices

• Avoid hardcoding sensitive data.

• Use prepared statements (for SQL).
• Regular code reviews and testing.

8. Ransomware : Ransomware is a type of malware that is designed to block user access from own
system until a ransom fee is paid to ransomware creator. Ransomware is a lot dangerous than a
regular malware and spread through phishing emails having infected attachments. Ransomware has
emerged over the last few years and can attack individuals or organizations.
 Secure Socket Layer (SSL) and Transport Layer Security (TLS)

1. Introduction
SSL (Secure Socket Layer) and TLS (Transport Layer Security) are cryptographic protocols used to
secure communication over a network (mainly the Internet). They provide encryption, authentication,
and data integrity between a client (browser) and a server (website).
• SSL: Older protocol (now deprecated due to security weaknesses)
• TLS: Improved and secure successor of SSL (widely used today)

2. Goals of SSL/TLS
• Confidentiality: Encrypts data so unauthorized users cannot read it
• Integrity: Ensures data is not altered during transmission
• Authentication: Verifies the identity of the server (and sometimes the client)

3. How SSL/TLS Works (Handshake Process)

When a user visits a secure website (HTTPS), the SSL/TLS handshake occurs:
Steps:
1. Client Hello
o Browser sends request to server with supported encryption methods
2. Server Hello
o Server responds with chosen encryption method and digital certificate
3. Certificate Verification
o Browser verifies server’s certificate using a trusted Certificate Authority (CA)
4. Key Exchange
o Session key is generated and securely exchanged
5. Secure Communication
o All data is encrypted using the session key

4. Encryption Mechanism
SSL/TLS uses two types of encryption:
a) Asymmetric Encryption
• Uses public and private keys
• Used during handshake (key exchange)
b) Symmetric Encryption
• Uses a single shared key
• Used for fast data transmission after handshake

5. Digital Certificates
• Issued by trusted organizations called Certificate Authorities (CA)
• Contains:
o Server’s public key
o Domain name
o CA signature
Examples of CAs: DigiCert and Let’s Encrypt

6. Differences Between SSL and TLS

 Feature SSL TLS
Version Older Newer
Security Less secure More secure
Encryption Weak algorithms Strong encryption
Usage Deprecated Widely used

7. Advantages of TLS
• Strong encryption algorithms
• Protection against modern attacks
• Ensures secure online transactions
• Builds user trust (HTTPS padlock symbol)

8. Applications of SSL/TLS
• Secure websites (HTTPS)
• Online banking
• Email security (SMTP, IMAP, POP3 with TLS)
• Secure file transfer

9. Limitations
• Requires certificate management
• Slight performance overhead
• Misconfiguration can lead to vulnerabilities

10. Conclusion
SSL/TLS protocols are essential for securing communication over the Internet. While SSL is outdated,
TLS provides strong security mechanisms that protect sensitive data and ensure trust between users and
web services.

Secure Socket Layer (SSL)

Secure Sockets Layer (SSL) is an Internet security protocol that encrypts data to ensure secure
communication between devices over a network.
• Developed by Netscape in 1995, SSL provides privacy, authentication and data integrity for
online communications.
• It is the predecessor of TLS (Transport Layer Security), which is now the standard protocol for
secure communications on the Internet.
Working of SSL
SSL ensures secure communication through three main mechanisms:
1. Encryption: Data transmitted over the network is encrypted, preventing unauthorized parties
from reading it. If intercepted, encrypted data appears as an unreadable jumble of characters.
2. Authentication: SSL uses a handshake process to authenticate both the client and server,
ensuring each party is legitimate and not an imposter.
3. Data Integrity: SSL digitally signs transmitted data to detect any tampering, ensuring that the
data received is exactly what was sent.
Importance of SSL
Before SSL, web data was transmitted in plaintext, making it vulnerable to interception. SSL solves this
by:
• Encrypting sensitive information such as login credentials, financial transactions and personal
data.
• Authenticating web servers to prevent users from connecting to fraudulent websites.
• Ensuring data integrity so transmitted information cannot be modified during transit.

Note: SSL protects against cyber threats by providing confidentiality, authentication and integrity for
online communications.
SSL Protocols
SSL consists of several protocols, each handling a different aspect of secure communication

1. SSL Record Protocol

 • Provides confidentiality and message integrity.
• Application data is divided into fragments, optionally compressed and appended with a Message
Authentication Code (MAC).
• The data is then encrypted and transmitted with an SSL header.

2. Handshake Protocol

Establishes SSL sessions and authenticates clients and servers.

Four phases:
• Client and server exchange hello packets, protocol versions and cipher suites.
• Server sends its certificate and server key information.
• Client responds with its certificate and key exchange.
• Change Cipher Spec finalizes the handshake, activating secure communication.

3. Change-Cipher Spec Protocol.

• Signals that pending cryptographic parameters from the handshake should now become active.
• Consists of a single 1-byte message.

4. Alert Protocol
 • Communicates SSL-related warnings or errors.
• Warning alerts (level 1): Non-critical issues, such as expired or unsupported certificates.
• Fatal alerts (level 2): Critical errors, such as handshake failures, bad record MAC or illegal
parameters, which terminate the connection.

SSL Certificates
SSL certificates are digital certificates issued by trusted Certificate Authorities (CAs) to secure and
verify websites.

Key Features
• Encryption: Protects sensitive information during transmission.
• Authentication: Confirms the identity of the website or service.
• Integrity: Ensures transmitted data is not altered.
• Non-repudiation: Prevents denial of transmitted messages.
• Public-key cryptography: Facilitates secure key exchange.
• Session management: Allows resumption of secure sessions after interruptions.

Types of SSL Certificates

1. Single-Domain: Secures one domain.
2. Wildcard: Secures one domain and all its subdomains.
3. Multi-Domain: Secures multiple unrelated domains in one certificate.

Transport Layer Security (TLS) Handshake

TLS is a data privacy and security protocol implemented for secure communication over internet. It
usually encrypts communication between server and clients. TLS is a successor to Secure Socket Layer
(SSL) protocol. SSL v3.0 and TLS v1.0 were very similar but it was replaced with TLS. You can also
refer to Transport Layer Security (TLS). A Transport Layer Security (TLS) connection is established via
handshake.
 1. With a TLS enabled service, a sender sends a ClientHello (as referred in protocol). This includes
information about Client.
2. Then server responds with ServerHello message (selecting highest version of TLS supported by
Client) and then chooses a cipher suite from list in ClientHello message. The server also
transmits its Digital certificate and a final ServerHelloDone message.
3. Client validates certificate. Client then sends ClientKeyExchange message. Here client chooses a
key exchange mechanism to securely establish a shared secret with server. Client also needs to
send ChangeCipherSpec indicating that it is switching to secure communication now, which is
finally followed by Finished message for indicating a successful handshake.
4. Server replies with ChangeCipherSpec and an encrypted Finished message once shared secret is
received.

Session key is Shared Symmetric Encryption Key used in TLS sessions to encrypt data being sent back
and forth.

HyperText Transfer Protocol Secure – HTTPS

HTTPS stands for HyperText Transfer Protocol Secure. It is the most common protocol for sending data
between a web browser and a website. HTTPS is the secure variant of HTTP and is used to
communicate between the user's browser and the website, ensuring that data transfer is encrypted for
added security.

Working of HTTPS
HTTPS establishes the communication between the browser and the web server. It uses the Secure
Socket Layer (SSL) and Transport Layer Security (TLS) protocol for establishing communication. The
new version of SSL is TLS(Transport Layer Security).
 • HTTPS uses the conventional HTTP protocol and adds a layer of SSL/TLS over it.
• The workflow of HTTP and HTTPS remains the same, the browsers and servers still
communicate with each other using the HTTP protocol.
• However, this is done over a secure SSL connection. The SSL connection is responsible for the
encryption and decryption of the data that is being exchanged to ensure data safety.

Why HTTPS Matters and What Happens Without It ?

• HTTPS is important because it keeps the information on websites safe from being easily viewed
or stolen by anyone who might be spying on the network.
• When a website uses regular HTTP, data is sent in small chunks called packets that can easily be
intercepted using free software.
• This makes communication, especially over public Wi-Fi, very vulnerable to attacks.
• On the other hand, HTTPS encrypts the data, so even if someone manages to intercept the
packets, they will appear as random, unreadable characters.

Example:
Before encryption: "This is a string of text that is completely readable"
After encryption:
"ITM0IRyiEhVpa6VnKyExMiEgNveroyWBPlgGyfkflYjDaaFf/Kn3bo3OfghBPDWo6AfSHlNtL8N7ITEwI
Xc1gU5X73xMsJormzzXlwOyrCs+9XCPk63Y+z0="

Note: HTTPS uses the following algorithms for encryption and hashing purposes:
• RSA: Used during the TLS/SSL handshake to securely exchange keys between client and server.
It’s an asymmetric encryption algorithm.
• SHA-256: Used for data integrity in digital signatures and certificates. It’s a hashing algorithm,
not for encrypting the actual traffic.
HTTP vs HTTPS
Here are some key differences between HTTP and HTTPS:
HTTP HTTPS

HTTPS stands for HyperText Transfer Protocol

HTTP stands for HyperText Transfer Protocol
Secure

URL begins with "[Link] URL starts with "[Link]

Also works at the Application Layer (HTTP over

HTTP Works at the Application Layer.
TLS)

Data is sent in plain text Data is encrypted using TLS

No encryption or security Provides encryption, authentication, and integrity

Nearly same speed in modern systems (TLS

Faster in theory (no encryption)
optimized, HTTP/2 & HTTP/3 support)

Secure Shell (SSH)

SSH is a protocol used for secure remote login and communication. It encrypts data and provides
authentication mechanisms such as passwords and key-based authentication. SSH is widely used for
server management.
What is SSH ?
The Secure Shell (SSH) network protocol uses encryption to allow two connected devices—usually a
server and a client—to communicate securely with one another. It enables users to safely command and
control distant machines. Conventional methods that transfer data in plain text, such as Telnet, FTP, and
login, can be safely replaced with SSH. File transfers, network service tunneling, and remote
administration are among its common uses.

What does SSH do ?

Secure Communication: A client and a server can communicate securely thanks to SSH. To prevent
unwanted access to the data, it encrypts all information sent over the network, including passwords,
usernames, and other private data.

Authentication: SSH offers methods for confirming the legitimacy of the client and server. To confirm
the parties’ identities, it makes use of cryptographic keys. Only authorized users and servers can access
the system thanks to this authentication procedure.
Remote Access: SSH is primarily used to enable safe remote access to computers, servers, and other
resources. With SSH, users can safely run remote commands or access a server’s command-line
interface from a distance.

File Transfer: SSH facilitates safe file transfers between computers by using programs such as Secure
Copy Program (SCP) and SSH File Transfer Protocol (SFTP). With the help of these tools, users can
safely move data between two remote servers or between a local computer and a distant server.

Tunneling: The ability to build secure channels for the transmission of other network protocols over
SSH is made possible by the functionality for tunneling provided by SSH. Services that might not be
immediately accessible via the network, such as web servers, databases, and email servers, can now be
accessed securely thanks to this capability.

How Does SSH Work ?

The architecture of Secure Shell is client-server. A server administrator typically installs a program
on the server that controls whether incoming connections are accepted or rejected. In addition, a client
program that a user runs on their PC makes requests to the server. The server listens on HTTP port 22
by default.

SSH Commands

To securely communicate with remote servers or devices, utilize Secure Shell (SSH) commands. The
following SSH commands are frequently used:
• ssh: To establish an SSH connection with a remote server, use the ssh command. The
fundamental syntax is as follows:
ssh username@hostname
• scp: Secure file transfers between hosts are accomplished with the scp command. This represents
a “secure copy.” The fundamental syntax is as follows:
scp [Link] username@hostname:/remote/directory
• sftp: The sftp command is an interactive file transfer tool that functions similarly to FTP but
encrypts the connection using Secure Shell. Users can safely move files between hosts with its
help. To initiate an SFTP session, just enter:
 sftp username@hostname
• ssh-keygen: SSH key pairs are created with the ssh-keygen command and are used for
authentication. It generates public and private keys that enable password-free remote server
authentication. The fundamental syntax is as follows:
ssh-keygen -t rsa

Secure Shell (SSH) is used to ensure safe and encrypted communication in three main areas:
• Remote Server Administration: Allows administrators to securely access and manage servers
from a distance.
• File Transfer: Enables secure file sharing using protocols like SFTP and SCP.
• Tunneling: Provides secure access to restricted services by creating encrypted network tunnels.

Wireless Network Security

Wireless networks (Wi-Fi) allow devices to connect without physical cables, but this convenience
makes them more vulnerable to unauthorized access, data theft, and cyber attacks. Proper security
measures are essential to protect users and data.

1. Common Threats in Wireless Networks

• Unauthorized Access: Intruders connect to the network without permission
• Eavesdropping: Attackers intercept wireless data transmission
• Man-in-the-Middle (MITM) Attacks: Communication is secretly intercepted
• Rogue Access Points: Fake Wi-Fi networks created to steal data
• Denial of Service (DoS): Network is overloaded and becomes unavailable

Wireless Security Protocols

a) WEP (Wired Equivalent Privacy)
Introduction:
WEP was introduced as part of the original IEEE 802.11 Wi-Fi standard in the late 1990s. Its goal was
to provide a level of security comparable to wired networks—hence the name “Wired Equivalent
Privacy.”
 Encryption Mechanism:
WEP uses the RC4 (Rivest Cipher 4) stream cipher for encrypting data. It combines:
• A secret key (typically 40-bit or 104-bit)
• A 24-bit Initialization Vector (IV)
This combination is used to generate encrypted data packets.
Key Management Issues:
• WEP uses static keys, meaning the same key is shared among all users and rarely changed.
• There is no automatic key rotation, making it easier for attackers to capture enough data to
break the key.
• If one user leaves the network, the key must be manually changed for all devices.
Major Vulnerabilities:
• The Initialization Vector (IV) is too short (24-bit), causing it to repeat frequently.
• Repeated IVs allow attackers to analyze traffic and recover the encryption key.
• Weak implementation of RC4 leads to predictable encryption patterns.
• Susceptible to attacks like:
o Packet sniffing
o Replay attacks
o Key recovery attacks using tools like Aircrack-ng
Authentication Weakness:
• WEP supports Open System Authentication and Shared Key Authentication, both of which
are insecure.
• Attackers can often bypass authentication without knowing the key.
Performance vs Security:
• WEP has low computational overhead, so it was fast on older devices.
• However, this came at the cost of very poor security.
Current Status:
• Officially deprecated and prohibited in modern secure environments.
• Most modern routers and devices either disable WEP by default or warn users against using it.
Conclusion:
WEP fails to provide adequate protection due to weak encryption, poor key management, and design
flaws. It is now considered completely insecure and should never be used in any current network setup.
b) WPA (Wi-Fi Protected Access)
Introduction:
WPA was introduced by the Wi-Fi Alliance in 2003 as an interim security solution to fix the serious
flaws found in WEP, without requiring completely new hardware.
Encryption Mechanism:
WPA uses TKIP (Temporal Key Integrity Protocol), which is based on the older RC4 algorithm but
improves it significantly.
TKIP enhances security by:
• Mixing keys for each data packet
• Adding a message integrity check (MIC) to prevent data tampering
• Using a larger and more secure initialization vector
Dynamic Key Generation:
• WPA introduces per-packet keying, meaning a new key is generated for every packet
transmitted.
• This prevents attackers from easily analyzing repeated patterns, unlike WEP.
• Keys are automatically updated, improving overall protection.
 Authentication Methods:
WPA supports two main modes:
• WPA-Personal (PSK – Pre-Shared Key): Uses a password for home and small networks
• WPA-Enterprise: Uses centralized authentication (e.g., RADIUS server) for organizations
These options make WPA more flexible than WEP.
Security Improvements Over WEP:
• Eliminates static keys
• Reduces risk of key recovery attacks
• Adds integrity checks to detect altered data
• Provides better resistance to common attacks
Limitations and Weaknesses:
• Still relies on RC4, which is now considered weak
• TKIP has known vulnerabilities and can be exploited
• Susceptible to dictionary and brute-force attacks if weak passwords are used
• Lower security compared to modern standards like WPA2 and WPA3
Performance Consideration:
• Slightly more computational overhead than WEP
• Designed to work on older hardware via firmware updates, avoiding the need for replacement
Current Status:
• WPA is now deprecated and outdated
• Many modern routers have disabled WPA/TKIP support due to security concerns
Conclusion:
WPA was a significant improvement over WEP, introducing dynamic encryption and better integrity
checks. However, due to its reliance on older algorithms and emerging vulnerabilities, it is no longer
considered secure and should only be used when newer protocols are not supported.

c) WPA2
Introduction:
WPA2 was introduced in 2004 by the Wi-Fi Alliance as the official successor to WPA. It became the
most widely used Wi-Fi security standard for many years and is still commonly used today.
Encryption Mechanism:
WPA2 uses the AES (Advanced Encryption Standard), which is much stronger than RC4 used in
earlier protocols.
• AES provides robust encryption, widely trusted in government and enterprise systems.
• Ensures confidentiality of data transmitted over wireless networks.
CCMP Protocol:
WPA2 replaces TKIP with CCMP (Counter Mode with Cipher Block Chaining Message
Authentication Code Protocol).
• Provides data integrity and authentication
• Prevents tampering and replay attacks
• Ensures that data packets are not altered during transmission
Modes of Operation:
WPA2 supports two main modes:
• WPA2-Personal (PSK – Pre-Shared Key):
o Uses a shared password
o Suitable for home and small office networks
• WPA2-Enterprise:
 o Uses centralized authentication servers such as RADIUS (Remote Authentication Dial-
In User Service)
o Provides individual user authentication
o Ideal for organizations and institutions
Security Strengths:
• Strong encryption using AES
• Secure key management and authentication
• Resistant to most common wireless attacks when configured properly
• Supports network scalability and enterprise-level security
Limitations and Vulnerabilities:
• Vulnerable to the KRACK attack discovered in 2017
o Exploits weaknesses in the handshake process
o Can allow attackers to decrypt some traffic
• Susceptible to brute-force and dictionary attacks if weak passwords are used
• Security depends on regular firmware updates and strong passwords
Performance:
• Slightly higher computational requirement than WPA, but efficient on modern devices
• Provides a good balance between security and performance
Current Status:
• Still widely used, especially where WPA3 is not yet supported
• Recommended to use WPA2 with AES (not TKIP) for better security
• Gradually being replaced by WPA3 in modern networks
Conclusion:
WPA2 offers strong, reliable wireless security and has been the backbone of Wi-Fi protection for
years. However, due to emerging threats and vulnerabilities, it is being phased out in favor of WPA3,
especially in high-security environments.

d) WPA3
Introduction:
WPA3 is the latest Wi-Fi security standard, introduced by the Wi-Fi Alliance in 2018. It is designed
to address the limitations of WPA2 and provide stronger, future-ready security for modern wireless
networks.
Authentication Mechanism (SAE):
WPA3 replaces the traditional PSK method with SAE (Simultaneous Authentication of Equals), also
known as the Dragonfly handshake.
• Protects against offline dictionary attacks
• Ensures attackers cannot guess passwords even after capturing data
• Provides mutual authentication between devices
Forward Secrecy:
• WPA3 supports forward secrecy, meaning:
o Even if a password is compromised later, previously transmitted data remains secure
• Prevents attackers from decrypting past communications
Stronger Encryption:
• Uses advanced cryptographic techniques with enhanced encryption strength
• In enterprise mode, supports 192-bit security, offering higher-level protection for sensitive
environments
Protection Against Attacks:
• Strong defense against brute-force attacks
 • Limits repeated login attempts, making password guessing difficult
• Improves resistance to common Wi-Fi hacking techniques
Improved Features:
• Better protection for weak passwords: Even simple passwords are harder to crack due to SAE
• Enhanced open network security: Uses encryption in public Wi-Fi through features like
Opportunistic Wireless Encryption (OWE)
• Simplified device connection: Easier and more secure setup for IoT devices without screens
Modes of Operation:
• WPA3-Personal: Uses SAE for home users
• WPA3-Enterprise: Offers stronger authentication and higher encryption levels for
organizations
Backward Compatibility:
• Supports transition mode, allowing WPA2 and WPA3 devices to coexist
• Ensures smooth migration to newer security standards
Current Status:
• Recommended for all modern routers and devices
• Gradually replacing WPA2 as the new standard
• Required for Wi-Fi 6 and newer technologies
Conclusion:
WPA3 provides advanced security, better password protection, and improved privacy, making it
the most secure Wi-Fi protocol available today. It is highly recommended for secure and future-proof
wireless networking.
Overall Comparison Insight
• WEP → Completely insecure
• WPA → Better but outdated
• WPA2 → Strong and widely used
• WPA3 → Most secure and future-ready

Mobile Device Security

Common Threats to Mobile Devices

• Malware (Malicious Software):
Includes viruses, spyware, ransomware, and trojans that can steal data, track activities, or
damage the device.
Example: Spy apps that secretly monitor user activity.
• Data Theft:
Unauthorized access to personal information such as contacts, passwords, banking details, and
photos.
• Unauthorized Access:
Occurs when someone gains access to a device without permission, especially if there is no lock
or weak authentication.
 • Phishing Attacks:
Fake messages, emails, or apps trick users into revealing sensitive information like passwords or
OTPs.
• Unsecured Networks:
Connecting to public Wi-Fi without protection can expose data to attackers.
• Device Loss or Theft:
Physical loss of a mobile device can lead to misuse of stored data.

Security Practices for Mobile Devices

1. Install Apps from Trusted Sources
• Download applications only from official platforms like Google Play Store or Apple App Store
• Avoid third-party or unknown app stores
• Check app ratings, reviews, and permissions before installing

2. Use Strong Screen Locks

• Enable security features such as:
o PIN (Personal Identification Number)
o Password
o Pattern lock
o Biometric authentication (fingerprint or face recognition)
• Prevents unauthorized access if the device is lost or stolen

3. Enable Data Encryption

• Encryption converts data into unreadable form for unauthorized users
• Most modern smartphones provide built-in encryption
• Ensures sensitive data remains protected even if accessed physically

4. Keep Software Updated

• Regularly update:
o Operating system (Android/iOS)
o Applications
• Updates fix security vulnerabilities and improve protection against new threats

5. Use Antivirus and Security Apps

• Install reliable mobile security apps to detect and remove malware
• Helps in real-time threat detection and protection

6. Avoid Public Wi-Fi or Use Protection

• Do not access sensitive information (banking, passwords) on public Wi-Fi
• Use a VPN (Virtual Private Network) for secure browsing

7. Enable Remote Tracking and Wipe

• Features like Find My Device or Find My iPhone allow you to:
o Locate lost devices
o Lock the device remotely
o Erase data to prevent misuse

8. Manage App Permissions

 • Grant only necessary permissions to apps (camera, contacts, location)
• Revoke unnecessary permissions regularly

9. Backup Important Data

• Regularly back up data to cloud or secure storage
• Prevents data loss in case of theft, damage, or malware attacks

Conclusion
Mobile device security involves protecting devices from digital and physical threats through safe
usage practices, strong authentication, encryption, and regular updates. Following these measures
ensures data privacy, device safety, and secure communication.

IEEE 802.11 Wireless LAN

Introduction
The IEEE 802.11 standard is a set of specifications developed by the Institute of Electrical and
Electronics Engineers (IEEE) for implementing Wireless Local Area Networks (WLANs). It enables
devices such as laptops, smartphones, and tablets to connect to a network without physical cables,
using radio frequency signals.

Key Features of IEEE 802.11

• Provides wireless connectivity within a limited geographic area (home, office, campus)
• Operates in unlicensed frequency bands like 2.4 GHz and 5 GHz
• Supports mobility and roaming within network coverage
• Uses access points (APs) to connect wireless devices to a wired network
• Ensures data transmission using protocols for reliability and security

Architecture of Wireless LAN

IEEE 802.11 defines two main network architectures:
1. Infrastructure Mode
o Devices communicate through a central Access Point (AP)
o Most commonly used in homes, offices, and institutions
o AP connects wireless devices to a wired network (like the internet)
2. Ad-Hoc Mode (IBSS – Independent Basic Service Set)
o Devices communicate directly with each other
o No access point required
o Suitable for temporary or small networks

Important Components
• Station (STA): Any wireless device (mobile, laptop, etc.)
• Access Point (AP): Connects wireless devices to the network
• Basic Service Set (BSS): A group of devices communicating together
• Extended Service Set (ESS): Multiple BSS connected together for wider coverage

Different IEEE 802.11 Standards

 Frequency
Standard Maximum Speed Features
Band
802.11a 5 GHz Up to 54 Mbps Less interference, shorter range
802.11b 2.4 GHz Up to 11 Mbps Longer range, more interference
802.11g 2.4 GHz Up to 54 Mbps Combines speed of a and range of b
802.11n 2.4/5 GHz Up to 600 Mbps Uses MIMO technology for higher speed
802.11ac 5 GHz Up to several Gbps Faster speeds, better performance
High efficiency, better for crowded
802.11ax (Wi-Fi 6) 2.4/5 GHz Up to ~9.6 Gbps
networks

Security in IEEE 802.11

• Supports security protocols such as:
o WEP (obsolete)
o WPA / WPA2 / WPA3 (modern and secure)
• Provides encryption and authentication to protect wireless communication

Advantages of IEEE 802.11

• Mobility: Users can move freely within coverage area
• Ease of installation: No need for cables
• Scalability: Easy to add new devices
• Cost-effective: Reduces wiring and maintenance costs

Limitations
• Security risks if not properly configured
• Interference from other wireless devices
• Limited range compared to wired networks
• Speed variations due to signal strength and obstacles

Conclusion
The IEEE 802.11 standard forms the backbone of modern Wi-Fi communication, enabling seamless
wireless connectivity across homes, offices, and public spaces. With continuous advancements (like Wi-
Fi 6), it offers higher speed, better efficiency, and improved security, making it essential in today’s
digital world.
 IEEE 802.11i Wireless LAN Security
Introduction
The IEEE 802.11i is an amendment to the IEEE 802.11 standard, designed to enhance the security of
wireless networks. It was introduced to overcome the weaknesses of earlier security mechanisms like
WEP and forms the basis for modern Wi-Fi security, especially WPA2.

Need for IEEE 802.11i

• Earlier security protocols like WEP had serious vulnerabilities
• Wireless communication is easily intercepted due to its open nature
• Growing use of Wi-Fi required stronger encryption and authentication
• Hence, IEEE introduced 802.11i to provide robust and reliable security

Key Features of IEEE 802.11i

1. Strong Encryption using AES
• Uses AES (Advanced Encryption Standard) for data confidentiality
• AES is a highly secure and widely accepted encryption algorithm
• Replaces weak RC4 encryption used in WEP and WPA
• Ensures that transmitted data cannot be easily intercepted or decoded
2. CCMP Protocol
• Implements CCMP (Counter Mode with Cipher Block Chaining Message Authentication
Code Protocol)
• Provides:
o Data integrity (ensures data is not altered)
o Authentication (verifies sender identity)
o Confidentiality (protects data from unauthorized access)

3. Improved Authentication using 802.1X

• Uses IEEE 802.1X for secure authentication
• Involves three main components:
o Supplicant: The user/device requesting access
o Authenticator: The access point
o Authentication Server: Typically a RADIUS server
• Provides centralized authentication and access control

4. Four-Way Handshake Mechanism

• A secure process used to establish encryption keys between client and access point
• Ensures:
o Both parties share the same secret key
o Keys are generated dynamically for each session
• Protects against replay and man-in-the-middle attacks

5. WPA2 Implementation
• IEEE 802.11i is the technical foundation for WPA2
• WPA2 uses:
o AES encryption
o CCMP protocol
o Secure authentication mechanisms
• Provides strong and reliable wireless security

Advantages of IEEE 802.11i

• Strong data encryption and protection
• Secure user authentication
• Prevents common wireless attacks
• Suitable for enterprise and personal networks
• Forms the basis for modern wireless security standards

Limitations
• Slightly higher computational overhead
• Requires modern hardware support
• Vulnerable to certain attacks (e.g., improper implementation like KRACK) if not updated

Conclusion
IEEE 802.11i significantly improves wireless LAN security by introducing strong encryption (AES),
secure authentication (802.1X), and advanced protocols (CCMP). It laid the foundation for WPA2
and remains a critical milestone in securing modern Wi-Fi networks.