The following are some wireless network security research topics which can be used for developing research papers. Each topic is listed with appropriate research areas.
Title: Comparative study of 802.1x authentication protocols in a WLAN network
Abstract:
The project aims to understand the different types of 802.1x authentication protocols like PEAP, EAP-TLS, EAP-MD5 and perform a comparative study. The architecture and security limitation of each of the protocols are understood. The components which are required to setup an 802.1x WLAN network with the above protocols like Radius servers, supplicants, and access points are researched and analyzed.
Research areas:
1.Key derivation mechanism in the above protocols.
2.Security issues in EAP-TLS compared with PEAP.
3.The use of TLS protocol in PEAP and EAP-TLS.
4.Security issues in EAP-MD5 compared with PEAP and EAP-TLS.
5.Dependency on digital certificates for the use of the identified protocols in a WLAN network.
Title: Dynamic and static key management with WEP
Abstract:
The project aims to understand how WEP keys are derived in a static and dynamic environment. In a static environment, the shared WEP key is configured on the access point and the respective clients and per packet keys are derived using the shared base keys. In a dynamic environment, when protocols like PEAP, EAP-TLS with radius servers are used, WEP keys are derived automatically using appropriate protocols. The security issues and challenges which are faced in both the scenarios are understood.
Research areas:
1.How base keys are derived and used in static and dynamic environment.
2.How TLS is used to derive session keys.
3.The different types of keys involved in dynamic WEP like Pre-master secret, PMK etc.
4. Comparative study of security issues with static and dynamic WEP.
5.Infrastructure requirements for static and dynamic WEP.
Title: Defeating unauthorized wireless access using mac-addresses.
Abstract:
The project aims to understand how unauthorized wireless access can be defended using mac-filtering feature on access points. The design of the mac-filtering feature is understood and how it can be implemented with and without a radius server is understood.
Research areas:
1.How does mac-based authentication work
2.Mac-filtering feature on the access point.
3.Mac-based authentication with mac-address database on a radius server.
4.Comparative study of mac-filtering and mac-based authentication.
5.Security issues with mac-filtering and how it can be bypassed.
Title: Secure wireless infrastructure design with Windows Active directory and IAS server.
Abstract:
The project understands how a Windows Active directory can be used for user based wireless authentication in conjunction with an IAS server. The components which are required to setup a fully fledged wireless network like supplicants, authenticator, and authentication server are understood.
Research areas:
1.Supplicant software like Windows wireless Zero config, Open X and which would be a better solution.
2.Different access points which supports radius server authentication and able to read information from the Active directory for user authentication.
3.Radius server redundancy mechanism.
4.Authentication protocols which can be used between the access point and the IAS server.
5.Protocols which can be used by the wireless clients like EAP-MD5, PEAP, EAP-TLS and the infrastructure requirements for the same like having a certificate authority.
Title: Security assessment of home wireless network.
Abstract:
The project aims to understand the different security issues in a home network like unsecured wireless access, default username and password for access points, weak encryption protocols like WEP etc. and how to perform an assessment on the same.
Research areas:
1.Use of wireless scanners like netstumbler, Kismet etc to find out the name of the access point and encryption protocol used and identify insecure access points
2. How to use fingerprinting mechanism to identify the access point vendor.
3.Migration from WEP to WPA.
4.How to find default admin username and passwords for the identified access point with Google search.
5.Prepare a test plan, which details on the test cases which needs to be conducted for a comprehensive security assessment.
