Wi-Fi Fundamentals
What is defined in IEEE 802.11?
The PHY and MAC-layer protocols/design for wireless networks.
How is the wavelength of an electromagnetic wave related to its frequency and the speed of light?
wavelength = c / f
Name on example of a passive and one example of an active attack on a wireless system
Passive: Eavesdropping
Active: Spoofing, jamming, MitM
What is the primary purpose of early wireless security protocols like WEP?
To provide basic confidentiality, authentication, and access control for wireless communications.
What is Software-Defined Radio (SDR)?
SDR is a radio system where functions traditionally implemented in hardware are instead executed in software, allowing flexible control over wireless radio parameters.
What is the effect of overlapping channels and channel reuse on wireless performance?
Overlapping channels can cause interference, reducing SINR and degrading performance.
Name three examples of a wave that occur in nature.
Water, sound/acoustic, and electromagnetic (EM)
What is the goal of PHY-layer security mechanisms?
To use physical characteristics (like channel properties, beamforming, frequency, etc.) to complement upper-layer cryptography, helping to mitigate some types of attacks.
What vulnerability in WEP is caused by the reuse of Initialization Vectors (IVs)?
IV collisions can lead to keystream reuse, enabling attackers to use statistical methods to crack the encryption.
What is Equivalent Isotropically Radiated Power (EIRP)?
EIRP is the effective power radiated by an antenna, calculated by adding the transmitter power (after losses) and the antenna gain, as if the antenna were an ideal isotropic radiator.
What is the Basic Service Set Identifier (BSSID) in an infrastructure BSS (standard wireless network)?
The MAC address of the AP
What is the primary purpose of the Fourier Transform?
To decompose a time-domain signal into its frequency components
How does friendly jamming improve wireless security?
By transmitting interference designed to cancel at the legitimate receiver while disrupting eavesdroppers' reception and vice versa.
In a Machine-in-the-Middle (MitM) attack on Wi-Fi, what is the attacker's main objective?
To intercept, possibly modify, and relay communications between a client and an access point without their knowledge.
What is the function of an analog-to-digital converter (ADC) in an SDR system?
The ADC converts incoming analog radio signals into discrete digital samples for software processing.
How does CSMA/CA help to manage access to the wireless medium in Wi-Fi networks?
CSMA/CA uses physical and virtual carrier sensing, interframe spacing, randomized backoff, and optional RTS/CTS handshaking to handle and reduce the likelihood of collisions.
What does the signal-to-noise ratio (SNR) indicate in wireless communications?
SNR measures the strength of the desired signal relative to background noise, affecting data reliability and channel capacity.
What is Frequency Hopping Spread Spectrum (FHSS) and how does it help to secure a wireless link?
FHSS continuously changes the transmission frequency in a pseudorandom pattern, making it difficult for an attacker to jam or intercept the communication.
How can MAC address spoofing facilitate unauthorized access to a wireless network?
Attackers can change their device's apparent MAC address to impersonate an authorized device on a network that utilizes a captive portal or MAC address filtering, for example, to bypass that MAC filtering.
Explain how an SDR can perform both transmission and reception in a wireless system.
For transmission, digital samples are converted to an analog signal by a digital-to-analog converter (DAC) and then transmitted via an antenna; for reception, the analog signal is captured by an antenna, converted to digital samples by an ADC, and then processed in software.
What distinguishes an Independent Basic Service Set (IBSS) from an Infrastructure BSS?
An IBSS is peer-to-peer (ad-hoc) with no access points, whereas an Infrastructure BSS uses access points and a distribution system (DS) to connect wireless devices to a wired network.
Using the Shannon formula, how is the theoretical channel capacity expressed?
C = B log2(1 + SINR)
C is Channel Capacity
B is Bandwidth
Explain how direct sequence spread spectrum (DSSS) increases resistance to narrowband interference.
DSSS spreads the signal over a wider bandwidth using a secret "code", lowering the power per frequency component and thus making the signal more robust against interference.
Describe one method attackers use to break WEP encryption.
By capturing a large number of encrypted frames (e.g., ARP requests/replies) attackers can exploit weaknesses in the RC4 key scheduling to deduce the encryption key.
What should all of you do, relating to this category?
Get an SDR! Get your Amateur Radio License(s)!!!!!!