Higher education institution Wi-Fi network vulnerabilities: a multiple case study

Authors

DOI:

https://doi.org/10.33448/rsd-v9i2.1979

Keywords:

Wi-Fi; Pentest; Vulnerability Analysis.

Abstract

Along with Wi-Fi networks, which are on the rise in today's information age, new risks have also emerged for users and higher education institutions providing such networks. The objective of this study was to analyze, through a Penetration Test (Pentest), the vulnerabilities and threats present in the Wi-Fi networks of Higher Education Institutions (HEIs) of Belo Horizonte and of cities in the interior of Minas Gerais near the capital. . Data collection was performed through experimental testing - Pentesting in loco - in Wireless Local Area Network (WLAN) of the 12 participating Higher Education Institutions. The results showed that IES Wi-Fi network infrastructure is very diverse and that a significant percentage of these WLANs are vulnerable and may be threatened by malicious users.

References

Associação Brasileira de normas técnicas. (2013). ABNT ISO/IEC Guia73:2013. Gestão de Riscos. Vocabulário. Recomendações para uso em normas. Associação Brasileira de normas técnicas. Rio de Janeiro.

Allen, L., Heriyanto, T. & Ali, S. (2014). Kali Linux: assuring security by penetration testing. [s v.l: s.n.]. Packt Publishing Ltd, 7 de abr. de 2014 - 450 p.

Bacudio, A. G. et al. (2011). An Overview of Penetration Testing. International Journal of Network Security & Its Applications, 3(6): 19–38.

Beggs, R. W. (2014). Mastering Kali Linux for advanced penetration testing. Fist ed. Birmingham: [s.e.].

Botnet, C. (2012). Port scanning /0 using insecure embedded devices. Internet Census. Disponível em: <http://census2012.sourceforge.net/paper.html>. Acesso em: 01 nov. 2019.

Caçador, D. M. (2014). Segurança e Mobilidade em Redes IEEE 802.11: Modelo de suporte à decisão na escolha de arquitecturas e tecnologias de redes sem fios. [s.l.] Universidade Católica Portuguesa.

Kang, Y. et al. (2015). Comparative Study of Penetration Test Methods. Advanced Science and Technology Letters, 87(1): 34–37.

Lashkari, A. H. et al. (2009). A Survey on Wireless Security protocols (WEP , WPA and WPA2 / 802 . 11i). Computer Science and Information Technology, 2009. ICCSIT 2009. 2nd IEEE International Conference on, n. 1 v 3, p. 48–52.

Ludke, M.; Andre, M. E. D. A. Pesquisa em educação: uma abordagem qualitativa. 2.ed. São Paulo: EPU, 2013.

Pereira, A.S. et al. (2018). Metodologia da pesquisa científica. [e-book]. Santa Maria. Ed. UAB/NTE/UFSM. Disponível em: https://repositorio.ufsm.br/bitstream/handle/1/15824/Lic_Computacao_Metodologia-Pesquisa-Cientifica.pdf?sequence=1. Acesso em: 01 nov. 2019.

Philfer, Lisa. (2009). A list of wireless network attacks. Disponível em: <http://searchsecurity.techtarget.com/feature> Acesso em: 01 de nov. 2019.

Ramachandran, V. (2011) BackTrack 5 wireless penetration testing. 1st ed. Birmingham: [s.e.].

Ramachandran, V.; Buchana, C. (2015). Kali linux wireless penetration testing beginner ’ s guide. 2nd ed. Birmingham: [s.e.].

Rufino, Nelson Murilo de O. (2014). Segurança em redes sem fio - Aprenda a proteger suas informações em ambientes Wi-Fi e Bluetooth. 4. ed. São Paulo: Pearson.

Scarfone, K.; Orebaugh, A. (2008). Technical Guide to Information Security Testing and Assessment Recommendations of the National Institute of Standards and Technology. Nist Special Publication, v. 800, p. 1–80.

Shravan, K.; Neha, B.; Pawan, B. (2014). Penetration testing: A Review. Compusoft, Faridabad v. 3, n. 4, p. 752–7.

Sobh, S. T. (2013). Wi-Fi Networks Security and Accessing Control. International Journal of Computer Network and Information Security, v. 5, n. 7, p. 9–20.

Waliullah, M.; Gan, D. (2014) Wireless LAN Security Threats & Vulnerabilities: International Journal of Advanced Computer Science and Applications, v. 5, n. 1, p. 176–183.

Weidman, Georgia. (2014) Teste de invasão – Uma introdução prática ao hacking. São Paulo: Novatec.

Welch, D.; Lathrop, S. (2003). Wireless security threat taxonomy. Information Assurance Workshop, 2003. IEEE Systems, Man and Cybernetics Society, June, p. 76–83.

Downloads

Published

01/01/2020

How to Cite

FIGUEIREDO, D. A.; MARQUES, R. M.; MARTINS, H. C.; ARAMUNI, J. P. Higher education institution Wi-Fi network vulnerabilities: a multiple case study. Research, Society and Development, [S. l.], v. 9, n. 2, p. e178921979, 2020. DOI: 10.33448/rsd-v9i2.1979. Disponível em: https://www.rsdjournal.org/index.php/rsd/article/view/1979. Acesso em: 16 apr. 2024.

Issue

Vol. 9 No. 2

Section

Education Sciences

License

Authors who publish with this journal agree to the following terms:

1) Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

2) Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

3) Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.