無線區網弱點檢測技術研究

Abstract

Wi-Fi發展至今已是相當的普遍，因Wi-Fi佈置相當的方便且成本較有線網路來的低廉。加上目前Voice Over WLAN的應用下，Wi-Fi的需求勢必日益增加；另外，現今筆記型電腦的普及率提高的推動下，Wi-Fi的使用率更是大為提升。 然而，Wi-Fi的傳輸介質屬於開放式的radio wave，一些惡意使用者或有心人士能夠透過對無線訊號的偵測，進行網路入侵的動作或是監聽一般使用者，進而獲得需要的資料。也因此我們可以知道：在使用Wi-Fi所隱含的危險遠比使用有線網路來的高。加上目前台灣正在推動M-Taiwan計劃，預期未來Wi-Fi在都會區的覆蓋率會達到80%至90%，在鄉鎮將達到30%至40%，在這麼高的覆蓋率之下安全問題也隨之而來，因此發展Wi-Fi的安全檢測已經是當務之急。 目前在有線網路的環境之下有相當多發展成熟的檢測工具可供使用，然而這類的工具在Wi-Fi的環境下卻是相當的缺乏，因此如何去發展相關的弱點檢測工具並且根據檢測出來的弱點提早進行管理，以避免安全漏洞的產生也可以提供成未來維護的重要參考依據，即為本計劃的目的。 在本計劃中，我們將分成三大步驟來完成上述目的。首先，對Wi-Fi的安全議題進行研究，收集已知並發掘未知的危險、漏洞並建立相關的漏洞資料庫以提供軍方查詢之用。再則，針對這些收集到的弱點提供相關的工具軟體以便管理者稽核所在網路是否存在這些弱點。最後，分析相關弱點的危害性以供未來查詢管理之用。

Wi-Fi technology has recently gained popularity because Wi-Fi deployment is more convenient and cheaper than traditional Ethernet. Because of an increased interest in Voice over WLAN with wireless network transmission capabilities, the demand for Wi-Fi will also increase. In addition, the popularity of laptop computer further increases Wi-Fi usage. Because Wi-Fi transmission medium is open, malicious users can easily eavesdrop on important data. Therefore, Wi-Fi is more vulnerable than traditional Ethernet. Taiwan is promoting M-Taiwan plan, which expects Wi-Fi coverage to be 80% to 90% in urban areas and 30% to 40% in the rural areas. But high coverage also creates mass security problems; therefore, developing Wi-Fi vulnerability detection tools is critical. Although there are many detection tools for the traditional Ethernet environment, few such tools exist for Wi-Fi. Thus, we propose to provide and deploy tools to detect vulnerabilities. Our proposal consists of three main stages. First, we will survey Wi-Fi security issues to build a security database with known and unknown threats and vulnerabilities. Next, we will provide tools to prevent these threats and vulnerabilities. Finally, we will analyze related vulnerabilities for future management.