Security and Privacy Issues in Wireless Networks and Mitigation Methods

– The rapid growth of network services, Internet of Things devices and online users on the Internet have led to an increase in the amount of data transmitted daily. As more and more information is stored and transmitted on the Internet, cybercriminals are trying to gain access to the information to achieve their goals, whether it is to sell it on the dark web or for other malicious intent. Through thorough literature study relating to the causes and issues that are brought from the security and privacy segment of wireless networks, it is observed that there are various factors that can cause the networks to be an insecure; especially factors that revolve around cybercriminals with their growing expertise and the lack of preparation and efforts to combat them by relevant bodies. The aim of this paper is to showcase major and frequent security as well as privacy issues in wireless networks along with specialized solutions that can assist the related organizations or the public to fathom how great of an impact these challenges can bring if everyone took a step in reducing them. Hence, through this paper it is discovered that there are many ways these challenges can be mitigated, however, the lack of implementation of privacy and security solutions is still largely present due to the absence of practical application of these solutions by responsible parties in real world scenarios.


Introduction
In this era of technology, the world has become interconnected and technology has become more powerful. The growth of the Internet has led to the increase of devices such as laptops, smartphones and more. Without any doubt, wireless technology [1] has been very important and a breakthrough in the telecommunication world. An easy installation, low cost and connectivity capability make wireless networks popular in this current century. Meanwhile, the high demand for wireless networks and insecure interconnectivity of IoT devices causes different categories of security threats [2], [3]. It also poses the threats of privacy in sensitive data such as personal information, financial data and medical data. The relationship between security and privacy issues is relevant to each other and many solutions to one or both the issues have been proposed by researchers in the form of authentication schemes, use of artificial intelligence and machine learning techniques to overcome security attacks [4], [5].
Security is a common term that includes the main attributes of confidentiality (C) which refers to encrypting and protecting sensitive information from unauthorized access by other parties. By the way of explanation, the data can be only accessible to the people who have been authorized. The second attribute is integrity (I), assuring the information is secured and not altered by malicious users. It ensures the accuracy and consistency of data over the network. The last attribute is availability (A) which means giving to users the authorization access system freely. The common issue in availability belongs to DoS attacks that disturb access to information and system. In a nutshell, security in the wireless network as well as internet of things is about the preservation of data against unauthorized access by coding or technique [6][7][8][9].
Privacy is a user's right to prevent the exposure of personal information to non-related people or organizations. Privacy breach normally starts with a security breach but not necessary. Applications that need to collect personal information from users will ask for a sign of privacy policy which will acknowledge the users about the privacy issues. This may lead to privacy being compromised. Privacy issues [10] are concerned with how the website and organization handles, processing, storage and how they would use. All in all, privacy is about the preservation of personal data from unwarranted access by organization or individuals.  Figure 1 shows that the top cyberattack belongs to malware which proves that the public is advised not to neglect and ignore these worrying issues.
Throughout this paper, the security and privacy issues in a wireless network are critically discussed. It is hoped that the contents will be able to show the importance of users protecting themselves and at the same time raising awareness among the society. The content and information about this topic have given the public critical thinking as well as giving them to carry out their active role in a wireless network. This paper strives to influence the public by applying quality and reliable resources [12] from various kinds of research databases such as IEEE [13] and ResearchGate [14]. Anyhow, the paper contributes to society as it is presented in an effective way to let users know that the security and privacy issue is not limited to what they think.
In this paper, the main section would be starting with an introduction which covers the topic of security and privacy issues in wireless networks and a figure to show how important this topic is. After the introduction, the literature review section discusses security issues, privacy issues and a table consisting of the breakdown of cyberattacks happening each year. Moving on is the methodology for data collection and discussion on our findings. Moreover, the solution for issues will be analyzed and discussed with specific reference to the issue. The conclusion will summarize the overall significance of the topic and remind the readers about the important point of the research.

Literature Review
Security is about keeping unwanted traffic from entering a network whereas privacy is about keeping wanted information from leaving a network. Hence, security issues and privacy issues are two different topics, although they involve some kind of unauthorized access to achieve the attacker's goals. Security issues [15] happen when an attacker gains unauthorized access to a website's or system's written language. On the other hand, privacy issues involve unwarranted access to sensitive and personal information which do not 100% have security breaches involved. In this section, both the issues are discussed with examples of scenarios.

A. Denial of Service (DoS) and Distributed DoS (DDoS) Attacks
A denial of service attack is an explicit attempt to prevent legitimate users from using the desired resources. An attacker can perform this attack by flooding a network with traffic, hence preventing legitimate network traffic. DoS attacks include disrupting connections between multiple machines, preventing access to a certain service. It can also be disrupting service to a system or to particular individuals. Moreover, a DDoS [16] [17] makes this type of attack even more difficult to prevent. The attack involves 4 elements which are victim(s), attack daemon agents, control master program and lastly the mastermind who is behind the attack. Victim(s) is the one who is chosen by the attacker to receive the brunt of the attack. Attack daemon agents refer to programs that are used to conduct the attack. These daemons affect not only the target computer but also the host computer. Deploying these daemons requires attackers to have access and infiltrate the host computer. Control master program is used to coordinate the attack and it allows the real attacker, who is the mastermind, to stay hidden during the attack.
Steps during a DDoS : 1. The real attacker sends a message to the control master program for execution. 2. The control master program propagates the command to the attack daemons upon receiving the execution message. 3. The attack daemons will then begin the attack on the target victim after receiving the attack command.

B. Spoofing Attacks
Spoofing attacks [18], [19] are when the attackers disguise a piece of information from an unknown source as a trusted source. There are many types of spoofing attacks, such as IP Spoofing and DNS Spoofing. a) IP Spoofing IP spoofing [20] is when IP packets with forged source IP addresses are created to conceal the identity of the sender or a system. IP is used during data transmission between machines over the Internet and each packet that is sent out has its own IP address which identifies the source of the information. This attack is used to either commit cybercrime online or to breach network security. IP spoofing prevents attackers from getting caught as the source of the messages cannot be determined due to the forged IP address. On the other hand, breaching network security is where attackers use an IP address that is the same as one of the IP addresses that is valid on the network. With this, the attacker does not need a valid username and password to have access to the network. b) DNS Spoofing DNS spoofing [21] is the act of creating a DNS entry to point to another IP address instead of the supposed IP address. This will then navigate users to the wrong websites or emails routed to unauthorized mail servers. The attacker who is connected between the DNS server and the victim will be able to see all the DNS traffic and hijack the DNS session. Attackers can mirror any websites and redirect users to the websites for password collection or payment details collection. Users can happen to download fake updates when they download some form of malicious code from the attacker's website.

C. Man in the Middle Attack (MitM)
Man in the Middle [22][23][24] is an active attack whereby an attacker will intercept in the communication between client and server. The attacker will sit between the connection of both parties to eavesdrop or alter the traffic between them. The aim of MitM attack is to gain access to users' personal information such as financial data, account details and more. Normally, the attacker will target an online shopping site, finance site and others that require login. MitM attack [25], [26] might involve phishing as they can make the email act as legitimate in order to trick users to click on the malicious link or file. Techniques of MitM can be distributed to 4 types as below: a) Sniffing An attacker will obtain the data by capturing the network using sniffing tools. They are allowed to view the packet such as a packet addressed to hosts by using the specific tools and devices that are able to put them in a monitor mode [27], [28]. b) Packet Injection A common technique used by attackers to access and alter network traffic. An attacker will insert the malicious code in the packet [29] and then inject the packet into the communication stream. By doing this, attackers are able to disrupt victims to use certain services. c) Session Hijacking An attacker will take over a session of the client and network server. The attacker will use the sniffing technique to sniff the traffic in order to replace the clients' IP address to its own address [30][31][32].

d) SSL Stripping
A legitimate website will have an HTTPS against ARP and DNS spoofing. However, an attacker will use SSL stripping [24] to alter the based address and request the user to use HTTP. By using HTTP, the request to the server will become unencrypted. Thus, important information will be leaked in plain text.

A. Identity Theft
Identity theft [33][34][35] is where a cybercriminal obtains personal information without authorized access to impersonate another person. There are many types of identity theft, such as medical identity theft, financial identity theft and criminal identity theft. Financial identity theft, in which the cybercriminal gets economic benefits using the identity stolen remains the most common type. Medical identity theft is where the attacker obtains information such as health insurance numbers in order to receive medical services. Next is criminal identity theft. Criminals sometimes give the identity information that he has stolen to the police when he is under arrest. This will then cause the victim to be charged instead of the criminal himself. Identity theft can be done using social engineering techniques such as phishing and dumpster diving.

B. Password Leaks (Data Breach)
Passwords that are leaked might be sold on the dark web or shared on the Internet for everyone to see. Attackers can easily use the leaked login information to attempt to gain access to other accounts as users always use the same password for different services for convenience. Attackers also used brute force attacks [36] to get the passwords. This attack is done by inputting every possible combination in the credentials until the password is guessed correctly. Therefore, the shorter the password, the weaker it is, the quicker it can be cracked by this brute force attack.

C. Spyware
Spyware is a software that is installed on a device to gather information about an organization or an individual without them knowing. The information gathered will then be sent to a third party without user consent. It is estimated that this software is installed on more than 85% of personal computers. Internet Service Provider stated in its survey that there is an average of 28 spywares installed on each computer. Spyware includes adware, keystroke loggers and trojan horses [37]. Adware [38] is a software that monitors the user's activity on the browser and sends advertisements to the target user based on his/her browsing activity. This software is also capable of changing the default settings of the browsers and redirects searches to other search systems. Keystroke logger is a user monitoring software used to capture (logging) the keys struck on the keyboard while the user is unaware of their actions being monitored. The data captured include username, passwords, document contents and other potentially sensitive information. Lastly is a trojan horse, software that installs programs on the user's computer that allows the attackers to control the user's computer.

D. Phishing
One would wonder about the difference between phishing and spoofing attacks. To clarify, spoofing is the means of delivering the attack whereas phishing is the method of retrieving sensitive information after successfully spoofing the victim. Phishing [39], [40] contributed the most in terms of data breaches with 34% of incidents happening in the form of phishing attacks. One notable and most negatively impactful phishing attack is the WannaCry ransomware attack. This attack exposed many powerhouses like Nissan, FedEx and NHS which caused them to be vulnerable. The WannaCry attack used the vulnerability of organizations that did not have their Windows updated which in turn gave an opening for the malware to overflow their networks and provided an opportunity for arbitrary code to be inserted. Other than that, there are many types of phishing attacks [41] that can occur including email phishing, whaling and spear phishing [42].

a) Email Phishing
The most common type of phishing attack is email phishing. The attacker obtained email addresses of victims from different sources. An email that looks legitimate will be generated and sent. The victim who is the recipient of the email will be requested to perform some kind of action, it can be opening a malicious attachment, filling up a form or visiting a website. The attacker will then acquire the victim's information.
b) Whaling Whaling [43], [44] is a type of phishing attack that specifically targets high ranking employees like the CEO or CFO of a company, to steal information that the higher positions hold. Most whaling phishing attacks are to manipulate victims to approve fraudulent wire transfers to the attacker. The attacker can also impersonate the CFO or CEO to convince employees of the organization and order them to carry out the financial transfers. The difference between whaling phishing and spear phishing is that whaling focuses on specific high-profile victims whereas spear phishing focuses on each individual. Both require a lot of time and effort compared to normal phishing attacks.

c) Spear Phishing
This type of phishing attack mainly targets organizations to collect customers' sensitive information such as financial information and credentials. The emails sent out normally use malicious attachments and website links, which is highly customized just for the target group. The email content might mean nothing at all to a recipient outside the organization. The difference between normal phishing and spear phishing is that spear phishing requires a higher level of sophistication of social engineering required by the attacker. Normal phishing emails only need to know the demographics and common financial institutions to help the attacker in customizing the attack. However, for spear phishing, every email must focus on each individual recipient, which eventually requires a much more focused social engineering method for email and attachments customization.
Year Attacks Details 2014 Data breach Yahoo [45] reported 500 million of users' (all users) data are stolen. Stolen data includes account names, phone numbers, email address, hashed passwords and security questions and answers.

DDoS
A bank in Europe was attacked with 809 million packets per second [50].
Data Breach 230,000 COVID-19 patient records from Indonesia are on sale on the dark web [52].
Data Breach 900,000 South Koreans' credit card information was leaked and traded on an overseas online black market [53].

Methods Used to Collect Results
Online documents: Throughout this paper, the method used for analysis is secondary data which is collected through primary sources and made ready to be accessed by others. The first and foremost database used is the Institute of Electrical and Electronics Engineers (IEEE). The reason of using IEEE is that it is the prime academic database in the field of engineering and computing. It is also broadly used for the articles, scholarly references and conference papers publishing. While using their highly professional cited publication around the world, authors were able to inquire about the applicable information about the topic on IEEE databases.
Moreover, authors also used the ResearchGate database to acquire the related information. ResearchGate [54] is popular in discovering scientific knowledge, allowing us to locate useful articles and journals about the topic of privacy and wireless issues. Another research database used is Google Scholar [54]. The reason Google Scholar is used is that it provides vast range of search options across many articles, books and journals from various publishers, universities and websites. Google Scholar is not only fast and convenient to use, but also provides formatted citations for the convenience of users. Last but not least, Internet resources also have been used for additional analysis.
By default, these platforms will search the full text of the research paper. However, by typing the keywords such as "security issue", "wireless network", "privacy issue" and "security and privacy threats", results are easily generated within seconds on these platforms. The platforms will automatically show the results that are related to keywords such as cloud computing, wireless sensor networks and more in order to provide us a wide range of options to choose from. Besides that, to make sure the information is accurate and consistent, the advanced searching is used by setting the year range to 'from 2015 to 2020' with the aim to narrow down and retrieve the recent research paper.
Different research papers and case studies with the same topic can be found on these platforms. However, there are different opinions and views coming from different authors hence reading and analyzing their findings allow us to understand more. After doing some in-depth research and comparison between what authors found from the scholarly documents, they were able to have a wider view of the concerned topic.

Discussion on Findings
Based on the findings in previous sections, it is concluded that the importance of privacy and security reinforcement and enhancement of wireless networks were not considered enough. As shown in the earlier literature review, be it security or privacy, attacks have been constantly been initiated by these cybercriminals. For an example in terms of the security issue, we will discuss a specific attack to see just how dangerous these privacy issues are to the masses which is the Distributed Denial of Service attack, DDoS. As mentioned earlier in the paper, DDOS attacks are one of the most common types of active attacks that allow the lawbreakers to steal sensitive information by overwhelming the systems to give themselves an opening to strike. To further discuss how this security issue works, we will look into a recent DDoS Attack that was made on a prominent code management service, GitHub, in 2018. The attack was done with the use of a strategy called mem caching where a spoofed packet is sent to a potential victim and then floods the server with aggressive traffic. During this, GitHub was hit with 129.6 million packets of data in its servers. This was considered one of the biggest DDoS attacks recorded. However, this attack only brought the company's servers down for 20 minutes which was due to GitHub's usage of a DDoS mitigation software. This shows how a precautionary measure, if taken, can help lessen the damage taken by an organization.
Moving on to privacy challenges, to delve deeper into the findings, phishing has been a more growing concern to the public especially during this unexpected time where the pandemic, COVID-19 [55], is being faced by the whole population. With people staying at home and using wireless networks to stay connected with others, there is a possibility where people are more likely to not only socialize but work outside the normal privacy protections making them vulnerable and more susceptible to phishing attacks. To strengthen the case where privacy and security of one's device in a network are important, we will be discussing a recent attack that was made in relation to the pandemic.
This phishing attack targeted public sector employees in Mongolia by taking advantage of people being alert regarding coronavirus information [56]. The attack involved an email and word document disguised as being sent from Mongolia's Ministry of Foreign Affairs. The disguised file when opened will cause the installation of a malicious code that allows the hackers to remotely access and control the victim's device. The hackers can spy on the machine and steal sensitive data moreover direct further attacks. This justifies that being lax and unassuming of the potential privacy issues that could occur due to our negligence can prove devastating outcomes. Attackers have taken advantage of current coronavirus situation to launch cyberattacks and threats have increased during this pandemic [55].

Solution for Issues and Challenges
While technology evolves at a fast speed, the privacy issues and security issues in a wireless network [57] also emerge in an endless stream. However, no matter what the issues are, there have been solutions proposed by researchers and they continue to develop them according to the requirements. For example, in [58][59][60] authors have proposed detection of attacks in communication protocols used in internet of things networks, while in [61], RFID technology has been proposed to be used for secure attendance monitoring. In [62] authors have performed comprehensive analysis of privacy protection issues in cloud computing applications which can be used as a basis for development of secure solutions in the context of mobile cloud computing. Similarly many other studies have also been performed in specialist field contexts which are capable of providing awareness of security and privacy issues in current wireless network technologies, internet of things and communication protocols for these technologies [63], [64].
In client-based systems, firewall is an extremely useful tool to protect data. A firewall can be used as a software or hardware to provide a barrier between the client network and traffic from the Internet. By analyzing the incoming traffic based on the pre-setup rules, firewalls [65] can filter the traffic in order to block malicious traffic like malware and prevent hackers from accessing the entry point. Besides that, antivirus software is also an effective solution to solve the privacy and security issues. Antivirus software can detect and auto remove the virus and malicious software such as trojan horses, worms, spyware and ransomware. By real-time scanning the client network, it is able to safeguard against the potential vulnerabilities to happen. Apart from downloading antivirus and firewall software, keeping the software up to date is also a vital matter. Hackers are now getting smarter to design sophisticated issues, it is critical to update the software in order to combat them.
In server-based systems, Virtual Private Network (VPN) is an efficient tool for online business. It is able to strengthen security by securing and encrypting the data. It also assures private browsing and unrestricted access to content. By applying VPN, the traffic that goes through the Internet Service Protocol(ISP) will be encrypted by VPN protocols. Meanwhile, malicious intruders are unable to view and monitor them. While in a Client-server-based solution, the encryption-based solution will encrypt the information between the web hosts. Pretty Good Privacy (PGP) is an encryption-based protocol that addresses how to encrypt and decrypt the texts, files from emails. PGP uses symmetric and asymmetric keys to encrypt data. Meanwhile, the public key would be given from the receiver to whoever wants to send the message. While the recipients who have the private key can only be allowed to decrypt the message.
Moreover, thinking smart is also much more important as it can prevent identity theft which obtains personal information without acknowledgment of the users. It is necessary to be aware of and not to trust people who are unknown and share the personal information on social media accounts. There is no such thing as a free lunch, think smart and evaluating to the website that claims to offer benefits. In addition, enhance the strength of the access point to avoid security issues of MITM. By using WPA2 encryption alongside with the AES algorithm can prevent brute force attacks.
It is also essential to change the device name and password of the access point as malicious intruders can change the server and sadly even destroy the system.

Conclusion
Throughout our research, authors found that the security and privacy issues of wireless networks are constantly in the Preprints (www.preprints.org) | NOT PEER-REVIEWED | Posted: 5 September 2020 doi:10.20944/preprints202009.0110.v1 increase but being taken lightly as we are continuing towards an age of technology that is ever changing notably during these unpredictable times where privacy and security of devices and networks are more sought after than ever. We believe that actions and efforts must be done and continue to be reinforced as cyber attackers are becoming more persistent and maturing. These cybercriminals are bombarding and injecting worry as well as fear into the unknowing public, becoming more forceful and knowing no fear since the intention of safeguarding privacy and security of wireless networks are not put as a priority enough within the related organizations. In our views, we believe that these issues can be overcome by the public if we take the necessary actions and move our approach to be more secure and also aware of the implications of leaving the challenges as they are without action. Concluding our views, we believe that with the right steps, a more protected system in our network can be attained. It is found that many privacy and security issues are still surfacing in the cyber world and that it is continuing to increase due to organizations' lacking resolve and the population's ignorance towards these current issues are becoming more visible. Furthermore, with the increased sophistication in the cybercriminals abilities prove to be a growing thorn in the cybersecurity efforts in maintaining a robust privacy and security system as well.