Escolar Documentos
Profissional Documentos
Cultura Documentos
Student Details:
Name: Sajjan Bhattarai
Student ID: 11069720
Group: L3N3
Email: sab1432@my.londonmet.ac.uk
Acknowledgement
I feel blessed for being able to complete my Final Year Project successfully. First, I would like to
thank dear god for providing me with such an enduring strength, patience and consistency.
I would like to acknowledge the encouragement, understanding and support of some really special
people to me. First of all, I would like to heartily thank my first supervisor, Er. Saroj Sharan Regmi.
He has been a very strong pillar to the success of this project by helping me in maintaining
persistency and consistency of my project. I appreciate his guidance and supervision as he has
always corrected me when I made mistakes and helped me to get better.
Secondly, I wish to thank my second supervisor, Mr. Roshan Chaudhary for his continuous
encouragement and guidance. He has always been like an elder brother to me.
Special thanks go to my teachers Dr. Guru Tej and Mrs. Fransisca Tej, for their support and
suggestions. They have helped me during my Survey by reviewing and improving my
questionnaire. They were also the first respondents to my questionnaire. Also I would like to
appreciate and acknowledge the open courses launched in SecurityTube.net and thank Mr. Vivek
Ramachandran, founder of SecurityTube. He is the original source of inspiration for this project.
Last but definitely not the least, I would like to thank my family and friends who have always
supported and understood me. They are the most important entities in my life.
Declaration
I Sajjan Bhattarai [11069720] hereby declare that this Final Year Project report is my original
work. All that is in this report was researched and compiled by me. I didnt copy from any one and
no one copied my work.
. .
Signature Date
Approval
Signature Date
Abstract/Summary
This is a final report for Bsc Final Year Project titled as WLAN Security Management with
Precise Positioning. The ultimate purpose of this project is to enhance or improve the security
of wireless local area networks through the development of WLAN Monitoring Tool comprising
of graphical user interface and strong backend. This report is broadly categorized into four major
chapters: Introduction, Background/Literature Review, Testing/Evaluation/Conclusion and finally
Social, Legal and Ethical Issues. The Rational Unified Process, which is the chosen methodology
for this project is also widely described throughout this report.
Table of Contents
Table of Contents ............................................................................................................................ 5
Abbreviations .................................................................................................................................. 8
Chapter 1: Introduction ............................................................................................................... 9
1.1 Topic Introduction .......................................................................................................... 10
1.2 Problem Domain ............................................................................................................ 11
1.3 Proposed Solutions ......................................................................................................... 12
1.4 Aim and Objectives ........................................................................................................ 13
1.4.1 Aim ......................................................................................................................... 13
1.4.2 Objectives ............................................................................................................... 13
1.5 Report Structure ............................................................................................................. 15
Chapter 2: Background and Literature Review ...................................................................... 16
2.1 WLAN: In-depth ............................................................................................................ 17
2.1.1 802.11 Standard ...................................................................................................... 17
2.1.2 RF Fundamentals .................................................................................................... 18
2.1.3 Air Scanning/Monitoring ........................................................................................ 18
2.1.4 Wi-Fi Based Positioning ......................................................................................... 19
2.2 Clients/End Users perspective ..................................................................................... 20
2.3 Similar Studies/Projects/Systems ................................................................................... 21
2.3.1 Similar Studies ........................................................................................................ 21
2.3.2 Similar Projects and Systems .................................................................................. 23
2.4 Considerations/Alternatives Implemented Regarding the Solution ............................... 25
2.4.1 Considered Development Methodologies ............................................................... 25
2.4.2 Considered Programming Language....................................................................... 26
2.4.3 Considered Software Dependencies/Libraries ........................................................ 26
Chapter 3: Development............................................................................................................. 28
3.1 Methodology .................................................................................................................. 29
3.1.1 Methodology Justification ...................................................................................... 29
3.1.2 Stages of Rational Unified Process ......................................................................... 30
3.2 Requirement Analysis or Gathering ............................................................................... 32
London Metropolitan University
5
Sajjan Bhattarai 11069720 Final Year Project - Report
Appendix A ................................................................................................................................... 81
1.1 Requirement Gathering- Questionnaire Form ................................................................ 81
1.2 Analysis of Questionnaire .............................................................................................. 85
Abstract.................................................................................................................................. 85
Introduction ........................................................................................................................... 86
Analysis ................................................................................................................................. 87
1.3 Final SRS Document ...................................................................................................... 96
1.3.1 Scope of Project ...................................................................................................... 96
1.3.2 Functional Requirements ........................................................................................ 96
1.3.3 Non-Functional Requirements ................................................................................ 97
1.3.4 Use case diagrams ................................................................................................... 98
1.3.5 Usage Scenarios ...................................................................................................... 99
Appendix B ................................................................................................................................. 103
2.1 User Manual ...................................................................................................................... 103
Appendix C ................................................................................................................................. 104
3.1 Work Breakdown Structure .......................................................................................... 104
3.2 Gantt chart .................................................................................................................... 105
Abbreviations
Wi-Fi: Wireless Fidelity
Chapter 1: Introduction
In Nepal also, Nepal Telecommunications Corporation (NTC) has launched free Wi-Fi hotspots in
major places of the Nepal since the beginning of 2014, with an aim to make Nepal as a Free Wi-
Fi Zone in near future (RSS, 2014). This campaign is aimed to serve internet service among
millions of people in Nepal.
Wi-Fi is a wireless broadband network service which contains transmitters (Access Point) to
transmit signal and wireless stations (Laptops, Cell phones, Wi-Fi Adapters, PDA, etc.) to respond
to the signal and communicate with each other. With Wi-Fi, we dont need to have other network
London Metropolitan University
10
Sajjan Bhattarai 11069720 Final Year Project - Report
devices and expensive cables. This dramatically reduces the cost, installation problems and other
complexities. Anyone within the transmission range having correctly configured wireless devices
can easily connect to the Wi-Fi network. However, along with all these advantages, Wi-Fi
technology also comes up with some disadvantages. The major issues with Wi-Fi are less
reliability, lower data rate and most importantly compromised security. Wi-Fi networks are always
vulnerable towards eavesdropping, intrusion, Denial of Service attacks, phishing, etc. (Bahl, et al,
2006). There are many proposed solutions for these issues among which the authentication and
encryption techniques like WEP, WPA/WPA2, etc. come first. But these alone cannot provide
complete security to Wi-Fi networks. The only feasible and effective solution for Wi-Fi security
is to perform regular Radio Frequency (RF) management.
While viewed from another perspective, Wi-Fi is also an underutilized technology. It possesses
huge potentiality in various fields of technology such as Indoor Positioning, Spatial Computing,
Voice and video streaming, LAN syncing, and so on. Unlike other network technologies which
are costly and complicated enough for implementation, Wi-Fi can provide much cost effective and
simplified services to both general users and high end organizational networks. In this project, the
two important aspects of Wi-Fi technology namely Security and Wi-Fi based positioning system
have been explored and analyzed.
With that said, this project mainly deals with Radio Frequency (RF) management along with
positioning of wireless devices. It consists of two parts: Research and Development. In research
section, the detailed study of project title and significances are studied. It included understanding
of Wi-Fi technology, RF fundamentals, limitations or vulnerabilities of Wi-Fi and their potential
solutions. Research papers, supportive articles, books and reports of similar projects/studies are
also studied during this phase. Then in the next section of project i.e. Development, SDLC is
followed which included feasibility study of software, requirement analysis, design, development,
testing, implementation and maintenance.
or laptops, however it is equally difficult to manage and monitor their home WLAN. There isnt
any easier way to know who are connected in our home network, what is happening inside it and
is there any potential threat to our network. (Schluting, 2009)
Whereas from the perspective of large enterprises, wireless is a real pain when it comes to network
security. They are tasked with locking down their wireless networks for the purpose of regulatory
compliance (ZDNet, 2008). Wireless networks usually exceed the premises of organizations,
posing threats to information security and network resources. Also, with the use of unidirectional
antenna, attackers can easily access the wireless networks of organizations even sitting miles away
or in some safe places around the organizations.
While viewed from hackers perspective, Wi-Fi networks are like the lowest hanging fruits. There
have been some very high-profit data breaches because of wireless security issues, particularly in
retail sector where lots of credit card and personal account numbers were compromised. Hacking
tools are getting smarter and along with the advancement of technology or protocol, newer ways
of breaking it are also discovered (ZDNet, 2008). Another biggest problem in wireless security is
the lack of proper and easy to use tools which can provide simple yet effective solutions and
preventive measures for wireless security.
In overall, this project can be a solution for those people or organizations who believe that securing
wireless networks is important and are lacking an easy alternative.
London Metropolitan University
12
Sajjan Bhattarai 11069720 Final Year Project - Report
1.4.2 Objectives
The major objectives of this project completed according to the selected methodology i.e. Rational
Unified Process are as follows:
Development of a software to easily monitor the wireless premises and to provide well-
structured information for security analysis.
Proper testing of the software to detect and solve existing problems or issues in the system.
It is done using Black Box Testing and White Box Testing.
Implementation of the software among potential users to achieve customer validation.
Evaluation of the programs correctness by comparing its results with that of similar
standard systems like Wireshark and Aircrack-ng.
To perform proper documentation and testing of the tool and the project as a whole.
Chapter 2: Background/Context
This chapter includes detailed analysis of the projects background, clients perspective
and comparison of similar studies/projects/systems. This section also deals with the
considerations of the project such as methodology, programming language, libraries, and
so on.
Chapter 3: Development
The development chapter mainly consists of Methodology, Requirement Analysis, Design
and Development activities of the project. It describes the significance and importance of
using the chosen methodology i.e. Rational Unified Process throughout the project. It also
mentions how different phases of the project have been completed during this project for
achieving its main goal.
Chapter 4: Testing, Results, Evaluation and Conclusion
In this chapter, how test cases are developed and used to test the system are explained. It
describes about the baselines for the program, compares the results obtained during the test
with other standard tools and performs its detailed analysis. It finally mentions the
conclusion of the overall Testing.
Chapter 5: Social, Ethical and Legal Issues
In this section, how this project is going to make social, ethical and legal impacts, has been
described. It points out the problems that may arise through the deployment of this project
and also clarifies the feasibility or viability of this project.
The table given above represents the various versions of IEEE 802.11 based standards and their
specifications. This table also indicates the evolution of wireless technology over time. Recently,
London Metropolitan University
17
Sajjan Bhattarai 11069720 Final Year Project - Report
a newer version of IEEE standard has been released (not included in the table above) called
802.11ac which is claimed to have bandwidth up to 1 Gbps and other many improved features
(Wi-Fi Alliance, 2014). It enables devices to handle demanding applications such as Ultra HD and
4K video, multimedia streaming and rapid file transfer. Wi-Fi CERTIFIED ac devices offer higher
capacity, improved power management, and lower latency to readily handle todays demanding
applications.
2.1.2 RF Fundamentals
Before getting into the management and security analysis of wireless networks, understanding RF
fundamentals is very important. It broadly deals with frequency spectrum, bandwidth, channels,
interference, signal-noise ratio, attenuation, received signal strength, and so on. RF fundamentals
is also the foundation for Site Surveying and management of any wireless networks. Knowledge
of RF fundamentals will allow us to learn about our wireless networks in depth and ultimately
helps in security analysis. For this purpose, a book by Matthew Gath (2002) named as 802.11
Wireless Networks: The Definitive Guide and a report published by IEEE Standard Association
called Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY)
Specifications have been studied.
of this reason, wireless networks are more susceptible to attacks and eavesdropping than wired
networks.
Some of the well-known tools used for air scanning are Aircrack-ng, NetStumbler, Kismet, etc.
Regarding this project, the core of the developed tool is based upon a pythons network
programming library called Scapy. Scapy provides easy and very powerful means to scan and sniff
the air or wireless networks in this tool.
In this project, Received Signal Strength Indicator (RSSI) has been used as a basis for estimating
or calculating the positions of wireless devices detected within the premises. RSSI is represented
in a negative integer value with a unit of dBm like -60 dBm. Wireless signal gets attenuated along
with the distance so, with the proper calculation of attenuation, signal-to-noise ratio, and other
factors, the distance between the transmitter and receiver can be precisely calculated. In case of
having only one scanning device, this distance can be calculated but the estimation of exact
positions of the devices cannot be performed. For evaluating the exact positions of devices, there
must be at least 3 scanners through the help of which more accurate positioning methods like
Triangulation and Trilateration can be performed.
Developing a positioning system involves a very complex mathematical algorithms and concepts
of Physics. So, it is beyond the scope of this project to develop a software that provides complete
positioning system. However, this software is capable of calculating the distance between
transmitters and scanner and then plot them accordingly into the graph.
Have you ever configured and/or managed your Wi-Fi network yourself? (Referred to
Appendix A: 1.2 Analysis of Questionnaire)
Yes 62 69%
No 20 22%
I tried but 8 9%
couldn't.
62 among 91 participants have experience of configuring their own Wi-Fi networks. This is a quite
good result from the perspective of wireless networking. The significance of this data is that it
represents the potential users of this system.
Nowadays, Wi-Fi networks are implemented in almost all houses, communities and organizations
in urban and sub-urban places of every country. People are getting increasingly dependent and
habituated with Wi-Fi technology, however there hasnt been adequate tools and methods to
provide them with optimum security and reliability. So, from clients or end users perspective,
this project can be a very useful and easy method to manage and secure their wireless
infrastructure. People who are facing the problem of slow internet connection in their wireless
network because of unwanted users can use this tool to know who are using their network and how
much vulnerable is their network, so that they can configure their network accordingly.
Do you use any Wi-Fi monitoring tool to know who are connected in your network and what's
happening in it?
Yes 44 49%
No 36 40%
44 people are using or might have used Wi-Fi monitoring tool. This represented that they are
interested in knowing and learning about what's going on in their networks. This data also implies
that there may be various Wi-Fi monitoring tools but they are either difficult to understand/use or
not freely available. So, there may be a need for this type of project.
2.3.1.1.2 Description
This study purposes two online algorithms to detect rogue access points which extend TCP ACK-
pair technique to differentiate between wired traffic and wireless traffic. It compares the sniffed
data with the pre-defined information of authorized APs and if there is found any duplicates, it
makes prompts for rogue APs detection. (Snehal et al, 2011)
2.3.1.1.3 Analysis
In contrast to this paper, this project doesnt perform rogue AP detection by comparing its
information with predefined information, rather it just uses the SSID and BSSID of any access
point to determine if there exists any duplicates or not. Also, this project has ability to gather
information about the clients wireless probe requests and to detect honeypots.
2.3.1.2.2 Description
This paper has proposed some different positioning techniques other than the conventional
Triangulation method. It used localization algorithm and changes in the positioning results to
determine the position of devices more accurately and reliably. It has also examined an effect on
the positioning performances when new access points are introduced into the wireless
environment. (Park et al., 2012)
2.3.1.2.3 Analysis
This final year project has followed Triangulation technique and radial distance estimation
methodology for positioning the wireless devices. The main advantage of using Radial distance
estimation is that it doesnt require multiple inter-communicating scanner devices or APs though
it is highly inaccurate for exact position calculation. While Triangulation is useful in case of having
at least three access points or devices and it provides much more accurate results than radial
distance calculation. Compared to the study we are talking about, this projects positioning system
is less reliable or accurate however faster in computation and requires less resources.
2.3.2.1.2 Description
Our major areas of concern inside Aircrack-ng are its tools called Airmon-ng, Airodump-ng and
Aireplay-ng. Another tools called Airbase-ng and Airdecap-ng are also very useful, however
nothing similar to them have been implemented in this project.
2.3.2.1.3 Analysis
Aircrack-ng has been developed and managed by highly skilled developers and experts, so there
cannot be comparison between Aircrack-ng and this project from development perspective.
However, the tool developed in this project provides better user interface (GUI) to the users and
make it much easier for them to use and understand it. This tool performs the tasks of Airmon-ng,
Airodump-ng and Aireplay-ng in more efficient and easily understandable way.
2.3.2.2.2 Description
It performs real-time, independent and reliable analysis of 802.11a/b/g/n and ac* WLANs. It helps
in reducing IT costs, simplify workload and minimize user complaints. It also strengthens your
WLAN security by detecting and eliminating any threats and vulnerabilities.
2.3.2.2.3 Analysis
AirMagnet WiFi Analyzer is a commercial product developed and distributed by Wi-Fi
management organization following the industrial standards and policies. It has higher quality,
performance and better report generating features to help managers of client organizations
understand the state of their wireless networks. Whereas this final year project is a non-commercial
product and provides less features. The advantage of using this tool over similar projects is its
implementation in small organizations and home networks which cannot afford to buy and
implement expensive solutions like AirMagnet WiFi Analyzer.
2.3.2.3 WirelessMon
2.3.2.3.1 Overview
WirelessMon is a software that enables users to monitor the status of wireless WiFi adapter(s) and
collect information about the nearby wireless access points and hotspots in real time. Till now, the
WirelessMon version 4.0 has been released and it provides 30 day trial period. The professional
and standard versions of this software have to be purchased. (PassMark Software, 2014)
2.3.2.3.2 Description
The main features provided by this tool are:
2.3.2.3.3 Analysis
This system is much similar with the final year project. WirelessMon is little ahead than this project
because of its features like GPS integration, measurement of network speed/throughput, locating
of wireless antenna, etc. However, this software is a proprietary tool and charges its customers. In
contrast to WirelessMon, the developed tool has a feature of sniffing over the wireless data traffic.
Some of the features of WirelessMon such as GPS mapping and calculation of network
throughputs can be kept as future aspects of this project.
Justification of Consideration
The chosen methodology i.e. Rational Unified Process (RUP) is an iterative prototyping
development model. The well-known advantages of using RUP are as follows:
Java
Python
Justification of Consideration
The main reason behind the selection of Python for the development of this project is its rich
features for network and socket programming. Some of the main advantages of using Python are
as follows:
LibPcap
Scapy
Justification of Consideration
Scapy is a python based library or tool for packet manipulation, forging, injecting, capturing and
sniffing (Gift & Jones, 2008, pg. 173-176). This program needs to perform intense scan and
sniffing on wireless networks which requires to have socket layer programming on wireless
network interface. Also, it is important to analyze and present the results (packets list) obtained
through the scan in an understandable form. Both of the above mentioned requirements are easily
handled by Scapy. Hence, Scapy has been chosen as the network programming library.
QT
WxWidgets
Tkinter
Justification of Consideration
Tkinter is GUI library for Python which provides an easy-to-program user interface. It supports a
collection of Tk widgets that support most application needs. It works on all platforms and is also
considered as a simple extension of Python. Python/Tkinter is specifically useful in developing
prototypes for applications or smaller applications themselves. (Grayson, 2000)
Chapter 3: Development
3.1 Methodology
There have been taken three software development methodologies in consideration for this project
as mentioned in Chapter 2. The justification for choosing Rational Unified Process among them
and avoiding others is mentioned below:
i. It is standardized methodology.
ii. It provides better adaptability with changes in requirements.
iii. It greatly reduces project risks. (Shahid, 2000)
iv. Continuously verify software quality.
Some of the important features of RUP that are worth mentioning are:
3.1.2.1 Inception
During inception phase, the concept, vision, risks, budgets, and requirements of the project are
analyzed (Prince, 2005). In an annual report, Informa and WBA (2011) reported that the
deployment of mobile applications based on Wi-Fi Technology in enterprises is likely to grow by
30% per year through 2011. Also it is estimated that the public Wi-Fi hotspots will grow by 350%
London Metropolitan University
30
Sajjan Bhattarai 11069720 Final Year Project - Report
by 2015, which is equivalent to 5.8 million public hotspots throughout the world. In other hand,
this level of growth has pushed the security risks prevalent in wireless technology to the edge.
Realizing this fact, there have been numerous research and study projects to analyze and optimize
the security of Wi-Fi technology. These types of projects are indeed very important and necessary
too. So, doing a project on WLAN security is really viable. This project accomplishes the
requirements of people such as ability to scan wireless premises for identifying available devices
and to view results in more user-friendly environment.
3.1.2.2 Elaboration
During elaboration phase, the requirements gathered from the general (potential) users have been
further refined and based on these requirements, the proposed softwares architecture/model has
been determined. It included extensive study and analysis of similar project and studies. After
analyzing the requirements, similar systems and proper considerations for the project, the system
design was performed. The in-depth analysis of projects implementation aspect was also done in
this phase. At the end of Elaboration stage, the Product Architecture Milestone i.e. proven
architecture was obtained.
3.1.2.3 Construction
This is the stage, in which the system has actually been developed or constructed. The development
of the system was done in modular or iterative incremental basis. The major requirements or
aspects of system were first analyzed and then categorized accordingly to create three main
modules or increments. The user interface (GUI) module, wireless scan module and positioning
module were developed and iterated one after another to obtain the final desired system. In every
iteration of the development, a new prototype was created and reviewed by Supervisor and other
potential users. Based on the feedbacks, suggestions received and test results on that prototype,
changes and adjustments were made to the system in every new iteration to develop another system
prototype.
There have been three iterations or increments in this development project which are as follows:
In this increment, the systems front-end layouts, designs and functionalities have been
studied and developed. This module was iterated multiple times to achieve expected
user interface layout. (More details in Section 3.2.3)
ii. Second increment: Wireless Scan module
In this increment, the back-end of system i.e. wireless scanning and sniffing functions
have been developed. It deals with all of the major functional requirements of the
system. (More details in Section 3.2.3)
iii. Third increment: Positioning module
In the third increment, the positioning module has been developed. In this phase, the
Received Signal Strength Indicator (RSSI) value extracted from the scanned results has
been used to calculate the distance between the source device and the scanner device.
(More details in Section 3.2.3)
3.1.2.4 Transition
The developed increments or whole system are tested regularly along with the development
process and the necessary changes are adopted in every iteration of development. The testing
processes known as Verification and Validation have been implemented to check the functionality
and quality of software being developed. After completing earlier stages successfully, the
developed system has been deployed or product released into implementation.
3.2.1 Planning
Proper planning is very important for correct requirement gathering and it can be done through:
The main aim of this project is develop a user friendly WLAN monitoring tool to help users
analyze and manage their wireless networks.
This project will help people to understand and maintain security in their wireless
networks.
It is based on the Rational Unified Process so, every project phases should be performed
iteratively to enhance quality and performance.
Making a Graphical User Interface for system is necessary to make it easy and simple for
novice users also.
The system should allow user to control the functionalities of the system.
The program output should be displayed in GUI for simplicity and readability.
The runtime, syntax and logical errors should be fixed as much as possible.
The project shouldnt violate or infringe any legal aspects.
3.2.2.2 Dependencies/Requisites
The different types of resources or dependencies the system requires to operate are:
Ability to detect and display list of available interfaces in the computer system.
Take input or interface to be used selection from user.
Scan the air for identifying the available wireless devices (APs and Stations).
Sniff the wireless vicinity to capture entire wireless traffic including Data, Management
and Control frames.
Stop scan or sniff procedures on clicking Stop button by user.
Analyzing the captured packets or frames and displaying their list in the tabular view.
London Metropolitan University
35
Sajjan Bhattarai 11069720 Final Year Project - Report
Extracting RSSI value from wireless frames and plot the graph with wireless devices
according to the signal strengths of devices or calculated distances between scanner device
and available devices.
3.3 Design
The System Design can be performed as follows:
15. System keeps on saving the session and scan results automatically at a certain time interval.
Discovered wireless devices information and their corresponding positions are also stored
in the database for future usage and positioning through fingerprinting. Control event
The interface design gives more priority to user than the system functionality so, it can be
considered to be user driven design. The users of this system should find this interface:
i. simple
In order to verify the usability requirements, some of the wire-frames of the interface have been
designed which are as follows:
Rational Unified Process. Since RUP is an iterative prototyping model, this software has numerous
iterations and prototypes.
User interface related tests were performed along with or after completion of this module. Test
Case number 7, 8 and 9 were performed along with the development of this module. While Test
cases 10 and 11 were done during iterations of development after the completion of all three
modules. (Referred to Section 4.1: Testing for details)
Tests specific to Wireless Scanning were performed along with the development of this module.
Success of Test Cases 4, 5 and 6 were the pre-requisites for this development phase. Test Cases
12, 13 and 14 have been performed during its development. Then, the test cases 10, 11, 15 and 16
were done in next iterations after the completion of both GUI and Wireless Scan modules.
Test Cases ID 18, 19 and 20 have been performed during the development of this module. In every
new iterations of the program, the features related with all the three modules were tested and
corrected repeatedly.
Textual Analysis:
Identification of possible classes, attributes, variables and methods.
Nouns:
Wi-Fi
Access Points
Stations
SSID
BSSID
Channel
Signal Strength
Packets/Frames
Wireless Interface
Sniffer
Air Scanner
Positioning
Graphical Plot
Security
User Interface
Verbs:
Select interface
Start
Scan air
Sniff wireless networks
Identify devices
List devices
Extract frame headers
Calculate distance
Plot graph
Stop
London Metropolitan University
50
Sajjan Bhattarai 11069720 Final Year Project - Report
4.1 Testing
Software Testing (Verification and Validation) is a set of activities whose objective is to promote
the software quality during the development life cycle. Verification detects and corrects mistakes
committed within each step of development. While Validation determines whether the software
meets the requirements for its intended use. (Fuhrman; Djlive; Palza, 2003) The testing of the
system can be performed as follows:
Test Case: 1
Objective: To test the suitable operating system environment.
Test Data: Program execution in different operating systems
Expected Test Program should run on Linux based operating systems.
Result:
Actual Test Program worked well in Linux platform.
Result:
Conclusion: Successfully done.
Proof:
Analysis:
This program works well and without error in Linux platform (tested on Ubuntu). This can also
be used in Windows or other platforms but the necessary dependencies must be met first.
Test Case: 2
Objective: To test the availability of required dependencies or libraries.
Test Data: Python Import status
Expected Test Program should run smoothly in case of import successful or terminate with
Result: ImportError Message.
Actual Test Program started normally as all dependencies were installed in testing
Result: system.
In different system, program terminated with ImportError message.
Conclusion: Successfully done.
Proof:
Analysis:
Since this program cannot run without its dependencies i.e. Scapy, Tkinter and Pmw, the
program must test whether these dependencies are met or not. If any of the dependencies isn't
met, the program should display suitable error message and terminate the program without
processing the program.
Test Case: 3
Objective: To check whether the program is exiting properly.
Test Data: Program's exit status
Expected Test Program should close safely when clicked close button on window or clicked
Result: Exit from File on Menu bar.
Actual Test Program terminated properly. No error messages in terminal.
Result:
Conclusion: Successfully done.
Analysis:
Safe termination of a program is equally important as successful initiation of the program. This
program also exits properly on clicking close button of window.
Test Case: 4
Objective: To check the presence of wireless interface(s) connected to the system.
Test Data: Network interfaces
Expected Test Program should automatically detect and display network interfaces on
Result: startup.
Actual Test Program identified and displayed interfaces correctly. But when the wireless
Result: interface is connected to any other network, issues were raised.
Conclusion: Successfully done.
Proof:
Analysis:
When the computer isn't connected to any wireless network, the program correctly detects and
displays the list of available network interfaces. However when the computer is connected to
wireless network, the code cannot process the information about interface and fails to detect and
display them correctly.
Test Case: 5
Objective: To test whether the selected interface is up or down.
Test Data: Network interface's state
Expected Test Program should identify interface's mode and turn in on if down initially.
Result:
Actual Test Program identified the interface's state and turned it on when found down.
Result:
Conclusion: Successfully done.
Analysis:
Whenever the network interface is selected for use and the scan or sniff functions are called, the
program automatically checks whether that interface is up or not. If not, it attempts to turn on the
interface and then only it will allow the scan or sniff processes to be executed.
Test Case: 6
Objective: To test the ability to turn on monitor/promiscuous mode on wireless
interface.
Test Data: Wireless interface's mode
Expected Test Program should detect the operating mode of wireless interface and if in
Result: managed mode, ask user's permission to change it into Monitor.
Actual Test Program identified the interface's mode and turned it into Monitor on user's
Result: permission.
Conclusion: Successfully done.
Proof:
London Metropolitan University
59
Sajjan Bhattarai 11069720 Final Year Project - Report
Analysis:
The wireless interface must be changed to Monitor mode in order to sniff wireless traffic through
it. But by default, all the wireless interfaces are in Managed mode. So, as soon as the interface is
selected by the user, the program should prompt the user asking permission for converting it into
monitor mode. After the interface is converted into monitor mode, the description of interface is
also automatically changed into Monitor mode.
Test Case: 7
Objective: To test the ability of system to create graphical user interface.
Test Data: GUI
Expected Test Program should present graphical user interface.
Result:
Analysis:
This system is a Graphical User Interface based software so, displaying graphical display is
must. And this program is capable of presenting the GUI properly.
Test Case: 8
Objective: To test the layout of user interface.
Test Data: GUI's layout
Expected Test Program should have proper GUI layout.
Result:
Actual Test Program correctly displays GUI layout.
Result:
Conclusion: Successfully done.
Proof:
Analysis:
The GUI layout of this program is displayed as planned in the design of the system. It is based on
minimal and simple interface.
Test Case: 9
Objective: To test the correct binding of required event handlers to widgets.
Test Data: Event binding
Expected Test Program should correctly bind events to the Tkinter Widgets. Eg. Scroll
Result: canvas with mousewheel, display help message on hovering mouse cursor on
widgets, right click menu options, etc.
Actual Test Program correctly binds event handlers to the widgets.
Result:
Conclusion: Successfully done.
Analysis:
Event handling is an inseparable part of GUI based softwares because without them the program
cannot be interactive with the users. This program also contains lots of event handlers
implemented on various widgets to make them responsive such as hyperlinks, buttons, help
message, right click menu, scrolling on mouse-wheel-move and so on. All of these event
handlers are working correctly in this system.
Test Case: 10
Objective: To test if the front-end and back-end architecture are communicating
properly.
Test Data: Communication between user interface and system
Expected Test Program should have proper communication between front layout and inner
Result: functioning program.
Actual Test Program have good communication or interaction between user interface and
Result: system core.
Conclusion: Successfully done.
Analysis:
Simultaneous and regular communication between front-end interface and back-end architecture
of the system is gist of any dynamic software. This software provides efficient communication
between these two.
Test Case: 11
Objective: To check if the multi-threading and queuing are working correctly.
Test Data: Threads and Queues.
Expected Test Program should be able to multi-task using Threads and pass data across
Result: processes using Queue.
Analysis:
This program also requires the multi-tasking feature to enable it to run multiple processes at the
same time. The data flow across these processes is also equally important. This system
accomplishes these roles successfully through Threads and Queue.
Test Case: 12
Objective: To test whether the chosen interface supports channel hopping.
Test Data: Channel hopping
Expected Test System should test whether the wireless interface selected for use supports
Result: channel or frequency hopping to scan over all channels in frequency band.
Actual Test System efficiently tests and performs channel hopping. But sometimes, the
Result: system generates Device or resource busy message.
Conclusion: Successfully done.
Proof:
Analysis:
During channel hop process, in every 100 ms, the program switches among 1 to 14 channels. So, sometimes
the device driver gets too busy and the device or resource busy warning message gets displayed.
Test Case: 13
Objective: To test if the program is scanning the air properly.
Test Data: Scan air
Expected Test System should scan the air properly for identifying wireless devices present
Result: in the surrounding.
Actual Test System efficiently scans the air and obtains list of available wireless devices.
Result:
Conclusion: Successfully done.
Proof:
Analysis:
This test validates the results obtained from wireless scan. The program is successfully scanning
the air and displaying the results in systematic and easily understood form.
Test Case: 14
Objective: To check if the program is detecting wireless devices according to users
choice (AP/Station/Both).
Test Data: Scan for AP/Station/Both.
Expected Test System should scan the air to find devices according to the user's choice. If
Result: user chooses to scan for AP, only Aps should be displayed and if clients are
chosen, only client device should be scanned.
Actual Test System scans for wireless devices according to the choice of user.
Result:
Conclusion: Successfully done.
Proof:
Analysis:
This program enables user to choose and scan for wireless devices they are interested in. Users can
choose between access points, stations and both. The program successfully scans for chosen
devices.
Test Case: 15
Objective: To test whether the scan results are being queued correctly for displaying in
GUI.
Analysis:
Queuing is implemented in this program to transfer data across different processes of program.
This test checks the validity and correctness of this queuing mechanism.
Test Case: 16
Objective: To verify the scan results obtained by comparing them with outputs of
standard tools.
Test Data: Scan results
Expected Test System should generate correct results from both wireless scanning and
Result: sniffing.
Actual Test System generated similar information to that of standard tools like Wireshark
Result: but packets were redundant in this tool.
Conclusion: Successfully done.
Proof:
Analysis:
In this test, the output of this programs sniff function and the output of tool called Wireshark are
compared. Both tools obtained the same result, however this program is displaying some duplicate
packets while Wireshark is disabling duplicates.
Test Case: 17
Objective: To check if the back-end sniffing function has ended properly.
Analysis:
Since the sniff function is running a separate thread, terminating the program directly wouldnt
end the thread or sniff function. So, in order to end this function properly after the program is
terminated, an end application routine is defined which will be activated and kill the sniffer thread
when the Stop button is clicked.
Test Case: 18
Objective: To test the availability of devices Received Signal Strengths values.
Test Data: RSSI of wireless devices
Expected Test System should extract the signal strength value from the beacon and probe
Result: request frames.
Actual Test System correctly extracted the RSSI values of all the available wireless
Result: devices.
Conclusion: Successfully done.
Proof:
Analysis:
This test checks the validity of the RSSI extraction mechanism in this software. The above figure
represents the successful operation and correctness of the program. This program extracts the RSSI
value from the wireless frames and displays the signal strength in the GUI.
Test Case: 19
Objective: To test the correctness of calculation of distance from RSSI.
Test Data: Distance from RSSI
Expected Test System should calculate the distance between scanner device and other
Result: devices through RSSI values.
Actual Test System calculated distance from RSSI values but there is huge fluctuation
Result: and inaccuracy in this result.
Conclusion: Successfully done.
Analysis:
This test checks the correctness of the calculated distance between the scanner device and other
devices by using the RSSI values. It has been found in the test that distance obtained isnt much
reliable and accurate.
Test Case: 20
Objective: To check the plotting mechanism of program in graph.
Test Data: Graphical Plot
Expected Test System should plot the available wireless devices on the graph according to
Result: their signal strength or distance.
Actual Test System properly plotted the identified devices on the graph.
Result:
Proof:
Analysis:
The software successfully plots the wireless devices present in the wireless vicinity according to
their distances from the scanner device or their signal strength. The graphical plot procedure is
doing exactly what it needs to do.
4.2 Evaluation
In this section, the evaluation of the project has been done against the proposed aim and objectives.
The main aim of the project was to develop a GUI based WLAN monitoring software that would
help its users in enhancing security and management of their wireless networks. In overall, the
project has met all the aim and requirements of the intended system.
4.2.3 Criteria
While evaluating the system from the criteria such as projects scope, current needs, fulfillment of
all requirements, future work, user interface, etc., this project has accomplished its goals.
ii) Using a network of at least three Wi-Fi sensors (Arduino/Raspberry Pi based Wi-Fi
monitoring tool) and installing them in pre-defined places of organizational premises.
These Wi-Fi sensors would scan and send the captured information to the centralized server
or console, which would analyze security status of organizations wireless networks. This
method will be highly useful for Indoor positioning system as well. And the indoor
positioning system can be further implemented in spatial computing.
4.4 Conclusion
Wi-Fi is an increasingly growing network technology that has a very huge potentiality and scope
in todays world. Wi-Fi is also going to be the future of networking. Population of people using
Wi-Fi for accessing the Internet is growing day-by-day. Along with this rapid growth of Wi-Fi
technology, there have been some issues related to security, performance, interference and so on.
This project also attempted to address these same issues and developed a WLAN monitoring
software as an output of project. This tool can be used by general users and network administrators
to regularly scan and analyze their wireless networks and get overview of whats going on in their
networks. From that perspective, this project is very useful and viable among potential users. Some
of the new features are yet to be added to this system to provide even better solutions to the users.
(Referred to Section: Future Works)
iii. Wireless scanning may or may not be illegal depending upon where you are and why
are you scanning the air.
iv. Sniffing over open Wi-Fi networks is legal because technically, its not stealing.
However sniffing over WEP or WPA networks isnt legal because thats much
intentional and is much like stealing.
v. Positioning of other peoples Wi-Fi enabled devices without their concession may not
be legal depending upon your purpose and your location.
2. Bahl, P., Chanra, R., Padhye, J., Ravindranath, L., Singh, M., Wolman, A. and Zill, B.,
2006. Enhancing the Security of Corporate Wi-Fi Networks Using DAIR. [e-book]
Uppsala: Association for Computing Machinery, Inc. Available at: Google Books
https://www.usenix.org/legacy/events/mobisys06/full_papers/p1-bahl.pdf [Accessed on
23rd September 2013].
3. Baird, S., 2003. SAMS Teach Yourself: Extreme Programming in 24 Hours. Sams
Publishing.
5. McMillan, R., 2010. Lawsuits mount over Google Wi-Fi sniffing. PCWorld, [online] 4
June Available from:
http://www.pcworld.com/article/197985/lawsuits_mount_over_google_wifi_sniffing.htm
l [Accessed on 26 September 2013].
6. Fuhrman, C., Djlive, F., Palza, E., 2003. Software Verification and Validation within the
(Raitonal) Unified Process, IEEE Computer Society, [Journal]. Available from: IEEE.
London Metropolitan University
77
Sajjan Bhattarai 11069720 Final Year Project - Report
7. Gast, M., 2002. 802.11 Wireless Networks: The Definitive Guide. OReilly.
8. Gift, N., Jones, J.M., 2008. Python for Unix and Linux System Administration. OReilly
Media.
9. Grayson, J.E., 2000. Python and Tkinter Programming: Graphical user interfaces for
Python Programs. Greenwich: Manning Publications Co.
11. Informa Telecoms and media (ITM) & Wireless Broadband Alliance (WBA), 2011. WBA
Industry Report 2011, Global Developments in Public Wi-Fi, [online] Available from:
http://www.wballiance.com/wba/wp-content/uploads/downloads/2012/07/16_WBA-
Industry-Report-2011-_Global-Developments-in-Public-Wi-Fi-1.00.pdf [Accessed on 19th
September 2013].
12. Kruchten, P., 2003. The Rational Unified Process: An Introduction, 3rd Edition. Addison
Wesley.
13. Lammle, T., 2012. CCNA Cisco Certified Network Associate: Study Guide. 7th Ed. New
Delhi: Wiley India Pvt. Ltd.
14. Park, J., Kaung, S., Kim, S., and Lee, W., 2012. A Study of Estimation of AP Position for
Improvement of Indoor Positioning Performance, International Journal of Control and
Automation, [Journal]. Available from: Korea Institute of Science and Technology
Information and Kyungpook National University.
15. PassMark Software, 2014. WirelessMon: Monitor Wireless 802.11 WiFi. [online]
Available from: http://www.passmark.com/products/wirelessmonitor.htm [Accessed on
12th April 2014].
16. Prince, R., 2005. Using RUP/UP: 10 Easy Steps, Kansas:X-tier SAE Inc.
17. RSS, 2014. Taskforce to study feasibility for making country free wifi zone. Republica
[online] 1st January. Available at:
http://www.myrepublica.com/portal/index.php?action=news_details&news_id=67202
[Accessed on 5th January 2014].
18. Schluting, C., 2009. Understanding Your WLAN Management Options, Enterprise
Networking Planet, [online]. Available from:
http://www.enterprisenetworkingplanet.com/netsysm/article.php/3855716/Understanding
-Your-WLAN-Management-Options.htm [Accessed on 18th April 2014].
19. Shahid, N., Khan, O.A., Anwar, S.K., Pirzada, U.T., 2000. Rational Unified Process, [pdf].
Available from: http://www.ovais.khan.tripod.com/papers/Rational_Unified_Process.pdf
[Accessed on 5th December 2013].
20. Snehal, S.B., Vanjale, S.B., and Mane, P.B., 2011. Providing Data Security in WLAN by
Detecting Unauthorized Access Points and Attacks, 3(5), International Journal of
Engineering Science and Technology (IJEST), [Journal]. Available from: Viswakarma
Institute of Information Technology: Maharastra.
21. Webwise Team, 2012. What is wireless internet (Wi-Fi)? [online] Available from:
http://www.bbc.co.uk/webwise/guides/about-wifi [Accessed on 19 September 2013].
22. Wi-Fi Alliance, 2014. Discover Wi-Fi: Wi-Fi CERTIFIED ac, Wi-Fi Alliance, [online].
Available from: http://www.wi-fi.org/discover-wi-fi/wi-fi-certified-ac [Accessed on 17th
April 2014].
London Metropolitan University
79
Sajjan Bhattarai 11069720 Final Year Project - Report
23. Wi-Fi Alliance, 2012. The State of Wi-Fi Security: Wi-Fi Certified WPA2 Delivers
Advanced Security to Homes, Enterprises and Mobile Devices, 2012 [online] Available
from: http://www.wi-fi.org/knowledge-center/white-papers/state-wi-fi%C2%AE-
security-wi-fi-certified%E2%84%A2-wpa2%E2%84%A2-delivers-advanced [Accessed
on 22nd September 2013].
24. ZDNet, 2008. Walking the WLAN wire: Interview with Amit Sinha, CTO of AirDefense.
[online] Available from: www.eweek.com on 14th January 2008. [Accessed on 28th
November 2013].
Appendix A
2. In your opinion or experience, which one is more reliable and convenient for your
way-to-day life?
o Wired
o Wireless
o Not sure
3. You feel more secured while accessing internet using ...... connection(s).
o Wired
o Wireless
o Both
o No idea
6. Which type of authentication you generally find in the WiFi networks you connect
to?
o Open
o WEP
o WPA/WPA2
o Don't know
7. You find the necessity of entering a password to connect to WiFi network or Hotspot
as a........... Process.
o Cumbersome or time consuming
o useful and protecting
o don't know
8. If you find an open Wi-Fi (Wi-Fi not asking for password) in your neighborhood or
some other places, will you connect to it?
o Yes
o No
o It Depends.
10. Have you ever configured and/or managed your Wi-Fi network yourself?
o Yes
o No
o I tried but couldn't.
11. Do you use any Wi-Fi monitoring tool to know who are connected in your network
and what's happening in it?
o Yes
o No
o Never heard of one.
12. Lately, an effort is being made on developing an indoor positioning system using
Wi-Fi technology which will allow us to locate the Wi-Fi enabled devices inside
our premises. Would you like to use this type of service from your existing Wireless
infrastructure?
o Yes
o No
o Don't know.
Submit
London Metropolitan University
83
Sajjan Bhattarai 11069720 Final Year Project - Report
Table of Contents
Abstract ............................................................................................................................................1
Introduction ......................................................................................................................................3
Analysis............................................................................................................................................3
Question No. : 1 ..........................................................................................................................4
Question No. : 2 ..........................................................................................................................4
Question No. : 3 ..........................................................................................................................5
Question No. : 4 ..........................................................................................................................5
Question No. : 5 ..........................................................................................................................6
Question No. : 6 ..........................................................................................................................6
Question No. : 7 ..........................................................................................................................7
Question No. : 8 ..........................................................................................................................7
Question No. : 9 ..........................................................................................................................8
Question No. : 10 ........................................................................................................................8
Question No. : 11 ........................................................................................................................9
Question No. : 12 ........................................................................................................................9
Introduction
The questionnaire contained twelve questions and all of them were directly or indirectly related to
people's understanding and usage of Wi-Fi technology. Since the targeted audience of this
questionnaire were non-technical or general public, every question was prepared and structured in
such a way that it was simple to understand and easy to answer. Avoiding technical terms and
complex concepts was the first priority while preparing the questionnaire. But it was also very
important to obtain information about however complex concept called Wireless security, so the
questions had to be made with great care. Despite being simple to understand, these questions also
had to be capable of collecting appropriate information from the audiences regarding the subject
matter. Hopefully, this questionnaire has fulfilled this requirement.
Among 12 questions, the first 3 questions are much similar. It has been done so in order to make
the participants get comfortable with the questionnaire and get started easily. Then, from fourth
question, the questions are more specific towards the subject matter. The questions and their
answers have been created with the objective of accommodating all the possible reactions of the
targeted audience. In order to validate the effectiveness and approachability of the questionnaire,
Dr. Guru Tej and Fransisca Tej, lecturers at Islington College, were requested to review the
questionnaire. They acknowledged that the questionnaire was easy to understand and they
themselves also filled up the form. They also quoted that it took less than 2 minutes for them to
complete this questionnaire which was actually a very good characteristic of a questionnaire
according to them. They too supported the similarity and easiness of the first three questions. They
suggested to work on question no. 12 to make it further simple and elaborative for general people.
In overall, they found it easy to understand and answer as well as rated it as a good questionnaire.
After being reviewed and acknowledged by Dr. Guru Tej and Fransisca Tej, the questionnaire was
published in google docs for participants' response. People were requested to participate in the
questionnaire through social networking sites like Facebook. Most of the participants were
students from Islington College, Microsoft Student Partners (MSPs) from Microsoft Innovation
Centre (Kathmandu, Chitwan), and some of my friends studying in other colleges in different
faculties.
Analysis
In total, 91 people responded to the questionnaire. Though majority of the respondents were among
the targeted audiences of the survey, the result obtained from the questionnaire is somehow
unexpected and varying. It was expected that most of the educated people in present scenario are
well aware about the issues of cyber security, privacy and protection of Intellectual rights, but
however this survey has shown a bit different result. The detailed analysis of responses to every
question of the questionnaire is as follows:
Question No. : 1
Wired 9 10%
Wireless 57 63%
Both 25 27%
This denotes that wireless technology is the most widely used and popular means of
communication among the people.
Question No. : 2
Wired 15 16%
Wireless 74 81%
Not sure 2 2%
74 out of 91 participants chosed wireless communication for their day-to-day operations. This
clearly indicates that people prefer and find it comfortable to use wireless technology like Wi-Fi.
It may be because of the mobility and flexibility provided by wireless communication. Whereas
15 people chosed wired network maybe because they find it more secure, reliable and quality
assuring. It might have also happened due to unavailability of wireless coverage or older network
infrastructure.
London Metropolitan University
88
Sajjan Bhattarai 11069720 Final Year Project - Report
Question No. : 3
You feel more secured while accessing internet using ...... connection(s).
Wired 37 41%
Wireless 18 20%
Both 24 26%
No idea 12 13%
The responses to this question are distributed almost equally among all the options provided. This
indicates that there's varying understanding in people about the security related issues of any
technology. It can be assumed that 37 people answer with wired connection are more or less
security aware than those answering differently. While 12 respondents have no idea about the
question and this is actually a serious matter because it implies that these people don't have proper
knowledge on security which makes them vulnerable to potential threats.
Question No. : 4
E-banking 24 8%
Online shopping 23 7%
Entertainment 71 23%
This represents the priorities and activities of people while connecting to internet. This can be
helpful in identifying and understanding the requirements and expectations of people from network.
This information can be useful for wireless security management and risk assessment.
Question No. : 5
Home 82 47%
College/University/Scho 55 31%
ol
Office 16 9%
This information can be useful for identifying and site surveying of the Wi-Fi networks. Based on
this information, the appropriate working fields of a Wi-Fi security managing and positioning tool
can be determined. According to the responses received, home and colleges/universities are the
places where Wi-Fi is implemented most widely.
Question No. : 6
Which type of authentication you generally find in the WiFi networks you
connect to?
Open 5 5%
WEP 10 11%
WPA/WPA2 65 71%
This is one of the most important questions in this questionnaire because it deals with a very
sensitive and critical aspects of security which are encryption and access control. 5 out of 91 use
open Wi-Fi networks, 10 out of 91 use WEP networks. Using open or WEP encrypted Wi-Fi
networks is highly risky and insecure action. It's very good thing that 65 out of 91 people use
WPA/WPA2 authentication. While 11 people don't know about the authentication in Wi-Fi network,
which doesn't indicate whether they are vulnerable to wireless security threats or not. But they
definitely require awareness on this matter.
Question No. : 7
cumbersome or time 7 8%
consuming
don't know 6 7%
The responses received to this question are as expected. Majority of the people (75/91) think
password protected Wi-Fi networks are safe and useful. This denotes that most of the people
understand the importance of using passwords.
Question No. : 8
If you find an open Wi-Fi (Wi-Fi not asking for password) in your
neighborhood or some other places, will you connect to it?
Yes 32 36%
No 4 4%
It Depends. 54 60%
This question was intended to be a sort of psychological one. It was expected that most of the
people are aware about the security risks that come along with the use of open Wi-Fi networks, so
most of them weren't supposed to be using them. But surprisingly, 32 among 91 people, answered
Yes to this question. And 54 people preferred to choose It depends. This justifies why Wi-Fi
security is so critical and important topic in network security and management. People can be
easily lured to connect to the fake access points or honeypot networks created by attackers simply
through the use of open Wi-Fi networks. And until people won't stop to connect to unknown open
Wi-Fi networks, any approach to Wi-Fi security cannot obtain considerable success.
Question No. : 9
Managing workgroups 9 7%
This information can be useful for identifying the targeted network traffic in the wireless networks
while using the wireless monitoring tools.
Question No. : 10
Have you ever configured and/or managed your Wi-Fi network yourself?
Yes 62 69%
No 20 22%
I tried but 8 9%
couldn't.
62 among 91 participants have experience of configuring their own Wi-Fi networks. This is a quite
good result from the perspective of wireless networking.
Question No. : 11
Do you use any Wi-Fi monitoring tool to know who are connected in your
network and what's happening in it?
Yes 44 49%
No 36 40%
44 people are using or might have used Wi-Fi monitoring tool. This represent that they are
interested in knowing and learning about what's going on in their networks. For whatever purpose
they use these tools, but it ultimately helps in securing Wi-Fi networks. While rest of the others
don't use them or haven't even heard of it. This means they have no way of monitoring and
analyzing network activities. This might have happened because of lack of knowledge, lack of
concern about security, complexity of the tools and so on.
Question No. : 12
Yes 66 73%
No 5 6%
This is helpful in determining the need and enthusiasm of people about the Wi-Fi based indoor
positioning system. 66 people are interested about it, which is very encouraging.
Supervisors:
Revision History
The first SRS document was reviewed by first Supervisor, Saroj Sharan Regmi. He suggested to
give more priority to wireless scanning and positioning modules than to GUI. Also, he advised to
put legal issues which may arise while performing wireless scanning and device tracking.
for analysis. The legal policies should also be taken into consideration while performing this
activity because every country have their own laws regarding the wireless signal transmission and
wireless data collection. And, it is also essential to ensure whether the wireless adapter being used
allows and supports wireless scanning in promiscuous mode or not.
1.3.2.2 Positioning
This is one of the main objective of this project. After the program will perform its initial scan for
identifying wireless devices in the vicinity, the discovered devices will be plotted in the window
based on the received signal strength from those devices and their calculated distance from the
scanning device.
i. Performance Requirements
This program should perform its functionalities in less time, as much as possible. This software
will not also consume huge CPU and memory resources.
To improve usability of the system from the point of view of the users, this program should be
developed in simple, easy to use and effective Graphical User Interface. And the steps and time
required to do a particular action with the program should also be as much less as possible.
This system will be storing information collected through the sniffing of the network which will
include information related to the vulnerabilities in the scanned network and devices. So,
maintaining the security which will ensure the confidentiality of the information and logs, is
essential in this system. Also, the security policies and law enforcements related to Wireless
security should be studied and implemented in this project in order to avoid any possible law
infringement by this system.
iv. System begins to scan the wireless vicinity and regularly dumps the
result for future reference.
i. Scan and sniff all the wireless traffic going through the wireless
coverage area.
iii. Dump scan result into a file which can be opened and analyzed later.
Pre-conditions: Wireless interface for scanning has not been already selected.
Post-conditions: The user can perform the actions mentioned in the description.
1.3.5.2 Positioning
Use Case ID: 3
Actions: i. System evaluates the Received Signal Strength from the wireless
devices and on the basis of that, an approximate distance is
calculated.
iii. Sends the position to GUI and devices are plotted accordingly.
Description: The system uses certain algorithm for positioning the wireless devices and
redirect their output to Graphical Plot for representing them properly.
Post-conditions: N/A
ii. User can choose the wireless device or network to sniff upon.
iii. User can also select the type of traffic to listen to.
Description: i. User can filter specific type of network traffic and then analyze
them.
ii. User can view details about certain activity in wireless network.
Post-conditions: User can do all the actions mentioned earlier in actions and descriptions.
Actions: i. System redirects all the scan output to the graphical user interface
of the program for simple and easy to understand result.
ii. Represents all the Access points and clients available in the vicinity.
Appendix B
2.1 User Manual
The main objective of this user manual is to help users get easily started with the system. Below
are the steps to be followed in order to use this system:
i. First of all, get either the source code or compiled version of the program and save it
in your computer hard disk.
ii. Install Python programming language, and third party libraries for python known as
Scapy, Tkinter and Pmw. Which operating system you are using doesnt matter until
you have got all these libraries installed and working properly. The recommended OS
for this program is Linux based OS because Scapy works best in linux. In Windows,
Tkinter comes by default with Python.
iii. Then you need a wireless NIC embedded in most of the laptops or external wireless
adapter to be used with this software.
iv. After the runtime environment and the wireless interface are ready, go to the programs
folder and then the program can be executed simply by using the command python
index.py in command prompt or terminal or console.
v. Now, you are ready to start using this software. The program provides a very simple
and minimal display, so there shouldnt be any problem in using this program.
vi. If you have got any confusion about the usage of the program or anywhere else, you
may just read the documentation of the program.
Appendix C
3.1 Work Breakdown Structure
The entire project has been divided into multiple tasks and sub-tasks and certain time period has
been allocated for each task or sub-task. The WBS is as follows:
The author has requested enhancement of the downloaded file. All in-text references underlined in blue are linked to publications on ResearchGate.