The fraud was staggering for its scope and audacity. According to the Wall Street Journal, the biggest known theft of credit-card numbers in history started two years ago at a Marshalls clothing store in Minnesota. Hackers used a laptop computer to break into the central database of MarshallsÕ parent company, TJX, to steal valuable information on its customers. This information included driverÕs license numbers, military identification, social security information and as many as 200-million credit-card numbers.
During the investigation, it was noted that the companyÕs wireless network had less security than many people have on their home networks. Perhaps most disturbing about the case is the apparent ease with which the hackers were able to access this information. Was it a breach in wireless security that caused this largest-ever credit card fraud?
Dr. Srini Sampalli is leading a team of graduate students at DalhousieÕs Faculty of Computer Science in tackling the global problem of wireless security. The Natural Sciences and Research Council of Canada (NSERC) has just awarded Dr. Sampalli $32,000 a year for five years for his research investigating security and resource management in heterogeneous wireless networks. His NSERC research is complemented by a collaborative project sponsored by Industry Canada.
Vulnerabilities
The primary objective of this Industry Canada project is to enhance security in wireless networks.
ÒWhat are the vulnerabilities in wireless networks? What are the different ways in which adversaries can intrude on wireless networks? Can hackers exploit the vulnerabilities even when common security measures are in place?” he asks.
Through his work, he is hoping to answer these questions and more in order to set guidelines for security best practice for detecting and preventing intrusions on wireless networks.
ÒWireless is perhaps the fastest growing telecommunications industry today. More than 100 million wireless data devices have been deployed worldwide. This number is expected to grow at the rate of 66.2 per cent to 226 million by 2008,” he adds. ÒUnfortunately, the tremendous rapid growth has brought with it a large number of security issues and has exposed numerous vulnerabilities in wireless networks.”
Test-bed set up
Dr. SampalliÕs team has built a 'test bed' to investigate vulnerabilities and prototypes for intrusion detection and prevention in wireless networks. A test bed is an experimental set up (in this case, a wireless network) that has been installed in his lab. It is a self-contained, independent network with no interference to other networks, where the team conducts their experiments. This research is intended not only to raise awareness among Canadian industry, government and public in wireless security issues, but also help prevent intrusions on wireless networks in the future.
Dr. Sampalli is just one of dozens of Dalhousie professors and students recently awarded $18 million in NSERC funding. This will also fund 169 scholarships. The investment represents 75 per cent of the total funding earmarked for eight institutions in Nova Scotia and 43 per cent of the total investment for the Atlantic region. Dalhousie ranks ninth nationally for science and engineering investment.