channel surfing and spatial retreats defenses against
play

Channel Surfing and Spatial Retreats: Defenses against Wireless - PowerPoint PPT Presentation

Sep 01, 2022 •155 likes •486 views

Channel Surfing and Spatial Retreats: Defenses against Wireless Denial of Service W enyuan Xu, Tim othy W ood, W ade Trappe, Yanyong Zhang W I NLAB, Rutgers University I AB 2 0 0 4 Roadmap Motivation and Introduction Detection

  1. Channel Surfing and Spatial Retreats: Defenses against Wireless Denial of Service W enyuan Xu, Tim othy W ood, W ade Trappe, Yanyong Zhang W I NLAB, Rutgers University I AB 2 0 0 4

  2. Roadmap � Motivation and Introduction � Detection – MAC Layer Detection – PHY Layer Detection � DoS Defenses – Channel Surfing – Spatial Retreat � Conclusions � Ongoing works 2 I AB 1 1 / 1 8 / 2 0 0 4

  3. I AB 1 1 / 1 8 / 2 0 0 4 3 Alice Hi … Jamming Style DoS Hello … Bob

  4. I AB 1 1 / 1 8 / 2 0 0 4 4 Alice Hi … @#$%%$#@& Mr. X Jamming Style DoS … Hello … Bob

  5. w2 Jamming Style DoS @# $ % % $ Hi … Hello … # @&… Bob Alice � Alice and Bob are DoS attacked by malicious Mr. X. � Mr. X A story for the problem of wireless denial of service attack we focus on. Alice and Bob � two communicating – nodes, A and B. Mr. X � an adversarial interferer X. – Mr. X’s insane behavior � the jamming – style DoS. – People and nodes in wireless network both communicate via shared medium. R X1 � Jamming style DoS Attack: X 1 – Behavior that prevents other nodes from A B using the channel to communicate by X 2 occupying the channel that they are communicating on 5 I AB 1 1 / 1 8 / 2 0 0 4

  6. Slide 5 w2 DoS: An attack on a system or portion of a system that results in at least the temporary inability of others to use the system for its intended purpose wenyuan, 9/22/2004

  7. @# $ % % Hi … Hello … $ # @&… Jamming Style DoS Bob Alice � Jam m ing style DoS: 2 styles Mr. X – MAC-layer DoS � Bypass the MAC protocol, repeatedly send out packets � Introduces packet collision – PHY-layer DoS � Jam transmission channel by emitting energy in the frequency band corresponding to the channel � Australian CERT [ 0] : This vulnerability m akes a successful, low cost attack against a w ireless netw ork feasible for a sem i-skilled attacker Previously, attacks against the availability of IEEE 802.11 networks have required specialised hardware and relied on the ability to saturate the wireless frequency with high-power radiation, an avenue not open to discreet attack. This vulnerability makes a successful, low cost attack against a wireless network feasible for a semi-skilled attacker. � A common example: turning on the Microwave is a piece of cake. [ 0] AusCERT,"AA-2004.02-denial of service vulnerability in IEEE 802.11 wireless devices", http: / / www.auscert.org 6 I AB 1 1 / 1 8 / 2 0 0 4

  8. Our Jammers � MAC-layer Jammer – Mica2 Motes (UC Berkeley) � 8-bit CPU at 4MHz, � 512KB flash, 4KB RAM � 916.7MHz radio � OS: TinyOS – Disable the CSMA – Keep sending out the preamble Packet Pream ble Sync � PHY-layer Jammer – Waveform Generator – Tune frequency to 916.7MHz 7 I AB 1 1 / 1 8 / 2 0 0 4

  9. Handling Jamming: Strategies � What can you do when your channel is occupied? – In wired network you can cut the link that causes the problem, but in wireless… – Make the building as resistant as possible to incoming radio signals? – Find the jamming source and shoot it down? – Battery drain defenses/ attacks are not realistic! � Protecting networks is a constant battle between the security expert and the clever adversary. � Therefore, we take motivation from “The Art of War” by Sun Tze: – He w ho cannot defeat his enem y should retreat. � Detection Strategies – MAC Detection – PHY Detection � Retreat Strategies: – Spectral evasion – Spatial evasion 8 I AB 1 1 / 1 8 / 2 0 0 4

  10. Detection: MAC Layer and PHY Layer

  11. DoS Detection—MAC Layer � Idea: – Want to use channel state information to detect whether a jamming has occurred. � CSMA (TinyOS) Adversary Model: There is one stationary – Senses the channel until it detects the channel is idle. adversary, who continuously blasts on a single – If collision, wait for a random time. (no exponential backoff) � channel at a time. Adversary Model: – We assume there is only one stationary adversary, who blasts on a single channel at any time. � Observation: – Normal scenario: nodes can pass the CSMA after some time – DoS scenario: nodes might never passes the CSMA � Challenges: – How to discriminate a legitimate traffic jam from illegitimate traffic? – What is a good model to minimize the probability of a false positive? � Thresholding is the “bread and butter” of detection theory (Neyman-Pearson, Bayesian inference). – Sensing time? 10 I AB 1 1 / 1 8 / 2 0 0 4

  12. Empirically setting the threshold � Problem with theoretically setting threshold: Its hard to model more R 1 complicated MACs! S 1 S 3 � Let each network device collect statistics regarding waiting time D � S 2 Experiment – ns-2 simulator A B – 802.11 protocol R 3 – Disabled the MAC layer retransmission – Two nodes, A and B, collected the statistical data R 2 – Using some streams (from sender Si to Cum ulative Distribution of Sensing Tim e receiver Ri) to increase the interfering traffic Cum ulative Distribution � Observation: – When only a few streams exist, A can get the channel quickly with high probability – As the number of streams increases, the competition for channel becomes more intense, thus taking longer for A to acquire the channel 11 I AB 1 1 / 1 8 / 2 0 0 4 Sensing Tim e ( m s)

  13. DoS Detection – PHY Layer � Idea: – Want to use PHY layer information to detect whether a jamming has occurred � Observations: – Ambient noise levels in normal (including congested) scenarios and abnormal scenarios are statistically different. � Challenges: – How to capture the time variant properties efficiently? – What is a good model to use for minimizing the probability of a false positive? � Network devices can sample noise levels prior to DoS attack and build a statistical model describing usual energy levels in the network. – Discrimination between normal noise level measurements and abnormal data by employing the various features of the data. – Tools: � ψ 2 statistics: Spectral Discrimination χ 2 � statistics: Distributional Discrimination 12 I AB 1 1 / 1 8 / 2 0 0 4

  14. DoS Detection – PHY Layer � Platform: – Mica2 Motes (UC Berkeley) – Use RSSI ADC to measure the signal strength – The values are in inverse relationship to power (signal strength) � Three scenario – No communicator – Three communicators (obey CSMA) – Use waveform generator as jammer The noise No communicator level time series with a jammer and without a Three communicators jammer are different Jammer 13 I AB 1 1 / 1 8 / 2 0 0 4 Tim e

  15. Defenses: Channel Surfing and Spatial Retreats

  16. Network Types � DoS detection can be employed by a single node, however, DoS defenses are group activities. R X1 X 1 � Three different network scenarios are A B X 2 concerned: – Two party radio communication � Baseline case AP 1 X 1 – Infrastructured wireless network D A � Consist of two types of device: access points B and mobile devices AP 0 X 0 � Access points communicate with each other C via wired infrastructure � Mobile devices communicate via the access point to other mobile devices AP 2 A B C – Mobile Ad Hoc Wireless Networks � Composed of mobile devices without access D E X F G points � Mobile devices can communicate to each other via multi-hop routing protocol H I J K L 15 I AB 1 1 / 1 8 / 2 0 0 4

  17. Dos Defenses– Channel Surfing � Adversary Model: – We assume there is only one stationary adversary, who blasts on a single channel at any time. Adversary Model: There is one stationary � Objective: – In case we are blocked at a particular channel, we want to resume adversary, who continuously blasts on a single the normal wireless communication with other legal nodes. channel at a time. � Channel Surfing: – If we are blocked at a particular channel, we can resume our communication by switching to a different (and hopefully safe) channel that does not overlap current channel. – Inspired by frequency hopping techniques, but operates at the link layer � System Issues: – Must have ability to choose multiple “orthogonal” channels: � Prevents Interference � Practical Issue: PHY specs do not necessarily translate into correct “orthogonal” channels � Example: MICA2 Radio recommends: “choose separate channels with a minimum spacing of 150KHz” but… .. 16 I AB 1 1 / 1 8 / 2 0 0 4

  18. Throughput VS. Channel Assignment I nterferer Receiver � Sender sends the packet as fast as it can. Sender � Receiver counts the packet and calculates the throughput � The radio frequency of the sender and receiver was fixed at 916.7MHz. � Increased the interferer’s communication frequency by 50kHz each time. � When the Jammer’s communication frequency increases to 917.5MHz, there is almost no interference 17 I AB 1 1 / 1 8 / 2 0 0 4

  19. generator I AB 1 1 / 1 8 / 2 0 0 4 W ave 18 Throughput VS. Channel Assignment Receiver I nterferer Sender

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

From Channel Slicing to From Channel Slicing to Spatial Division Multiplexing Spatial Division

From Channel Slicing to From Channel Slicing to Spatial Division Multiplexing Spatial Division

From Channel Slicing to From Channel Slicing to Spatial Division Multiplexing Spatial Division Multiplexing -- the asynchronous router design the asynchronous router design -- Wei Song 03/12/2009 Advanced Processor Technology Group

774 views • 53 slides
Side-Channel Attacks and Defenses for SGX and SEV Yinqian Zhang Associate Professor Computer

Side-Channel Attacks and Defenses for SGX and SEV Yinqian Zhang Associate Professor Computer

Open Source Enclave Workshop 2019 Side-Channel Attacks and Defenses for SGX and SEV Yinqian Zhang Associate Professor Computer Science & Engineering The Ohio State University Userland TEEs on Commodity Processors Application VM VM

154 views • 14 slides
Covert and Side Channel Attacks and Defenses Mengjia Yan Fall 2020 Based on slides from

Covert and Side Channel Attacks and Defenses Mengjia Yan Fall 2020 Based on slides from

Covert and Side Channel Attacks and Defenses Mengjia Yan Fall 2020 Based on slides from Christopher W. Fletcher Reminder Lab assignment will be released 09/21 Monday Recommend to read Cache missing for fun and profit. (2005).

562 views • 38 slides
Covert and Side Channel Attacks and Defenses Mengjia Yan Fall 2020 Based on slides from

Covert and Side Channel Attacks and Defenses Mengjia Yan Fall 2020 Based on slides from

Covert and Side Channel Attacks and Defenses Mengjia Yan Fall 2020 Based on slides from Christopher W. Fletcher Reminder Lab assignment will be released 09/21 Monday Recommend to read Cache missing for fun and profit. (2005).

1.03k views • 66 slides
A model for fluctuations of the spatial mean in a turbulent channel flow: a window on physics

A model for fluctuations of the spatial mean in a turbulent channel flow: a window on physics

A model for fluctuations of the spatial mean in a turbulent channel flow: a window on physics beyond the periodic box. Paolo Luchini DIIN, Universit` a di Salerno, Italy Maurizio Quadrio Department of Aerospace Sciences and Technologies,

300 views • 28 slides
HEALING RETREATS FOR SURVIVORS Avi Haimowitz Program Director Agenda Using Nature to Heal

HEALING RETREATS FOR SURVIVORS Avi Haimowitz Program Director Agenda Using Nature to Heal

DESIGNING INNOVATIVE HEALING RETREATS FOR SURVIVORS Avi Haimowitz Program Director Agenda Using Nature to Heal Background & Herstory Key Elements Considerations Design Your Own Future Retreats Using Nature to Heal

532 views • 23 slides
Preference Defenses: New Value Ordinary Preference Defenses: New Value, Ordinary Course and

Preference Defenses: New Value Ordinary Preference Defenses: New Value, Ordinary Course and

Presenting a live 90 minute webinar with interactive Q&A Preference Defenses: New Value Ordinary Preference Defenses: New Value, Ordinary Course and Contemporaneous Exchange Managing the Audit Process, Mitigating Regulatory Sanctions, and

893 views • 52 slides
Known issues of spatial multiplexing MIMO Spatial multiplexing MIMO significantly improves

Known issues of spatial multiplexing MIMO Spatial multiplexing MIMO significantly improves

Known issues of spatial multiplexing MIMO Spatial multiplexing MIMO significantly improves spectral efficiency, but: Suffers from inter-channel interference resulting in high computational complex algorithms ( e.g. , Vertical Bell Labs

799 views • 7 slides
Children dont need more toys They need more Adventures Overview Why the Ocean? Why

Children dont need more toys They need more Adventures Overview Why the Ocean? Why

Children dont need more toys They need more Adventures Overview Why the Ocean? Why Surfing? Movement with Attention Surfing: Occupation as a means and as an ends. The occupational injustices addressed by Surfing the

590 views • 34 slides
Diversity & Surfing: Age and Boards Professor Barbara Humberstone windsurfing Windsurfing

Diversity & Surfing: Age and Boards Professor Barbara Humberstone windsurfing Windsurfing

Diversity & Surfing: Age and Boards Professor Barbara Humberstone windsurfing Windsurfing is a a surface water sport that combines elements of surfing and sailing Wikipedia (Calshot, Solent, UK) How technology can dissolve the

351 views • 21 slides
Lecture 6: MIMO Channel and Spatial Multiplexing I-Hsiang Wang

Lecture 6: MIMO Channel and Spatial Multiplexing I-Hsiang Wang

Lecture 6: MIMO Channel and Spatial Multiplexing I-Hsiang Wang ihwang@ntu.edu.tw 5/1, 2014 Mutliple Antennas Multi-Antennas so far: - Provide diversity gain and increase reliability - Provide power gain via

3.4k views • 56 slides
Lecture 6: MIMO Channel and Spatial Multiplexing I-Hsiang Wang

Lecture 6: MIMO Channel and Spatial Multiplexing I-Hsiang Wang

Lecture 6: MIMO Channel and Spatial Multiplexing I-Hsiang Wang ihwang@ntu.edu.tw 5/1, 2014 Mutliple Antennas Multi-Antennas so far: - Provide diversity gain and increase reliability - Provide power gain via

3.28k views • 24 slides
Lecture 6: MIMO Channel and Spatial Multiplexing I-Hsiang Wang

Lecture 6: MIMO Channel and Spatial Multiplexing I-Hsiang Wang

Lecture 6: MIMO Channel and Spatial Multiplexing I-Hsiang Wang ihwang@ntu.edu.tw 5/1, 2014 Mutliple Antennas Multi-Antennas so far: - Provide diversity gain and increase reliability - Provide power gain via

387 views • 18 slides
Simulation of the Spatial Covariance Matrix 802.11 TGn Channel Model Special Committee November

Simulation of the Spatial Covariance Matrix 802.11 TGn Channel Model Special Committee November

November 2003 doc.: IEEE 802. 11-03/925r0 Simulation of the Spatial Covariance Matrix 802.11 TGn Channel Model Special Committee November 11 th , 2003 Antonio Forenza, David J. Love and Robert W. Heath Jr. The University of Texas at Austin

498 views • 14 slides
Olympics, Funding, Adaptives and Beyond Nick Hounsfield Director Surfing England OLYMPICS

Olympics, Funding, Adaptives and Beyond Nick Hounsfield Director Surfing England OLYMPICS

Olympics, Funding, Adaptives and Beyond Nick Hounsfield Director Surfing England OLYMPICS Tsurigasaki Beach Chiba Olympics Surfing included as a demonstration sport in Tokyo Games August 2016 WSL athletes will be released to

597 views • 18 slides
Multi-modal Face Presentation Attack Detection via Spatial and Channel Attentions Guoqing Wang 1,3

Multi-modal Face Presentation Attack Detection via Spatial and Channel Attentions Guoqing Wang 1,3

Multi-modal Face Presentation Attack Detection via Spatial and Channel Attentions Guoqing Wang 1,3 , Chuanxin Lan 1 , Hu Han , 1,2 , Shiguang Shan 1,2,3,4 , and Xilin Chen 1,3 1 Key Laboratory of Intelligent Information Processing of Chinese

242 views • 7 slides
Timely and Robust Key Establishment under Jamming Attack Eun-Kyu Lee, Soon Y. Oh, and Mario

Timely and Robust Key Establishment under Jamming Attack Eun-Kyu Lee, Soon Y. Oh, and Mario

Timely and Robust Key Establishment under Jamming Attack Eun-Kyu Lee, Soon Y. Oh, and Mario Gerla UCLA Outline Jamming Attacks Quorum System Application to MANETs Frequency Quorum Rendezvous Fast key establishment protocol

602 views • 24 slides
1st International Electronic Conference on Geriatric Care Models Disability among the Elderly in

1st International Electronic Conference on Geriatric Care Models Disability among the Elderly in

1st International Electronic Conference on Geriatric Care Models Disability among the Elderly in Indonesia: An Analysis of Spatial and Socio-demographic Correlates Puguh Prasetyoputra 1, * and Ari Purwanto Sarwo Prasojo 1 1 Research Center for

297 views • 15 slides
Java Technologies Java EE - Introduction First of All Course Information The Goal The

Java Technologies Java EE - Introduction First of All Course Information The Goal The

Java Technologies Java EE - Introduction First of All Course Information The Goal The Motivation Teaching / Learning Bibliography Evaluation Lab: problems, personal projects, essays easy Exam: written test /

711 views • 22 slides
Death by a Thousand Struts A Defenders Tale Justin Warner (@sixdub) $Whoami - Justin Warner

Death by a Thousand Struts A Defenders Tale Justin Warner (@sixdub) $Whoami - Justin Warner

Death by a Thousand Struts A Defenders Tale Justin Warner (@sixdub) $Whoami - Justin Warner (@sixdub) Principal Security Engineer @ ICEBRG focusing on detection, network data analysis, and adversary emulation testing Computer Science

608 views • 41 slides
Modeling Electronic Attack (U) Jose M. Gonzalez Chief Modeling & Simulation Support Branch

Modeling Electronic Attack (U) Jose M. Gonzalez Chief Modeling & Simulation Support Branch

UNCLASSIFIED // FOR OFFICIAL USE ONLY Distribution authorized to U.S. Government agencies and their contractors; critical technology (July 2009). Other request for this document shall be referred to Director, U.S. Army Research Laboratory, ATTN:

325 views • 13 slides
Capacity Region of the Gaussian Arbitrarily-Varying Broadcast Channel Fatemeh Hosseinigoki and

Capacity Region of the Gaussian Arbitrarily-Varying Broadcast Channel Fatemeh Hosseinigoki and

Capacity Region of the Gaussian Arbitrarily-Varying Broadcast Channel Fatemeh Hosseinigoki and Oliver Kosut A RIZONA S TATE U NIVERSITY ISIT 2020 1 / 12 Gaussian Arbitrarily-Varying Broadcast Channel Transmitter power constraint X 2

557 views • 44 slides
Confusion / dilution countermeasure #UDT2019 Objective Two types of anti torpedo countermeasure

Confusion / dilution countermeasure #UDT2019 Objective Two types of anti torpedo countermeasure

Confusion / dilution countermeasure #UDT2019 Objective Two types of anti torpedo countermeasure exist : Hard kill countermeasure The aim is to home in, on torpedo and to destroy or disabling torpedo by blast or physically smashing into.

168 views • 14 slides
Study On Deep Water Exit Speed Prediction Of Torpedo Countermeasure Decoys UDT 2020 Paper Study

Study On Deep Water Exit Speed Prediction Of Torpedo Countermeasure Decoys UDT 2020 Paper Study

UDT 2020 Study On Deep Water Exit Speed Prediction Of Torpedo Countermeasure Decoys UDT 2020 Paper Study on deep water exit speed prediction of torpedo countermeasure decoys Diren ABAT [1] , mer BATMAZ [2] Defense Systems Technologies Division

69 views • 5 slides

More recommend