ResFi A Secure Framework for Self-Organized Radio Resource Management in Residential WiFi Networks Sven Zehl , Antolij Zubow, Michael Döring and Adam Wolisz
Motivation IEEE 802.11 (WiFi) is the main access technology in residential environments -> WiFi AP as heart of a smart home Residential WiFi networks are characterized by: Dense (urban) and unplanned deployments In contrast to enterprise networks each AP is managed independently by an unexperienced resident TKN Telecommunication Networks Group
Motivation IEEE 802.11 (WiFi) is the main access technology in residential environments -> WiFi AP as heart of a smart home Residential WiFi networks are characterized by: Dense (urban) and unplanned Main problems: deployments High contention • High interference • In contrast to Spectrum wastage • enterprise networks -> More than 50% of each AP is managed residential APs use the independently by an default static channels!! (Patro et. al 2013) unexperienced resident TKN Telecommunication Networks Group
Motivation (Cont.) New applications (e.g. UHD video) require high QoS/QoE which will be challenging to be enforced in residential WiFi deployments, Goal: enable cooperation between co-located residential APs to allow efficient radio resource management (e.g. setting radio channel, bandwidth, transmit power), Challenge: how to enable secure communication between residential APs? Efficient discovery of neighboring APs, Exchange of addressing information of management units. TKN Telecommunication Networks Group
Lessons from Enterprise Networks Centralized radio resource management: In Enterprise WiFi networks a centralized controller manages radio resources, Very efficient as controller has global view + connected via low-latency backhaul to Aps With COAP (Coordination framework for Open APs) a centralized radio resource management for residential WiFi networks was proposed (Patro et. al 2015): Only applicable for centrally administered apartment houses, e.g. single ISP or single building manager, It requires significant administration & creates cost (-> cloud controller) TKN Telecommunication Networks Group
Residential WiFi network TKN Telecommunication Networks Group
Enable Cooperation TKN Telecommunication Networks Group
How to discover neighboring APs? Idea: Use 802.11 active scanning for AP (!) discovery TKN Telecommunication Networks Group
How to exchange global IP address? TKN Telecommunication Networks Group
Setting-up of a secured control channel over the Internet TKN Telecommunication Networks Group
Why do we secure the control channel? Radio resource management is not security sensitive, so why should be care? Large scale malicious actions can have an impact! Setting all APs of a city on the same channel would definitely create some problems… Security material is exchanged only locally using the wireless interface (an attacker must be physically co-located) Key rotation to prevent key collection -> wardriving TKN Telecommunication Networks Group
Proposed Approach - Design principles Fully distributed approach for radio resource management in residential WiFi networks No controller, no cloud, no additional costs Residential APs in direct wireless communication range discover each other and exchange addressing information and key material using the wireless interface: Neighboring APs do not necessarily have to operate on the same channel, Addressing information is the public (global) IP address of the AP radio resource management unit A secured control channel between each pair of neighboring APs over the Internet is set up. Neighboring APs can cooperate with each other by means of message exchange using a well-defined API. TKN Telecommunication Networks Group
The ResFi Framework Pure user-space software solution Enables secure N-Hop connectivity between residential WiFi APs Security features: Ensuring locality of participating APs through periodically changing the symmetric group encryption key (wirelessly distributed to neighbors via active scanning) Additionally group encryption key provides group confidentiality between one hop neighbors Ensuring non-repudiation and message integrity through public key cryptography Moreover on demand created symmetric unicast encryption keys provides confidentiality between two peers . TKN Telecommunication Networks Group
The ResFi Framework (II) Well defined northbound and southbound APIs: Allows easy integration for vendors Allows easy radio resource management application development Enables cooperative radio resource management between residential APs of different vendors and device types Prototype available as open-source http://github.com/resfi TKN Telecommunication Networks Group
ResFi Reference Implementation Framework implemented using platform independent code (python) hostapd and iw tool connected with ResFi northbound API (Linux as reference platform) TKN Telecommunication Networks Group
Example ResFi Application Distributed Dynamic Channel Selection Implementation of distributed channel assignment algorithm of Mishra et. al 2005 Algorithm implemented as ResFi application with less than 50 lines of code (LOC) TKN Telecommunication Networks Group
Testbed evaluation Distributed Dynamic Channel Selection Evaluation as proof-of-concept Large scale testbed evaluation (ORBIT radio grid testbed) 15 ResFi APs and 42 client STAs all in one single collission domain Simulation of 12 apartments with single AP and single client STA and three co-located public hotspots each with AP and 10 client STAs Measuring TCP/IP uplink throughput from all concurrently transmitting client STAs TKN Telecommunication Networks Group
Testbed evaluation Uplink TCP throughput of all STAs of both algorithms aggregated as boxplots TKN Telecommunication Networks Group
Testbed evaluation Uplink TCP throughput of all STAs of both algorithms aggregated as boxplots 97% Median increase TKN Telecommunication Networks Group
Other ResFi Applications Other RRM applications are possible: Distributed RTS/CTS adaption Distributed TDMA to mitigate Hidden node problems Distributed Sensing of non-WiFi interference Distributed EDCA parameter assignment … TKN Telecommunication Networks Group
Build your own ResFi applications! Source code published as open source https://github.com/resfi Mininet based Emulation for testing new ResFi applications Linux based ResFi reference implementation for real hardware Only user-space software modifications (patched hostapd) Framework based on platform independent python code Can be used as reference implementation for AP vendors or as research framework TKN Telecommunication Networks Group
Build your own ResFi applications! Thank you! https://github.com/resfi TKN Telecommunication Networks Group
Non RRM Applications Problem: neighbor AP would provide better wireless connectivity than own AP, but we cannot use it. TKN Telecommunication Networks Group
Virtual Neighbor AP Idea: APs mutally deploy virtual neighbor SSID and tunnel all traffic back to real AP. TKN Telecommunication Networks Group
Recommend
More recommend
