Security in Wireless Ecosystems Security in Wireless Ecosystems Wade Trappe
Wireless Ecosystems represent the next generation of Wireless Ecosystems represent the next generation of pervasive computing systems pervasive computing systems � Integrating the physical world with the Internet – Ability to view, search and interact with the physical world – Pervasively deployed mobile and embedded computing devices � A set of evolving ”wireless ecosystems” emerge – Weaving information into the fabric of human lives � Characteristics of pervasive ecosystems – 10s of billions of wireless devices connected to the global network – Scale is 2 orders of magnitude greater than today’s internet – Licensed and Unlicensed Spectrum – New challenges in enabling technologies, system architecture and human-centric design � Communications/Networking with Cognitive Radios – Design of hierarchical, distributed, decentralized and adaptive protocols – Spectrum Coexistence in dense wireless networks – Efficient integration with the future internet � Security and Privacy – Personal nature of use of technologies – Ubiquitous nature of use of technologies WINLAB
Wireless Ecosystems represent the next generation of Wireless Ecosystems represent the next generation of pervasive computing systems pervasive computing systems Ambient interfaces Application Management & Control Software Control Module “Human in the Loop” Autonomous software agents Cognitive Intelligence Module Control Module Global Pervasive Network Computation (Future Internet) & Storage Protocol To Actuators module Content & Location Aware Routers Network Connectivity & Computation Smart Public Space Hospital with Physical World with Embedded Wireless Embedded Monitoring Vehicles with Sensors & Wireless Virtualized physical world object From Sensors Multiple radio standards, � Cognitive radios Autonomous Wireless Clusters (“ecosystems”) Robotics Application WINLAB [3]
Wireless Ecosystems are a multi- -dimensional activity dimensional activity Wireless Ecosystems are a multi at WINLAB at WINLAB “Wireless Ecosystems” Spectrum Policy � – Economics – Regulation Spectrum rate 4 Policy – Legal rate 1 Server – Business rate 2 rate 3 Cooperative Communications Platforms/Prototypes � � – Information & Coding Theory – WiNC2R Programmable agile radios – Statistical Signal Processing – GNU platforms – Game Theory/Microeconomics – Cognitive Radio Network – MAC & Networking Algorithms Testbeds WINLAB
WINLAB has a holistic approach to addressing security WINLAB has a holistic approach to addressing security issues in emerging wireless systems issues in emerging wireless systems Wireless is easy to sniff. We still need encryption services and key management. Key Confidentiality freshness is an issue. Wireless hardware/equipment need to be safe from modification. Data/control info should not Integrity be modified before or during transit. Wireless networks will be the platform of choice for attacks. Should the network keep track of Forensics forensic evidence? Perpetual connectivity can mean constant surveillance! With snooping one can monitor Privacy mobility and handoffs between networks. Location is a new form of information provided by wireless systems that will facilitate new Location services. Location information needs to be trusted. The pervasiveness of the wireless networks should not mean that just anyone can participate! Intrusion Example: Rogue APs The value of a wireless network is its promise of ubiquitous connectivity. Unfortunately, Availability wireless networks are easy to “break” (e.g. jam, denial of service) RF energy radiates, and wireless entities within the radio coverage pattern may serve as Non-repudiation witnesses for the actions of the transmitter. WINLAB
Security can be achieved by exploiting unique properties of Security can be achieved by exploiting unique properties of the wireless physical layer (SEVILLE) the wireless physical layer (SEVILLE) Wireless channels are “open” and hence more susceptible to eavesdropping, � intrusion and spoofing… � Interestingly, wireless channel properties (“RF signatures”) can be exploited for authentication and to identify attackers Project on protocols and algorithms for security functions; also experimental � validation WINLAB
SEVILLE exploits the physical layer to achieve new forms of SEVILLE exploits the physical layer to achieve new forms of key establishment key establishment � Use channel reciprocity to build highly correlated data sets – Probe the channel in each direction – Estimate channel using recd. probe � Eve receives only uncorrelated information as she is more than λ /2 away � Level crossings are used to generate bits � Alice and Bob must exchange msgs over public channel to create identical bits � What if channel is not already authenticated? – Requires additional sophistry to prevent man-in-the-middle attack. – It is possible using the correlated data collected from received P R O B E probes. B E O P R P R O B E Get channel Positive excursion estimates L o c a t i o n s o f e x c u r s i o n s n t m e e g r e a i n n s o a t i o c L Negative excursion WINLAB Key Key
SEVILLE’ ’s s key establishment has been validated in real key establishment has been validated in real SEVILLE customized and COTS systems customized and COTS systems Alice � Eve Bob � Eve Experimental setup: � – Alice = AP – Bob = Client – Eve = Client on same channel Alice � Bob: PING REQUEST Bob � � Alice: PING REPLY 20 packets per second � Alice � Bob Eve overhears packets from both � legitimate users Bob � Alice (RSSI, timestamp) from recd. packet � headers are pulled out by each user Mesg. exchange protocol uses the � locations of excursions to distil identical bits ~1 bit/sec in typical indoor environments � Alice � Bob with no errors. WINLAB Bob � Alice
DARWIN seeks to defend wireless networks from adversarial DARWIN seeks to defend wireless networks from adversarial wireless interference wireless interference Goal: to maintain wireless network connectivity in the presence of wireless interference (i.e. � jamming) Strategies: � – Channel Surfing: Adapt network channel allocations in an on-demand manner – Spatial Retreats: Use mobility to evade interference sources and re-establish network connectivity – Anti-jamming Timing Channels: Failed packet reception events may be modulated to establish a low-rate jamming resistant communication channel – Radio Teaming: A team of transmitters exploits multipath environments to perturb angular receiver patterns, in spite of SINR levels of -10dB or worse. (Effect of a jammer on a network of Chipcon 1100 Radios) (Channel Surfing adjusts channels to re-establishes the network) WINLAB
A non- -jammable jammable timing channel remains when the physical timing channel remains when the physical A non layer is being jammed layer is being jammed � Objective: Objective: � – Create a Create a low bit that exists on – low bit- -rate overlay rate overlay that exists on Overlay Authent. Overlay Authent. Overlay Authent. Overlay Authent. Network Network Network Network the conventional physical/link- -layers layers in spite the conventional physical/link in spite Error Correct Error Correct Error Correct Error Correct 4Oz Overlay 4Oz Overlay 4Oz Overlay 4Oz Overlay of a broadband interferer. a broadband interferer. Overlay Framing Overlay Framing Overlay Framing Overlay Framing of Datalink Datalink Virtual Bitpipe Virtual Bitpipe Virtual Bitpipe Virtual Bitpipe Datalink Datalink Physical Physical Timing channel Timing channel Timing channel Timing channel Physical Physical � Approach: Modulate the interarrival interarrival time time � Approach: Modulate the between packet transmissions to convey between packet transmissions to convey information information Sender Sender Receiver Receiver The Timing Channel Overlay – Jammed packets are detectable Jammed packets are detectable – τ 1 τ 2 τ 3 τ 4 τ i …… t1 t2 t3 t4 t5 t i t i+ 1 tim e WINLAB
Radio transmitters can team to overcome radio interference Radio transmitters can team to overcome radio interference by non- -coherently perturbing receiver coherently perturbing receiver beampattern beampattern by non What’s Jammer “Help this RF Clutter? me!” Target Receiver Communication is Jammed + Blocked SINR = -15dB Jammer Motivation: • Units moving through “urban canyons” experience complex link quality conditions • Adversarial scenarios, involving jammers, further complicate conditions Increasing transmit power may not be an option… Team solutions are needed • Can we do beamforming or cooperative communications? • Can we utilize the “RF Clutter” to convey information? WINLAB
Recommend
More recommend
