Center for Wireless Network Security WiNSeC Dr. Patrick White Assoc. Director – WiNSeC Office: 201-216-5028 October 29, 2003 pw hite1@ stevens-tech.edu
Wireless Network Security Center (WiNSeC) Principal areas of focus: • Secure, robust wireless communications technologies for Homeland Defense and Security: – Physical layer vulnerabilities, including anti-jamming/eavesdropping – Spectrally efficient communications – Interoperability of wireless systems – Energy efficient sensor networks – Wireless cyber counter measures • Situational awareness tools for C 2 – Visualization of sensor data – Decision aids • Secure communications networks and command/control facilities for First Responders Initial funding from DoD – administered by Picatinny Arsenal
Wireless “Twin Foci” Network Security TestBed / Analysis Research Technology Commercialization/ Enterprise Development
Multi-Environment SUBURBAN MARI TI ME URBAN • Background radio noise If it works here … • Multipath • Shadowing …
Multi-Network Test Bed Ferry 1 L-Band Satellite Ferry 2 MTS GPS Satellite Ferry 3 Satellite Robust physical Network Ferry 4 layer Upper mm λ , Ferry 5 Internet Stevens Free-space Network Situational Network optics, chaotic Awareness spreading, etc Tools & Decision Aids Bluetooth Unmanned Cyber Security Sensor Campus Control CDMA - detection & Wireless Verizon mitigation Network tools Network Sports Field Stevens Police Networked Sensors Ferry Ferry Pier Teletype Hand- Held Applications
WiNSeC Research Information Assurance Physical Security • Secure and Reliable Wireless • Secure Network Infrastructure Sensor Networking • Smart Antennas for • Distributed Access Control Interference Suppression • Privacy Preserving • Modeling and Simulation information sharing Tools • Robust Multimedia • Secure Protocols for Wireless Networking Applications • RF Transmission Power Management and Detection: Chaotic Direct Sequence Network Management Spread Spectrum • Visualization: Sensor Data • Secure and Sound Decision Tools • Cyber Security Risk Analysis and Evaluation
Privacy-Preserving Information Sharing (Rebecca Wright) Allow multiple data holders to collaborate to compute important (e.g., security-related) information while protecting the privacy of other information. Particularly relevant now for agencies that would like to share sensitive information
Privacy-Protecting Statistics CLIENT SERVERS Wishes to Each holds compute large database statistics of servers’ data • Parties communicate using cryptographic protocols designed so that: – Client learns desired statistics, but learns nothing else about data (including individual values or partial computations for each database – Servers do not learn which fields are queried, or any information about other servers’ data – Computation and communications are very efficient
Initial Experimental Results 30 25 Time (minutes) 20 15 Total time 10 5 0 0 20,000 40,000 60,000 80,000 100,000 Database size
Type-Based Distributed Access Control (Dominic Duggan) Confidential e-mail Problem: Data leaving owners environment has limited protection • Investigate use of type checking in combination with key and data encryption to maintain owner control – Data protected by type and encryption – Copy operations on local and/or remote machines controlled by type checking
Cyber Security (Susanne Wetzel) • Explore vulnerability of Ad- Hoc Sensor network fields to a variety of cyber and/or combination (cyber/physical) attacks that disrupt routing tables: – Disconnect network nodes – Degrade good-put – Hi-jack traffic to/from selected nodes – Force traffic through a limited number (1?) of nodes to degrade performance, deplete power, etc.
Visualization of Noisy Sensor Data (George Kamberov) Clean Data Noisy Input Data
Processing Results & Reconstruction Facial Feature Line-Based Facial Reconstruction Grids
Photo-Realistic Rendering of Facial Models with Dynamic Texture Mapping
Long λ Laser for Free Space Optics (Rainier Martini) • Quickly deployed, low cost alternative for access link – No digging required – install, aim and go • Broadband ≥ 10 Gbps capable • Difficult (impossible?) to intercept or jam • But typical wavelengths, 830/1330/1550 nm, susceptible to heavy fog Funded by DARPA
FSO Losses in water fog 0 Fog concentration Transmission losses [dB] -10 increased with time 1.3 µ m & 1.5 µ m • -20 strongest losses -30 (> 40dB) -40 • 830nm strong W avelength: 830 nm losses (~40dB) 1.3 µ m -50 1.55 µ m 8 µ m 8 µ m nearly no • -60 losses (~3dB) 15:07 15:21 15:36 15:50 16:04 16:19 Time • MIR link allows transmission under extreme fog conditions, no strong differences for classical NIR systems.
QC laser: High modulation bandwidth at 8 µ m • High frequency limit Modulation response [dB] greater 10 GHz ! -50 • Flat response -60 • Background due to electrical noise and -70 free radiation • SNR ~40 dB up to -80 5 GHz Background -90 • No resonance visible 0.1 1 10 Frequency [GHz]
Upper MM-Wave Radio > 28 GHz • High capacity, e.g., 10 Gbps, point-to-point Ethernet up to 1km • High frequency reuse – narrow beams cover small areas (less beam divergence, more limited propagation) • With high O 2 absorption, can provide in-building security; e.g., confine propagation to room. • Also minimal interference, guaranteeing relatively clean signal reception. • Less susceptible to fog, but more sensitive to heavy rain
Network Research Test Bed (NSF) • Simultaneous connectivity to multiple networks • Automatic selection of network with best available capability • Maximize availability/performance & Coverage Authorization UTP 5 UTP 5 Accounting Authentication Fiber optic Fiber optic Wide Area Network Gateway • Optimize spectral & Coaxial Coaxial Fiber Optic Backbones FSO, Microwave FSO, Microwave energy efficiency User Terminal User Terminal Transparent Software Transparent Software Integration Layer Integration Layer CDMA, GPRS CDMA, GPRS • Provide extra dimension Satellite Satellite Wide Area Network Gateway in security Accounting Authentication 802.11b, 802.11a 802.11b, 802.11a Authorization
Network of Networks for Public Safety
A Hybrid Solution for Coverage and Interoperability • Car maintains connectivity (via software radio) to multiple wireless networks – interoperability with national coverage, minimal dead spots • Messages automatically sent to network with best instantaneous performance • Outside the car, option to use the car to relay messages • Most modifications limited to radio in the car, minimizing cost and deployment interval
Thank You Patrick White Center for Wireless Network Security
Recommend
More recommend