Article thumbnail

Evaluating Hamming Distance as a Metric for the Detection of CRC-based Side-channel Communications in MANETs

By Brent Moore, Miguel Vargas Martin and Ramiro Liscano

Abstract

AbstractSide-channel communication is a form of traffic in which malicious parties communicate secretly over a wireless network. This is often established through the modification of Ethernet frame header fields, such as the Frame Check Sequence (FCS). The FCS is responsible for determining whether or not a frame has been corrupted in transmission, and contains a value calculated through the use of a predetermined polynomial. A malicious party may send messages that appear as nothing more than naturally corrupted noise on a network to those who are not the intended recipient. We use a metric known as Hamming distance in an attempt to differentiate purposely corrupted frames from naturally corrupted ones. In theory, it should be possible to recognize purposely corrupted frames based on how high this Hamming distance value is, as it signifies how many bits are different between the expected and the received FCS values. It is hypothesized that a range of threshold values based off of this metric exist, which may allow for the detection of side-channel communication across all scenarios. We ran an experiment with human subjects in a foot platoon formation and analyzed the data using a support vector machine. Our results show promise on the use of Hamming distance for side-channel detection in MANETs

Publisher: The Author(s). Published by Elsevier B.V.
Year: 2016
DOI identifier: 10.1016/j.procs.2016.04.206
OAI identifier:

Suggested articles


To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.