232 research outputs found

    On the Security of the Automatic Dependent Surveillance-Broadcast Protocol

    Full text link
    Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next generation air transportation systems. As the heart of modern air traffic control, it will play an essential role in the protection of two billion passengers per year, besides being crucial to many other interest groups in aviation. The inherent lack of security measures in the ADS-B protocol has long been a topic in both the aviation circles and in the academic community. Due to recently published proof-of-concept attacks, the topic is becoming ever more pressing, especially with the deadline for mandatory implementation in most airspaces fast approaching. This survey first summarizes the attacks and problems that have been reported in relation to ADS-B security. Thereafter, it surveys both the theoretical and practical efforts which have been previously conducted concerning these issues, including possible countermeasures. In addition, the survey seeks to go beyond the current state of the art and gives a detailed assessment of security measures which have been developed more generally for related wireless networks such as sensor networks and vehicular ad hoc networks, including a taxonomy of all considered approaches.Comment: Survey, 22 Pages, 21 Figure

    Optimal Strategies in Jamming Resistant Uncoordinated Frequency Hopping Systems

    Get PDF
    Uncoordinated frequency hopping (UFH) has recently emerged as an effective mechanism to defend against jamming attacks. Existing research focuses on the optimal design of the hopping pattern, which implicitly assumes that the strategy of the attacker is fixed. In practice, the attacker might adjust its strategy to maximize its damage on the communication system. In this thesis, we study the design of optimal hopping pattern (the defense strategy) as long as the optimal jamming pattern (the attack strategy). In particular, we model the dynamic between the legitimate users and the attacker as a zero sum game, and study the property of this game. We show that when the legitimate users and the jammer can access only one channel at any time, the game has a unique Nash equilibrium. In the Nash equilibrium, the legitimate users and Eve will access or jam only a subset of channels that have good channel quality. Furthermore, the better the channel, the larger the probability that Eve will jam the channel and the smaller the probability the legitimate users will access this channel. We further extend the study to multiple access multiple jamming case and characterize the Nash equilibrium. We also give numerical results to illustrate the analytical results derived in this thesis

    REBUF: Jam Resistant BBC based Uncoordinated Frequency Division

    Get PDF
    One of the central tenants of information security is availability. One common form of attack against the availability of information in wireless networks is jamming. Currently, the most common techniques to provide jam-resistant communication, such as frequency-hopping spread spectrum (FHSS), are based on the use of a symmetric shared secret. However, there are theoretical approaches to jam resistance without a pre-shared secret. One theoretical approach using concurrent codes, called the BBC algorithm, was developed at the United States Air Force Academy. We developed and tested the effectiveness of REBUF, a Jam Resistant BBC based Uncoordinated Frequency Division Multiplexing (FDM) system. REBUF is the first known implementation of the BBC algorithm in a simultaneous frequency division multiplexing system. The contributions of this paper include: demonstrating the practical use of a BBC based FDM system, the ability of such a system to jam traditional orthogonal frequency division multiplexing (OFDM) systems, and the resilience of such a system to some common forms of jamming

    Randomized Differential DSSS: Jamming-Resistant Wireless Broadcast Communication

    Full text link
    Abstract—Jamming resistance is crucial for applications where reliable wireless communication is required. Spread spectrum techniques such as Frequency Hopping Spread Spectrum (FHSS) and Direct Sequence Spread Spectrum (DSSS) have been used as countermeasures against jamming attacks. Traditional antijamming techniques require that senders and receivers share a secret key in order to communicate with each other. However, such a requirement prevents these techniques from being effective for anti-jamming broadcast communication, where a jammer may learn the shared key from a compromised or malicious receiver and disrupt the reception at normal receivers. In this paper, we propose a Randomized Differential DSSS (RD-DSSS) scheme to achieve anti-jamming broadcast communication without shared keys. RD-DSSS encodes each bit of data using the correlation of unpredictable spreading codes. Specifically, bit “0 ” is encoded using two different spreading codes, which have low correlation with each other, while bit “1 ” is encoded using two identical spreading codes, which have high correlation. To defeat reactive jamming attacks, RD-DSSS uses multiple spreading code sequences to spread each message and rearranges the spread output before transmitting it. Our theoretical analysis and simulation results show that RD-DSSS can effectively defeat jamming attacks for anti-jamming broadcast communication without shared keys. I

    Security Improvements for the S-MIM Asynchronous Return Link

    Get PDF
    S-MIM is a hybrid terrestrial and satellite system that enables efficient and high-performance communication in the return link. For communication to be possible between a device and the satellite, a preamble has to be established. Some parameters to generate the preamble are broadcasted by the satellite without protection. It is very important to protect the preamble, because if an attacker knows the preamble he could avoid the communication. This project presents a method without the necessity of establishing the preamble in a way that ensures the communication. However, to achieve this security the trade-off is degradation of throughput and a delay in communication

    Alibi framework for identifying reactive jamming nodes in wireless LAN

    Get PDF
    Reactive jamming nodes are the nodes of the network that get compromised and become the source of jamming attacks. They assume to know any shared secrets and protocols used in the networks. Thus, they can jam very effectively and are very stealthy. We propose a novel approach to identifying the reactive jamming nodes in wireless LAN (WLAN). We rely on the half-duplex nature of nodes: they cannot transmit and receive at the same time. Thus, if a compromised node jams a packet, it cannot guess the content of the jammed packet. More importantly, if an honest node receives a jammed packet, it can prove that it cannot be the one jamming the packet by showing the content of the packet. Such proofs of jammed packets are called "alibis" - the key concept of our approach. In this paper, we present an alibi framework to deal with reactive jamming nodes in WLAN. We propose a concept of alibi-safe topologies on which our proposed identification algorithms are proved to correctly identify the attackers. We further propose a realistic protocol to implement the identification algorithm. The protocol includes a BBC-based timing channel for information exchange under the jamming situation and a similarity hashing technique to reduce the storage and network overhead. The framework is evaluated in a realistic TOSSIM simulation where the simulation characteristics and parameters are based on real traces on our small-scale MICAz test-bed. The results show that in reasonable dense networks, the alibi framework can accurately identify both non-colluding and colluding reactive jamming nodes. Therefore, the alibi approach is a very promising approach to deal with reactive jamming nodes.published or submitted for publicationnot peer reviewe

    On the Impact of Wireless Jamming on the Distributed Secondary Microgrid Control

    Full text link
    The secondary control in direct current microgrids (MGs) is used to restore the voltage deviations caused by the primary droop control, where the latter is implemented locally in each distributed generator and reacts to load variations. Numerous recent works propose to implement the secondary control in a distributed fashion, relying on a communication system to achieve consensus among MG units. This paper shows that, if the system is not designed to cope with adversary communication impairments, then a malicious attacker can apply a simple jamming of a few units of the MG and thus compromise the secondary MG control. Compared to other denial-of-service attacks that are oriented against the tertiary control, such as economic dispatch, the attack on the secondary control presented here can be more severe, as it disrupts the basic functionality of the MG
    corecore