A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends

This paper examines the security vulnerabilities and threats imposed by the inherent open nature of wireless communications and to devise efficient defense mechanisms for improving the wireless network security. We first summarize the security requirements of wireless networks, including their authenticity, confidentiality, integrity and availability issues. Next, a comprehensive overview of security attacks encountered in wireless networks is presented in view of the network protocol architecture, where the potential security threats are discussed at each protocol layer. We also provide a survey of the existing security protocols and algorithms that are adopted in the existing wireless network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term evolution (LTE) systems. Then, we discuss the state-of-the-art in physical-layer security, which is an emerging technique of securing the open communications environment against eavesdropping attacks at the physical layer. We also introduce the family of various jamming attacks and their counter-measures, including the constant jammer, intermittent jammer, reactive jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the integration of physical-layer security into existing authentication and cryptography mechanisms for further securing wireless networks. Finally, some technical challenges which remain unresolved at the time of writing are summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201

Contributions to the security of cognitive radio networks

The increasing emergence of wireless applications along with the static spectrum allocation followed by regulatory bodies has led to a high inefficiency in spectrum usage, and the lack of spectrum for new services. In this context, Cognitive Radio (CR) technology has been proposed as a possible solution to reuse the spectrum being underutilized by licensed services. CRs are intelligent devices capable of sensing the medium and identifying those portions of the spectrum being unused. Based on their current perception of the environment and on that learned from past experiences, they can optimally tune themselves with regard to parameters such as frequency, coding and modulation, among others. Due to such properties, Cognitive Radio Networks (CRNs) can act as secondary users of the spectrum left unused by their legal owners or primary users, under the requirement of not interfering primary communications. The successful deployment of these networks relies on the proper design of mechanisms in order to efficiently detect spectrum holes, adapt to changing environment conditions and manage the available spectrum. Furthermore, the need for addressing security issues is evidenced by two facts. First, as for any other type of wireless network, the air is used as communications medium and can easily be accessed by attackers. On the other hand, the particular attributes of CRNs offer new opportunities to malicious users, ranging from providing wrong information on the radio environment to disrupting the cognitive mechanisms, which could severely undermine the operation of these networks. In this Ph.D thesis we have approached the challenge of securing Cognitive Radio Networks. Because CR technology is still evolving, to achieve this goal involves not only providing countermeasures for existing attacks but also to identify new potential threats and evaluate their impact on CRNs performance. The main contributions of this thesis can be summarized as follows. First, a critical study on the State of the Art in this area is presented. A qualitative analysis of those threats to CRNs already identified in the literature is provided, and the efficacy of existing countermeasures is discussed. Based on this work, a set of guidelines are designed in order to design a detection system for the main threats to CRNs. Besides, a high level description of the components of this system is provided, being it the second contribution of this thesis. The third contribution is the proposal of a new cross-layer attack to the Transmission Control Protocol (TCP) in CRNs. An analytical model of the impact of this attack on the throughput of TCP connections is derived, and a set of countermeasures in order to detect and mitigate the effect of such attack are proposed. One of the main threats to CRNs is the Primary User Emulation (PUE) attack. This attack prevents CRNs from using available portions of the spectrum and can even lead to a Denial of Service (DoS). In the fourth contribution of this the method is proposed in order to deal with such attack. The method relies on a set of time measures provided by the members of the network and allows estimating the position of an emitter. This estimation is then used to determine the legitimacy of a given transmission and detect PUE attacks. Cooperative methods are prone to be disrupted by malicious nodes reporting false data. This problem is addressed, in the context of cooperative location, in the fifth and last contribution of this thesis. A method based on Least Median Squares (LMS) fitting is proposed in order to detect forged measures and make the location process robust to them. The efficiency and accuracy of the proposed methodologies are demonstrated by means of simulation

Adversarial Attack on Radar-based Environment Perception Systems

Due to their robustness to degraded capturing conditions, radars are widely used for environment perception, which is a critical task in applications like autonomous vehicles. More specifically, Ultra-Wide Band (UWB) radars are particularly efficient for short range settings as they carry rich information on the environment. Recent UWB-based systems rely on Machine Learning (ML) to exploit the rich signature of these sensors. However, ML classifiers are susceptible to adversarial examples, which are created from raw data to fool the classifier such that it assigns the input to the wrong class. These attacks represent a serious threat to systems integrity, especially for safety-critical applications. In this work, we present a new adversarial attack on UWB radars in which an adversary injects adversarial radio noise in the wireless channel to cause an obstacle recognition failure. First, based on signals collected in real-life environment, we show that conventional attacks fail to generate robust noise under realistic conditions. We propose a-RNA, i.e., Adversarial Radio Noise Attack to overcome these issues. Specifically, a-RNA generates an adversarial noise that is efficient without synchronization between the input signal and the noise. Moreover, a-RNA generated noise is, by-design, robust against pre-processing countermeasures such as filtering-based defenses. Moreover, in addition to the undetectability objective by limiting the noise magnitude budget, a-RNA is also efficient in the presence of sophisticated defenses in the spectral domain by introducing a frequency budget. We believe this work should alert about potentially critical implementations of adversarial attacks on radar systems that should be taken seriously

Demand-driven movement strategy for moving beacons in distributed sensor localization

n a wireless sensor network, range-free localization with a moving beacon can reduce susceptibility to communication noises while concomitantly eliminate need for large number of expensive anchor nodes that are vulnerable to malicious attacks. This paper presents a moving beacon aided range-free localization technique, which is capable of estimating the location of a sensor with high accuracy. A novel distributed localization scheme is designed to optimally determine beacon movement strategy according to user demand. Superiority of this scheme to the state-of-the-art has been established in terms of location estimation quality, measured by the theoretical expected maximum error and simulated mean error while optimizing the beacon location density or traversal path length

Emerging Communications for Wireless Sensor Networks

Wireless sensor networks are deployed in a rapidly increasing number of arenas, with uses ranging from healthcare monitoring to industrial and environmental safety, as well as new ubiquitous computing devices that are becoming ever more pervasive in our interconnected society. This book presents a range of exciting developments in software communication technologies including some novel applications, such as in high altitude systems, ground heat exchangers and body sensor networks. Authors from leading institutions on four continents present their latest findings in the spirit of exchanging information and stimulating discussion in the WSN community worldwide

Resilient networking in wireless sensor networks

This report deals with security in wireless sensor networks (WSNs), especially in network layer. Multiple secure routing protocols have been proposed in the literature. However, they often use the cryptography to secure routing functionalities. The cryptography alone is not enough to defend against multiple attacks due to the node compromise. Therefore, we need more algorithmic solutions. In this report, we focus on the behavior of routing protocols to determine which properties make them more resilient to attacks. Our aim is to find some answers to the following questions. Are there any existing protocols, not designed initially for security, but which already contain some inherently resilient properties against attacks under which some portion of the network nodes is compromised? If yes, which specific behaviors are making these protocols more resilient? We propose in this report an overview of security strategies for WSNs in general, including existing attacks and defensive measures. In this report we focus at the network layer in particular, and an analysis of the behavior of four particular routing protocols is provided to determine their inherent resiliency to insider attacks. The protocols considered are: Dynamic Source Routing (DSR), Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing (RWR)