UTILIZATION OF MACHINE LEARNING TO OPTIMIZE RADIO-FREQUENCY INTERFERENCE IDENTIFICATION FOR U.S. NAVAL COMMUNICATIONS

The proliferation of electronic devices emitting radio waves has led to Radio Frequency (RF) spectrum congestion. This poses a significant threat to Department of Defense (DOD) environments, especially naval communications heavily reliant on satellite systems, which are susceptible to electromagnetic interference. The lack of sufficient interference identification and characterization capabilities further compounds the operational risks faced by naval units. This thesis investigates the utilization of machine learning (ML) techniques for interference detection in RF transmissions. With their advanced data analysis and pattern-recognition capabilities, ML algorithms can enhance interference detection and mitigation. Two architectures, a basic autoencoder and Long Short-Term Memory (LSTM) autoencoder, were evaluated for their ability to identify anomalous RF data within a dataset. The research methodology involved generating RF data with varying Additive White Gaussian Noise (AWGN) levels in a basic transmission pathway. The ML models were trained using normal RF data and evaluated on their ability to detect and classify signals with and without interference. The results demonstrate that both the basic autoencoder and LSTM autoencoder models could effectively identify interference. The LSTM autoencoders achieved a success rate of about 99%, indicating their potential use as a solution to the capabilities gap for interference identification.Approved for public release. Distribution is unlimited.Lieutenant, United States Nav

When Attackers Meet AI: Learning-empowered Attacks in Cooperative Spectrum Sensing

Defense strategies have been well studied to combat Byzantine attacks that aim to disrupt cooperative spectrum sensing by sending falsified versions of spectrum sensing data to a fusion center. However, existing studies usually assume network or attackers as passive entities, e.g., assuming the prior knowledge of attacks is known or fixed. In practice, attackers can actively adopt arbitrary behaviors and avoid pre-assumed patterns or assumptions used by defense strategies. In this paper, we revisit this security vulnerability as an adversarial machine learning problem and propose a novel learning-empowered attack framework named Learning-Evaluation-Beating (LEB) to mislead the fusion center. Based on the black-box nature of the fusion center in cooperative spectrum sensing, our new perspective is to make the adversarial use of machine learning to construct a surrogate model of the fusion center's decision model. We propose a generic algorithm to create malicious sensing data using this surrogate model. Our real-world experiments show that the LEB attack is effective to beat a wide range of existing defense strategies with an up to 82% of success ratio. Given the gap between the proposed LEB attack and existing defenses, we introduce a non-invasive method named as influence-limiting defense, which can coexist with existing defenses to defend against LEB attack or other similar attacks. We show that this defense is highly effective and reduces the overall disruption ratio of LEB attack by up to 80%

Jamming Detection in Low-BER Mobile Indoor Scenarios via Deep Learning

The current state of the art on jamming detection relies on link-layer metrics. A few examples are the bit-error-rate (BER), the packet delivery ratio, the throughput, and the increase in the signal-to-noise ratio (SNR). As a result, these techniques can only detect jamming \emph{ex-post}, i.e., once the attack has already taken down the communication link. These solutions are unfit for mobile devices, e.g., drones, which might lose the connection to the remote controller, being unable to predict the attack. Our solution is rooted in the idea that a drone unknowingly flying toward a jammed area is experiencing an increasing effect of the jamming, e.g., in terms of BER and SNR. Therefore, drones might use the above-mentioned phenomenon to detect jamming before the decrease of the BER and the increase of the SNR completely disrupt the communication link. Such an approach would allow drones and their pilots to make informed decisions and maintain complete control of navigation, enhancing security and safety. This paper proposes Bloodhound+, a solution for jamming detection on mobile devices in low-BER regimes. Our approach analyzes raw physical-layer information (I-Q samples) acquired from the wireless channel. We assemble this information into grayscale images and use sparse autoencoders to detect image anomalies caused by jamming attacks. To test our solution against a wide set of configurations, we acquired a large dataset of indoor measurements using multiple hardware, jamming strategies, and communication parameters. Our results indicate that Bloodhound+ can detect indoor jamming up to 20 meters from the jamming source at the minimum available relative jamming power, with a minimum accuracy of 99.7\%. Our solution is also robust to various sampling rates adopted by the jammer and to the type of signal used for jamming.Comment: 16 pages, 16 figures, 3 tables; Submitted and under revie

Data analytics for mobile traffic in 5G networks using machine learning techniques

This thesis collects the research works I pursued as Ph.D. candidate at the Universitat Politecnica de Catalunya (UPC). Most of the work has been accomplished at the Mobile Network Department Centre Tecnologic de Telecomunicacions de Catalunya (CTTC). The main topic of my research is the study of mobile network traffic through the analysis of operative networks dataset using machine learning techniques. Understanding first the actual network deployments is fundamental for next-generation network (5G) for improving the performance and Quality of Service (QoS) of the users. The work starts from the collection of a novel type of dataset, using an over-the-air monitoring tool, that allows to extract the control information from the radio-link channel, without harming the users’ identities. The subsequent analysis comprehends a statistical characterization of the traffic and the derivation of prediction models for the network traffic. A wide group of algorithms are implemented and compared, in order to identify the highest performances. Moreover, the thesis addresses a set of applications in the context mobile networks that are prerogatives in the future mobile networks. This includes the detection of urban anomalies, the user classification based on the demanded network services, the design of a proactive wake-up scheme for efficient-energy devices.Esta tesis recoge los trabajos de investigación que realicé como Ph.D. candidato a la Universitat Politecnica de Catalunya (UPC). La mayor parte del trabajo se ha realizado en el Centro Tecnológico de Telecomunicaciones de Catalunya (CTTC) del Departamento de Redes Móviles. El tema principal de mi investigación es el estudio del tráfico de la red móvil a través del análisis del conjunto de datos de redes operativas utilizando técnicas de aprendizaje automático. Comprender primero las implementaciones de red reales es fundamental para la red de próxima generación (5G) para mejorar el rendimiento y la calidad de servicio (QoS) de los usuarios. El trabajo comienza con la recopilación de un nuevo tipo de conjunto de datos, utilizando una herramienta de monitoreo por aire, que permite extraer la información de control del canal de radioenlace, sin dañar las identidades de los usuarios. El análisis posterior comprende una caracterización estadística del tráfico y la derivación de modelos de predicción para el tráfico de red. Se implementa y compara un amplio grupo de algoritmos para identificar los rendimientos más altos. Además, la tesis aborda un conjunto de aplicaciones en el contexto de redes móviles que son prerrogativas en las redes móviles futuras. Esto incluye la detección de anomalías urbanas, la clasificación de usuarios basada en los servicios de red demandados, el diseño de un esquema de activación proactiva para dispositivos de energía eficiente.Postprint (published version

Unsupervised Machine Learning for Networking:Techniques, Applications and Research Challenges

While machine learning and artificial intelligence have long been applied in networking research, the bulk of such works has focused on supervised learning. Recently there has been a rising trend of employing unsupervised machine learning using unstructured raw network data to improve network performance and provide services such as traffic engineering, anomaly detection, Internet traffic classification, and quality of service optimization. The interest in applying unsupervised learning techniques in networking emerges from their great success in other fields such as computer vision, natural language processing, speech recognition, and optimal control (e.g., for developing autonomous self-driving cars). Unsupervised learning is interesting since it can unconstrain us from the need of labeled data and manual handcrafted feature engineering thereby facilitating flexible, general, and automated methods of machine learning. The focus of this survey paper is to provide an overview of the applications of unsupervised learning in the domain of networking. We provide a comprehensive survey highlighting the recent advancements in unsupervised learning techniques and describe their applications for various learning tasks in the context of networking. We also provide a discussion on future directions and open research issues, while also identifying potential pitfalls. While a few survey papers focusing on the applications of machine learning in networking have previously been published, a survey of similar scope and breadth is missing in literature. Through this paper, we advance the state of knowledge by carefully synthesizing the insights from these survey papers while also providing contemporary coverage of recent advances

Unsupervised Machine Learning for Networking:Techniques, Applications and Research Challenges

While machine learning and artificial intelligence have long been applied in networking research, the bulk of such works has focused on supervised learning. Recently, there has been a rising trend of employing unsupervised machine learning using unstructured raw network data to improve network performance and provide services such as traffic engineering, anomaly detection, Internet traffic classification, and quality of service optimization. The interest in applying unsupervised learning techniques in networking emerges from their great success in other fields such as computer vision, natural language processing, speech recognition, and optimal control (e.g., for developing autonomous self-driving cars). Unsupervised learning is interesting since it can unconstrain us from the need of labeled data and manual handcrafted feature engineering thereby facilitating flexible, general, and automated methods of machine learning. The focus of this survey paper is to provide an overview of the applications of unsupervised learning in the domain of networking. We provide a comprehensive survey highlighting the recent advancements in unsupervised learning techniques and describe their applications in various learning tasks in the context of networking. We also provide a discussion on future directions and open research issues, while also identifying potential pitfalls. While a few survey papers focusing on the applications of machine learning in networking have previously been published, a survey of similar scope and breadth is missing in literature. Through this paper, we advance the state of knowledge by carefully synthesizing the insights from these survey papers while also providing contemporary coverage of recent advances

Signal classification at discrete frequencies using machine learning

Incidents such as the 2018 shut down of Gatwick Airport due to a small Unmanned Aerial System (UAS) airfield incursion, have shown that we don’t have routine and consistent detection and classification methods in place to recognise unwanted signals in an airspace. Today, incidents of this nature are taking place around the world regularly. The first stage in mitigating a threat is to know whether a threat is present. This thesis focuses on the detection and classification of Global Navigation Satellite Systems (GNSS) jamming radio frequency (RF) signal types and small commercially available UAS RF signals using machine learning for early warning systems. RF signals can be computationally heavy and sometimes sensitive to collect. With neural networks requiring a lot of information to train from scratch, the thesis explores the use of transfer learning from the object detection field to lessen this burden by using graphical representations of the signal in the frequency and time domain. The thesis shows that utilising the benefits of transfer learning with both supervised and unsupervised learning and graphical signal representations, can provide high accuracy detection and classification, down to the fidelity of whether a small UAS is flying or stationary. By treating the classification of RF signals as an image classification problem, this thesis has shown that transfer learning through CNN feature extraction reduces the need for large datasets while still providing high accuracy results. CNN feature extraction and transfer learning was also shown to improve accuracy as a precursor to unsupervised learning but at a cost of time, while raw images provided a good overall solution for timely clustering. Lastly the thesis has shown that the implementation of machine learning models using a raspberry pi and software defined radio (SDR) provides a viable option for low cost early warning systems

The University Defence Research Collaboration In Signal Processing

This chapter describes the development of algorithms for automatic detection of anomalies from multi-dimensional, undersampled and incomplete datasets. The challenge in this work is to identify and classify behaviours as normal or abnormal, safe or threatening, from an irregular and often heterogeneous sensor network. Many defence and civilian applications can be modelled as complex networks of interconnected nodes with unknown or uncertain spatio-temporal relations. The behavior of such heterogeneous networks can exhibit dynamic properties, reflecting evolution in both network structure (new nodes appearing and existing nodes disappearing), as well as inter-node relations. The UDRC work has addressed not only the detection of anomalies, but also the identification of their nature and their statistical characteristics. Normal patterns and changes in behavior have been incorporated to provide an acceptable balance between true positive rate, false positive rate, performance and computational cost. Data quality measures have been used to ensure the models of normality are not corrupted by unreliable and ambiguous data. The context for the activity of each node in complex networks offers an even more efficient anomaly detection mechanism. This has allowed the development of efficient approaches which not only detect anomalies but which also go on to classify their behaviour

Intelligent Lower-Layer Denial-of-Service Attacks Against Cellular Vehicle-to-Everything

Vehicle-to-everything (V2X) communication promises a wide range of benefits for society. Within future V2X-enabled intelligent transportation systems, vehicle-to-vehicle (V2V) communication will allow vehicles to directly exchange messages, improving their situational awareness and allowing drivers or (semi-)autonomous vehicles to avoid collisions, particularly in non-line-of-sight scenarios. Thus, V2V has the potential to reduce annual vehicular crashes and fatalities by hundreds of thousands. Cellular Vehicle-to-Everything (C-V2X) is rapidly supplanting older V2V protocols and will play a critical role in achieving these outcomes. As extremely low latency is required to facilitate split-second collision avoidance maneuvers, ensuring the availability of C-V2X is imperative for safe and secure intelligent transportation systems. However, little work has analyzed the physical- (PHY) and MAC-layer resilience of C-V2X against intelligent, protocol-aware denial-of-service (DoS) attacks by stealthy adversaries. In this thesis, we expose fundamental security vulnerabilities in the PHY- and MAC-layer designs of C-V2X and demonstrate how they can be exploited to devastating effect by devising two novel, intelligent DoS attacks against C-V2X: targeted sidelink jamming and sidelink resource exhaustion. Our attacks demonstrate different ways an intelligent adversary can dramatically degrade the availability of C-V2X for one or many vehicles, increasing the likelihood of fatal vehicle collisions. Through hardware experiments with software-defined radios (SDRs) and state-of-the-art C-V2X devices in combination with extensive MATLAB simulation, we demonstrate the viability and effectiveness of our attacks. We show that targeted sidelink jamming can reduce a targeted vehicle\u27s packet delivery ratio by 90% in a matter of seconds, while sidelink resource exhaustion can reduce C-V2X channel throughput by up to 50% in similarly short order. We further provide and validate detection techniques for each attack based on cluster and regression analysis techniques and propose promising, preliminary approaches to mitigate the underlying vulnerabilities that we expose in the PHY/MAC layers of C-V2X