Survey on Security Management of Multiple Spoofing Attackers in Wireless Networks

Wireless spoofing attacks are simple to introduce and can importantly impact the performance of networks. In this paper, we propose to use spatial information a physical property related to every node, complex to mispresent and self reliant on cryptography, as the initializing for detecting spoofing attacks determining the number of attackers when multiple opponent masquerading as the same node identity and localizing multiple adversaries We propose to use the spatial correlation of received signal strength (RSS) inherited from wireless nodes to detect the spoofing attacks. For determining the number of attackers we are using cluster based mechanism. To localize the positions of multiple attackers, we have developed an integrated detection and localization system. The generated localization results with a representative set of algorithms provide strong evidence of high accuracy of localizing multiple adversaries. As the wireless networks are easily susceptible for various types of spoofing attacks, basically this paper focuses on Identity-based spoofing attacks and the enhanced and efficient techniques to secure from such attacks

Detection and Localization of Multiple Spoofing using GADE and IDOL in WSN

Abstract Wireless spoofing attacks are easy to launch and can significantly impact the performance of networks. Although the identity of a node can be verified through cryptographic authentication, conventional security approaches are not always desirable because of their overhead requirements. Spatial information, a physical property associated with each node, that is hard to falsify, and not reliant on cryptography is used, as the basis for 1) detecting spoofing attacks; 2) determining the number of attackers when multiple adversaries masquerading as the same node identity; and 3) localizing multiple adversaries. Thus received signal strength (RSS) is inherited from wireless nodes to detect the spoofing attacks. Cluster-based mechanisms are developed to determine the number of attackers. In addition, an integrated detection and localization system is developed that can localize the positions of multiple attackers. Thus this detection and localization results provide strong evidence in detecting multiple adversaries

Cluster Based Intrusion Detection Technique for Wireless Networks

Wireless networks are vulnerable to spoofing attacks, which allows for many other forms of attacks on the networks. Although th e identity of a node can be verified through cryptographic authentication, authentication is not always possible because it requires key management and additional infrastructural overhead. In this paper we propose a method for both detect ing spoofing attacks, as well as locating the positions of adversaries performing the attacks. We propose to use the spatial correlation of received signal strength (RSS) inherited from wireless nodes to detect the spoofing attacks. We then formulate the problem of determin ing the number of attackers as a multiclass detection problem. Cluster - based mechanisms are developed to determine the number of attackers. When the training data are available, we explore using the Support Vector Machines (SVM) method to further improve t he accuracy of determining the number of attackers. In addition, we developed an integrated detection and localization system that can localize the positions of multiple attackers. We evaluated our techniques through two test beds using both an 802.11 ( Wi - Fi ) network and an 802.15.4 network in two real office buildings. Our experimental results show that our proposed methods can achieve over 90 percent Hit Rate and Precision when determining the number of attackers. Our localizatio n results using a represen tative set of algorithms provide strong evidence of high accuracy of localizing multiple adversaries

Detection and Localization of IDS Based Spoofing Attackers in Wireless Sensor Networks

A Wireless sensor network consists of a series of sensing devices. These track parameters such as those required for tracking and surveillance and then effectively passes on this information with other such sensors over a specific geographical area within the wireless network. The problem with traditional wireless networks lies in the way that they are positioned in an unattended manner, being controlled remotely by the network operator. This opens up a pathway for attackers, which compromise and capture wireless nodes and launch a variety of attacks that impair the functioning of the system. The proposed system aims to localize and cluster these nodes together, according to their position, wherein the cluster head acts as an Intrusion Detection system by monitoring node behavior such as packet transmission. This information is used to identify the attacked nodes in the wireless sensor network

Reduction of secondary lobes in joint angle and delay estimation in angle of arrival localization to detect MAC address spoofing in wireless networks

in this paper, we solve the problem of  secondary lobes that are due to noise that comes from constructive and destructive multipath interference that are resulted in received signal strength (RSS) variation over time. This is to develop a very efficient localization algorithm that uses a unique fingerprint angle of arrivals (AOAs), in a specified range, with associated time delays (TDs), in the surrounded sparsity design promoting multipath parameter (i.e:RSS). We solve this problem to detect physical identity spoofing of nodes in radio wireless networks, and localize adversaries and jammers of wireless networks. All radio waves are vulnerable to many types of attacks due to the ability to capture them and sniff or eavesdropping on them in the open space. Physical identity spoofing is used to launch many types of attacks against wireless networks like Denial of Service (DOS), Man-In-The-Middle and Session Hijacking and eavesdropping. Eavesdropping is a human-based social engineering attack. Active adversaries are able to jam and eavesdrop simultaneously, while passive adversaries can only eavesdrop on passed signals. In TCP/IP protocol for example, Media Access Card (MAC) Address is transferred in 802.11 frames. Detection process was carried out by analyzing electromagnetic radio waves that are used to transfer data, in the form of radio wave signals that are formed by the modulation process which mixes the electromagnetic wave, with another one of different frequency or amplitude to produce the signal with a specified pattern of frequency and amplitude. We depended on the angle of arrival of vectors and time delay across scattered areas in the surrounded space to solve the problem of co-location in detection and localization of jammers. We used Maximum Likelihood (ML) angle of arrival determination because ML approaches, known to their higher accuracy and enhanced resolution capabilities. And we assessed their computational complexity that was considered as the major drawback for designers to their implementation in practice.   Our solution was tested on a jammer that changed the signal strength of received signal at the receiver at an angle of arrival 30 degree. And we used scatterers density to determine the angle of arrival of the sender. The simulation has observed that the power of the received signal has changed from the range of angles 20 to 40 degrees. We used scatterers because they describe the density of the signal power, and also enhance the signal to noise ratio, that resulted from the multipath fading of the signal strength. And also overcoming the problem of secondary lobes that are due to signal propagation, while determining the angle of arrival of a signal sender. So, we developed a new passive technique to detect MAC address spoofing based on angle of arrival localization. And assessed the computation complexity of the localization technique through depending on a range angle to estimate the angle of arrival of the adversary within it. And we reduced number of secondary lobes, and their peaks, in the importance function, while determining the angle of arrival, and so increasing the accuracy of angle of arrival measurement. We compared our work to other techniques and find that our technique is better than these techniques

Authenticating Users Through Fine-Grained Channel Information

User authentication is the critical first step in detecting identity-based attacks and preventing subsequent malicious attacks. However, the increasingly dynamic mobile environments make it harder to always apply cryptographic-based methods for user authentication due to their infrastructural and key management overhead. Exploiting non-cryptographic based techniques grounded on physical layer properties to perform user authentication appears promising. In this work, the use of channel state information (CSI), which is available from off-the-shelf WiFi devices, to perform fine-grained user authentication is explored. Particularly, a user-authentication framework that can work with both stationary and mobile users is proposed. When the user is stationary, the proposed framework builds a user profile for user authentication that is resilient to the presence of a spoofer. The proposed machine learning based user-authentication techniques can distinguish between two users even when they possess similar signal fingerprints and detect the existence of a spoofer. When the user is mobile, it is proposed to detect the presence of a spoofer by examining the temporal correlation of CSI measurements. Both office building and apartment environments show that the proposed framework can filter out signal outliers and achieve higher authentication accuracy compared with existing approaches using received signal strength (RSS)

Secure location-aware communications in energy-constrained wireless networks

Wireless ad hoc network has enabled a variety of exciting civilian, industrial and military applications over the past few years. Among the many types of wireless ad hoc networks, Wireless Sensor Networks (WSNs) has gained popularity because of the technology development for manufacturing low-cost, low-power, multi-functional motes. Compared with traditional wireless network, location-aware communication is a very common communication pattern and is required by many applications in WSNs. For instance, in the geographical routing protocol, a sensor needs to know its own and its neighbors\u27 locations to forward a packet properly to the next hop. The application-aware communications are vulnerable to many malicious attacks, ranging from passive eavesdropping to active spoofing, jamming, replaying, etc. Although research efforts have been devoted to secure communications in general, the properties of energy-constrained networks pose new technical challenges: First, the communicating nodes in the network are always unattended for long periods without physical maintenance, which makes their energy a premier resource. Second, the wireless devices usually have very limited hardware resources such as memory, computation capacity and communication range. Third, the number of nodes can be potentially of very high magnitude. Therefore, it is infeasible to utilize existing secure algorithms designed for conventional wireless networks, and innovative mechanisms should be designed in a way that can conserve power consumption, use inexpensive hardware and lightweight protocols, and accommodate with the scalability of the network. In this research, we aim at constructing a secure location-aware communication system for energy-constrained wireless network, and we take wireless sensor network as a concrete research scenario. Particularly, we identify three important problems as our research targets: (1) providing correct location estimations for sensors in presence of wormhole attacks and pollution attacks, (2) detecting location anomalies according to the application-specific requirements of the verification accuracy, and (3) preventing information leakage to eavesdroppers when using network coding for multicasting location information. Our contributions of the research are as follows: First, we propose two schemes to improve the availability and accuracy of location information of nodes. Then, we study monitoring and detection techniques and propose three lightweight schemes to detect location anomalies. Finally, we propose two network coding schemes which can effectively prevent information leakage to eavesdroppers. Simulation results demonstrate the effectiveness of our schemes in enhancing security of the system. Compared to previous works, our schemes are more lightweight in terms of hardware cost, computation overhead and communication consumptions, and thus are suitable for energy-constrained wireless networks

Security of Electrical, Optical and Wireless On-Chip Interconnects: A Survey

The advancement of manufacturing technologies has enabled the integration of more intellectual property (IP) cores on the same system-on-chip (SoC). Scalable and high throughput on-chip communication architecture has become a vital component in today's SoCs. Diverse technologies such as electrical, wireless, optical, and hybrid are available for on-chip communication with different architectures supporting them. Security of the on-chip communication is crucial because exploiting any vulnerability would be a goldmine for an attacker. In this survey, we provide a comprehensive review of threat models, attacks, and countermeasures over diverse on-chip communication technologies as well as sophisticated architectures.Comment: 41 pages, 24 figures, 4 table