Novel Physical Layer Authentication Techniques for Secure Wireless Communications

Due to the open nature of radio propagation, information security in wireless communications has been facing more challenges compared to its counterpart in wired networks. Authentication, defined as an important aspect of information security, is the process of verifying the identity of transmitters to prevent against spoofing attacks. Traditionally, secure wireless communications is achieved by relying solely upon higher layer cryptographic mechanisms. However, cryptographic approaches based on complex mathematical calculations are inefficient and vulnerable to various types of attacks. Recently, researchers have shown that the unique properties of wireless channels can be exploited for authentication enhancement by providing additional security protection against spoofing attacks. Motivated by the vulnerability of existing higher-layer security techniques and the security advantages provided by exploring the physical link properties, five novel physical layer authentication techniques to enhance the security performance of wireless systems are proposed. The first technique exploits the inherent properties of CIR to achieve robust channel-based authentication. The second and third techniques utilize a long-range channel predictor and additional multipath delay characteristics, respectively, to enhance the CIR-based authentication. The fourth technique exploits the advantages of AF cooperative relaying to improve traditional channel-based authentication. The last technique employs an embedded confidential signaling link to secure the legitimate transmissions in OFDM systems

Performance Evaluation of Power Efficient Mechanisms on Multimedia over LTE-A Networks

Power optimization is a critical challenge in multimedia services over cellular communication systems. Long Term Evolution-Advanced (LTE-A) has been developed for higher bandwidth access for accommodating today’s heavy data applications to provide better performance. Idle mode permits cellularstations to manipulate power and sources with the aid of limiting its activity for discrete periods and this eliminates the lively requirement for handover and other ordinary operations. Also, provides a periodical method for the cell station for pending downlink traffic directed to the cellularstation and as a result gets rid network handover traffic from basically inactive cellular stations. Discontinuous Reception (DRX) has been carried out to decrease the power intake of the consumer device, and transmission of big quantity of data. At data transfer, mobile device and the network phases negotiation occur. During other times, the device turns its receiver off and enters a low power state. Thereby similarly assisting numerous services and big quantities of information transmissions. This study prepossession of a massive quantity of data. Also proposes the two-power optimization modes idle mode and DRX mode parameters to achieve maximum possible power saving with the higher quality of multimedia services. Furthermore, the effectiveness of using DRX short cycles and DRX long cycles on multimedia services and the overall performance. Using OPNET Simulator 17.5, it concluded that DRX mechanism is preferred to operate compared with the Idle mechanism, also resulted that the DRX long cycles are a very good choice for all multimedia services and the overall network performance

Spectrum Sharing, Latency, and Security in 5G Networks with Application to IoT and Smart Grid

The surge of mobile devices, such as smartphones, and tables, demands additional capacity. On the other hand, Internet-of-Things (IoT) and smart grid, which connects numerous sensors, devices, and machines require ubiquitous connectivity and data security. Additionally, some use cases, such as automated manufacturing process, automated transportation, and smart grid, require latency as low as 1 ms, and reliability as high as 99.99\%. To enhance throughput and support massive connectivity, sharing of the unlicensed spectrum (3.5 GHz, 5GHz, and mmWave) is a potential solution. On the other hand, to address the latency, drastic changes in the network architecture is required. The fifth generation (5G) cellular networks will embrace the spectrum sharing and network architecture modifications to address the throughput enhancement, massive connectivity, and low latency. To utilize the unlicensed spectrum, we propose a fixed duty cycle based coexistence of LTE and WiFi, in which the duty cycle of LTE transmission can be adjusted based on the amount of data. In the second approach, a multi-arm bandit learning based coexistence of LTE and WiFi has been developed. The duty cycle of transmission and downlink power are adapted through the exploration and exploitation. This approach improves the aggregated capacity by 33\%, along with cell edge and energy efficiency enhancement. We also investigate the performance of LTE and ZigBee coexistence using smart grid as a scenario. In case of low latency, we summarize the existing works into three domains in the context of 5G networks: core, radio and caching networks. Along with this, fundamental constraints for achieving low latency are identified followed by a general overview of exemplary 5G networks. Besides that, a loop-free, low latency and local-decision based routing protocol is derived in the context of smart grid. This approach ensures low latency and reliable data communication for stationary devices. To address data security in wireless communication, we introduce a geo-location based data encryption, along with node authentication by k-nearest neighbor algorithm. In the second approach, node authentication by the support vector machine, along with public-private key management, is proposed. Both approaches ensure data security without increasing the packet overhead compared to the existing approaches

A security protocol for authentication of binding updates in Mobile IPv6.

Wireless communication technologies have come along way, improving with every generational leap. As communications evolve so do the system architectures, models and paradigms. Improvements have been seen in the jump from 2G to 3G networks in terms of security. Yet these issues persist and will continue to plague mobile communications into the leap towards 4G networks if not addressed. 4G will be based on the transmission of Internet packets only, using an architecture known as mobile IP. This will feature many advantages, however security is still a fundamental issue to be resolved. One particular security issue involves the route optimisation technique, which deals with binding updates. This allows the corresponding node to by-pass the home agent router to communicate directly with the mobile node. There are a variety of security vulnerabilities with binding updates, which include the interception of data packets, which would allow an attacker to eavesdrop on its contents, breaching the users confidentiality, or to modify transmitted packets for the attackers own malicious purposes. Other possible vulnerabilities with mobile IP include address spoofing, redirection and denial of service attacks. For many of these attacks, all the attacker needs to know is the IPv6 addresses of the mobile’s home agent and the corresponding node. There are a variety of security solutions to prevent these attacks from occurring. Two of the main solutions are cryptography and authentication. Cryptography allows the transmitted data to be scrambled in an undecipherable way resulting in any intercepted packets being illegible to the attacker. Only the party possessing the relevant key will be able to decrypt the message. Authentication is the process of verifying the identity of the user or device one is in communication with. Different authentication architectures exist however many of them rely on a central server to verify the users, resulting in a possible single point of attack. Decentralised authentication mechanisms would be more appropriate for the nature of mobile IP and several protocols are discussed. However they all posses’ flaws, whether they be overly resource intensive or give away vital address data, which can be used to mount an attack. As a result location privacy is investigated in a possible attempt at hiding this sensitive data. Finally, a security solution is proposed to address the security vulnerabilities found in binding updates and attempts to overcome the weaknesses of the examined security solutions. The security protocol proposed in this research involves three new security techniques. The first is a combined solution using Cryptographically Generated Addresses and Return Routability, which are already established solutions, and then introduces a new authentication procedure, to create the Distributed Authentication Protocol to aid with privacy, integrity and authentication. The second is an enhancement to Return Routability called Dual Identity Return Routability, which provides location verification authentication for multiple identities on the same device. The third security technique is called Mobile Home Agents, which provides device and user authentication while introducing location privacy and optimised communication routing. All three security techniques can be used together or individually and each needs to be passed before the binding update is accepted. Cryptographically Generated Addresses asserts the users ownership of the IPv6 address by generating the interface identifier by computing a cryptographic one-way hash function from the users’ public key and auxiliary parameters. The binding between the public key and the address can be verified by recomputing the hash value and by comparing the hash with the interface identifier. This method proves ownership of the address, however it does not prove the address is reachable. After establishing address ownership, Return Routability would then send two security tokens to the mobile node, one directly and one via the home agent. The mobile node would then combine them together to create an encryption key called the binding key allowing the binding update to be sent securely to the correspondent node. This technique provides a validation to the mobile nodes’ location and proves its ownership of the home agent. Return Routability provides a test to verify that the node is reachable. It does not verify that the IPv6 address is owned by the user. This method is combined with Cryptographically Generated Addresses to provide best of both worlds. The third aspect of the first security solution introduces a decentralised authentication mechanism. The correspondent requests the authentication data from both the mobile node and home agent. The mobile sends the data in plain text, which could be encrypted with the binding key and the home agent sends a hash of the data. The correspondent then converts the data so both are hashes and compares them. If they are the same, authentication is successful. This provides device and user authentication which when combined with Cryptographically Generated Addresses and Return Routability create a robust security solution called the Distributed Authentication Protocol. The second new technique was designed to provide an enhancement to a current security solution. Dual Identity Return Routability builds on the concept of Return Routability by providing two Mobile IPv6 addresses on a mobile device, giving the user two separate identities. After establishing address ownership with Cryptographically Generated Addresses, Dual Identity Return Routability would then send security data to both identities, each on a separate network and each having heir own home agents, and the mobile node would then combine them together to create the binding key allowing the binding update to be sent securely to the correspondent node. This technique provides protection against address spoofing as an attacker needs two separate ip addresses, which are linked together. Spoofing only a single address will not pass this security solution. One drawback of the security techniques described, however, is that none of them provide location privacy to hide the users IP address from attackers. An attacker cannot mount a direct attack if the user is invisible. The third new security solution designed is Mobile Home Agents. These are software agents, which provide location privacy to the mobile node by acting as a proxy between it and the network. The Mobile Home Agent resides on the point of attachment and migrates to a new point of attachment at the same time as the mobile node. This provides reduced latency communication and a secure environment for the mobile node. These solutions can be used separately or combined together to form a super security solution, which is demonstrated in this thesis and attempts to provide proof of address ownership, reachability, user and device authentication, location privacy and reduction in communication latency. All these security features are design to protect against one the most devastating attacks in Mobile IPv6, the false binding update, which can allow an attacker to impersonate and deny service to the mobile node by redirecting all data packets to itself. The solutions are all simulated with different scenarios and network configurations and with a variety of attacks, which attempt to send a false binding update to the correspondent node. The results were then collected and analysed to provide conclusive proof that the proposed solutions are effective and robust in protecting against the false binding updates creating a safe and secure network for all

Real-Time Waveform Prototyping

Mobile Netzwerke der fünften Generation zeichen sich aus durch vielfältigen Anforderungen und Einsatzszenarien. Drei unterschiedliche Anwendungsfälle sind hierbei besonders relevant: 1) Industrie-Applikationen fordern Echtzeitfunkübertragungen mit besonders niedrigen Ausfallraten. 2) Internet-of-things-Anwendungen erfordern die Anbindung einer Vielzahl von verteilten Sensoren. 3) Die Datenraten für Anwendung wie z.B. der Übermittlung von Videoinhalten sind massiv gestiegen. Diese zum Teil gegensätzlichen Erwartungen veranlassen Forscher und Ingenieure dazu, neue Konzepte und Technologien für zukünftige drahtlose Kommunikationssysteme in Betracht zu ziehen. Ziel ist es, aus einer Vielzahl neuer Ideen vielversprechende Kandidatentechnologien zu identifizieren und zu entscheiden, welche für die Umsetzung in zukünftige Produkte geeignet sind. Die Herausforderungen, diese Anforderungen zu erreichen, liegen jedoch jenseits der Möglichkeiten, die eine einzelne Verarbeitungsschicht in einem drahtlosen Netzwerk bieten kann. Daher müssen mehrere Forschungsbereiche Forschungsideen gemeinsam nutzen. Diese Arbeit beschreibt daher eine Plattform als Basis für zukünftige experimentelle Erforschung von drahtlosen Netzwerken unter reellen Bedingungen. Es werden folgende drei Aspekte näher vorgestellt: Zunächst erfolgt ein Überblick über moderne Prototypen und Testbed-Lösungen, die auf großes Interesse, Nachfrage, aber auch Förderungsmöglichkeiten stoßen. Allerdings ist der Entwicklungsaufwand nicht unerheblich und richtet sich stark nach den gewählten Eigenschaften der Plattform. Der Auswahlprozess ist jedoch aufgrund der Menge der verfügbaren Optionen und ihrer jeweiligen (versteckten) Implikationen komplex. Daher wird ein Leitfaden anhand verschiedener Beispiele vorgestellt, mit dem Ziel Erwartungen im Vergleich zu den für den Prototyp erforderlichen Aufwänden zu bewerten. Zweitens wird ein flexibler, aber echtzeitfähiger Signalprozessor eingeführt, der auf einer software-programmierbaren Funkplattform läuft. Der Prozessor ermöglicht die Rekonfiguration wichtiger Parameter der physikalischen Schicht während der Laufzeit, um eine Vielzahl moderner Wellenformen zu erzeugen. Es werden vier Parametereinstellungen 'LLC', 'WiFi', 'eMBB' und 'IoT' vorgestellt, um die Anforderungen der verschiedenen drahtlosen Anwendungen widerzuspiegeln. Diese werden dann zur Evaluierung der die in dieser Arbeit vorgestellte Implementierung herangezogen. Drittens wird durch die Einführung einer generischen Testinfrastruktur die Einbeziehung externer Partner aus der Ferne ermöglicht. Das Testfeld kann hier für verschiedenste Experimente flexibel auf die Anforderungen drahtloser Technologien zugeschnitten werden. Mit Hilfe der Testinfrastruktur wird die Leistung des vorgestellten Transceivers hinsichtlich Latenz, erreichbarem Durchsatz und Paketfehlerraten bewertet. Die öffentliche Demonstration eines taktilen Internet-Prototypen, unter Verwendung von Roboterarmen in einer Mehrbenutzerumgebung, konnte erfolgreich durchgeführt und bei mehreren Gelegenheiten präsentiert werden.:List of figures List of tables Abbreviations Notations 1 Introduction 1.1 Wireless applications 1.2 Motivation 1.3 Software-Defined Radio 1.4 State of the art 1.5 Testbed 1.6 Summary 2 Background 2.1 System Model 2.2 PHY Layer Structure 2.3 Generalized Frequency Division Multiplexing 2.4 Wireless Standards 2.4.1 IEEE 802.15.4 2.4.2 802.11 WLAN 2.4.3 LTE 2.4.4 Low Latency Industrial Wireless Communications 2.4.5 Summary 3 Wireless Prototyping 3.1 Testbed Examples 3.1.1 PHY - focused Testbeds 3.1.2 MAC - focused Testbeds 3.1.3 Network - focused testbeds 3.1.4 Generic testbeds 3.2 Considerations 3.3 Use cases and Scenarios 3.4 Requirements 3.5 Methodology 3.6 Hardware Platform 3.6.1 Host 3.6.2 FPGA 3.6.3 Hybrid 3.6.4 ASIC 3.7 Software Platform 3.7.1 Testbed Management Frameworks 3.7.2 Development Frameworks 3.7.3 Software Implementations 3.8 Deployment 3.9 Discussion 3.10 Conclusion 4 Flexible Transceiver 4.1 Signal Processing Modules 4.1.1 MAC interface 4.1.2 Encoding and Mapping 4.1.3 Modem 4.1.4 Post modem processing 4.1.5 Synchronization 4.1.6 Channel Estimation and Equalization 4.1.7 Demapping 4.1.8 Flexible Configuration 4.2 Analysis 4.2.1 Numerical Precision 4.2.2 Spectral analysis 4.2.3 Latency 4.2.4 Resource Consumption 4.3 Discussion 4.3.1 Extension to MIMO 4.4 Summary 5 Testbed 5.1 Infrastructure 5.2 Automation 5.3 Software Defined Radio Platform 5.4 Radio Frequency Front-end 5.4.1 Sub 6 GHz front-end 5.4.2 26 GHz mmWave front-end 5.5 Performance evaluation 5.6 Summary 6 Experiments 6.1 Single Link 6.1.1 Infrastructure 6.1.2 Single Link Experiments 6.1.3 End-to-End 6.2 Multi-User 6.3 26 GHz mmWave experimentation 6.4 Summary 7 Key lessons 7.1 Limitations Experienced During Development 7.2 Prototyping Future 7.3 Open points 7.4 Workflow 7.5 Summary 8 Conclusions 8.1 Future Work 8.1.1 Prototyping Workflow 8.1.2 Flexible Transceiver Core 8.1.3 Experimental Data-sets 8.1.4 Evolved Access Point Prototype For Industrial Networks 8.1.5 Testbed Standardization A Additional Resources A.1 Fourier Transform Blocks A.2 Resource Consumption A.3 Channel Sounding using Chirp sequences A.3.1 SNR Estimation A.3.2 Channel Estimation A.4 Hardware part listThe demand to achieve higher data rates for the Enhanced Mobile Broadband scenario and novel fifth generation use cases like Ultra-Reliable Low-Latency and Massive Machine-type Communications drive researchers and engineers to consider new concepts and technologies for future wireless communication systems. The goal is to identify promising candidate technologies among a vast number of new ideas and to decide, which are suitable for implementation in future products. However, the challenges to achieve those demands are beyond the capabilities a single processing layer in a wireless network can offer. Therefore, several research domains have to collaboratively exploit research ideas. This thesis presents a platform to provide a base for future applied research on wireless networks. Firstly, by giving an overview of state-of-the-art prototypes and testbed solutions. Secondly by introducing a flexible, yet real-time physical layer signal processor running on a software defined radio platform. The processor enables reconfiguring important parameters of the physical layer during run-time in order to create a multitude of modern waveforms. Thirdly, by introducing a generic test infrastructure, which can be tailored to prototype diverse wireless technology and which is remotely accessible in order to invite new ideas by third parties. Using the test infrastructure, the performance of the flexible transceiver is evaluated regarding latency, achievable throughput and packet error rates.:List of figures List of tables Abbreviations Notations 1 Introduction 1.1 Wireless applications 1.2 Motivation 1.3 Software-Defined Radio 1.4 State of the art 1.5 Testbed 1.6 Summary 2 Background 2.1 System Model 2.2 PHY Layer Structure 2.3 Generalized Frequency Division Multiplexing 2.4 Wireless Standards 2.4.1 IEEE 802.15.4 2.4.2 802.11 WLAN 2.4.3 LTE 2.4.4 Low Latency Industrial Wireless Communications 2.4.5 Summary 3 Wireless Prototyping 3.1 Testbed Examples 3.1.1 PHY - focused Testbeds 3.1.2 MAC - focused Testbeds 3.1.3 Network - focused testbeds 3.1.4 Generic testbeds 3.2 Considerations 3.3 Use cases and Scenarios 3.4 Requirements 3.5 Methodology 3.6 Hardware Platform 3.6.1 Host 3.6.2 FPGA 3.6.3 Hybrid 3.6.4 ASIC 3.7 Software Platform 3.7.1 Testbed Management Frameworks 3.7.2 Development Frameworks 3.7.3 Software Implementations 3.8 Deployment 3.9 Discussion 3.10 Conclusion 4 Flexible Transceiver 4.1 Signal Processing Modules 4.1.1 MAC interface 4.1.2 Encoding and Mapping 4.1.3 Modem 4.1.4 Post modem processing 4.1.5 Synchronization 4.1.6 Channel Estimation and Equalization 4.1.7 Demapping 4.1.8 Flexible Configuration 4.2 Analysis 4.2.1 Numerical Precision 4.2.2 Spectral analysis 4.2.3 Latency 4.2.4 Resource Consumption 4.3 Discussion 4.3.1 Extension to MIMO 4.4 Summary 5 Testbed 5.1 Infrastructure 5.2 Automation 5.3 Software Defined Radio Platform 5.4 Radio Frequency Front-end 5.4.1 Sub 6 GHz front-end 5.4.2 26 GHz mmWave front-end 5.5 Performance evaluation 5.6 Summary 6 Experiments 6.1 Single Link 6.1.1 Infrastructure 6.1.2 Single Link Experiments 6.1.3 End-to-End 6.2 Multi-User 6.3 26 GHz mmWave experimentation 6.4 Summary 7 Key lessons 7.1 Limitations Experienced During Development 7.2 Prototyping Future 7.3 Open points 7.4 Workflow 7.5 Summary 8 Conclusions 8.1 Future Work 8.1.1 Prototyping Workflow 8.1.2 Flexible Transceiver Core 8.1.3 Experimental Data-sets 8.1.4 Evolved Access Point Prototype For Industrial Networks 8.1.5 Testbed Standardization A Additional Resources A.1 Fourier Transform Blocks A.2 Resource Consumption A.3 Channel Sounding using Chirp sequences A.3.1 SNR Estimation A.3.2 Channel Estimation A.4 Hardware part lis

Security and Privacy in Dynamic Spectrum Access: Challenges and Solutions

abstract: Dynamic spectrum access (DSA) has great potential to address worldwide spectrum shortage by enhancing spectrum efficiency. It allows unlicensed secondary users to access the under-utilized spectrum when the primary users are not transmitting. On the other hand, the open wireless medium subjects DSA systems to various security and privacy issues, which might hinder the practical deployment. This dissertation consists of two parts to discuss the potential challenges and solutions. The first part consists of three chapters, with a focus on secondary-user authentication. Chapter One gives an overview of the challenges and existing solutions in spectrum-misuse detection. Chapter Two presents SpecGuard, the first crowdsourced spectrum-misuse detection framework for DSA systems. In SpecGuard, three novel schemes are proposed for embedding and detecting a spectrum permit at the physical layer. Chapter Three proposes SafeDSA, a novel PHY-based scheme utilizing temporal features for authenticating secondary users. In SafeDSA, the secondary user embeds his spectrum authorization into the cyclic prefix of each physical-layer symbol, which can be detected and authenticated by a verifier. The second part also consists of three chapters, with a focus on crowdsourced spectrum sensing (CSS) with privacy consideration. CSS allows a spectrum sensing provider (SSP) to outsource the spectrum sensing to distributed mobile users. Without strong incentives and location-privacy protection in place, however, mobile users are reluctant to act as crowdsourcing workers for spectrum-sensing tasks. Chapter Four gives an overview of the challenges and existing solutions. Chapter Five presents PriCSS, where the SSP selects participants based on the exponential mechanism such that the participants' sensing cost, associated with their locations, are privacy-preserved. Chapter Six further proposes DPSense, a framework that allows the honest-but-curious SSP to select mobile users for executing spatiotemporal spectrum-sensing tasks without violating the location privacy of mobile users. By collecting perturbed location traces with differential privacy guarantee from participants, the SSP assigns spectrum-sensing tasks to participants with the consideration of both spatial and temporal factors. Through theoretical analysis and simulations, the efficacy and effectiveness of the proposed schemes are validated.Dissertation/ThesisDoctoral Dissertation Electrical Engineering 201

V-Range: Enabling Secure Ranging in 5G Wireless Networks

A number of safety- and security-critical applications such as asset tracking, smart ecosystems, autonomous vehicles and driver assistance functions, etc., are expected to benefit from the position information available through 5G. Driven by the aim to support such a wide-array of location-aware services and applications, the current release of 5G seeks to explore ranging and positioning as an integral part of 5G technology. In recent years, many attacks on positioning and ranging systems have been demonstrated, and hence it is important to build 5G systems that are resilient to distance and location manipulation attacks. No existing proposal either by 3GPP or the research community addresses the challenges of secure position estimation in 5G. In this paper, we develop V-Range, the first secure ranging system that is fully compatible with 5G standards and can be implemented directly on top of existing 5G-NR transceivers. We design V-Range, a system capable of executing secure ranging operations resilient to both distance enlargement and reduction attacks. We experimentally verify that V-Range achieves high precision, low-latency, and can operate in both the sub-6GHz and mm-wave bands intended for 5G. Our results show that an attacker cannot reduce or increase the distance by more than the imprecision of the system, without being detected with high probability

Device-to-Device Communication in 5G Cellular Networks

Owing to the unprecedented and continuous growth in the number of connected users and networked devices, the next-generation 5G cellular networks are envisaged to support enormous number of simultaneously connected users and devices with access to numerous services and applications by providing networks with highly improved data rate, higher capacity, lower end-to-end latency, improved spectral efficiency, at lower power consumption. D2D communication underlaying cellular networks has been proposed as one of the key components of the 5G technology as a means of providing efficient spectrum reuse for improved spectral efficiency and take advantage of proximity between devices for reduced latency, improved user throughput, and reduced power consumption. Although D2D communication underlaying cellular networks promises lots of potentials, unlike the conventional cellular network architecture, there are new design issues and technical challenges that must be addressed for proper implementation of the technology. These include new device discovery procedures, physical layer architecture and radio resource management schemes. This thesis explores the potentials of D2D communication as an underlay to 5G cellular networks and focuses on efficient interference management solutions through mode selection, resource allocation and power control schemes. In this work, a joint admission control, resource allocation, and power control scheme was implemented for D2D communication underlaying 5G cellular networks. The performance of the system was evaluated, and comparisons were made with similar schemes.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format