Cognitive Networks with In-Band Full-Duplex Radios: Jamming Attacks and Countermeasures

© 2015 IEEE. Although in-band full-duplex (IBFD) radios promise to double the throughput of a wireless link, they are more vulnerable to jamming attacks than their out-of-band full-duplex (OBFD) counterparts. For two communicating OBFD nodes, a jammer needs to attack both the uplink and the downlink channels to completely break the communication link. In contrast, only one common channel needs to be jammed in the case of two IBFD nodes. Even worse, a jammer with self-interference suppression (SIS) capabilities (the underlying technique of IBFD radios) can learn the transmitters' activity while injecting interference, allowing it to react instantly to the transmitter's strategies. In this work, we consider a power-constrained IBFD 'reactive-sweep' jammer that sweeps through the set of channels by jamming a subset of them simultaneously. We model the interactions between the IBFD radios and the jammer as a stochastic constrained zero-sum Markov game in which nodes adopt the frequency hopping (FH) technique as their strategies to counter jamming attacks. Beside the IBFD transmission-reception (TR) mode, we introduce an additional operation mode, called transmission-detection (TD), in which an IBFD radio transmits and leverages its SIS capability to detect jammers. The aim of the TD mode is to make IBFD radios more cognitive to jamming. The nodes' optimal defense strategy that guides them when to hop and which operational mode (TD or TR) to use is then established from the equilibrium of the stochastic Markov game. We prove that this optimal policy has a threshold structure, in which IBFD nodes stay on the same channel up to a certain number of time slots before hopping. Simulation results show that our policy significantly improves the throughput of IBFD nodes under jamming attacks

Architecting a One-to-many Traffic-Aware and Secure Millimeter-Wave Wireless Network-in-Package Interconnect for Multichip Systems

With the aggressive scaling of device geometries, the yield of complex Multi Core Single Chip(MCSC) systems with many cores will decrease due to the higher probability of manufacturing defects especially, in dies with a large area. Disintegration of large System-on-Chips(SoCs) into smaller chips called chiplets has shown to improve the yield and cost of complex systems. Therefore, platform-based computing modules such as embedded systems and micro-servers have already adopted Multi Core Multi Chip (MCMC) architectures overMCSC architectures. Due to the scaling of memory intensive parallel applications in such systems, data is more likely to be shared among various cores residing in different chips resulting in a significant increase in chip-to-chip traffic, especially one-to-many traffic. This one-to-many traffic is originated mainly to maintain cache-coherence between many cores residing in multiple chips. Besides, one-to-many traffics are also exploited by many parallel programming models, system-level synchronization mechanisms, and control signals. How-ever, state-of-the-art Network-on-Chip (NoC)-based wired interconnection architectures do not provide enough support as they handle such one-to-many traffic as multiple unicast trafficusing a multi-hop MCMC communication fabric. As a result, even a small portion of such one-to-many traffic can significantly reduce system performance as traditional NoC-basedinterconnect cannot mask the high latency and energy consumption caused by chip-to-chipwired I/Os. Moreover, with the increase in memory intensive applications and scaling of MCMC systems, traditional NoC-based wired interconnects fail to provide a scalable inter-connection solution required to support the increased cache-coherence and synchronization generated one-to-many traffic in future MCMC-based High-Performance Computing (HPC) nodes. Therefore, these computation and memory intensive MCMC systems need an energy-efficient, low latency, and scalable one-to-many (broadcast/multicast) traffic-aware interconnection infrastructure to ensure high-performance. Research in recent years has shown that Wireless Network-in-Package (WiNiP) architectures with CMOS compatible Millimeter-Wave (mm-wave) transceivers can provide a scalable, low latency, and energy-efficient interconnect solution for on and off-chip communication. In this dissertation, a one-to-many traffic-aware WiNiP interconnection architecture with a starvation-free hybrid Medium Access Control (MAC), an asymmetric topology, and a novel flow control has been proposed. The different components of the proposed architecture are individually one-to-many traffic-aware and as a system, they collaborate with each other to provide required support for one-to-many traffic communication in a MCMC environment. It has been shown that such interconnection architecture can reduce energy consumption and average packet latency by 46.96% and 47.08% respectively for MCMC systems. Despite providing performance enhancements, wireless channel, being an unguided medium, is vulnerable to various security attacks such as jamming induced Denial-of-Service (DoS), eavesdropping, and spoofing. Further, to minimize the time-to-market and design costs, modern SoCs often use Third Party IPs (3PIPs) from untrusted organizations. An adversary either at the foundry or at the 3PIP design house can introduce a malicious circuitry, to jeopardize an SoC. Such malicious circuitry is known as a Hardware Trojan (HT). An HTplanted in the WiNiP from a vulnerable design or manufacturing process can compromise a Wireless Interface (WI) to enable illegitimate transmission through the infected WI resulting in a potential DoS attack for other WIs in the MCMC system. Moreover, HTs can be used for various other malicious purposes, including battery exhaustion, functionality subversion, and information leakage. This information when leaked to a malicious external attackercan reveals important information regarding the application suites running on the system, thereby compromising the user profile. To address persistent jamming-based DoS attack in WiNiP, in this dissertation, a secure WiNiP interconnection architecture for MCMC systems has been proposed that re-uses the one-to-many traffic-aware MAC and existing Design for Testability (DFT) hardware along with Machine Learning (ML) approach. Furthermore, a novel Simulated Annealing (SA)-based routing obfuscation mechanism was also proposed toprotect against an HT-assisted novel traffic analysis attack. Simulation results show that,the ML classifiers can achieve an accuracy of 99.87% for DoS attack detection while SA-basedrouting obfuscation could reduce application detection accuracy to only 15% for HT-assistedtraffic analysis attack and hence, secure the WiNiP fabric from age-old and emerging attacks

Robust Wireless Communication for Multi-Antenna, Multi-Rate, Multi-Carrier Systems

Abstract Today's trend of migrating radio devices from hardware to software provides potential to create flexible applications for both commercial and military use. However, this raises security concerns, as malicious attackers can also be generated easily to break legitimate communications. In this research work, our goal is to design a robust anti-jamming radio framework. We particularly investigate three different aspects of jamming threats: high-power jammers, link attacks on rate adaptation, and jamming in multicarrier systems. The threats of high-power jamming to wireless communications today are realistic due to the ease of access to powerful jamming sources such as the availability of commercial GPS/WiFi/cellular devices on the market, or RF guns built from microwave ovens' magnetron. To counter high-power jamming attacks, we develop SAIM which is a hybrid system capable of resisting jammers of up to 100,000 times higher power than legitimate communication nodes. The system robustness relies on our own antenna structure specially designed for anti-jamming purpose. We develop an efficient algorithm for auto-configuring the antenna adaptively to dynamic environments. We also devise a software-based jamming cancellation technique for appropriately extracting original signals, which is more robust than traditional MIMO approaches, as pilot signals are not required in SAIM. In spite of the robustness of SAIM, our design is more appropriate for malicious environments with powerful jammers, where mechanical steering is feasible, e.g., military applications. Residential and commercial wireless communication systems are still vulnerable to even limited-power jamming, as in today's standard wireless protocols, rate information is exposed to adversaries. Rate-based attacks have been demonstrated to severely degrade the networks at very low cost. To mitigate rate-based attacks, we develop CBM, a system capable of hiding rate and -at the same time -increasing resiliency against jammers up to seven times higher than regular systems, where rate is exposed. We achieve the resiliency boost by generalizing Trellis Coded Modulation to allow non-uniform codeword mapping. We develop an efficient algorithm for finding good non-uniform codes for all modulations in {BPSK, QPSK, 8-PSK, 16-QAM, 64-QAM}. To conceal rate information, we devise an efficient method for generating cryptographic interleaving functions. In recently deployed communication networks such as WiFi and LTE systems, MIMO and OFDM are the two main techniques for increasing bandwidth efficiency. While MIMO increases the channel capacity by spatial processing on multiple received signals, OFDM mitigates impacts of dynamic variations in wide-band channels and allows frequency reuse with overlapping carriers. Synchronization is a key for high-throughput performance in MIMO and OFDM systems. In this work, we study impacts of jamming attacks specifically targeting to control channels in WiFi and LTE networks. Our study focuses on efficient techniques for both jamming and anti-jamming in multicarrier systems

Security of Electrical, Optical and Wireless On-Chip Interconnects: A Survey

The advancement of manufacturing technologies has enabled the integration of more intellectual property (IP) cores on the same system-on-chip (SoC). Scalable and high throughput on-chip communication architecture has become a vital component in today's SoCs. Diverse technologies such as electrical, wireless, optical, and hybrid are available for on-chip communication with different architectures supporting them. Security of the on-chip communication is crucial because exploiting any vulnerability would be a goldmine for an attacker. In this survey, we provide a comprehensive review of threat models, attacks, and countermeasures over diverse on-chip communication technologies as well as sophisticated architectures.Comment: 41 pages, 24 figures, 4 table