CheckShake: Passively Detecting Anomaly in Wi-Fi Security Handshake using Gradient Boosting based Ensemble Learning

Recently, a number of attacks have been demonstrated (like key reinstallation attack, called KRACK) on WPA2 protocol suite in Wi-Fi WLAN. As the firmware of the WLAN devices in the context of IoT, industrial systems, and medical devices is often not patched, detecting and preventing such attacks is challenging. In this paper, we design and implement a system, called CheckShake, to passively detect anomalies in the handshake of Wi-Fi security protocols, in particular WPA2, between a client and an access point using COTS radios. Our proposed system works without decrypting any traffic. It passively monitors multiple wireless channels in parallel in the neighborhood and uses a state machine model to characterize and detect the attacks. In particular, we develop a state machine model for grouping Wi-Fi handshake packets and then perform deep packet inspection to identify the symptoms of the anomaly in specific stages of a handshake session. Our implementation of CheckShake does not require any modification to the firmware of the client or the access point or the COTS devices, it only requires to be physically placed within the range of the access point and its clients. We use both the publicly available dataset and our own data set for performance analysis of CheckShake. Using gradient boosting-based supervised machine learning models, we show that an accuracy around 93.39% and a false positive rate of 5.08% can be achieved using CheckShak

A Detailed Characterization of 60 GHz Wi-Fi (IEEE 802.11ad)

The emergence of wireless local area network (WLAN) standards and the global system of mobile communication (GSM) in the early 1990s incited tremendous growth in the demand for wireless connectivity. Iterative technological enhancements to cellular and WLAN improved wireless capacity and created a breadth of new mobile applications. The continued increase in display resolutions and image quality combined with streaming displacing satellite/cable has created unprecedented demands on wireless infrastructure. Data-caps on cellular networks deter over consumption and increasingly shift the growing burden to Wi-Fi networks. The traditional 2.4/5 GHz Wi-Fi bands have become overloaded and the increasing number of wireless devices in the home, public, and workplace create difficult challenges to deliver quality service to large numbers of client stations. In dense urban areas, the wireless medium is subjected to increased interference due to overlapping networks and other devices communicating in the same frequency bands. Improvements to conventional Wi-Fi are approaching their theoretical limits and higher order enhancements require idealized conditions which are seldom attainable in practice. In an effort to supplant to scaling capacity requirements a very high frequency WLAN amendment has been proposed (IEEE 802.11ad). IEEE 802.11ad, also referred to as Wireless Gigabit (WiGig), operates in the globally unlicensed 60 GHz band and offers channel bandwidths nearly 100x as wide as 802.11n. The higher bandwidth facilitates multi-Gbps throughput even with the use of lower complexity modulation coding schemes (MCS). IEEE 802.11ad relies heavily on rate adaptation and high beamforming gain to mitigate interference and fading as signals in the 60 GHz band suffer from higher atmospheric ab- sorption and free space path loss (FSPL). Due to the unique nature of 60 GHz wireless there have been numerous research efforts. Many studies have been directed at simulation and modeling of the 60 GHz channel. However modeling the channel is difficult as real- world environments are highly dynamic with varying link quality and conditions which cannot be accurately predicted by conventional techniques. Some research is focused on medium access control (MAC) enhancements to improve overall capacity by coordinating concurrent links or reducing communication overhead for example. Lastly, there has been a limited amount of real world testing of 802.11ad due to lack of availability of commercial platforms and measurement instrumentation. Some researchers tested early generation devices in certain use cases such as in vehicles for media streaming, in data centers to augment the wired network, or in basic indoor and outdoor environments. This research contains two main components. In the first study, analytical models are applied to estimate line of sight (LOS) 802.11ad performance for realistic antenna param- eters. The second part contains a comprehensive evaluation of performance and reliability of early generation 802.11ad hardware. This characterization emphasizes environmen- tal performance (e.g. conference room, cubical farm, open office), multiple-client testing (multiclient), multiple network interference (spatial re-use), and stability in the presence of station mobility, physical obstructions, and antenna misalignment. In order to evaluate 802.11ad, early generation platforms from technology vendors were used in extensive test suites. The hardware tested included docks for wireless personal area networking (WPAN) applications, client laptop stations, and reference design access points (APs). Finally, a customized proof-of-concept (PoC) platform was engineered which allowed finer control over front end antenna configuration parameters such as: topology, placement and orienta- tion. The PoC also served as a suitable means to identify practical limitations and system design engineering challenges associated with supporting directional multi-Gbps (DMG) communication in the 60 GHz band

Enable Reliable and Secure Data Transmission in Resource-Constrained Emerging Networks

The increasing deployment of wireless devices has connected humans and objects all around the world, benefiting our daily life and the entire society in many aspects. Achieving those connectivity motivates the emergence of different types of paradigms, such as cellular networks, large-scale Internet of Things (IoT), cognitive networks, etc. Among these networks, enabling reliable and secure data transmission requires various resources including spectrum, energy, and computational capability. However, these resources are usually limited in many scenarios, especially when the number of devices is considerably large, bringing catastrophic consequences to data transmission. For example, given the fact that most of IoT devices have limited computational abilities and inadequate security protocols, data transmission is vulnerable to various attacks such as eavesdropping and replay attacks, for which traditional security approaches are unable to address. On the other hand, in the cellular network, the ever-increasing data traffic has exacerbated the depletion of spectrum along with the energy consumption. As a result, mobile users experience significant congestion and delays when they request data from the cellular service provider, especially in many crowded areas. In this dissertation, we target on reliable and secure data transmission in resource-constrained emerging networks. The first two works investigate new security challenges in the current heterogeneous IoT environment, and then provide certain countermeasures for reliable data communication. To be specific, we identify a new physical-layer attack, the signal emulation attack, in the heterogeneous environment, such as smart home IoT. To defend against the attack, we propose two defense strategies with the help of a commonly found wireless device. In addition, to enable secure data transmission in large-scale IoT network, e.g., the industrial IoT, we apply the amply-and-forward cooperative communication to increase the secrecy capacity by incentivizing relay IoT devices. Besides security concerns in IoT network, we seek data traffic alleviation approaches to achieve reliable and energy-efficient data transmission for a group of users in the cellular network. The concept of mobile participation is introduced to assist data offloading from the base station to users in the group by leveraging the mobility of users and the social features among a group of users. Following with that, we deploy device-to-device data offloading within the group to achieve the energy efficiency at the user side while adapting to their increasing traffic demands. In the end, we consider a perpendicular topic - dynamic spectrum access (DSA) - to alleviate the spectrum scarcity issue in cognitive radio network, where the spectrum resource is limited to users. Specifically, we focus on the security concerns and further propose two physical-layer schemes to prevent spectrum misuse in DSA in both additive white Gaussian noise and fading environments

Telemedicine

Telemedicine is a rapidly evolving field as new technologies are implemented for example for the development of wireless sensors, quality data transmission. Using the Internet applications such as counseling, clinical consultation support and home care monitoring and management are more and more realized, which improves access to high level medical care in underserved areas. The 23 chapters of this book present manifold examples of telemedicine treating both theoretical and practical foundations and application scenarios

Rapid Response Command and Control (R2C2): a systems engineering analysis of scaleable communications for Regional Combatant Commanders

Includes supplementary materialDisaster relief operations, such as the 2005 Tsunami and Hurricane Katrina, and wartime operations, such as Operation Enduring Freedom and Operation Iraqi Freedom, have identified the need for a standardized command and control system interoperable among Joint, Coalition, and Interagency entities. The Systems Engineering Analysis Cohort 9 (SEA-9) Rapid Response Command and Control (R2C2) integrated project team completed a systems engineering (SE) process to address the military’s command and control capability gap. During the process, the R2C2 team conducted mission analysis, generated requirements, developed and modeled architectures, and analyzed and compared current operational systems versus the team’s R2C2 system. The R2C2 system provided a reachback capability to the Regional Combatant Commander’s (RCC) headquarters, a local communications network for situational assessments, and Internet access for civilian counterparts participating in Humanitarian Assistance/Disaster Relief operations. Because the team designed the R2C2 system to be modular, analysis concluded that the R2C2 system was the preferred method to provide the RCC with the required flexibility and scalability to deliver a rapidly deployable command and control capability to perform the range of military operations

Secure Data Collection and Analysis in Smart Health Monitoring

Smart health monitoring uses real-time monitored data to support diagnosis, treatment, and health decision-making in modern smart healthcare systems and benefit our daily life. The accurate health monitoring and prompt transmission of health data are facilitated by the ever-evolving on-body sensors, wireless communication technologies, and wireless sensing techniques. Although the users have witnessed the convenience of smart health monitoring, severe privacy and security concerns on the valuable and sensitive collected data come along with the merit. The data collection, transmission, and analysis are vulnerable to various attacks, e.g., eavesdropping, due to the open nature of wireless media, the resource constraints of sensing devices, and the lack of security protocols. These deficiencies not only make conventional cryptographic methods not applicable in smart health monitoring but also put many obstacles in the path of designing privacy protection mechanisms. In this dissertation, we design dedicated schemes to achieve secure data collection and analysis in smart health monitoring. The first two works propose two robust and secure authentication schemes based on Electrocardiogram (ECG), which outperform traditional user identity authentication schemes in health monitoring, to restrict the access to collected data to legitimate users. To improve the practicality of ECG-based authentication, we address the nonuniformity and sensitivity of ECG signals, as well as the noise contamination issue. The next work investigates an extended authentication goal, denoted as wearable-user pair authentication. It simultaneously authenticates the user identity and device identity to provide further protection. We exploit the uniqueness of the interference between different wireless protocols, which is common in health monitoring due to devices\u27 varying sensing and transmission demands, and design a wearable-user pair authentication scheme based on the interference. However, the harm of this interference is also outstanding. Thus, in the fourth work, we use wireless human activity recognition in health monitoring as an example and analyze how this interference may jeopardize it. We identify a new attack that can produce false recognition result and discuss potential countermeasures against this attack. In the end, we move to a broader scenario and protect the statistics of distributed data reported in mobile crowd sensing, a common practice used in public health monitoring for data collection. We deploy differential privacy to enable the indistinguishability of workers\u27 locations and sensing data without the help of a trusted entity while meeting the accuracy demands of crowd sensing tasks

Journal of Telecommunications and Information Technology, 2008, nr 2

kwartalni

Delay Performance and Cybersecurity of Smart Grid Infrastructure

To address major challenges to conventional electric grids (e.g., generation diversification and optimal deployment of expensive assets), full visibility and pervasive control over utilities\u27 assets and services are being realized through the integratio