A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends

This paper examines the security vulnerabilities and threats imposed by the inherent open nature of wireless communications and to devise efficient defense mechanisms for improving the wireless network security. We first summarize the security requirements of wireless networks, including their authenticity, confidentiality, integrity and availability issues. Next, a comprehensive overview of security attacks encountered in wireless networks is presented in view of the network protocol architecture, where the potential security threats are discussed at each protocol layer. We also provide a survey of the existing security protocols and algorithms that are adopted in the existing wireless network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term evolution (LTE) systems. Then, we discuss the state-of-the-art in physical-layer security, which is an emerging technique of securing the open communications environment against eavesdropping attacks at the physical layer. We also introduce the family of various jamming attacks and their counter-measures, including the constant jammer, intermittent jammer, reactive jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the integration of physical-layer security into existing authentication and cryptography mechanisms for further securing wireless networks. Finally, some technical challenges which remain unresolved at the time of writing are summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201

Selective Jamming of LoRaWAN using Commodity Hardware

Long range, low power networks are rapidly gaining acceptance in the Internet of Things (IoT) due to their ability to economically support long-range sensing and control applications while providing multi-year battery life. LoRa is a key example of this new class of network and is being deployed at large scale in several countries worldwide. As these networks move out of the lab and into the real world, they expose a large cyber-physical attack surface. Securing these networks is therefore both critical and urgent. This paper highlights security issues in LoRa and LoRaWAN that arise due to the choice of a robust but slow modulation type in the protocol. We exploit these issues to develop a suite of practical attacks based around selective jamming. These attacks are conducted and evaluated using commodity hardware. The paper concludes by suggesting a range of countermeasures that can be used to mitigate the attacks.Comment: Mobiquitous 2017, November 7-10, 2017, Melbourne, VIC, Australi

Jammers for mobile cellular systems applied to unauthorized UAVs

This research aims to explore jamming on digital mobile systems, with an initial focus towards the 2G and Global System of Mobile Communications (GSM) technologies. The main goal is to develop a jammer with an efficiency and complexity greater than the existent ones, capable to better disrupt digital mobile systems. The study consists of an analysis of the different techniques of jamming, that can disrupt the mobile cellular system’s communication, through a series of simulations using the Software Defined Radio (SDR) and the GNU Radio ecosystem. The same techniques will then be studied and evaluated in real life scenarios in order to select which one is the best regarding spectral efficiency, energy and complexity. Finally, the jammer returning the best results will be the one chosen to contribute sustainably for the issue with flying drones on restrict areas, such as airports and residential zones, and thus, decrease the number of accidents which nowadays happen usually with this kind of aircrafts.Neste estudo será feita uma abordagem ao jamming em sistemas móveis digitais, dando um maior foco inicial à tecnologia 2G, Sistema Global para Comunicações Móveis (GSM). O objetivo principal será o desenvolvimento de um sinal jammer, diferente dos já existentes em termos de eficiência e complexidade, capaz de causar interferência em sistemas móveis celulares. Será feito então uma análise às diferentes técnicas de interferência de sinal, capazes de perturbar a comunicação em sistemas móveis celulares, através da realização de simulações a partir da tecnologia Software Defined Radio (SDR) nomeadamente, a plataforma GNU Radio. As mesmas técnicas também serão estudadas e avaliadas num cenário real, de forma a fazer-se a seleção da melhor em termos de eficiência espectral, energia e complexidade. Finalmente, a técnica de jamming que demonstrar melhores resultados, irá representar o jammer que poderá contribuir de forma sustentável para a problemática da circulação de drones em zonas restritas, como aeroportos e zonas residenciais, para a diminuição dos acidentes, atualmente registados, com este tipo de aeronaves

Effective GPS jamming techniques for UAVs using low-cost SDR platforms

Lately, a rising number of incidents between unmanned aerial vehicles (UAVs) and airplanes have been reported in airports and airfields. In order to help cope with the problem of unauthorized UAV operations, in this paper we evaluate the use of low cost SDR platforms (software defined radio) for the implementation of a jammer able to generate an effective interfering signal aimed at the GPS navigation system. Using a programmable BladeRF x40 platform from Nuand and the GNU radio software development toolkit, several interference techniques were studied and evaluated, considering the spectral efficiency, energy efficiency and complexity. It was shown that the tested approaches are capable of stopping the reliable reception of the radionavigation signal in real-life scenarios, neutralizing the capacity for autonomous operation of the vehicle.info:eu-repo/semantics/acceptedVersio

Survey and Systematization of Secure Device Pairing

Secure Device Pairing (SDP) schemes have been developed to facilitate secure communications among smart devices, both personal mobile devices and Internet of Things (IoT) devices. Comparison and assessment of SDP schemes is troublesome, because each scheme makes different assumptions about out-of-band channels and adversary models, and are driven by their particular use-cases. A conceptual model that facilitates meaningful comparison among SDP schemes is missing. We provide such a model. In this article, we survey and analyze a wide range of SDP schemes that are described in the literature, including a number that have been adopted as standards. A system model and consistent terminology for SDP schemes are built on the foundation of this survey, which are then used to classify existing SDP schemes into a taxonomy that, for the first time, enables their meaningful comparison and analysis.The existing SDP schemes are analyzed using this model, revealing common systemic security weaknesses among the surveyed SDP schemes that should become priority areas for future SDP research, such as improving the integration of privacy requirements into the design of SDP schemes. Our results allow SDP scheme designers to create schemes that are more easily comparable with one another, and to assist the prevention of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications Surveys & Tutorials 2017 (Volume: PP, Issue: 99

Secure short-range communications

Analysts predict billions of everyday objects will soon become ``smart’\u27 after designers add wireless communication capabilities. Collectively known as the Internet of Things (IoT), these newly communication-enabled devices are envisioned to collect and share data among themselves, with new devices entering and exiting a particular environment frequently. People and the devices they wear or carry may soon encounter dozens, possibly hundreds, of devices each day. Many of these devices will be encountered for the first time. Additionally, some of the information the devices share may have privacy or security implications. Furthermore, many of these devices will have limited or non-existent user interfaces, making manual configuration cumbersome. This situation suggests that devices that have never met, nor shared a secret, but that are in the same physical area, must have a way to securely communicate that requires minimal manual intervention. In this dissertation we present novel approaches to solve these short-range communication issues. Our techniques are simple to use, secure, and consistent with user intent. We first present a technique called Wanda that uses radio strength as a communication channel to securely impart information onto nearby devices. We focus on using Wanda to introduce new devices into an environment, but Wanda could be used to impart any type of information onto wireless devices, regardless of device type or manufacturer. Next we describe SNAP, a method for a single-antenna wireless device to determine when it is in close physical proximity to another wireless device. Because radio waves are invisible, a user may believe transmissions are coming from a nearby device when in fact the transmissions are coming from a distant adversary attempting to trick the user into accepting a malicious payload. Our approach significantly raises the bar for an adversary attempting such a trick. Finally, we present a solution called JamFi that exploits MIMO antennas and the Inverse-Square Law to securely transfer data between nearby devices while denying more distant adversaries the ability to recover the data. We find JamFi is able to facilitate reliable and secure communication between two devices in close physical proximity, even though they have never met nor shared a key

Spectrum Miscreants, Vigilantes, and Kangaroo Courts: The Return of the Wireless Wars

Symposium: Rough Consensus and Running Code: Integrating Engineering Principles into Internet Policy Debates, held at the University of Pennsylvania\u27s Center for Technology Innovation and Competition on May 6-7, 2010. It is axiomatic that government licensing is a foundational requirement for the use of the electromagnetic spectrum. Yet in some bands there is no licensing requirement, providing an empirical site that can be used to examine wireless coexistence without licenses. This Article draws on ethnographic work with wireless Internet Service Providers to report on the extralegal means that are used to share or allocate spectrum in these license exempt bands. Operators use a variety of informal arrangements there, including jamming and extortion. It concludes that wireless may be increasingly subject to extralegal allocation, and the outcomes of federal spectrum policy may in fact rest in local hands