Man-in-the-Middle Attack and its Countermeasure in Bluetooth Secure Simple Pairing

With the development of more types of devices which have Bluetooth as a primary option to communicate, the importance of secure communication is growing. Bluetooth provides a short range wireless communication between devices making convenient for users and thus eliminating the need for messy cables. The proliferation of the Bluetooth devices in the workplace exposes organizations to security risks. Bluetooth technology and associated devices are susceptible to general wireless networking threats, such as denial of service attack, eavesdropping, man-in-the-middle attacks, message modification, and resource misappropriation. Preventing unauthorized users from secure communication is a challenge to the pairing process. The Man-in-the-Middle attack is based on sending random signals to jam the physical layer of legitimate user and then by falsification of information sent during the input/output capabilities exchange; also the fact that the security of the protocol is likely to be limited by the capabilities of the least powerful or the least secure device type. In addition, proposed a countermeasure that render the attack impractical. We have shown that, the proposed method can withstand the MITM attack and achieving all the security needs like authenticity, confidentiality, integrity and availability as well as it is an improvement to the existing Bluetooth secure simple pairing in order to make it more secure

Security and Privacy in Dynamic Spectrum Access: Challenges and Solutions

abstract: Dynamic spectrum access (DSA) has great potential to address worldwide spectrum shortage by enhancing spectrum efficiency. It allows unlicensed secondary users to access the under-utilized spectrum when the primary users are not transmitting. On the other hand, the open wireless medium subjects DSA systems to various security and privacy issues, which might hinder the practical deployment. This dissertation consists of two parts to discuss the potential challenges and solutions. The first part consists of three chapters, with a focus on secondary-user authentication. Chapter One gives an overview of the challenges and existing solutions in spectrum-misuse detection. Chapter Two presents SpecGuard, the first crowdsourced spectrum-misuse detection framework for DSA systems. In SpecGuard, three novel schemes are proposed for embedding and detecting a spectrum permit at the physical layer. Chapter Three proposes SafeDSA, a novel PHY-based scheme utilizing temporal features for authenticating secondary users. In SafeDSA, the secondary user embeds his spectrum authorization into the cyclic prefix of each physical-layer symbol, which can be detected and authenticated by a verifier. The second part also consists of three chapters, with a focus on crowdsourced spectrum sensing (CSS) with privacy consideration. CSS allows a spectrum sensing provider (SSP) to outsource the spectrum sensing to distributed mobile users. Without strong incentives and location-privacy protection in place, however, mobile users are reluctant to act as crowdsourcing workers for spectrum-sensing tasks. Chapter Four gives an overview of the challenges and existing solutions. Chapter Five presents PriCSS, where the SSP selects participants based on the exponential mechanism such that the participants' sensing cost, associated with their locations, are privacy-preserved. Chapter Six further proposes DPSense, a framework that allows the honest-but-curious SSP to select mobile users for executing spatiotemporal spectrum-sensing tasks without violating the location privacy of mobile users. By collecting perturbed location traces with differential privacy guarantee from participants, the SSP assigns spectrum-sensing tasks to participants with the consideration of both spatial and temporal factors. Through theoretical analysis and simulations, the efficacy and effectiveness of the proposed schemes are validated.Dissertation/ThesisDoctoral Dissertation Electrical Engineering 201

SInCom 2015

2nd Baden-Württemberg Center of Applied Research Symposium on Information and Communication Systems, SInCom 2015, 13. November 2015 in Konstan

Secure protocols for wireless availability

Since wireless networks share a communication medium, multiple transmissions on the same channel cause interference to each other and degrade the channel quality, much as multiple people talking at the same time make for inefficient meetings. To avoid transmission collision, the network divides the medium into multiple orthogonal channels (by interleaving the channel access in frequency or time) and often uses medium access control (MAC) to coordinate channel use. Alternatively (e.g., when the wireless users use the same physical channel), the network users can emulate such orthogonal channel access in processing by spreading and coding the signal. Building on such orthogonal access technology, this dissertation studies protocols that support the coexistence of wireless users and ensure wireless availability. In contrast to other studies focusing on improving the overall e fficiency of the network, I aim to achieve reliability at all times. Thus, to study the worst-case misbehavior, I pose the problem within a security framework and introduce an adversary who compromised the network and has insider access. In this dissertation, I propose three schemes for wireless availability: SimpleMAC, Ignore-False-Reservation MAC (IFR-MAC), and Redundancy O ffset Narrow Spectrum (RONS). SimpleMAC and IFR-MAC build on MAC protocols that utilize explicit channel coordination in control communication. SimpleMAC counters MAC-aware adversary that uses the information being exchanged at the MAC layer to perform a more power e fficient jamming attack. IFR-MAC nulli ffies the proactive attack of denial-of-service injection of false reservation control messages. Both SimpleMAC and IFR-MAC quickly outperform the Nash equilibrium of disabling MAC and converge to the capacity-optimal performance in worst-case failures. When the MAC fails to coordinate channel use for orthogonal access or in a single-channel setting (both cases of which, the attacker knows the exact frequency and time location of the victim's channel access), RONS introduces a physical-layer, processing-based technique for interference mitigation. RONS is a narrow spectrum technology that bypasses the spreading cost and eff ectively counters the attacker's information-theoretically optimal strategy of correlated jamming

Radio frequency fingerprint identification for Internet of Things: A survey

Radio frequency fingerprint (RFF) identification is a promising technique for identifying Internet of Things (IoT) devices. This paper presents a comprehensive survey on RFF identification, which covers various aspects ranging from related definitions to details of each stage in the identification process, namely signal preprocessing, RFF feature extraction, further processing, and RFF identification. Specifically, three main steps of preprocessing are summarized, including carrier frequency offset estimation, noise elimination, and channel cancellation. Besides, three kinds of RFFs are categorized, comprising I/Q signal-based, parameter-based, and transformation-based features. Meanwhile, feature fusion and feature dimension reduction are elaborated as two main further processing methods. Furthermore, a novel framework is established from the perspective of closed set and open set problems, and the related state-of-the-art methodologies are investigated, including approaches based on traditional machine learning, deep learning, and generative models. Additionally, we highlight the challenges faced by RFF identification and point out future research trends in this field

Key Generation for Internet of Things: A Contemporary Survey

Key generation is a promising technique to bootstrap secure communications for the Internet of Things (IoT) devices that have no prior knowledge between each other. In the past few years, a variety of key generation protocols and systems have been proposed. In this survey, we review and categorise recent key generation systems based on a novel taxonomy. Then, we provide both quantitative and qualitative comparisons of existing approaches. We also discuss the security vulnerabilities of key generation schemes and possible countermeasures. Finally, we discuss the current challenges and point out several potential research directions

Key Generation for Internet of Things

Key generation is a promising technique to bootstrap secure communications for the Internet of Things devices that have no prior knowledge between each other. In the past few years, a variety of key generation protocols and systems have been proposed. In this survey, we review and categorise recent key generation systems based on a novel taxonomy. Then, we provide both quantitative and qualitative comparisons of existing approaches. We also discuss the security vulnerabilities of key generation schemes and possible countermeasures. Finally, we discuss the current challenges and point out several potential research directions

Acta Universitatis Sapientiae - Electrical and Mechanical Engineering

Series Electrical and Mechanical Engineering publishes original papers and surveys in various fields of Electrical and Mechanical Engineering