A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends

This paper examines the security vulnerabilities and threats imposed by the inherent open nature of wireless communications and to devise efficient defense mechanisms for improving the wireless network security. We first summarize the security requirements of wireless networks, including their authenticity, confidentiality, integrity and availability issues. Next, a comprehensive overview of security attacks encountered in wireless networks is presented in view of the network protocol architecture, where the potential security threats are discussed at each protocol layer. We also provide a survey of the existing security protocols and algorithms that are adopted in the existing wireless network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term evolution (LTE) systems. Then, we discuss the state-of-the-art in physical-layer security, which is an emerging technique of securing the open communications environment against eavesdropping attacks at the physical layer. We also introduce the family of various jamming attacks and their counter-measures, including the constant jammer, intermittent jammer, reactive jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the integration of physical-layer security into existing authentication and cryptography mechanisms for further securing wireless networks. Finally, some technical challenges which remain unresolved at the time of writing are summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201

Secrecy Enhancement in Cooperative Relaying Systems

Cooperative communications is obviously an evolution in wireless networks due to its noticeable advantages such as increasing the coverage as well as combating fading and shadowing effects. However, the broadcast characteristic of a wireless medium which is exploited in cooperative communications leads to a variety of security vulnerabilities. As cooperative communication networks are globally expanded, they expose to security attacks and threats more than ever. Primarily, researchers have focused on upper layers of network architectures to meet the requirements for secure cooperative transmission while the upper-layer security solutions are incapable of combating a number of security threats, e.g., jamming attacks. To address this issue, physical-layer security has been recommended as a complementary solution in the literature. In this thesis, physical layer attacks of the cooperative communication systems are studied, and corresponding security techniques including cooperative jamming, beamforming and diversity approaches are investigated. In addition, a novel security solution for a two-hop decode-and-forward relaying system is presented where the transmitters insert a random phase shift to the modulated data of each hop. The random phase shift is created based on a shared secret among communicating entities. Thus, the injected phase shift confuses the eavesdropper and secrecy capacity improves. Furthermore, a cooperative jamming strategy for multi-hop decode-and-forward relaying systems is presented where multiple non-colluding illegitimate nodes can overhear the communication. The jamming signal is created by the transmitter of each hop while being sent with the primary signal. The jamming signal is known at the intended receiver as it is according to a secret common knowledge between the communicating entities. Hence, artificial noise misleads the eavesdroppers, and decreases their signal-to-noise-ratio. As a result, secrecy capacity of the system is improved. Finally, power allocation among friendly jamming and main signal is proposed to ensure that suggested scheme enhances secrecy

Byzantine Attack and Defense in Cognitive Radio Networks: A Survey

The Byzantine attack in cooperative spectrum sensing (CSS), also known as the spectrum sensing data falsification (SSDF) attack in the literature, is one of the key adversaries to the success of cognitive radio networks (CRNs). In the past couple of years, the research on the Byzantine attack and defense strategies has gained worldwide increasing attention. In this paper, we provide a comprehensive survey and tutorial on the recent advances in the Byzantine attack and defense for CSS in CRNs. Specifically, we first briefly present the preliminaries of CSS for general readers, including signal detection techniques, hypothesis testing, and data fusion. Second, we analyze the spear and shield relation between Byzantine attack and defense from three aspects: the vulnerability of CSS to attack, the obstacles in CSS to defense, and the games between attack and defense. Then, we propose a taxonomy of the existing Byzantine attack behaviors and elaborate on the corresponding attack parameters, which determine where, who, how, and when to launch attacks. Next, from the perspectives of homogeneous or heterogeneous scenarios, we classify the existing defense algorithms, and provide an in-depth tutorial on the state-of-the-art Byzantine defense schemes, commonly known as robust or secure CSS in the literature. Furthermore, we highlight the unsolved research challenges and depict the future research directions.Comment: Accepted by IEEE Communications Surveys and Tutoiral

Security protocols suite for machine-to-machine systems

Nowadays, the great diffusion of advanced devices, such as smart-phones, has shown that there is a growing trend to rely on new technologies to generate and/or support progress; the society is clearly ready to trust on next-generation communication systems to face today’s concerns on economic and social fields. The reason for this sociological change is represented by the fact that the technologies have been open to all users, even if the latter do not necessarily have a specific knowledge in this field, and therefore the introduction of new user-friendly applications has now appeared as a business opportunity and a key factor to increase the general cohesion among all citizens. Within the actors of this technological evolution, wireless machine-to-machine (M2M) networks are becoming of great importance. These wireless networks are made up of interconnected low-power devices that are able to provide a great variety of services with little or even no user intervention. Examples of these services can be fleet management, fire detection, utilities consumption (water and energy distribution, etc.) or patients monitoring. However, since any arising technology goes together with its security threats, which have to be faced, further studies are necessary to secure wireless M2M technology. In this context, main threats are those related to attacks to the services availability and to the privacy of both the subscribers’ and the services providers’ data. Taking into account the often limited resources of the M2M devices at the hardware level, ensuring the availability and privacy requirements in the range of M2M applications while minimizing the waste of valuable resources is even more challenging. Based on the above facts, this Ph. D. thesis is aimed at providing efficient security solutions for wireless M2M networks that effectively reduce energy consumption of the network while not affecting the overall security services of the system. With this goal, we first propose a coherent taxonomy of M2M network that allows us to identify which security topics deserve special attention and which entities or specific services are particularly threatened. Second, we define an efficient, secure-data aggregation scheme that is able to increase the network lifetime by optimizing the energy consumption of the devices. Third, we propose a novel physical authenticator or frame checker that minimizes the communication costs in wireless channels and that successfully faces exhaustion attacks. Fourth, we study specific aspects of typical key management schemes to provide a novel protocol which ensures the distribution of secret keys for all the cryptographic methods used in this system. Fifth, we describe the collaboration with the WAVE2M community in order to define a proper frame format actually able to support the necessary security services, including the ones that we have already proposed; WAVE2M was funded to promote the global use of an emerging wireless communication technology for ultra-low and long-range services. And finally sixth, we provide with an accurate analysis of privacy solutions that actually fit M2M-networks services’ requirements. All the analyses along this thesis are corroborated by simulations that confirm significant improvements in terms of efficiency while supporting the necessary security requirements for M2M networks

Enhancing physical layer security in wireless networks with cooperative approaches

Motivated by recent developments in wireless communication, this thesis aims to characterize the secrecy performance in several types of typical wireless networks. Advanced techniques are designed and evaluated to enhance physical layer security in these networks with realistic assumptions, such as signal propagation loss, random node distribution and non-instantaneous channel state information (CSI). The first part of the thesis investigates secret communication through relay-assisted cognitive interference channel. The primary and secondary base stations (PBS and SBS) communicate with the primary and secondary receivers (PR and SR) respectively in the presence of multiple eavesdroppers. The SBS is allowed to transmit simultaneously with the PBS over the same spectrum instead of waiting for an idle channel. To improve security, cognitive relays transmit cooperative jamming (CJ) signals to create additional interferences in the direction of the eavesdroppers. Two CJ schemes are proposed to improve the secrecy rate of cognitive interference channels depending on the structure of cooperative relays. In the scheme where the multiple-antenna relay transmits weighted jamming signals, the combined approach of CJ and beamforming is investigated. In the scheme with multiple relays transmitting weighted jamming signals, the combined approach of CJ and relay selection is analyzed. Numerical results show that both these two schemes are effective in improving physical layer security of cognitive interference channel. In the second part, the focus is shifted to physical layer security in a random wireless network where both legitimate and eavesdropping nodes are randomly distributed. Three scenarios are analyzed to investigate the impact of various factors on security. In scenario one, the basic scheme is studied without a protected zone and interference. The probability distribution function (PDF) of channel gain with both fading and path loss has been derived and further applied to derive secrecy connectivity and ergodic secrecy capacity. In the second scenario, we studied using a protected zone surrounding the source node to enhance security where interference is absent. Both the cases that eavesdroppers are aware and unaware of the protected zone boundary are investigated. Based on the above scenarios, further deployment of the protected zones at legitimate receivers is designed to convert detrimental interference into a beneficial factor. Numerical results are investigated to check the reliability of the PDF for reciprocal of channel gain and to analyze the impact of protected zones on secrecy performance. In the third part, physical layer security in the downlink transmission of cellular network is studied. To model the repulsive property of the cellular network planning, we assume that the base stations (BSs) follow the Mat´ern hard-core point process (HCPP), while the eavesdroppers are deployed as an independent Poisson point process (PPP). The distribution function of the distances from a typical point to the nodes of the HCPP is derived. The noise-limited and interference-limited cellular networks are investigated by applying the fractional frequency reuse (FFR) in the system. For the noise-limited network, we derive the secrecy outage probability with two different strategies, i.e. the best BS serve and the nearest BS serve, by analyzing the statistics of channel gains. For the interference-limited network with the nearest BS serve, two transmission schemes are analyzed, i.e., transmission with and without the FFR. Numerical results reveal that both the schemes of transmitting with the best BS and the application of the FFR are beneficial for physical layer security in the downlink cellular networks, while the improvement du

Journal of Telecommunications and Information Technology

kwartalni

Authentication and Message Integrity Verification without Secrets

Embedding network capabilities in a plethora of new devices and infrastructures--the Internet-of-Things, vehicular and aviation networks, the critical national infrastructure, industrial plants--are dramatically transforming the modern way of living. The rapid deployment pace of these emerging applications has brought unprecedented security challenges related to data confidentiality, user privacy, and critical infrastructure availability. A significant portion of these threats is attributed to the broadcast nature of the wireless medium, which exposes systems to easy-to-launch passive and active attacks. The slow security standards rollout combined with the ever-shrinking time-to-market, the device heterogeneity and the lack of user-friendly input interfaces (screen, keyboard, etc.) only exacerbate the security challenges. In this dissertation, we address the fundamental problem of trust establishment in the context of emerging network applications. We present techniques integrating physical layer properties with cryptographic primitives to guarantee message integrity and bootstrap initial trust without relying on any prior secrets. We present the ``helper'' security paradigm in which security is outsourced to one or more dedicated devices to allow for the scalable pairing of off-the-shelf heterogeneous devices. In addition, we present our work on message integrity verification of navigation information for aircrafts (speed, location, and heading) by exploiting the Doppler spread of the wireless channel. Finally, we develop a secure and fast voting technique for distributed networks which allows fast coordination of a group of devices without the overhead of messaging