17 research outputs found
A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends
This paper examines the security vulnerabilities and threats imposed by the
inherent open nature of wireless communications and to devise efficient defense
mechanisms for improving the wireless network security. We first summarize the
security requirements of wireless networks, including their authenticity,
confidentiality, integrity and availability issues. Next, a comprehensive
overview of security attacks encountered in wireless networks is presented in
view of the network protocol architecture, where the potential security threats
are discussed at each protocol layer. We also provide a survey of the existing
security protocols and algorithms that are adopted in the existing wireless
network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term
evolution (LTE) systems. Then, we discuss the state-of-the-art in
physical-layer security, which is an emerging technique of securing the open
communications environment against eavesdropping attacks at the physical layer.
We also introduce the family of various jamming attacks and their
counter-measures, including the constant jammer, intermittent jammer, reactive
jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the
integration of physical-layer security into existing authentication and
cryptography mechanisms for further securing wireless networks. Finally, some
technical challenges which remain unresolved at the time of writing are
summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201
Secrecy Enhancement in Cooperative Relaying Systems
Cooperative communications is obviously an evolution in wireless networks due to its noticeable advantages such as increasing the coverage as well as combating fading and shadowing effects. However, the broadcast characteristic of a wireless medium which is exploited in cooperative communications leads to a variety of security vulnerabilities. As cooperative communication networks are globally expanded, they expose to security attacks and threats more than ever. Primarily, researchers have focused on upper layers of network architectures to meet the requirements for secure cooperative transmission while the upper-layer security solutions are incapable of combating a number of security threats, e.g., jamming attacks. To address this issue, physical-layer security has been recommended as a complementary solution in the literature. In this thesis, physical layer attacks of the cooperative communication systems are studied, and corresponding security techniques including cooperative jamming, beamforming and diversity approaches are investigated. In addition, a novel security solution for a two-hop decode-and-forward relaying system is presented where the transmitters insert a random phase shift to the modulated data of each hop. The random phase shift is created based on a shared secret among communicating entities. Thus, the injected phase shift confuses the eavesdropper and secrecy capacity improves. Furthermore, a cooperative jamming strategy for multi-hop decode-and-forward relaying systems is presented where multiple non-colluding illegitimate nodes can overhear the communication. The jamming signal is created by the transmitter of each hop while being sent with the primary signal. The jamming signal is known at the intended receiver as it is according to a secret common knowledge between the communicating entities. Hence, artificial noise misleads the eavesdroppers, and decreases their signal-to-noise-ratio. As a result, secrecy capacity of the system is improved. Finally, power allocation among friendly jamming and main signal is proposed to ensure that suggested scheme enhances secrecy
Byzantine Attack and Defense in Cognitive Radio Networks: A Survey
The Byzantine attack in cooperative spectrum sensing (CSS), also known as the
spectrum sensing data falsification (SSDF) attack in the literature, is one of
the key adversaries to the success of cognitive radio networks (CRNs). In the
past couple of years, the research on the Byzantine attack and defense
strategies has gained worldwide increasing attention. In this paper, we provide
a comprehensive survey and tutorial on the recent advances in the Byzantine
attack and defense for CSS in CRNs. Specifically, we first briefly present the
preliminaries of CSS for general readers, including signal detection
techniques, hypothesis testing, and data fusion. Second, we analyze the spear
and shield relation between Byzantine attack and defense from three aspects:
the vulnerability of CSS to attack, the obstacles in CSS to defense, and the
games between attack and defense. Then, we propose a taxonomy of the existing
Byzantine attack behaviors and elaborate on the corresponding attack
parameters, which determine where, who, how, and when to launch attacks. Next,
from the perspectives of homogeneous or heterogeneous scenarios, we classify
the existing defense algorithms, and provide an in-depth tutorial on the
state-of-the-art Byzantine defense schemes, commonly known as robust or secure
CSS in the literature. Furthermore, we highlight the unsolved research
challenges and depict the future research directions.Comment: Accepted by IEEE Communications Surveys and Tutoiral
Security protocols suite for machine-to-machine systems
Nowadays, the great diffusion of advanced devices, such as smart-phones, has shown that there is a growing trend to rely on new technologies to generate and/or support progress; the society is clearly ready to trust on next-generation communication systems to face todayâs concerns on economic and social fields. The reason for this sociological change is represented by the fact that the technologies have been open to all users, even if the latter do not necessarily have a specific knowledge in this field, and therefore the introduction of new user-friendly applications has now appeared as a business opportunity and a key factor to increase the general cohesion among all citizens. Within the actors of this technological evolution, wireless machine-to-machine (M2M) networks are becoming of great importance. These wireless networks are made up of interconnected low-power devices that are able to provide a great variety of services with little
or even no user intervention. Examples of these services can be fleet management, fire detection, utilities consumption (water and energy distribution, etc.) or patients monitoring. However, since any arising technology goes together with its security threats, which have to be faced, further studies are necessary to secure wireless M2M technology. In this context, main threats are those related to attacks to the services availability and to the privacy of both the subscribersâ and the services providersâ data. Taking into account the often limited resources of the M2M devices at the hardware level, ensuring the availability and privacy requirements in the range of M2M applications while minimizing the waste of valuable resources is even more challenging.
Based on the above facts, this Ph. D. thesis is aimed at providing efficient security solutions for wireless M2M networks that effectively reduce energy consumption of the network while not affecting the overall security services of the system. With this goal, we first propose a coherent taxonomy of M2M network that allows us to identify which security topics deserve special attention and which entities or specific services are particularly threatened. Second, we define an efficient, secure-data aggregation scheme that is able to increase the network lifetime by optimizing the energy consumption of the devices. Third, we propose a novel physical authenticator or frame checker that minimizes the communication costs in wireless channels and that successfully faces exhaustion attacks.
Fourth, we study specific aspects of typical key management schemes to provide a novel protocol which ensures the distribution of secret keys for all the cryptographic methods used in this system. Fifth, we describe the collaboration with the WAVE2M community in order to define a proper frame format actually able to support the necessary security services, including the ones that we have already proposed; WAVE2M was funded to promote the global use of an emerging wireless communication technology for ultra-low and long-range services. And finally sixth, we provide with an accurate analysis of privacy solutions that actually fit M2M-networks servicesâ requirements. All the analyses along this thesis are corroborated by simulations that confirm significant improvements in terms of efficiency while supporting the necessary security requirements for M2M networks
Enhancing physical layer security in wireless networks with cooperative approaches
Motivated by recent developments in wireless communication, this thesis aims to
characterize the secrecy performance in several types of typical wireless networks.
Advanced techniques are designed and evaluated to enhance physical layer security in
these networks with realistic assumptions, such as signal propagation loss, random node
distribution and non-instantaneous channel state information (CSI).
The first part of the thesis investigates secret communication through relay-assisted
cognitive interference channel. The primary and secondary base stations (PBS and SBS)
communicate with the primary and secondary receivers (PR and SR) respectively in the
presence of multiple eavesdroppers. The SBS is allowed to transmit simultaneously with
the PBS over the same spectrum instead of waiting for an idle channel. To improve
security, cognitive relays transmit cooperative jamming (CJ) signals to create additional
interferences in the direction of the eavesdroppers. Two CJ schemes are proposed to
improve the secrecy rate of cognitive interference channels depending on the structure of
cooperative relays. In the scheme where the multiple-antenna relay transmits weighted
jamming signals, the combined approach of CJ and beamforming is investigated. In
the scheme with multiple relays transmitting weighted jamming signals, the combined
approach of CJ and relay selection is analyzed. Numerical results show that both these
two schemes are effective in improving physical layer security of cognitive interference
channel.
In the second part, the focus is shifted to physical layer security in a random wireless
network where both legitimate and eavesdropping nodes are randomly distributed. Three
scenarios are analyzed to investigate the impact of various factors on security. In
scenario one, the basic scheme is studied without a protected zone and interference. The
probability distribution function (PDF) of channel gain with both fading and path loss
has been derived and further applied to derive secrecy connectivity and ergodic secrecy
capacity. In the second scenario, we studied using a protected zone surrounding the source
node to enhance security where interference is absent. Both the cases that eavesdroppers
are aware and unaware of the protected zone boundary are investigated. Based on the
above scenarios, further deployment of the protected zones at legitimate receivers is
designed to convert detrimental interference into a beneficial factor. Numerical results
are investigated to check the reliability of the PDF for reciprocal of channel gain and to
analyze the impact of protected zones on secrecy performance.
In the third part, physical layer security in the downlink transmission of cellular network
is studied. To model the repulsive property of the cellular network planning, we assume
that the base stations (BSs) follow the Mat´ern hard-core point process (HCPP), while
the eavesdroppers are deployed as an independent Poisson point process (PPP). The
distribution function of the distances from a typical point to the nodes of the HCPP is
derived. The noise-limited and interference-limited cellular networks are investigated
by applying the fractional frequency reuse (FFR) in the system. For the noise-limited
network, we derive the secrecy outage probability with two different strategies, i.e. the
best BS serve and the nearest BS serve, by analyzing the statistics of channel gains. For
the interference-limited network with the nearest BS serve, two transmission schemes are
analyzed, i.e., transmission with and without the FFR. Numerical results reveal that both
the schemes of transmitting with the best BS and the application of the FFR are beneficial
for physical layer security in the downlink cellular networks, while the improvement du
Recommended from our members
Authentication and Message Integrity Verification without Secrets
Embedding network capabilities in a plethora of new devices and infrastructures--the Internet-of-Things, vehicular and aviation networks, the critical national infrastructure, industrial plants--are dramatically transforming the modern way of living. The rapid deployment pace of these emerging applications has brought unprecedented security challenges related to data confidentiality, user privacy, and critical infrastructure availability. A significant portion of these threats is attributed to the broadcast nature of the wireless medium, which exposes systems to easy-to-launch passive and active attacks. The slow security standards rollout combined with the ever-shrinking time-to-market, the device heterogeneity and the lack of user-friendly input interfaces (screen, keyboard, etc.) only exacerbate the security challenges.
In this dissertation, we address the fundamental problem of trust establishment in the context of emerging network applications. We present techniques integrating physical layer properties with cryptographic primitives to guarantee message integrity and bootstrap initial trust without relying on any prior secrets. We present the ``helper'' security paradigm in which security is outsourced to one or more dedicated devices to allow for the scalable pairing of off-the-shelf heterogeneous devices. In addition, we present our work on message integrity verification of navigation information for aircrafts (speed, location, and heading) by exploiting the Doppler spread of the wireless channel. Finally, we develop a secure and fast voting technique for distributed networks which allows fast coordination of a group of devices without the overhead of messaging