Securing Localization With Hidden and Mobile Base Stations

Abstract — Until recently, the problem of localization in wireless networks has been mainly studied in a non-adversarial setting. Only recently, a number of solutions have been proposed that aim to detect and prevent attacks on localization systems. In this work, we propose a new approach to secure localization based on hidden and mobile base stations. Our approach enables secure localization with a broad spectrum of localization techniques: ultrasonic or radio, based on received signal strength or signal time of flight. Through several examples we show how this approach can be used to secure node-centric and infrastructurecentric localization schemes. We further show how this approach can be applied to secure localization in sensor networks. I

A Survey on Acoustic Side Channel Attacks on Keyboards

Most electronic devices utilize mechanical keyboards to receive inputs, including sensitive information such as authentication credentials, personal and private data, emails, plans, etc. However, these systems are susceptible to acoustic side-channel attacks. Researchers have successfully developed methods that can extract typed keystrokes from ambient noise. As the prevalence of keyboard-based input systems continues to expand across various computing platforms, and with the improvement of microphone technology, the potential vulnerability to acoustic side-channel attacks also increases. This survey paper thoroughly reviews existing research, explaining why such attacks are feasible, the applicable threat models, and the methodologies employed to launch and enhance these attacks.Comment: 22 pages, conferenc

An Integrated Framework for Sensing Radio Frequency Spectrum Attacks on Medical Delivery Drones

Drone susceptibility to jamming or spoofing attacks of GPS, RF, Wi-Fi, and operator signals presents a danger to future medical delivery systems. A detection framework capable of sensing attacks on drones could provide the capability for active responses. The identification of interference attacks has applicability in medical delivery, disaster zone relief, and FAA enforcement against illegal jamming activities. A gap exists in the literature for solo or swarm-based drones to identify radio frequency spectrum attacks. Any non-delivery specific function, such as attack sensing, added to a drone involves a weight increase and additional complexity; therefore, the value must exceed the disadvantages. Medical delivery, high-value cargo, and disaster zone applications could present a value proposition which overcomes the additional costs. The paper examines types of attacks against drones and describes a framework for designing an attack detection system with active response capabilities for improving the reliability of delivery and other medical applications.Comment: 7 pages, 1 figures, 5 table

Contributions to the security of cognitive radio networks

The increasing emergence of wireless applications along with the static spectrum allocation followed by regulatory bodies has led to a high inefficiency in spectrum usage, and the lack of spectrum for new services. In this context, Cognitive Radio (CR) technology has been proposed as a possible solution to reuse the spectrum being underutilized by licensed services. CRs are intelligent devices capable of sensing the medium and identifying those portions of the spectrum being unused. Based on their current perception of the environment and on that learned from past experiences, they can optimally tune themselves with regard to parameters such as frequency, coding and modulation, among others. Due to such properties, Cognitive Radio Networks (CRNs) can act as secondary users of the spectrum left unused by their legal owners or primary users, under the requirement of not interfering primary communications. The successful deployment of these networks relies on the proper design of mechanisms in order to efficiently detect spectrum holes, adapt to changing environment conditions and manage the available spectrum. Furthermore, the need for addressing security issues is evidenced by two facts. First, as for any other type of wireless network, the air is used as communications medium and can easily be accessed by attackers. On the other hand, the particular attributes of CRNs offer new opportunities to malicious users, ranging from providing wrong information on the radio environment to disrupting the cognitive mechanisms, which could severely undermine the operation of these networks. In this Ph.D thesis we have approached the challenge of securing Cognitive Radio Networks. Because CR technology is still evolving, to achieve this goal involves not only providing countermeasures for existing attacks but also to identify new potential threats and evaluate their impact on CRNs performance. The main contributions of this thesis can be summarized as follows. First, a critical study on the State of the Art in this area is presented. A qualitative analysis of those threats to CRNs already identified in the literature is provided, and the efficacy of existing countermeasures is discussed. Based on this work, a set of guidelines are designed in order to design a detection system for the main threats to CRNs. Besides, a high level description of the components of this system is provided, being it the second contribution of this thesis. The third contribution is the proposal of a new cross-layer attack to the Transmission Control Protocol (TCP) in CRNs. An analytical model of the impact of this attack on the throughput of TCP connections is derived, and a set of countermeasures in order to detect and mitigate the effect of such attack are proposed. One of the main threats to CRNs is the Primary User Emulation (PUE) attack. This attack prevents CRNs from using available portions of the spectrum and can even lead to a Denial of Service (DoS). In the fourth contribution of this the method is proposed in order to deal with such attack. The method relies on a set of time measures provided by the members of the network and allows estimating the position of an emitter. This estimation is then used to determine the legitimacy of a given transmission and detect PUE attacks. Cooperative methods are prone to be disrupted by malicious nodes reporting false data. This problem is addressed, in the context of cooperative location, in the fifth and last contribution of this thesis. A method based on Least Median Squares (LMS) fitting is proposed in order to detect forged measures and make the location process robust to them. The efficiency and accuracy of the proposed methodologies are demonstrated by means of simulation

A Comprehensive Survey on the Cyber-Security of Smart Grids: Cyber-Attacks, Detection, Countermeasure Techniques, and Future Directions

One of the significant challenges that smart grid networks face is cyber-security. Several studies have been conducted to highlight those security challenges. However, the majority of these surveys classify attacks based on the security requirements, confidentiality, integrity, and availability, without taking into consideration the accountability requirement. In addition, some of these surveys focused on the Transmission Control Protocol/Internet Protocol (TCP/IP) model, which does not differentiate between the application, session, and presentation and the data link and physical layers of the Open System Interconnection (OSI) model. In this survey paper, we provide a classification of attacks based on the OSI model and discuss in more detail the cyber-attacks that can target the different layers of smart grid networks communication. We also propose new classifications for the detection and countermeasure techniques and describe existing techniques under each category. Finally, we discuss challenges and future research directions

Machine Learning in Wireless Sensor Networks: Algorithms, Strategies, and Applications

Wireless sensor networks monitor dynamic environments that change rapidly over time. This dynamic behavior is either caused by external factors or initiated by the system designers themselves. To adapt to such conditions, sensor networks often adopt machine learning techniques to eliminate the need for unnecessary redesign. Machine learning also inspires many practical solutions that maximize resource utilization and prolong the lifespan of the network. In this paper, we present an extensive literature review over the period 2002-2013 of machine learning methods that were used to address common issues in wireless sensor networks (WSNs). The advantages and disadvantages of each proposed algorithm are evaluated against the corresponding problem. We also provide a comparative guide to aid WSN designers in developing suitable machine learning solutions for their specific application challenges.Comment: Accepted for publication in IEEE Communications Surveys and Tutorial

Investigations of 5G localization with positioning reference signals

TDOA is an user-assisted or network-assisted technique, in which the user equipment calculates the time of arrival of precise positioning reference signals conveyed by mobile base stations and provides information about the measured time of arrival estimates in the direction of the position server. Using multilateration grounded on the TDOA measurements of the PRS received from at least three base stations and known location of these base stations, the location server determines the position of the user equipment. Different types of factors are responsible for the positioning accuracy in TDOA method, such as the sample rate, the bandwidth, network deployment, the properties of PRS, signal propagation condition, etc. About 50 meters positioning is good for the 4G/LTE users, whereas 5G requires an accuracy less than a meter for outdoor and indoor users. Noteworthy improvements in positioning accuracy can be achievable with the help of redesigning the PRS in 5G technology. The accuracy for the localization has been studied for different sampling rates along with different algorithms. High accuracy TDOA with 5G positioning reference signal (PRS) for sample rate and bandwidth hasn’t been taken into consideration yet. The key goal of the thesis is to compare and assess the impact of different sampling rates and different bandwidths of PRS on the 5G positioning accuracy. By performing analysis with variable bandwidths of PRS in resource blocks and comparing all the analyses with different bandwidths of PRS in resource blocks, it is undeniable that there is a meaningful decrease in the RMSE and significant growth in the SNR. The higher bandwidth of PRS in resource blocks brings higher SNR while the RMSE of positioning errors also decreases with higher bandwidth. Also, the number of PRS in resource blocks provides lower SNR with higher RMSE values. The analysis with different bandwidths of PRS in resource blocks reveals keeping the RMSE value lower than a meter each time with different statistics is a positivity of the research. The positioning accuracy also analyzed with different sample sizes. With an increased sample size, a decrease in the root mean square error and a crucial increase in the SNR was observed. From this thesis investigation, it is inevitable to accomplish that two different analyses (sample size and bandwidth) done in a different way with the targeted output. A bandwidth of 38.4 MHz and sample size N = 700 required to achieve below 1m accuracy with SNR of 47.04 dB

Localization of sound sources : a systematic review

Sound localization is a vast field of research and advancement which is used in many useful applications to facilitate communication, radars, medical aid, and speech enhancement to but name a few. Many different methods are presented in recent times in this field to gain benefits. Various types of microphone arrays serve the purpose of sensing the incoming sound. This paper presents an overview of the importance of using sound localization in different applications along with the use and limitations of ad-hoc microphones over other microphones. In order to overcome these limitations certain approaches are also presented. Detailed explanation of some of the existing methods that are used for sound localization using microphone arrays in the recent literature is given. Existing methods are studied in a comparative fashion along with the factors that influence the choice of one method over the others. This review is done in order to form a basis for choosing the best fit method for our use