A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends

This paper examines the security vulnerabilities and threats imposed by the inherent open nature of wireless communications and to devise efficient defense mechanisms for improving the wireless network security. We first summarize the security requirements of wireless networks, including their authenticity, confidentiality, integrity and availability issues. Next, a comprehensive overview of security attacks encountered in wireless networks is presented in view of the network protocol architecture, where the potential security threats are discussed at each protocol layer. We also provide a survey of the existing security protocols and algorithms that are adopted in the existing wireless network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term evolution (LTE) systems. Then, we discuss the state-of-the-art in physical-layer security, which is an emerging technique of securing the open communications environment against eavesdropping attacks at the physical layer. We also introduce the family of various jamming attacks and their counter-measures, including the constant jammer, intermittent jammer, reactive jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the integration of physical-layer security into existing authentication and cryptography mechanisms for further securing wireless networks. Finally, some technical challenges which remain unresolved at the time of writing are summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201

A Defense Framework Against Denial-of-Service in Computer Networks

Denial-of-Service (DoS) is a computer security problem that poses a serious challenge totrustworthiness of services deployed over computer networks. The aim of DoS attacks isto make services unavailable to legitimate users, and current network architectures alloweasy-to-launch, hard-to-stop DoS attacks. Particularly challenging are the service-level DoSattacks, whereby the victim service is flooded with legitimate-like requests, and the jammingattack, in which wireless communication is blocked by malicious radio interference. Theseattacks are overwhelming even for massively-resourced services, and effective and efficientdefenses are highly needed. This work contributes a novel defense framework, which I call dodging, against service-level DoS and wireless jamming. Dodging has two components: (1) the careful assignment ofservers to clients to achieve accurate and quick identification of service-level DoS attackersand (2) the continuous and unpredictable-to-attackers reconfiguration of the client-serverassignment and the radio-channel mapping to withstand service-level and jamming DoSattacks. Dodging creates hard-to-evade baits, or traps, and dilutes the attack "fire power".The traps identify the attackers when they violate the mapping function and even when theyattack while correctly following the mapping function. Moreover, dodging keeps attackers"in the dark", trying to follow the unpredictably changing mapping. They may hit a fewtimes but lose "precious" time before they are identified and stopped. Three dodging-based DoS defense algorithms are developed in this work. They are moreresource-efficient than state-of-the-art DoS detection and mitigation techniques. Honeybees combines channel hopping and error-correcting codes to achieve bandwidth-efficientand energy-efficient mitigation of jamming in multi-radio networks. In roaming honeypots, dodging enables the camouflaging of honeypots, or trap machines, as real servers,making it hard for attackers to locate and avoid the traps. Furthermore, shuffling requestsover servers opens up windows of opportunity, during which legitimate requests are serviced.Live baiting, efficiently identifies service-level DoS attackers by employing results fromthe group-testing theory, discovering defective members in a population using the minimumnumber of tests. The cost and benefit of the dodging algorithms are analyzed theoretically,in simulation, and using prototype experiments

Enabling Self-healing Smart Grid Through Jamming Resilient Local Controller Switching

A key component of a smart grid is its ability to collect useful information from a power grid for enabling control centers to estimate the current states of the power grid. Such information can be delivered to the control centers via wireless or wired networks. It is envisioned that wireless technology will be widely used for local-area communication subsystems in the smart grid (e.g., in distribution networks). However, various attacks with serious impact can be launched in wireless networks such as channel jamming attacks and denial-of-service attacks. In particular, jamming attacks can cause significant damages to power grids, e.g., delayed delivery of time-critical messages can prevent control centers from properly controlling the outputs of generators to match load demands. In this paper, a communication subsystem with enhanced self-healing capability in the presence of jamming is designed via intelligent local controller switching while integrating a retransmission mechanism. The proposed framework allows sufficient readings from smart meters to be continuously collected by various local controllers to estimate the states of a power grid under various attack scenarios. The jamming probability is also analyzed considering the impact of jammer power and shadowing effects. In addition, guidelines on optimal placement of local controllers to ensure effective switching of smart meters under jamming are provided. Via theoretical, experimental and simulation studies, it is demonstrated that our proposed system is effective in maintaining communications between smart meters and local controllers even when multiple jammers are present in the network

Design and Implementation of a Fully Flexible Cognitive Radio Modem

Software-defined radio (SDR)-based cognitive communication radio systems are very popular at present, and there have been many investigations on this topic. This paper proposes a new type of cognitive radio transceiver (TRX) that can detect, recognize, and analyze input signals in real-time with minimal data loss. New hardware is designed and manufactured that combines a transmitter and a receiver in a dedicated integrated circuit. For data processing, a field-programmable gate array (FPGA) is used. For each integrated hardware block, appropriate software modules are developed to construct a complex adaptive radiocommunication system as a radio modem that can be configured as a transceiver or repeater. The source coder, channel coder, modulator, spectrum monitoring module, spectrum analyzer, channelizer, symbol rate detector, modulator, modulation type recognition module, demodulator, channel decoder and source decoder are all developed as software modules