Wireless security for secure facilities

This thesis presents methods for securing a facility that has wireless connectivity. The goal of this research is to develop a solution to securing a facility that utilizes wireless communications. The research will introduce methods to track and locate the position of attackers. This research also introduces the idea of using a Honeynet system for added security. This research uses what is called Defense-In-Depth. Defense-in-depth is when multiple layers of security are used. The first of the layers is the Zone of Interference. This Zone is an area where jammer transmitters and directive antennas are set up to take advantage of the near-far-effect. The idea is to use the near-far-effect to give a stronger signal on the perimeter of the secure area, to mask any signals escaping from the secure area. This Zone uses directive Yagi antenna arrays to direct the radiation. There are multiple jamming methods that are utilized within this Zone. The next layer of security is the Honeynet Zone. The idea is to make an attacker believe that they are seeing real network traffic. This is done at the Honeynet Zone once a device has been determined to be unfriendly. Decoy mobile devices are first placed within the Honeynet Zone. Spoofed traffic is then created between the Honeynet base stations and the decoy mobile devices zone; using adaptive antennas incorporated within the design to face the signals away from the inside secure area. The third defense is position location and tracking. The idea is to have constant tracking of all devices in the area. There are several methods available to locate and track a device that is giving off an RF signal. This thesis looks at combining all these methods into an integrated, and more robust, facility security system

Using metrics from multiple layers to detect attacks in wireless networks

The IEEE 802.11 networks are vulnerable to numerous wireless-specific attacks. Attackers can implement MAC address spoofing techniques to launch these attacks, while masquerading themselves behind a false MAC address. The implementation of Intrusion Detection Systems has become fundamental in the development of security infrastructures for wireless networks. This thesis proposes the designing a novel security system that makes use of metrics from multiple layers of observation to produce a collective decision on whether an attack is taking place. The Dempster-Shafer Theory of Evidence is the data fusion technique used to combine the evidences from the different layers. A novel, unsupervised and self- adaptive Basic Probability Assignment (BPA) approach able to automatically adapt its beliefs assignment to the current characteristics of the wireless network is proposed. This BPA approach is composed of three different and independent statistical techniques, which are capable to identify the presence of attacks in real time. Despite the lightweight processing requirements, the proposed security system produces outstanding detection results, generating high intrusion detection accuracy and very low number of false alarms. A thorough description of the generated results, for all the considered datasets is presented in this thesis. The effectiveness of the proposed system is evaluated using different types of injection attacks. Regarding one of these attacks, to the best of the author knowledge, the security system presented in this thesis is the first one able to efficiently identify the Airpwn attack

Integrated Architecture for Configuration and Service Management in MANET Environments

Esta tesis nos ha permitido trasladar algunos conceptos teóricos de la computación ubicua a escenarios reales, identificando las necesidades específicas de diferentes tipos de aplicaciones. Con el fin de alcanzar este objetivo, proponemos dos prototipos que proporcionan servicios sensibles al contexto en diferentes entornos, tales como conferencias o salas de recuperación en hospitales. Estos prototipos experimentales explotan la tecnología Bluetooth para ofrecer información basada en las preferencias del usuario. En ambos casos, hemos llevado a cabo algunos experimentos con el fin de evaluar el comportamiento de los sistemas y su rendimento. También abordamos en esta tesis el problema de la autoconfiguración de redes MANET basadas en el estándar 802.11 a través de dos soluciones novedosas. La primera es una solución centralizada que se basa en la tecnología Bluetooth, mientras la segunda es una solución distribuida que no necesita recurrir a ninguna tecnología adicional, ya que se basa en el uso del parámetro SSID. Ambos métodos se han diseñado para permitir que usuarios no expertos puedan unirse a una red MANET de forma transparente, proporcionando una configuración automática, rápida, y fiable de los terminales. Los resultados experimentales en implementaciones reales nos han permitido evaluar el rendimiento de las soluciones propuestas y demostrar que las estaciones cercanas se pueden configurar en pocos segundos. Además, hemos comparado ambas soluciones entre sí para poner de manifiesto las diferentes ventajas y desventajas en cuanto a rendimento. La principal contribución de esta tesis es EasyMANET, una plataforma ampliable y configurable cuyo objetivo es automatizar lo máximo posible las tareas que afectan a la configuración y puesta en marcha de redes MANET, de modo que su uso sea más simple y accesible.Cano Reyes, J. (2012). Integrated Architecture for Configuration and Service Management in MANET Environments [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/14675Palanci

Performance modelling and enhancement of wireless communication protocols

In recent years, Wireless Local Area Networks(WLANs) play a key role in the data communications and networking areas, having witnessed significant research and development. WLANs are extremely popular being almost everywhere including business,office and home deployments.In order to deal with the modem Wireless connectivity needs,the Institute of Electrical and Electronics Engineers(IEEE) has developed the 802.11 standard family utilizing mainly radio transmission techniques, whereas the Infrared Data Association (IrDA) addressed the requirement for multipoint connectivity with the development of the Advanced Infrared(Alr) protocol stack. This work studies the collision avoidance procedures of the IEEE 802.11 Distributed Coordination Function (DCF) protocol and suggests certain protocol enhancements aiming at maximising performance. A new, elegant and accurate analysis based on Markov chain modelling is developed for the idealistic assumption of unlimited packet retransmissions as well as for the case of finite packet retry limits. Simple equations are derived for the through put efficiency, the average packet delay, the probability of a packet being discarded when it reaches the maximum retransmission limit, the average time to drop such a packet and the packet inter-arrival time for both basic access and RTS/CTS medium access schemes.The accuracy of the mathematical model is validated by comparing analytical with OPNET simulation results. An extensive and detailed study is carried out on the influence of performance of physical layer, data rate, packet payload size and several backoff parameters for both medium access mechanisms. The previous mathematical model is extended to take into account transmission errors that can occur either independently with fixed Bit Error Rate(BER) or in bursts. The dependency of the protocol performance on BER and other factors related to independent and burst transmission errors is explored. Furthermore, a simple-implement appropriate tuning of the back off algorithm for maximizing IEEE 802-11 protocol performance is proposed depending on the specific communication requirements. The effectiveness of the RTS/CTS scheme in reducing collision duration at high data rates is studied and an all-purpose expression for the optimal use of the RTS/CTS reservation scheme is derived. Moreover, an easy-to-implement backoff algorithm that significantly enhances performance is introduced and an alternative derivation is developed based on elementary conditional probability arguments rather than bi-dimensional Markov chains. Finally, an additional performance improvement scheme is proposed by employing packet bursting in order to reduce overhead costs such as contention time and RTS/CTSex changes. Fairness is explored in short-time and long-time scales for both the legacy DCF and packet bursting cases. AIr protocol employs the RTS/CTS medium reservation scheme to cope with hidden stations and CSMA/CA techniques with linear contention window (CW) adjustment for medium access. A 1-dimensional Markov chain model is constructed instead of the bi-dimensional model in order to obtain simple mathematical equations of the average packet delay.This new approach greatly simplifies previous analyses and can be applied to any CSMA/CA protocol.The derived mathematical model is validated by comparing analytical with simulation results and an extensive Alr packet delay evaluation is carried out by taking into account all the factors and parameters that affect protocol performance. Finally, suitable values for both backoff and protocol parameters are proposed that reduce average packet delay and, thus, maximize performance

Multi-layer traffic control for wireless networks

Le reti Wireless LAN, così come definite dallo standard IEEE 802.11, garantiscono connettività senza fili nei cosiddetti “hot-spot” (aeroporti, hotel, etc.), nei campus universitari, nelle intranet aziendali e nelle abitazioni. In tali scenari, le WLAN sono denotate come “ad infrastruttura” nel senso che la copertura della rete è basata sulla presenza di un “Access Point” che fornisce alle stazioni mobili l’accesso alla rete cablata. Esiste un ulteriore approccio (chiamato “ad-hoc”) in cui le stazioni mobili appartenenti alla WLAN comunicano tra di loro senza l’ausilio dell’Access Point. Le Wireless LAN tipicamente sono connesse alla rete di trasporto (che essa sia Internet o una Intranet aziendale) usando un’infrastruttura cablata. Le reti wireless Mesh ad infrastruttura (WIMN) rappresentano un’alternativa valida e meno costosa alla classica infrastruttura cablata. A testimonianza di quanto appena affermato vi è la comparsa e la crescita sul mercato di diverse aziende specializzate nella fornitura di infrastrutture di trasporto wireless e il lancio di varie attività di standardizzazione (tra cui spicca il gruppo 802.11s). La facilità di utilizzo, di messa in opera di una rete wireless e i costi veramente ridotti hanno rappresentato fattori critici per lo straordinario successo di tale tecnologia. Di conseguenza possiamo affermare che la tecnologia wireless ha modificato lo stile di vita degli utenti, il modo di lavorare, il modo di passare il tempo libero (video conferenze, scambio foto, condivisione di brani musicali, giochi in rete, messaggistica istantanea ecc.). D’altro canto, lo sforzo per garantire lo sviluppo di reti capaci di supportare servizi dati ubiqui a velocità di trasferimento elevate è strettamente legato a numerose sfide tecniche tra cui: il supporto per l’handover tra differenti tecnologie (WLAN/3G), la certezza di accesso e autenticazione sicure, la fatturazione e l’accounting unificati, la garanzia di QoS ecc. L’attività di ricerca svolta nell’arco del Dottorato si è focalizzata sulla definizione di meccanismi multi-layer per il controllo del traffico in reti wireless. In particolare, nuove soluzioni di controllo del traffico sono state realizzate a differenti livelli della pila protocollare (dallo strato data-link allo strato applicativo) in modo da fornire: funzionalità avanzate (autenticazione sicura, differenziazione di servizio, handover trasparente) e livelli soddisfacenti di Qualità del Servizio. La maggior parte delle soluzioni proposte in questo lavoro di tesi sono state implementate in test-bed reali. Questo lavoro riporta i risultati della mia attività di ricerca ed è organizzato nel seguente modo: ogni capitolo presenta, ad uno specifico strato della pila protocollare, un meccanismo di controllo del traffico con l’obiettivo di risolvere le problematiche presentate precedentemente. I Capitoli 1 e 2 fanno riferimento allo strato di Trasporto ed investigano il problema del mantenimento della fairness per le connessioni TCP. L’unfairness TCP conduce ad una significativa degradazione delle performance implicando livelli non soddisfacenti di QoS. Questi capitoli descrivono l’attività di ricerca in cui ho impiegato il maggior impegno durante gli studi del dottorato. Nel capitolo 1 viene presentato uno studio simulativo delle problematiche di unfairness TCP e vengono introdotti due possibili soluzioni basate su rate-control. Nel Capitolo 2 viene derivato un modello analitico per la fairness TCP e si propone uno strumento per la personalizzazione delle politiche di fairness. Il capitolo 3 si focalizza sullo strato Applicativo e riporta diverse soluzioni di controllo del traffico in grado di garantire autenticazione sicura in scenari di roaming tra provider wireless. Queste soluzioni rappresentano parte integrante del framework UniWireless, un testbed nazionale sviluppato nell’ambito del progetto TWELVE. Il capitolo 4 descrive, nuovamente a strato Applicativo, una soluzione (basata su SIP) per la gestione della mobilità degli utenti in scenari di rete eterogenei ovvero quando diverse tecnologie di accesso radio sono presenti (802.11/WiFi, Bluetooth, 2.5G/3G). Infine il Capitolo 5 fa riferimento allo strato Data-Link presentando uno studio preliminare di un approccio per il routing e il load-balancing in reti Mesh infrastrutturate.Wireless LANs, as they have been defined by the IEEE 802.11 standard, are shared media enabling connectivity in the so-called “hot-spots” (airports, hotel lounges, etc.), university campuses, enterprise intranets, as well as “in-home” for home internet access. With reference to the above scenarios, WLANs are commonly denoted as “infra-structured” in the sense that WLAN coverage is based on “Access Points” which provide the mobile stations with access to the wired network. In addition to this approach, there exists also an “ad-hoc” mode to organize WLANs where mobile stations talk to each other without the need of Access Points. Wireless LANs are typically connected to the wired backbones (Internet or corporate intranets) using a wired infrastructure. Wireless Infrastructure Mesh Networks (WIMN) may represent a viable and cost-effective alternative to this traditional wired approach. This is witnessed by the emergence and growth of many companies specialized in the provisioning of wireless infrastructure solutions, as well as the launch of standardization activities (such as 802.11s). The easiness of deploying and using a wireless network, and the low deployment costs have been critical factors in the extraordinary success of such technology. As a logical consequence, the wireless technology has allowed end users being connected everywhere – every time and it has changed several things in people’s lifestyle, such as the way people work, or how they live their leisure time (videoconferencing, instant photo or music sharing, network gaming, etc.). On the other side, the effort to develop networks capable of supporting ubiquitous data services with very high data rates in strategic locations is linked with many technical challenges including seamless vertical handovers across WLAN and 3G radio technologies, security, 3G-based authentication, unified accounting and billing, consistent QoS and service provisioning, etc. My PhD research activity have been focused on multi-layer traffic control for Wireless LANs. In particular, specific new traffic control solutions have been designed at different layers of the protocol stack (from the link layer to the application layer) in order to guarantee i) advanced features (secure authentication, service differentiation, seamless handover) and ii) satisfactory level of perceived QoS. Most of the proposed solutions have been also implemented in real testbeds. This dissertation presents the results of my research activity and is organized as follows: each Chapter presents, at a specific layer of the protocol stack, a traffic control mechanism in order to address the introduced above issues. Chapter 1 and Charter 2 refer to the Transport Layer, and they investigate the problem of maintaining fairness for TCP connections. TCP unfairness may result in significant degradation of performance leading to users perceiving unsatisfactory Quality of Service. These Chapters describe the research activity in which I spent the most significant effort. Chapter 1 proposes a simulative study of the TCP fairness issues and two different solutions based on Rate Control mechanism. Chapter 2 illustrates an analytical model of the TCP fairness and derives a framework allowing wireless network providers to customize fairness policies. Chapter 3 focuses on the Application Layer and it presents new traffic control solutions able to guarantee secure authentication in wireless inter-provider roaming scenarios. These solutions are an integral part of the UniWireless framework, a nationwide distributed Open Access testbed that has been jointly realized by different research units within the TWELVE national project. Chapter 4 describes again an Application Layer solution, based on Session Initiation Protocol to manage user mobility and provide seamless mobile multimedia services in a heterogeneous scenario where different radio access technologies are used (802.11/WiFi, Bluetooth, 2.5G/3G networks). Finally Chapter 5 refers to the Data Link Layer and presents a preliminary study of a general approach for routing and load balancing in Wireless Infrastructure Mesh Network. The key idea is to dynamically select routes among a set of slowly changing alternative network paths, where paths are created through the reuse of classical 802.1Q multiple spanning tree mechanisms

Evaluation of on-demand routing in mobile ad hoc networks and proposal for a secure routing protocol

Secure routing Mobile Ad hoc Networks (MANETs) has emerged as an important MANET research area. Initial work in MANET focused mainly on the problem of providing efficient mechanisms for finding paths in very dynamic networks, without considering the security of the routing process. Because of this, a number of attacks exploit these routing vulnerabilities to manipulate MANETs. In this thesis, we performed an in-depth evaluation and performance analysis of existing MANET Routing protocols, identifying Dynamic Source Routing (DSR) as the most robust (based on throughput, latency and routing overhead) which can be secured with negligible routing efficiency trade-off. We describe security threats, specifically showing their effects on DSR. We proposed a new routing protocol, named Authenticated Source Routing for Ad hoc Networks (ASRAN) which is an out-of-band certification-based, authenticated source routing protocol with modifications to the route acquisition process of DSR to defeat all identified attacks. Simulation studies confirm that ASRAN has a good trade-off balance in reference to the addition of security and routing efficiency