Sub-Nanosecond Time of Flight on Commercial Wi-Fi Cards

Time-of-flight, i.e., the time incurred by a signal to travel from transmitter to receiver, is perhaps the most intuitive way to measure distances using wireless signals. It is used in major positioning systems such as GPS, RADAR, and SONAR. However, attempts at using time-of-flight for indoor localization have failed to deliver acceptable accuracy due to fundamental limitations in measuring time on Wi-Fi and other RF consumer technologies. While the research community has developed alternatives for RF-based indoor localization that do not require time-of-flight, those approaches have their own limitations that hamper their use in practice. In particular, many existing approaches need receivers with large antenna arrays while commercial Wi-Fi nodes have two or three antennas. Other systems require fingerprinting the environment to create signal maps. More fundamentally, none of these methods support indoor positioning between a pair of Wi-Fi devices without~third~party~support. In this paper, we present a set of algorithms that measure the time-of-flight to sub-nanosecond accuracy on commercial Wi-Fi cards. We implement these algorithms and demonstrate a system that achieves accurate device-to-device localization, i.e. enables a pair of Wi-Fi devices to locate each other without any support from the infrastructure, not even the location of the access points.Comment: 14 page

Opportunistic communications in large uncoordinated networks

(English) The increase of wireless devices offering high data rate services limits the coexistence of wireless systems sharing the same resources in a given geographical area because of inter-system interference. Therefore, interference management plays a key role in permitting the coexistence of several heterogeneous communication services. However, classical interference management strategies require lateral information giving rise to the need for inter-system coordination and cooperation, which is not always practical. Opportunistic communications offer a potential solution to the problem of inter-system interference management. The basic principle of opportunistic communications is to efficiently and robustly exploit the resources available in a wireless network and adapt the transmitted signals to the state of the network to avoid inter-system interference. Therefore, opportunistic communications depend on inferring the available network resources that can be safely exploited without inducing interference in coexisting communication nodes. Once the available network resources are identified, the most prominent opportunistic communication techniques consist in designing scenario-adapted precoding/decoding strategies to exploit the so-called null space. Despite this, classical solutions in the literature suffer from two main drawbacks: the lack of robustness to detection errors and the need for intra-system cooperation. This thesis focuses on the design of a null space-based opportunistic communication scheme that addresses the drawbacks exhibited by existing methodologies under the assumption that opportunistic nodes do not cooperate. For this purpose, a generalized detection error model independent of the null-space identification mechanism is introduced that allows the design of solutions that exhibit minimal inter-system interference in the worst case. These solutions respond to a maximum signal-to-interference ratio (SIR) criterion, which is optimal under non-cooperative conditions. The proposed methodology allows the design of a family of orthonormal waveforms that perform a spreading of the modulated symbols within the detected null space, which is key to minimizing the induced interference density. The proposed solutions are invariant within the inferred null space, allowing the removal of the feedback link without giving up coherent waveform detection. In the absence of coordination, the waveform design relies solely on locally sensed network state information, inducing a mismatch between the null spaces identified by the transmitter and receiver that may worsen system performance. Although the proposed solution is robust to this mismatch, the design of enhanced receivers using active subspace detection schemes is also studied. When the total number of network resources increases arbitrarily, the proposed solutions tend to be linear combinations of complex exponentials, providing an interpretation in the frequency domain. This asymptotic behavior allows us to adapt the proposed solution to frequency-selective channels by means of a cyclic prefix and to study an efficient modulation similar to the time division multiplexing scheme but using circulant waveforms. Finally, the impact of the use of multiple antennas in opportunistic null space-based communications is studied. The performed analysis reveals that, in any case, the structure of the antenna clusters affects the opportunistic communication, since the proposed waveform mimics the behavior of a single-antenna transmitter. On the other hand, the number of sensors employed translates into an improvement in terms of SIR.(Català) El creixement incremental dels dispositius sense fils que requereixen serveis d'alta velocitat de dades limita la coexistència de sistemes sense fils que comparteixen els mateixos recursos en una àrea geogràfica donada a causa de la interferència entre sistemes. Conseqüentment, la gestió d'interferència juga un paper fonamental per a facilitar la coexistència de diversos serveis de comunicació heterogenis. No obstant això, les estratègies clàssiques de gestió d'interferència requereixen informació lateral originant la necessitat de coordinació i cooperació entre sistemes, que no sempre és pràctica. Les comunicacions oportunistes ofereixen una solució potencial al problema de la gestió de les interferències entre sistemes. El principi bàsic de les comunicacions oportunistes és explotar de manera eficient i robusta els recursos disponibles en una xarxa sense fils i adaptar els senyals transmesos a l'estat de la xarxa per evitar interferències entre sistemes. Per tant, les comunicacions oportunistes depenen de la inferència dels recursos de xarxa disponibles que poden ser explotats de manera segura sense induir interferència en els nodes de comunicació coexistents. Una vegada que s'han identificat els recursos de xarxa disponibles, les tècniques de comunicació oportunistes més prominents consisteixen en el disseny d'estratègies de precodificació/descodificació adaptades a l'escenari per explotar l'anomenat espai nul. Malgrat això, les solucions clàssiques en la literatura sofreixen dos inconvenients principals: la falta de robustesa als errors de detecció i la necessitat de cooperació intra-sistema. Aquesta tesi tracta el disseny d'un esquema de comunicació oportunista basat en l'espai nul que afronta els inconvenients exposats per les metodologies existents assumint que els nodes oportunistes no cooperen. Per a aquest propòsit, s'introdueix un model generalitzat d'error de detecció independent del mecanisme d'identificació de l'espai nul que permet el disseny de solucions que exhibeixen interferències mínimes entre sistemes en el cas pitjor. Aquestes solucions responen a un criteri de màxima relació de senyal a interferència (SIR), que és òptim en condicions de no cooperació. La metodologia proposada permet dissenyar una família de formes d'ona ortonormals que realitzen un spreading dels símbols modulats dins de l'espai nul detectat, que és clau per minimitzar la densitat d’interferència induïda. Les solucions proposades són invariants dins de l'espai nul inferit, permetent suprimir l'enllaç de retroalimentació i, tot i així, realitzar una detecció coherent de forma d'ona. Sota l’absència de coordinació, el disseny de la forma d'ona es basa únicament en la informació de l'estat de la xarxa detectada localment, induint un desajust entre els espais nuls identificats pel transmissor i receptor que pot empitjorar el rendiment del sistema. Tot i que la solució proposada és robusta a aquest desajust, també s'estudia el disseny de receptors millorats fent ús de tècniques de detecció de subespai actiu. Quan el nombre total de recursos de xarxa augmenta arbitràriament, les solucions proposades tendeixen a ser combinacions lineals d'exponencials complexes, proporcionant una interpretació en el domini freqüencial. Aquest comportament asimptòtic permet adaptar la solució proposada a entorns selectius en freqüència fent ús d'un prefix cíclic i estudiar una modulació eficient derivada de l'esquema de multiplexat per divisió de temps emprant formes d'ona circulant. Finalment, s’estudia l'impacte de l'ús de múltiples antenes en comunicacions oportunistes basades en l'espai nul. L'anàlisi realitzada permet concloure que, en cap cas, l'estructura de les agrupacions d'antenes tenen un impacte sobre la comunicació oportunista, ja que la forma d'ona proposada imita el comportament d'un transmissor mono-antena. D'altra banda, el nombre de sensors emprat es tradueix en una millora en termes de SIR.(Español) El incremento de los dispositivos inalámbricos que ofrecen servicios de alta velocidad de datos limita la coexistencia de sistemas inalámbricos que comparten los mismos recursos en un área geográfica dada a causa de la interferencia inter-sistema. Por tanto, la gestión de interferencia juega un papel fundamental para facilitar la coexistencia de varios servicios de comunicación heterogéneos. Sin embargo, las estrategias clásicas de gestión de interferencia requieren información lateral originando la necesidad de coordinación y cooperación entre sistemas, que no siempre es práctica. Las comunicaciones oportunistas ofrecen una solución potencial al problema de la gestión de las interferencias entre sistemas. El principio básico de las comunicaciones oportunistas es explotar de manera eficiente y robusta los recursos disponibles en una red inalámbricas y adaptar las señales transmitidas al estado de la red para evitar interferencias entre sistemas. Por lo tanto, las comunicaciones oportunistas dependen de la inferencia de los recursos de red disponibles que pueden ser explotados de manera segura sin inducir interferencia en los nodos de comunicación coexistentes. Una vez identificados los recursos disponibles, las técnicas de comunicación oportunistas más prominentes consisten en el diseño de estrategias de precodificación/descodificación adaptadas al escenario para explotar el llamado espacio nulo. A pesar de esto, las soluciones clásicas en la literatura sufren dos inconvenientes principales: la falta de robustez a los errores de detección y la necesidad de cooperación intra-sistema. Esta tesis propone diseñar un esquema de comunicación oportunista basado en el espacio nulo que afronta los inconvenientes expuestos por las metodologías existentes asumiendo que los nodos oportunistas no cooperan. Para este propósito, se introduce un modelo generalizado de error de detección independiente del mecanismo de identificación del espacio nulo que permite el diseño de soluciones que exhiben interferencias mínimas entre sistemas en el caso peor. Estas soluciones responden a un criterio de máxima relación de señal a interferencia (SIR), que es óptimo en condiciones de no cooperación. La metodología propuesta permite diseñar una familia de formas de onda ortonormales que realizan un spreading de los símbolos modulados dentro del espacio nulo detectado, que es clave para minimizar la densidad de interferencia inducida. Las soluciones propuestas son invariantes dentro del espacio nulo inferido, permitiendo suprimir el enlace de retroalimentación sin renunciar a la detección coherente de forma de onda. En ausencia de coordinación, el diseño de la forma de onda se basa únicamente en la información del estado de la red detectada localmente, induciendo un desajuste entre los espacios nulos identificados por el transmisor y receptor que puede empeorar el rendimiento del sistema. A pesar de que la solución propuesta es robusta a este desajuste, también se estudia el diseño de receptores mejorados usando técnicas de detección de subespacio activo. Cuando el número total de recursos de red aumenta arbitrariamente, las soluciones propuestas tienden a ser combinaciones lineales de exponenciales complejas, proporcionando una interpretación en el dominio frecuencial. Este comportamiento asintótico permite adaptar la solución propuesta a canales selectivos en frecuencia mediante un prefijo cíclico y estudiar una modulación eficiente derivada del esquema de multiplexado por división de tiempo empleando formas de onda circulante. Finalmente, se estudia el impacto del uso de múltiples antenas en comunicaciones oportunistas basadas en el espacio nulo. El análisis realizado revela que la estructura de las agrupaciones de antenas no afecta la comunicación oportunista, ya que la forma de onda propuesta imita el comportamiento de un transmisor mono-antena. Por otro lado, el número de sensores empleado se traduce en una mejora en términos de SIR.Postprint (published version

Alibi framework for identifying reactive jamming nodes in wireless LAN

Reactive jamming nodes are the nodes of the network that get compromised and become the source of jamming attacks. They assume to know any shared secrets and protocols used in the networks. Thus, they can jam very effectively and are very stealthy. We propose a novel approach to identifying the reactive jamming nodes in wireless LAN (WLAN). We rely on the half-duplex nature of nodes: they cannot transmit and receive at the same time. Thus, if a compromised node jams a packet, it cannot guess the content of the jammed packet. More importantly, if an honest node receives a jammed packet, it can prove that it cannot be the one jamming the packet by showing the content of the packet. Such proofs of jammed packets are called "alibis" - the key concept of our approach. In this paper, we present an alibi framework to deal with reactive jamming nodes in WLAN. We propose a concept of alibi-safe topologies on which our proposed identification algorithms are proved to correctly identify the attackers. We further propose a realistic protocol to implement the identification algorithm. The protocol includes a BBC-based timing channel for information exchange under the jamming situation and a similarity hashing technique to reduce the storage and network overhead. The framework is evaluated in a realistic TOSSIM simulation where the simulation characteristics and parameters are based on real traces on our small-scale MICAz test-bed. The results show that in reasonable dense networks, the alibi framework can accurately identify both non-colluding and colluding reactive jamming nodes. Therefore, the alibi approach is a very promising approach to deal with reactive jamming nodes.published or submitted for publicationnot peer reviewe

Jamming attack on in-band full-duplex communications: Detection and countermeasures

© 2016 IEEE. Recent advances in the design of in-band full-duplex (IBFD) radios promise to double the throughput of a wireless link. However, IBFD-capable nodes are more vulnerable to jamming attacks than their out-of-band full-duplex (OBFD) counterparts, and any advantages offered by them over the OBFD nodes can be jeopardized by such attacks. A jammer needs to attack both the uplink and the downlink channels to completely break the communication link between two OBFD nodes. In contrast, he only needs to jam one channel (used for both uplink and downlink) in the case of two IBFD nodes. Even worse, a jammer with the IBFD capability can learn the transmitters' activity while injecting interference, allowing it to react instantly with the transmitter's strategies. In this paper, we investigate frequency hopping (FH) technique for countering jamming attacks in the context of IBFD wireless radios. Specifically, we develop an optimal strategy for IBFD radios to combat an IBFD reactive sweep jammer. First, we introduce two operational modes for IBFD radios: transmission reception and transmission-detection. These modes are intended to boost the anti-jamming capability of IBFD radios. We then jointly optimize the decision of when to switch between the modes and when to hop to a new channel using Markov decision processes. Numerical investigations show that our policy significantly improves the throughput of IBFD nodes under jamming attacks

Magnetic Resonance Wireless Power Transfer Systems Sensing and Applications

Magnetic Resonance (MR) Wireless Power Transfer (WPT) is a specific case for thewell known inductive coupling principle where energy is transmitted from a transmittingcoil to a receiving one without the need of any wires. This technology brings enhancedcapabilities and offers the possibility to create cutting edge wireless charging systems. Theobjective of this thesis is to understand and develop the elements needed to build a MR WPT system capable of charging multiple wearable devices placed over a large surface.The focus is put in current and voltage sensing at high frequency for system monitor-ing; power amplifier topology design to maintain good performance across a range of loadvalues; and the beamforming and energy hopping applications validation to deal withcharging area coverage and transmission distance issues. The results show how the pres-ence of a receiver can be detected from the current change measured at the transmitter, aswell as voltage measurements are used as redundant information for system failure detec-tion; a class E power amplifier has been successfully designed to operate with loads thatdiffer 1 order of magnitude from each other; beamforming and energy hopping simulationenvironments have been set, and experiments have shown a 50% improve in the receivedsignal strength with the use of beamforming, while the enrgy hopping phenomena hasbeen empirically demonstrated for up to four hops along a planar array of coils. A solidbasis has been set to allow further development of the aimed wireless charging surface

Jamming Cognitive Radios

The goal of this thesis is to identify and evaluate weaknesses in the rendezvous process for Cognitive Radio Networks (CRNs) in the presence of a Cognitive Jammer (CJ). Jamming strategies are suggested and tested for effectiveness. Methods for safe- guarding the Cognitive Radios (CRs) against a CJ are also explored. A simulation is constructed to set up a scenario of two CRs interacting with a CJ. Analysis of the simulation is conducted primarily at the waveform level. A hardware setup is constructed to analyze the system in the physical layer, verify the interactions from the simulation, and test in a low signal-to-interference and noise ratio (SINR) environment. The hardware used in this thesis is the Wireless Open-Access Research Platform. Performance metrics from open literature and independent testing are compared against those captured from the jamming tests. The goal of testing is to evaluate and quantify the ability to delay the rendezvous process of a CRN. There was some success in delaying rendezvous, even in a high SINR environment. Jamming strategies include a jammer that repeats an observed channel-hopping pattern, a jammer with random inputs using the same algorithm of the CRs, a jammer that estimates channel-hopping parameters based on observations, and a random channel-hopping jammer. Results were compared against control scenarios, consisting of no jamming and a jammer that is always jamming on the same channel as one of the CRs. The repeater, random inputs to the CR algorithm, observation-based estimation jammer, and the random channel hopping jammer were mildly successful in delaying rendezvous at about 0%, 9%, 0%, and 1%, respectively. The jammer that is always on the same channel as a CR had an overall rendezvous delay about 13% of the time

Opportunistic Access in Frequency Hopping Cognitive Radio Networks

Researchers in the area of cognitive radio often investigate the utility of dynamic spectrum access as a means to make more efficient use of the radio frequency spectrum. Many studies have been conducted to find ways in which a secondary user can occupy spectrum licensed to a primary user in a manner which does not disrupt the primary user\u27s performance. This research investigates the use of opportunistic access in a frequency hopping radio to mitigate the interference caused by other transmitters in a contentious environment such as the unlicensed 2.4 GHz region. Additionally, this work demonstrates how dynamic spectrum access techniques can be used not only to prevent interfering with other users but also improve the robustness of a communication system