Securing Localization With Hidden and Mobile Base Stations

Abstract — Until recently, the problem of localization in wireless networks has been mainly studied in a non-adversarial setting. Only recently, a number of solutions have been proposed that aim to detect and prevent attacks on localization systems. In this work, we propose a new approach to secure localization based on hidden and mobile base stations. Our approach enables secure localization with a broad spectrum of localization techniques: ultrasonic or radio, based on received signal strength or signal time of flight. Through several examples we show how this approach can be used to secure node-centric and infrastructurecentric localization schemes. We further show how this approach can be applied to secure localization in sensor networks. I

Cloud-inclusive Aerial Imagery based on Commercial Flights as Remote Sensing Platform

Earth observation (EO) significantly increased in the second half of the 20th century and continues to advance rapidly, with remote sensing being a key component for gathering Earth-related information. Nowadays, satellites, manned aircraft, helicopters, UAVs and drones are used to capture aerial imagery in a periodic or schedule-based manner. This paper examine the feasibility of creating a novel remote sensing system by mounting cameras on commercial flights. The study evaluates flight coverage, including spatial and temporal resolutions, and considers the impact of clouds on image usability. We have compared flight coverage with cloud-inclusive flight coverage, which represents reduced flight coverage based on cloud quantity. Results show that entire country of Croatia is covered between 95% and 100% during the day and night. However, when clouds are included in the calculation, it is important to consider different altitudes and periods of the year because their distribution is not the same. In a less cloudy month (August), the highest differences between flight coverage and cloud-inclusive flight coverage for high-altitude flights are 70% for the worst-case scenario and 25% for the best-case scenario. Results show it is feasible to use commercial flights as a new remote sensing system

On Selfish Behavior in CSMA/CA Networks

CSMA/CA protocols rely on the random deferment of packet transmissions. Like most other protocols, CSMA/CA was designed with the assumption that the nodes would play by the rules. This can be dangerous, since the nodes themselves control their random deferment. Indeed, with the higher programmability of the network adapters, the temptation to tamper with the software or firmware is likely to grow; by doing so, a user could obtain a much larger share of the available bandwidth at the expense of other users. We use a game-theoretic approach to investigate the problem of the selfish behavior of nodes in CSMA/CA networks, specifically geared towards the most widely accepted protocol in this class of protocols, IEEE~802.11. We characterize two families of Nash equilibria in a single stage game, one of which always results in a network collapse. We argue that this result provides an incentive for cheaters to cooperate with each other. Explicit cooperation among nodes is clearly impractical. By applying the model of dynamic games borrowed from game theory, we derive the conditions for the stable and optimal functioning of a population of cheaters. We use this insight to develop a simple, localized and distributed protocol that successfully guides multiple selfish nodes to a Pareto-optimal Nash equilibrium

Minimum-energy broadcast in all-wireless networks: NP-Completeness and distribution issues

In all-wireless networks a crucial problem is to minimize energy consumption, as in most cases the nodes are battery-operated. We focus on the problem of power-optimal broadcast, for which it is well known that the broadcast nature of the radio transmission can be exploited to optimize energy consumption. Several authors have conjectured that the problem of power-optimal broadcast is NP-complete. We provide here a formal proof, both for the general case and for the geometric one; in the former case, the network topology is represented by a generic graph with arbitrary weights, whereas in the latter a Euclidean distance is considered. We then describe a new heuristic, Embedding Wireless Multicast Advantage. We show that it compares well with other proposals and we explain how it can be distributed

Efficient MAC in cognitive radio systems: A game-theoretic approach

In this paper, we study the problem of efficient medium access control (MAC) among cognitive radio devices that are equipped with multiple radios and thus are capable of transmitting simultaneously at different frequencies (channels). We assume that radios contend on each channel using the Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) protocol. We study two MAC problems: (i) the allocation of the available channels among radios, and (ii) the optimal usage of each allocated channel by the radios occupying it. Both problems are studied in a game-theoretic setting, where devices aim to selfishly maximize their share of the available bandwidth. As for the first problem, we show that the ”price of anarchy" is close to 1, that is, Nash equilibria imply nearly system optimal allocations of the available channels. For the second problem, we design a game such that it admits a unique Nash equilibrium that is is both fair and Pareto-optimal. Furthermore, we propose simple mechanisms that enable selfish cognitive radio devices not only to coordinate efficiently on the available channels but also to optimally use every single allocated channel

Multi-radio Channel Allocation in Competitive Wireless Networks

Channel allocation has been extensively studied in the framework of cellular networks, but the emergence of new system concepts, such as cognitive radio systems, bring this topic into the focus of research again. In this paper, we provide a formal analysis of the selfish multi-radio channel allocation problem using game theory. We conclude that in spite of the non-cooperative behavior of such devices, their channel allocation results in a Pareto- and system-optimal solution. Furthermore, we present a simple algorithm to achieve this efficient channel allocation. To the best of our knowledge, our paper is the first contribution to this important topic

Border Games in Cellular Networks

In each country today, cellular networks operate on carefully separated frequency bands. This separation is imposed by the regulators of the given country to avoid interference between these networks. But, the separation is only valid within the borders of a country, hence the operators are left on their own to resolve cross-border interference of their cellular networks. In this paper, we focus on the scenario of two operators, each located on one side of the border. We assume that they want to fine-tune the emitting power of the pilot signals (i.e., beacon signals) of their base stations. This operation is crucial, because the pilot signal power determines the number of users they can attract and hence the revenue they can obtain. In the case of no power costs, we show that there exists a motivation for the operators to be strategic, meaning to fine-tune the pilot signal powers of their base stations. In addition, we study Nash equilibrium conditions in an empirical model and investigate the efficiency of the Nash equilibria for different user densities. Finally, we modify our game model to take power costs into account. The game with power costs corresponds to the well-known Prisoner's Dilemma: The players are still motivated to adjust their pilot powers, but their strategic behavior leads to a sub-optimal Nash equilibrium

Information Warfare-Worthy Jamming Attack Detection Mechanism for Wireless Sensor Networks Using a Fuzzy Inference System

The proposed mechanism for jamming attack detection for wireless sensor networks is novel in three respects: firstly, it upgrades the jammer to include versatile military jammers; secondly, it graduates from the existing node-centric detection system to the network-centric system making it robust and economical at the nodes, and thirdly, it tackles the problem through fuzzy inference system, as the decision regarding intensity of jamming is seldom crisp. The system with its high robustness, ability to grade nodes with jamming indices, and its true-detection rate as high as 99.8%, is worthy of consideration for information warfare defense purposes

Thwarting selfish and malicious behavior in wireless networks

Security is at the core of any communication system and, in particular, of wireless (radio) networks. In this thesis, we focus on three important security aspects in the framework of wireless networks: selfish (noncooperative) behavior at the Medium Access Control (MAC) layer, "radio channel jamming"-based Denial-of-Service (DoS) attacks against sensor networks and secure key agreement in peer-to-peer wireless networks. In the context of selfish behavior at the MAC layer, we focus on single collision domain Carrier-Sense Multiple-Access with Collision Avoidance (CSMA/CA) networks. We use both cooperative and non-cooperative game theory to model and analyze the co-existence of multiple CSMA/CA selfish users. Using insights from the game theoretic analysis, we propose a simple channel access protocol that discourages selfish behavior and results in the optimal and fair allocation of the available bandwidth. We perform an extensive evaluation of the proposed protocol. We then consider two types of malicious behavior. The first type deals with an adversary who tries to obstruct the operation of a wireless network by jamming the used radio channel. The second type is concerned with an adversary who interferes with a key agreement protocol executed between parties that use a radio link, in an attempt to learn their private information or to fool them into accepting fake messages as genuine. Concerning the first kind of malicious behavior, we focus on wireless sensor networks, perhaps the most vulnerable category of wireless networks to this kind of threat. An adversary can mask the events that the sensor network should detect by stealthily jamming an appropriate subset of the nodes; in this way, he prevents them from reporting what they sense to the network operator. Therefore, in spite of the fact that an event is sensed by one or several nodes (and the sensor network is fully connected), the network operator cannot be informed on time – we call this the coverage paradox. To mitigate this problem, we propose a reactive defense mechanism based on wormholes, which were so far considered to be a security threat. In our solution, thanks to channel diversity, the nodes under the jamming attack are able to create (probabilistically) a communication route that is resistant to jamming; thus, appropriate information can be conveyed out of the jammed region. We develop appropriate mathematical models to study the proposed mechanisms. Concerning the second kind of malicious behavior, we focus on the problem of a user-friendly key agreement (and message authentication) in settings where the users do not share any authenticated secret or certified public key in advance. We base our approach on the Diffie-Hellman key agreement protocol, which is known to be vulnerable to the "man-in-the-middle" attack if the users involved in the protocol do not share any authenticated information about each other (e.g., public keys, certificates, passwords, shared keys, etc.) prior to the protocol execution. We solve the problem by leveraging on the natural ability of users to authenticate each other by visual and verbal contact. We propose three techniques: the first is based on the visual comparison of short strings, the second on distance bounding, and the third on a novel concept called integrity codes (I-codes). In each case, the users do not need to enter any password or other data, nor do they need physical or infrared connectivity between their devices. We analyze our protocols using a well-established methodology that leads us to a rigorous modularization and a thorough robustness proof of our proposal. We also provide an implementation of I-codes