Capabilities of Low-Power Wireless Jammers

In this paper, motivated by the goal of modeling the fine-grain capabilities of jammers for the context of security in low-power wireless networks, we experimentally characterize jamming in networks of CC2420 radio motes and CC1000 radio motes. Our findings include that it is easy to locate J (relative to S and R) and choose its power level so that J can corrupt S's messages with high probability as well as corrupt individual S's bits with nontrivial probability. Internal jammers are however limited in at least two ways: One, it is hard for them to prevent R from detecting that it has received an uncorrupted message from S. And two, the outcome of their corruptions are not only not deterministic, even the probabilities of corrupted outcomes are time-varying. We therefore conclude that it is hard to predict the value resulting from colliding S's messages (bits) with J's messages (bits) and, conversely, to deduce the value sent by S's or J's from the corrupted value received by R.

[1]  Deborah Estrin,et al.  Complex Behavior at Scale: An Experimental Study of Low-Power Wireless Sensor Networks , 2002 .

[2]  Philip Levis,et al.  Understanding the causes of packet delivery success and failure in dense wireless sensor networks , 2006, SenSys '06.

[3]  Bhaskar Krishnamachari,et al.  Experimental study of concurrent transmission in wireless sensor networks , 2006, SenSys '06.

[4]  Adrian Perrig,et al.  Message-in-a-bottle: user-friendly and secure key deployment for sensor nodes , 2007, SenSys '07.

[5]  Wenyuan Xu,et al.  The feasibility of launching and detecting jamming attacks in wireless networks , 2005, MobiHoc '05.

[6]  Tamer Basar,et al.  With the Capacity 0.461(bits) and the Optimal Opd Being 'q = , 1998 .

[7]  J. Heidemann,et al.  Experimental Analysis of Concurrent Packet Transmissions in Low-Power Wireless Networks , 2005 .

[8]  Dan Rubenstein,et al.  Using Channel Hopping to Increase 802.11 Resilience to Jamming Attacks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[9]  Kang G. Shin,et al.  On accurate measurement of link quality in multi-hop wireless mesh networks , 2006, MobiCom '06.

[10]  F. Jiang,et al.  Exploiting the capture effect for collision detection and recovery , 2005, The Second IEEE Workshop on Embedded Networked Sensors, 2005. EmNetS-II..

[11]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[12]  Ranjan K. Mallik,et al.  Analysis of an on-off jamming situation as a dynamic game , 2000, IEEE Trans. Commun..

[13]  P. Levis,et al.  RSSI is Under Appreciated , 2006 .

[14]  Ian W. McKeague,et al.  The coding capacity of mismatched Gaussian channels , 1986, IEEE Trans. Inf. Theory.

[15]  Yee Wei Law,et al.  Energy-efficient link-layer jamming attacks against wireless sensor network MAC protocols , 2005, TOSN.

[16]  R. Negi,et al.  Secret communication using artificial noise , 2005, VTC-2005-Fall. 2005 IEEE 62nd Vehicular Technology Conference, 2005..

[17]  Wenyuan Xu,et al.  Jamming sensor networks: attack and defense strategies , 2006, IEEE Network.

[18]  Anish Arora,et al.  Dialog codes for secure wireless communications , 2009, 2009 International Conference on Information Processing in Sensor Networks.

[19]  H. Vincent Poor,et al.  The Wiretap Channel With Feedback: Encryption Over the Channel , 2007, IEEE Transactions on Information Theory.

[20]  L. Pap A general jamming model of spread-spectrum systems , 1993, Proceedings of ICC '93 - IEEE International Conference on Communications.

[21]  Evaggelos Geraniotis Effect of Worst Case Multiple Partial-Band Noise and Tone Jammers on Coded FH/SSMA Systems , 1990, IEEE J. Sel. Areas Commun..