Convolution Attack on Frequency Hopping by Full-Duplex Radios

In this paper, we propose a new adversarial attack on frequency-hopping-based wireless communication between two users, namely Alice and Bob. In this attack, the adversary referred to as Eve, instantaneously modifies the transmitted signal by Alice before forwarding it to Bob within the symbol period. We show that this attack forces Bob to incorporate Eve's signal in the decoding process; otherwise, treating it as noise would further degrade the performance akin to jamming. Through this attack, we show that Eve can convert a slow-fading channel between Alice and Bob to a rapid-fading one by modifying every transmitted symbol independently. As a result, neither pilot-assisted coherent detection techniques nor blind-detection methods are directly applicable as countermeasures. As potential mitigation strategies, we explore the applicability of frequency hopping along with on–off keying (OOK) and binary frequency-shift keying (BFSK) as modulation schemes. In the case of OOK, the attacker attempts to introduce deep fades on the tone carrying the information bit, whereas in the case of BFSK, the attacker pours comparable energy levels on the tones carrying bit-0 and bit-1, thereby degrading the performance. Based on extensive analyses and experimental results, we show that when using OOK, Bob must be equipped with a large number of receive antennas to reliably detect Alice's signal, and when using BFSK, Alice and Bob must agree upon a secret key to randomize the location of the tones carrying the bits, in addition to randomizing the carrier frequency of communication.

[1]  Philip Levis,et al.  Practical, real-time, full duplex wireless , 2011, MobiCom.

[2]  Qiang Wang,et al.  Instantaneous Relaying: Feasibility Conditions for Interference Neutralization , 2015, IEEE Communications Letters.

[3]  Yih-Chun Hu,et al.  Cognitive radio from hell: Flipping attack on direct-sequence spread spectrum , 2018, 2018 IEEE Wireless Communications and Networking Conference (WCNC).

[4]  Özgür Gürbüz,et al.  A Low-Complexity Full-Duplex Radio Implementation With a Single Antenna , 2018, IEEE Transactions on Vehicular Technology.

[5]  Georgios B. Giannakis,et al.  Block differential encoding for rapidly fading channels , 2003, 2003 IEEE International Conference on Acoustics, Speech, and Signal Processing, 2003. Proceedings. (ICASSP '03)..

[6]  Ivan Martinovic,et al.  Short paper: reactive jamming in wireless networks: how realistic is the threat? , 2011, WiSec '11.

[7]  Philip Levis,et al.  Achieving single channel, full duplex wireless communication , 2010, MobiCom.

[8]  Jens B. Schmitt,et al.  Detection of Reactive Jamming in DSSS-based Wireless Communications , 2014, IEEE Transactions on Wireless Communications.

[9]  Charalampos Konstantopoulos,et al.  A survey on jamming attacks and countermeasures in WSNs , 2009, IEEE Communications Surveys & Tutorials.

[10]  R. Srikant,et al.  Correlated Jamming on MIMO Gaussian Fading Channels , 2004, IEEE Trans. Inf. Theory.

[11]  Martin Reisslein,et al.  Full-Duplex Communication in Cognitive Radio Networks: A Survey , 2017, IEEE Communications Surveys & Tutorials.

[12]  Sachin Katti,et al.  FastForward , 2014, SIGCOMM.

[13]  Srikanth V. Krishnamurthy,et al.  On the Efficacy of Frequency Hopping in Coping with Jamming Attacks in 802.11 Networks , 2010, IEEE Transactions on Wireless Communications.

[14]  Lajos Hanzo,et al.  A Survey on Wireless Security: Technical Challenges, Recent Advances, and Future Trends , 2015, Proceedings of the IEEE.

[15]  Srdjan Capkun,et al.  Realization of RF Distance Bounding , 2010, USENIX Security Symposium.

[16]  Gil Zussman,et al.  Integrated Full Duplex Radios , 2017, IEEE Communications Magazine.

[17]  Momin Uppal,et al.  Stalkers: A physical-layer solution towards co-existence with WiFi , 2018, 2018 IEEE Wireless Communications and Networking Conference (WCNC).

[18]  Eduard A. Jorswieck,et al.  Instantaneous Relaying: Optimal Strategies and Interference Neutralization , 2012, IEEE Transactions on Signal Processing.

[19]  Thomas M. Cover,et al.  Elements of Information Theory: Cover/Elements of Information Theory, Second Edition , 2005 .

[20]  Yih-Chun Hu,et al.  Dynamic Jamming Mitigation for Wireless Broadcast Networks , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[21]  Georgios B. Giannakis,et al.  Equalization of rapidly fading channels: self-recovering methods , 1996, IEEE Trans. Commun..

[22]  Peng Ning,et al.  Wireless Communications under Broadband Reactive Jamming Attacks , 2016, IEEE Transactions on Dependable and Secure Computing.

[23]  Srikanth V. Krishnamurthy,et al.  Gaming the jammer: Is frequency hopping effective? , 2009, 2009 7th International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks.

[24]  P. M. Grant,et al.  Digital communications. 3rd ed , 2009 .

[25]  Ming Li,et al.  MIMO-based jamming resilient communication in wireless networks , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[26]  Erik G. Larsson,et al.  Massive MIMO for next generation wireless systems , 2013, IEEE Communications Magazine.

[27]  Eylem Ekici,et al.  Optimal Power Allocation and Scheduling Under Jamming Attacks , 2017, IEEE/ACM Transactions on Networking.

[28]  Niraj K. Jha,et al.  A Comprehensive Study of Security of Internet-of-Things , 2017, IEEE Transactions on Emerging Topics in Computing.

[29]  Ashutosh Sabharwal,et al.  Full-duplex wireless communications using off-the-shelf radios: Feasibility and first results , 2010, 2010 Conference Record of the Forty Fourth Asilomar Conference on Signals, Systems and Computers.

[30]  Sayyed Aziz,et al.  PACKET-HIDING METHODS FOR PREVENTING SELECTIVE JAMMING ATTACKS , 2014 .

[31]  Wenyuan Xu,et al.  The feasibility of launching and detecting jamming attacks in wireless networks , 2005, MobiHoc '05.

[32]  Yih-Chun Hu,et al.  JIM-Beam: Jamming-Resilient Wireless Flooding Based on Spatial Randomness , 2013, MILCOM 2013 - 2013 IEEE Military Communications Conference.