Investigation of Signal and Message Manipulations on the Wireless Channel

We explore the suitability of Dolev-Yao-based attacker models for the security analysis of wireless communication. The Dolev-Yao model is commonly used for wireline and wireless networks. It is defined on abstract messages exchanged between entities and includes arbitrary, real-time modification of messages by the attacker. In this work, we aim at understanding and evaluating the conditions under which these real-time, covert low-energy signal modifications can be successful. In particular, we focus on the following signal and message manipulation techniques: symbol flipping and signal annihilation. We analyze these techniques theoretically, by simulations, and experiments and show their feasibility for particular wireless channels and scenarios.

[1]  E. Ross Association , 1886, American Journal of Sociology.

[2]  Anish Arora,et al.  Capabilities of Low-Power Wireless Jammers , 2009, IEEE INFOCOM 2009.

[3]  Tao Jin,et al.  Zero pre-shared secret key establishment in the presence of jammers , 2009, MobiHoc '09.

[4]  Antonio Pascual Iserte Channel state Information and joint transmitter-receiver design in multi-antenna systems , 2005 .

[5]  Radha Poovendran,et al.  Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[6]  Wenyuan Xu,et al.  Channel surfing: defending wireless sensor networks from jamming and interference , 2006, SenSys '06.

[7]  Josef Pieprzyk,et al.  Broadcast anti-jamming systems , 2001, Comput. Networks.

[8]  Peng Ning,et al.  Randomized Differential DSSS: Jamming-Resistant Wireless Broadcast Communication , 2010, 2010 Proceedings IEEE INFOCOM.

[9]  Srdjan Capkun,et al.  Attacks on public WLAN-based positioning systems , 2009, MobiSys '09.

[10]  Guevara Noubir,et al.  On link layer denial of service in data wireless LANs: Research Articles , 2005 .

[11]  Peng Ning,et al.  Defending DSSS-based broadcast communication against insider jammers via delayed seed-disclosure , 2010, ACSAC '10.

[12]  Sneha Kumar Kasera,et al.  Secret Key Extraction from Wireless Signal Strength in Real Environments , 2009, IEEE Transactions on Mobile Computing.

[13]  Srdjan Capkun,et al.  Integrity Codes: Message Integrity Protection and Authentication over Insecure Channels , 2006, IEEE Transactions on Dependable and Secure Computing.

[14]  T. Humphreys,et al.  Assessing the Spoofing Threat: Development of a Portable GPS Civilian Spoofer , 2008 .

[15]  Alan V. Oppenheim,et al.  Discrete-Time Signal Pro-cessing , 1989 .

[16]  Richard A. Poisel,et al.  Modern Communications Jamming Principles and Techniques , 2003 .

[17]  Srdjan Capkun,et al.  Jamming-resistant Key Establishment using Uncoordinated Frequency Hopping , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[18]  Srdjan Capkun,et al.  Integrity (I) codes: Message Integrity Protection Over Insecure Channels , 2005, S&P 2005.

[19]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[20]  Gaetano Borriello,et al.  SpotON: An Indoor 3D Location Sensing Technology Based on RF Signal Strength , 2000 .

[21]  Wenyuan Xu,et al.  The feasibility of launching and detecting jamming attacks in wireless networks , 2005, MobiHoc '05.

[22]  Larry J. Greenstein,et al.  Fingerprints in the Ether: Using the Physical Layer for Wireless Authentication , 2007, 2007 IEEE International Conference on Communications.

[23]  Guevara Noubir,et al.  On link layer denial of service in data wireless LANs , 2005, Wirel. Commun. Mob. Comput..

[24]  F. Jiang,et al.  Exploiting the capture effect for collision detection and recovery , 2005, The Second IEEE Workshop on Embedded Networked Sensors, 2005. EmNetS-II..

[25]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[26]  Panganamala Ramana Kumar,et al.  RHEINISCH-WESTFÄLISCHE TECHNISCHE HOCHSCHULE AACHEN , 2001 .

[27]  Srdjan Capkun,et al.  Modeling and Verifying Physical Properties of Security Protocols for Wireless Networks , 2009, 2009 22nd IEEE Computer Security Foundations Symposium.

[28]  Bhaskar Krishnamachari,et al.  Experimental study of concurrent transmission in wireless sensor networks , 2006, SenSys '06.

[29]  Alan V. Oppenheim,et al.  Discrete-time signal processing (2nd ed.) , 1999 .

[30]  David Tse,et al.  Fundamentals of Wireless Communication , 2005 .

[31]  Adrian Perrig,et al.  Distillation Codes and Applications to DoS Resistant Multicast Authentication , 2004, NDSS.

[32]  Srdjan Capkun,et al.  Wormhole-Based Anti-Jamming Techniques in Sensor Networks , 2007 .

[33]  Srdjan Capkun,et al.  Detection of reactive jamming in sensor networks , 2010, TOSN.

[34]  Srdjan Capkun,et al.  Wormhole-Based Antijamming Techniques in Sensor Networks , 2007, IEEE Transactions on Mobile Computing.

[35]  Dong Chao,et al.  Universal Software Radio Peripheral , 2010 .

[36]  Ivan Martinovic,et al.  Short paper: reactive jamming in wireless networks: how realistic is the threat? , 2011, WiSec '11.