Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Of Wireless Networks: How Low-Layers Security Can Help

Published byAngela Knight Modified over 6 years ago

Similar presentations

Presentation on theme: "Security Of Wireless Networks: How Low-Layers Security Can Help"— Presentation transcript:

1 Security Of Wireless Networks: How Low-Layers Security Can Help
November 2008 doc.: IEEE /1259r0 November 2008 Security Of Wireless Networks:  How Low-Layers Security Can Help Date: Authors: Alex Reznik, InterDigital Alex Reznik, InterDigital

2 November 2008 doc.: IEEE /1259r0 November 2008 Abstract Following up on the authors’ earlier presentation to the WNG (IEEE /0973r0), this contribution reviews the case presented for the need for low-layer security. We then provide additional detail on how low-layer security may be implemented and the potential impact on existing specifications and implementations. Alex Reznik, InterDigital Alex Reznik, InterDigital

3 WLANs in the Emerging World
November 2008 WLANs in the Emerging World Usage Data (IP) access to a broadband network Streaming applications over IP (e.g. VoIP, Video) Interactive local application (distributed gaming) Localized Mesh network with limited/no extra-net access Machine-to-Machine communication Home and Small Enterprise Automation SensorNet-to-DataNet interaction Distributed Computation Security requirements Secure transmitted data Access control based on Pre-shared keys (e.g. WPA) ID (user and device) based access Enforce network usage policies Mesh security without a third-party certificate authority Ensure network availability Location-based requirements The NET Automation WLAN Local Alex Reznik, InterDigital

4 Moving Forward On Security
November 2008 Moving Forward On Security Currently existing security components provide: End-to-end data protection Limited or non-existing WLAN security components: Device security Device/host identity capability Combined with trusted computing concepts Location privacy assurance techniques Local network security Protect availability/access/usage of the physical medium Enable location-based policies These impact all layers of the architecture Commonly used higher-layer protocols need to be enhanced with existing and new ones (e.g. IETF’s HIP, PBS, etc.) Security Manager is needed for integration of higher-layer security policies and requirements with transmission medium capabilities MAC support is required to make existing protocols attack-proof (e.g. CSMA), provide support for higher layer protocols (e.g. PBS, 802.1X-type authentication, etc.) and interface with PHY PHY is required to monitor the medium, implement protocols as required by MAC At all levels, services provided by secure platforms (e.g. via TPM) may be required In this talk: Concentrate on protection/access/usage of the physical medium This is directly in scope for : as it inherently relies on PHY and MAC mechanisms Alex Reznik, InterDigital

5 High-Level Threat Analysis for 802.11
November 2008 doc.: IEEE /1259r0 November 2008 High-Level Threat Analysis for Authentication Authorization Confidentiality Integrity Availability Non Repudiation Traffic Analysis Passive Eavesdropping Active Man in the middle Session high-jacking Replay Unauthorized Access Denial of Service False Identity Security Attribute Addressed by 802.11i 802.11i +w x Threat Authentication Ensures that the nodes that are communicating are correctly identified Authorization Ensures that the access to the service is according to security policy Confidentiality Ensures that data (encrypted or sent in the clear) is only read by the appropriate parties Integrity Ensures that data is not modified by any party other than the communicating ones Availability Ensures that legitimate users are not denied access to resources (e.g. communication link, network resources, etc.) by invalid users Non-repudiation Ensures that a party that sent/received data cannot deny having done so These vulnerabilities are broad when viewed from a network perspective and are subject to a broad number of different attacks. These are identified (and in part addressed by 802.1), but not by Alex Reznik, InterDigital Alex Reznik, InterDigital

6 Addressing the threats in a wireless setting
November 2008 Addressing the threats in a wireless setting Challenges: Confidentiality/authentication techniques cannot address DoS attacks aimed at the network itself 802.1AE techniques need to be examined, but are insufficient in a wireless context Smart Jamming can masquerade as generic interference Not addressed by 802.1AE as the problem is absent in wired systems Terminal location is a priori uncertain No connection to a port that signals can be traced back to Alternate “secure key source” for confidentiality/authentication of pre i messages is desirable 802.1AE calls for cipher suites which, in principle, do not need to rely on 802.1X None have been proposed to date A potential approach for wireless systems Use the richness of the wireless access medium Enhance PHY/MAC based security tied to the wireless medium Enhance existing security mechanism This is commonly called “PHY Layer Security” Alex Reznik, InterDigital

7 PHY-Layer Security “PHY-Layer” security may:
September 2008 PHY-Layer Security “PHY-Layer” security may: Exploit the physical properties of the wireless channel Typically have PHY and the MAC aspects Be complementary to other modern techniques for securing wireless nets PHY-Layer Security may use the physical link as a non-repudiatable, shared, secret resource to: Provide always-on, link-specific message stream authentication Classify interference appropriately (malicious/benign) and apply appropriate counter-measures Distinguish between co-located and distinctly located terminals Derive and update secret keys based on link properties and without the need to use (and expose) authentication credentials PHY-Layer Security may further use link and terminal capabilities to: Null out an identified rogue terminal Switch away from channels under attack Proactively hop channels to confuse attacker Alex Reznik, InterDigital

8 PHY-Layer Security - Examples
September 2008 PHY-Layer Security - Examples Example Attack 1: A Low-Power Jammer Attacking terminal reverses the CSMA process – transmits whenever it detects energy on the channel Legitimate terminals forced into even increasing back-off Average power required for the attack is low Initial power consumption is relative high After a fairly short period, most terminals are in a long back-off state The CSMA protocol assists in the attack Example Attack 2: Sybil Attack A terminal uses multiple MAC addresses: Increases it share of bandwidth utilization Attempts a service specific DoS (e.g. multiple authentication/association requests) Alex Reznik, InterDigital

9 Example Attack 1: A Low-Power Jammer
November 2008 Example Attack 1: A Low-Power Jammer Potential Detection and Mitigation: Detection: Continual power measurement during channel clear state and burst reception reveal that burst should be successfully received When this is violated sufficiently often (i.e. we observe statistically “impossible” collision pattern), an attack is likely If MIMO is present, direction of interference may be estimated and further found to be non-random Mitigation: Alert security policy manager to abnormal condition, its nature, and (if possible) approximate localization Switch channels. If possible establish a dynamic channel hopping policy. Change the back-off protocol to eliminate increasing the expected back-off time. This will make the attack costly (in terms of energy) and may drain the battery of a true low-power attacker If MIMO present, null away interference source. Alex Reznik, InterDigital

10 Ex. 1: Implementation of Detection: in the PHY
November 2008 Ex. 1: Implementation of Detection: in the PHY Alex Reznik, InterDigital

11 Ex. 1: Implementation of Detection: in the MAC
November 2008 Ex. 1: Implementation of Detection: in the MAC Comments: 2 minor modifications in PHY Reporting certain quantities (RSSI and Channel Clear) at all times as opposed to as a result of certain event A new mechanism for providing this report to PHY is therefore required No new PHY processing is needed New MAC processing is added, existing functionality not affected Alex Reznik, InterDigital

12 Ex. 1: Implementation of Mitigation
November 2008 Ex. 1: Implementation of Mitigation Notes Mitigation impacts only the Tx Control SEQR This involves added functionality only Currently: single Tx Policy (current CSMA/CD) New: a number of policies, of which existing is one Tx Control/SEQR selects one based on request from Security Manager No impact in the PHY Expected for mitigation Alex Reznik, InterDigital

13 Example Attack 2: Sybil Attack
November 2008 Example Attack 2: Sybil Attack Potential Detection and Mitigation: Detection Using channel-based signatures establish the fact that multiple MAC addresses appear to be from same radio Mitigation Alert security policy manager to abnormal condition, its nature, and (if possible) approximate localization If required by policy, establish that when treated as an aggregate these do not follow the proper protocol for a single terminal De-associate all MAC addresses with suspect channel signature If MIMO present, null away transmission from suspect location Alex Reznik, InterDigital

14 Ex. 2: Implementation of Detection
November 2008 Ex. 2: Implementation of Detection Notes PHY Impact: No new functionality Reporting of CIR MAC Impact Increasing existing address matching functionality to check for signature/address consistency Addition of “security alert/attribute” to each PDU As before augmentation, not modification of existing functionality, Alex Reznik, InterDigital

15 Ex. 2: Implementation of Mitigation
November 2008 Ex. 2: Implementation of Mitigation Notes Primary mitigation strategies involve management-level activities Additional management procedures added to address security needs PHY-based (MIMO) countermeasures require minor modifications to PHY beamformer Alex Reznik, InterDigital

16 Observations Detection Mitigation:
November 2008 Observations Detection Requires Physical Measurements to be made available … SW based “detection” algorithms determine alerts Mitigation: Requires MAC Control of Parameters of Existing Protocols …. Enables MAC to encrypt control frames as follows… New control/man. Frames to support all this??? Alex Reznik, InterDigital

17 Review of Previous Straw Poll Results
November 2008 Review of Previous Straw Poll Results Do you believe that future systems/applications will require security beyond what currently has? Yes \ No \ Need more info \ Don’t care: 21 \ 11 \ 2 \ 1 Do you believe that protecting against DOS attacks requires security beyond what currently has? Yes \ No \ Need more info \ Don’t care: 8 \ 2 \ 18 \ 0 Do you believe that protecting against False Identity attacks requires security beyond what currently has? Yes \ No \ Need more info \ Don’t care: 6 \ 3 \ 22 \ 0 Should start a study group to address physical layer security? Yes \ No \ Need more info \ Don’t care: 2 \ 15 \ 17 \ 0 Alex Reznik, InterDigital

18 November 2008 Straw Poll 1 Is detection of attacks like Example 1 and Example 2 desirable for ? Yes No Need more info Don’t care Alex Reznik, InterDigital

19 November 2008 Straw Poll 2 Is mitigation of attacks like Example 1 and Example 2 desirable for ? Yes No Need more info Don’t care Alex Reznik, InterDigital

Download ppt "Security Of Wireless Networks: How Low-Layers Security Can Help"

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.

Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.
1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]

1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus - 2007.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Cryptography and Network Security

Cryptography and Network Security
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
Wireless Network Security. What is a Wireless Network Wireless networks serve as the transport mechanism between devices and among devices and the traditional.

Wireless Network Security. What is a Wireless Network Wireless networks serve as the transport mechanism between devices and among devices and the traditional.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless Telecommunications Laboratory M. Tsagkaropoulos “Securing.

UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless Telecommunications Laboratory M. Tsagkaropoulos “Securing.
Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Similar presentations

Ads by Google