Presentation is loading. Please wait.

Presentation is loading. Please wait.

Natraj Jaganmohan (njaganm) Sandeep A Rao (sarao)

Published byKaiya Hole Modified over 10 years ago

Similar presentations

Presentation on theme: "Natraj Jaganmohan (njaganm) Sandeep A Rao (sarao)"— Presentation transcript:

1 Natraj Jaganmohan (njaganm) Sandeep A Rao (sarao)
Mitigation of Primary User Emulation Attack using Time of Emission Estimation Natraj Jaganmohan (njaganm) Sandeep A Rao (sarao) CSC NCSU ADVANCED NETWORK SECURITY

2 Agenda of the presentation:
Background about Cognitive Radio Networks Primary User Emulation Attack (PUEA) Existing approaches to solve PUEA. PUEA attack model with Directional antennas. Attack mitigation using TOE estimation. Simulation results. Limitations of the approach. Future directions of research. CSC NCSU ADVANCED NETWORK SECURITY

3 It all started here: “All consumers deserve a new spectrum policy paradigm that is rooted in modern-day technologies and markets. We are living in a world where demand for spectrum is driven by an explosion of wireless technology and the ever-increasing popularity of wireless services. Nevertheless, we are still living under a spectrum 'management' regime that is 90 years old. It needs a hard look, and in my opinion, a new direction.” Michael K. Powell (Chairman FCC Spectrum Policy Task Force) CSC NCSU ADVANCED NETWORK SECURITY

4 Spectrum Scarcity: Cognitive Networks help us solve the problem.
CSC NCSU ADVANCED NETWORK SECURITY

5 Background: Cognitive Radio Networks.
Wireless spectrum is very scarce leading to spectrum crisis. FCC recommends use of opportunistic or cognitive networks to increase spectrum utilization. This technology would put unused and under-used spectrum assets to work – without impacting  primary users within those bands. It is a bold, yet workable solution. Spectrum is now being considered as a resource and a very scarce resource. Hence re-using the spectrum is a very good option which FCC recommends. Cognitive Radio Networks have the spectrum sensing technology and hence, they sense the spectrum for its usage. If its not being used, then it can be used to transfer information. But, the secondary transmissions should not affect the primary licensed user. CSC ADVANCED NETWORK SECURITY

6 Background: Cognitive Radio Networks.
“A Cognitive Radio is a radio frequency transmitter/receiver that is designed to intelligently detect whether a particular segment of the radio spectrum is currently in use, and to jump into (and out of, as necessary) the temporarily-unused spectrum very rapidly, without interfering with the transmissions of other authorized users.” o.html CSC NCSU ADVANCED NETWORK SECURITY

7 Cognitive Radio networks operation:
PU-Tx PU-RX PU-RX SU SU PU-RX CSC NCSU ADVANCED NETWORK SECURITY

8 What makes Cognitive Networks possible?
Key enablers of CRNs: Radio manufacturers have started to create flexible software-defined radios. Research funding and support for spectrum re- use. Support for Dynamic Channel selection, channel scanning and adjustable transmission power. Radio manufacturers have started to create flexible software-defined radios that reveal the low-level radio parameters and functionalities, and support the dynamic reconfiguration of the complete protocol stack. Many companies have invested heavily in Cognitive network research. FCC also recommends and supports Cognitive networks. CSC NCSU ADVANCED NETWORK SECURITY

9 Some terminologies used in this presentation:
CRN: Cognitive Radio Network PU: Primary User (licensed user) SU: Secondary user (CRN node) PUEA: Primary User Emulation Attack FC: Fusion Center TOE: Time of Emission TOA: Time of Arrival. CSC NCSU ADVANCED NETWORK SECURITY

10 Most important attacks on CRNs
Spectrum data falsification attacks: In this case, one or more SUs are compromised and hence report wrong sensing values to FC. This makes the FC make incorrect decision about the presence of PU. The most preferred way to mitigate the attack is to collect sensing values from a group of SUs and remove the outlier values. CSC ADVANCED NETWORK SECURITY

11 Primary User Emulation Attack:
Primary Transmitter PU1 PU2 SU2 SU1 PU3 CSC NCSU ADVANCED NETWORK SECURITY

12 Primary User Emulation Attack:
Primary Transmitter PU1 PU2 In this attack, the attacker impersonates the primary user. The attacker tries to emulate the wireless signal characteristics of the primary user in his absence. The secondary nodes need some way to distinguish the signals sent by the malicious PU emulator. Attacker SU2 SUs cannot access channel as they think PU is transmitting SU1 PU3 CSC NCSU ADVANCED NETWORK SECURITY

13 Why are we facing this attack :
Secondary users cannot authenticate the PU transmission. FCC states that PU cannot be modified to support security. Hence regular authentication schemes don’t work. CSC NCSU ADVANCED NETWORK SECURITY

14 General approaches to defeat this attack: Solution 1
RSSI based PU localization: Decision is made based on all received sensing reports (x,y) FC RSSI values are measured at all SUs and calculate the location of PU. Ideal case of a PU transmitting, all RSSI values will be correct w.r.t distance CSC NCSU ADVANCED NETWORK SECURITY

15 Solution 1 proposed by: Zhou Yuan et al, suggested the use of localization schemes to estimate and authenticate the location of PU. Scheme based on Received signal power. Pr = Pt + a 10 log (do/d) + w It can be defeated by attacker by using Antenna arrays with different power levels. CSC NCSU ADVANCED NETWORK SECURITY

16 General approaches to defeat this attack: Solution 2
Dr. Peng Ning et al proposed integrating cryptographic signatures and wireless link signatures to enable primary user detection. Essential to the approach is a helper node placed physically close to a primary user. CSC NCSU ADVANCED NETWORK SECURITY

17 General approaches to defeat this attack: Solution 2
Working with helper nodes. Helper Node (x,y) Helper node transmits signals identical to PU SUs can try to verify the PU authenticity by verifying the Wireless Link signature of Helper node CSC NCSU ADVANCED NETWORK SECURITY

18 General approaches to defeat this attack: Solution 2
This technique is very effective in terms of authenticating primary user. We exploit the proximity of Helper node with PU. Problem is the authentication of wireless link signature of the helper node. Also if attackers are placed near helper nodes, then it causes problems. CSC NCSU ADVANCED NETWORK SECURITY

19 General approaches to defeat this attack: Solution 3
IRIS model proposed by Alexander et al, has a secure attack detection by verifying the consistency of system state (Transmit power and path loss). This technique is very effective and it defeats both Data Falsification attacks and PUEA. But, it fails in the case of attacker with antenna arrays and directional antenna. CSC NCSU ADVANCED NETWORK SECURITY

20 Attack model: Assumptions :
All nodes are loosely time synchronized. Location of PU is fixed and known to all SUs. Fusion Center is used to make decision about presence of PU. All SUs are connected to FC using a secure link. There is a LOS path between every SU and PU. CSC NCSU ADVANCED NETWORK SECURITY

21 Attack model : Motivation
This attack model fails all the localization based solutions for PUEA which have been proposed previously. Attacker uses a multi antenna array or MIMO technology with directional antennas to send PU-TX like signals to different SUs with various power levels faking the presence of PU. CSC NCSU ADVANCED NETWORK SECURITY

22 Attack model: Representation
The power levels at different nodes are expected with respect to the distance from the PU-TX. CSC NCSU ADVANCED NETWORK SECURITY

23 Attack model: Antenna array – multiple antenna transmitter
CSC NCSU ADVANCED NETWORK SECURITY

24 Attack model: This attack is possible because:
1. Antenna arrays are low cost and easy to setup 2. Attacker can manipulate the power levels in each directional beam from every antenna element to make sure every SU calculates the RSSI equal to the RSSI when PU transmits. CSC NCSU ADVANCED NETWORK SECURITY

25 Attack model: Validation
We have simulated the attack model to verify whether such an attack is really possible. Modeler: Opnet Network modeler 16 CSC NCSU ADVANCED NETWORK SECURITY

26 Attack model: Directional Antenna pattern formation in Opnet
CSC NCSU ADVANCED NETWORK SECURITY

27 Attack model: Directional Antenna pattern formation in Opnet
CSC NCSU ADVANCED NETWORK SECURITY

28 Attack model: Directional Antenna pattern formation in Opnet
CSC NCSU ADVANCED NETWORK SECURITY

29 Attack model: A sample scenario proving the possibility of attack
CSC NCSU ADVANCED NETWORK SECURITY

30 Attack model: Throughput graphs.
PU-TX (antenna 1) SU-1 SU-2 CSC NCSU ADVANCED NETWORK SECURITY

31 Attack model: Multiple antenna array simulation.
Ref: CSC NCSU ADVANCED NETWORK SECURITY

32 Attack model: Validation
Hence if the attacker can configure each antenna element with the appropriate power levels to produce required RSSI values at each SU, then attack is achieved. Regular localization based methods cannot defeat this attack. This forms the motivation for our solution. CSC NCSU ADVANCED NETWORK SECURITY CSC DVANCED NETWORK SECURITY

33 Time of Emission Estimation Based Approach : Our solution to PUEA
CSC NCSU ADVANCED NETWORK SECURITY

34 Model SU PU SU Fusion SU Center PUE SU
CSC NCSU ADVANCED NETWORK SECURITY

35 Assumptions Secondary Users and Fusion Center Fusion Center
are loosely Synchronized have secure communication Fusion Center cannot be compromised knows locations of all users (secondary as well as primary) has good computational power and storage CSC NCSU ADVANCED NETWORK SECURITY

36 Attacker Capabilities
Can use antenna array But transmitting with a beam formation at different locations at different times is restricted. Multiple Attackers can coordinate They can be synchronized among themselves Attacker knows location of all nodes SU may be compromised CSC NCSU ADVANCED NETWORK SECURITY

37 Proposed Approach Sensors measure Time of Arrival
Fusion Center estimates Time of Emission Robust against, Multiple, coordinated attackers Multiple compromised secondary users Node with Antenna Array! CSC NCSU ADVANCED NETWORK SECURITY

38 Design TOE estimated for every sensor must be
Estimate TOA! PU TOA SU Estimate TOA! TOA SU PUEA result Fusion Center PUEA result TOE estimated for every sensor must be almost same in an ideal scenario Estimate TOE! In the presence of an attack there will be deviations in some TOE estimations CSC NCSU ADVANCED NETWORK SECURITY

39 Intuition Time CSC NCSU ADVANCED NETWORK SECURITY

40 Procedure FOR EACH NODE MEASURE TOE! TOEi = TOAi – Dist/c + ξ
FC TOA TOA TOA TOA TOA FOR EACH NODE MEASURE TOE! TOEi = TOAi – Dist/c + ξ COMPUTE MEAN  TOEmean CSC NCSU ADVANCED NETWORK SECURITY

41 Procedure FOR EACH NODE, MEASURE DEVIATION! δi = TOEAVG ~ TOEi
If δi > μ Increment C μ -> Maximum allowable deviation! C -> number of deviated values If C > k then PUEA! k -> Maximum no. of allowable deviated reports CSC NCSU ADVANCED NETWORK SECURITY

42 Parameters! Determining μ Determining k
The maximum deviation in the measurement by a node under a non-attack scenario! Determining k Too small? Increase in false negative! Too large? Increase in false alarm! Tradeoff needed! CSC NCSU ADVANCED NETWORK SECURITY

43 Simulation Results CSC NCSU ADVANCED NETWORK SECURITY

44 Limitation If an attacker is capable of compromising almost every node! Attacker too powerful! Note: We have a threshold which is used to tolerate certain number of configured node compromises. But, if almost all nodes in network are compromised, then the network is not useful. CSC NCSU ADVANCED NETWORK SECURITY

45 Future work FCC may relax rule “no modification to the incumbent (primary) system should be required to accommodate opportunistic use of the spectrum by secondary users” Already relaxed for wireless microphones Removing Fusion Center May decrease latency and increase performance of system. CSC NCSU ADVANCED NETWORK SECURITY

46 Summary An Attack Model against the approaches using RSSI is proposed and simulated A Novel approach to mitigate PUEA is proposed using Time of Emission Estimation and simulated Approach is compared with a similar RSSI based approach CSC NCSU ADVANCED NETWORK SECURITY

47 Thank you! CSC NCSU ADVANCED NETWORK SECURITY

Download ppt "Natraj Jaganmohan (njaganm) Sandeep A Rao (sarao)"

Similar presentations

Numbers Treasure Hunt Following each question, click on the answer. If correct, the next page will load with a graphic first – these can be used to check.

Numbers Treasure Hunt Following each question, click on the answer. If correct, the next page will load with a graphic first – these can be used to check.
Scenario: EOT/EOT-R/COT Resident admitted March 10th Admitted for PT and OT following knee replacement for patient with CHF, COPD, shortness of breath.

Scenario: EOT/EOT-R/COT Resident admitted March 10th Admitted for PT and OT following knee replacement for patient with CHF, COPD, shortness of breath.
1 ZonicBook/618EZ-Analyst Resonance Testing & Data Recording.

1 ZonicBook/618EZ-Analyst Resonance Testing & Data Recording.
Variations of the Turing Machine

Variations of the Turing Machine
Angstrom Care 培苗社 Quadratic Equation II

Angstrom Care 培苗社 Quadratic Equation II
AP STUDY SESSION 2.

AP STUDY SESSION 2.
1

1
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.

Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 11 Information.

Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 11 Information.
Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 10 User.

Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 10 User.
Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 12 Cross-Layer.

Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 12 Cross-Layer.
1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 4 Computing Platforms.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 4 Computing Platforms.
Processes and Operating Systems

Processes and Operating Systems
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.

Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.
Author: Julia Richards and R. Scott Hawley

Author: Julia Richards and R. Scott Hawley
Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.

Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.
1 Hyades Command Routing Message flow and data translation.

1 Hyades Command Routing Message flow and data translation.
David Burdett May 11, 2004 Package Binding for WS CDL.

David Burdett May 11, 2004 Package Binding for WS CDL.
1 RA I Sub-Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Casablanca, Morocco, 20 – 22 December 2005 Status of observing programmes in RA I.

1 RA I Sub-Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Casablanca, Morocco, 20 – 22 December 2005 Status of observing programmes in RA I.
Local Customization Chapter 2. Local Customization 2-2 Objectives Customization Considerations Types of Data Elements Location for Locally Defined Data.

Local Customization Chapter 2. Local Customization 2-2 Objectives Customization Considerations Types of Data Elements Location for Locally Defined Data.

Similar presentations

Ads by Google