Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented by Abhijit Mondal Haritabh Singh Suman Mondal

Similar presentations


Presentation on theme: "Presented by Abhijit Mondal Haritabh Singh Suman Mondal"— Presentation transcript:

1 Vulnerability and Protection of Channel State Information in MU-MIMO Networks1
Presented by Abhijit Mondal Haritabh Singh Suman Mondal Subhendu Khatuya Under the Guidance of Dr. Sandip Chakraborty Assistant Professor CSED IIT Kharagpur 1 Yu-Chih Tung, Sihui Han, Dongyao Chen, and Kang G. Shin "Vulnerability and Protection of Channel State Information in Multiuser MIMO Networks". In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS '14). ACM, New York, NY, USA

2 Agenda Introduction to MIMO Beamforming in MU-MIMO Attack Models Sniffing Attack Power Attack Equal Power Allocation Scheme Maximizing Throughput Scheme Evaluation Countermeasure Conclusion

3 Fig. MIMO and its Benefits
Introduction to MIMO Fig. MIMO and its Benefits

4 Beamforming in MU-MIMO

5 Beamforming in MU-MIMO(Cont.)
One Transmitter with N antennas M receivers (clients), each with a single Antenna hij :- The downlink CSI coefficient from the transmitter’s j -th antenna to the i -th receiver . H = [h1T,h2T, ,hTM]T is the full CSI (represented by a M x N matrix), where the i -th row vector hi represents the CSI of the link from the transmitter’s N antennas to the i -th receiver. The received signal y of transmitted signal x can be expressed as y = Hx + n x = [x1,x2, ,xN]T is the N x 1 vector represents the signals sent from the transmitter’s N antennas. y = [y1,y2, ,yM]T is M x 1 vector represents the signals received at M concurrent receivers. n = [n1,n2,......,nM] represents an additive noise with standard deviation σ1,σ2,.....,σM.

6 Attack Models

7 Physical Layer Security
In terms of physical layer security it is proved that information will not be leaked to other concurrent receivers as each receiver only receives the message sent to itself. Artificial noise(to have 15dB lower SNR than signal) is introduced to prevent other from sniffing . All necessary computations are done in wireless communication chip so keeping data confidential in this way is minimal in MU-MIIMO.

8 General Attack Model The 2*2 MU-MIMO system model can be represented as : The received message at rxi Assuminng second client as malicious the channel matrix perceived at transmiters will be It is impossible to mislead the decoded signals at rx1 no matter how rx2 forges and report CSI. The information of m1 is leaked to rx2 because CSI is falsely reported as f2 instead of h2.

9 Sniffing Attack Packet sniffing allows individuals to capture data as it is transmitted over a network. The received signal at y2,contains a mixture of signals from m1 and m2. We can assume m2 is already known to rx2 then rx2 can decode m1 via interference cancellation law. Decoding the Sniffed Packets:

10 Selection Of Forged CSI
Intutive Selection: Maximize the sniffed SNR Minimizing Heuristic Selection: The forged CSI is selected as a weighted sum of genuine CSI as:

11 Power Attack Total amount of power available to the Access Point for transmission of data is fixed. The attack aims at getting the AP to divert more power towards the attacker or in other words, increasing its SNR. The attacker accomplishes this by providing a false representation of its CSI to the AP. The two most representative schemes of power allocation are EP (Equal Power) and MT (Maximizing Throughput) The attack involves the knowledge of attacker’s own CSI and the power allocation scheme followed by AP. Since the total power available to the AP is constant, the attack leads to a decrease in capacity of the other stations.

12 Attack based on EP(Equal Power) Scheme
EP scheme of power allocation follows i.e., equal power allocation for all the stations. The attacker reports its CSI as i.e., a scaled version of its actual CSI with the scaling coefficient(w) < 1. The forged CSI leads the router to believe that the attacker suffers from heavy channel fading, thus leading to the AP increasing the power diverted towards the attacker. The forged CSI is in the same direction as the authentic CSI of the attacker, thus there is no interference due to other nodes which had their CSI orthogonal to the attacker’s authentic CSI.

13 Attack based on MT(Maximizing Throughput) Scheme
EP scheme of power allocation follows i.e., maximizing total capacity subject to the total power constraint. The attacker reports its CSI as i.e., a scaled version of its actual CSI with the scaling coefficient(w) > 1. The forged CSI leads the router to believe that the attacker has good channel conditions, thus leading to the AP increasing the power diverted towards the attacker to maximize overall capacity. The forged CSI is in the same direction as the authentic CSI of the attacker, thus there is no interference due to other nodes which had their CSI orthogonal to the attacker’s authentic CSI.

14 Evaluation Setup

15 Sniffing Attack BER and SNR of m1 sniffed by different receiver when artificial noise is ¼ of AP power

16 Message received by sniffing attack
Sent a grayscale bitmap image from warp to rx1 and received by different receiver.

17 Gain extra power/capacity by forge it won CSI.
Power Attack Gain extra power/capacity by forge it won CSI.

18 Countermeasures

19 Countermeasures Sniffing Attack CSIsec

20 Introduce randomness in protocol.
Countermeasures Power Attack Spatial dependency Not helpful in wireless network. Introduce randomness in protocol. Discourage malicious client

21 Conclusion In this paper two possible attack (i.e sniffing attack and power attack ) is proposed and validated their possibility

22 THANK YOU


Download ppt "Presented by Abhijit Mondal Haritabh Singh Suman Mondal"

Similar presentations


Ads by Google