Wireless Network Security Spring 2011

Transcription

1 Wireless Network Security Spring 2011 Patrick Tague Feb 1, 2011 SURVEY: Physical Layer Security

2 Announcements HW #1 is posted on main class website Due 11:59pm (PST) Office hours on 2/1 will be held in CIC 2106 My office phone number will reach me here No office hours on 2/3

3 Survey: PHY Security Theme: leveraging physical layer properties for implicit or explicit protection Papers: Faria & Cheriton, Detecting Identity-Based Attacks in Wireless Networks Using Signalprints, WISE Yu, Baras, & Sadler, Physical-Layer Authentication, IEEE TIFS, vol 3, no 1, Mar Li, Hwu, & Ratazzi, Array Redundancy and Diversity for Wireless Transmissions with Low Probability of Interception, ICASSP 2006.

4 Leveraging PHY Properties Each wireless link behaves differently A single transmission looks different to each receiver at a unique location Signals from multiple transmitters at unique locations look different to a single receiver Essentially, a spatial signature can be created that is unique to each sender, receiver, or sender-receiver pair (within some δ) Both senders and receivers can manipulate antenna parameters to improve aspects of PHY security

5 Physical-layer security Physical authentication Agenda Implicit signal-based authentication Explicit signal-based authentication Secure transmission Low probability of interception

6 Physical Authentication Definition: physical authentication aims to identify a data source based on the transmitted signal instead of the contents of the packet Goals: identify DoS attackers using multiple identities (e.g. MAC address spoofing), cluster signals independent of address labels, source authentication Ideally, without requiring key management Two approaches: Implicit: correlate packets based on physical properties, indicating likelihood of common sender Explicit: identity verification based on embedded secret signal

7 Signalprints [Faria & Cheriton, WISE 2006] In a WLAN with multiple APs, each AP sees different characteristics on packets from each sender Each AP can measure various packet features, some of which are relatively static over packets: e.g. received signal strength A back-end server can collect measurements and keep history of packets from different senders

8 Signalprint Properties Difficult to spoof Spoofing node would require control of medium Transmission power control creates lower RSS at every AP; differential analysis reveals power control Correlated with physical location Attacker needs to be physically near target device Sequential packets have similar signalprints RSSI values are highly correlated for stationary sender and receiver Note: not highly correlated with distance, but very highly correlated with subsequent transmissions

9 Verification & Matching Requirements for verification: Robust to transmission power control, random fluctuations, and error High AP correlation 1 measured AP among 2 didn't RSSI signals hear = -50 from this dbm packet, same sender Distinct signalprints on this between Differential Mis-match Match within a tolerance sensitivity packet = different power -95 dbmsenders analysis beyond tolerance Sender A matching rule based on matches and mis-matches is used to declare Sender 2packets -63 from -80 the -95same -85or different source -17(similar to -22 any IDS)

10 Limitations Signalprints with any reasonable matching rule cannot differentiate between nearby devices Masquerading/spoofing attacks are possible if physical proximity is easily achieved Low-rate attacks cannot be detected But, low-rate attacks have limited effects Multi-antenna attackers can cheat Highly mobile devices can't be printed

11 Physical-layer security Physical authentication Agenda Implicit signal-based authentication Explicit signal-based authentication Secure transmission Low probability of interception

12 Signal Tagging [Yu, Baras, & Sadler, TIFS 2008] Physical layer signals can be authenticated by including a concurrent tag Similar to spread-spectrum only no extra bandwidth Stealthy to an unaware receiver, robust to interference, and secure Explicit auth. requires a key

13 Goals of Signal Tagging Bob can authenticate Alice (w.h.p.) based on shared key verification Robust to noise and interference Carol cannot detect the tag or observe degradation in the message Stealthy authentication, no headers or data fields Eve cannot 1) learn from the tag, 2) forge messages to Bob from Alice, or 3) lead Bob to drop valid messages from Alice Secure against attacks

14 Tagging

15 Signal Tagging Properties (1) Stealth If the magnitude of the tag is sufficiently small and uncorrelated with the message, it looks like noise to the unaware receiver Wavelet transforms help achieve stealth Goodness-of-fit tests must be passed w.r.t. the expected noise distribution Robustness Tag must be sufficiently loud compared to noise Coding helps here

16 Signal Tagging Properties (2) Security Eve is an aware receiver without Alice+Bob's key Eve can interfere (incoherently) with Alice's signal but cannot arbitrarily modify it Jamming, replay, and impersonation attacks (through key recovery) are possible Time-dependent tags prevent replay attacks to within a small interval Reasonably strong (high-entropy) keys and suitable tag generation (pseudorandom) prevents prediction and impersonation attacks

17 Physical-layer security Physical authentication Agenda Implicit signal-based authentication Explicit signal-based authentication Secure transmission Low probability of interception

18 Secure Array Transmission [Li, Hwu, & Ratazzi, ICASSP 2006] Basic wireless transmission can be eavesdropped Antenna characteristics can be used for transmission with low probability of interception No reliance on spread spectrum or data encryption techniques Keys are not required!

19 Transmission Model Alice Bob over 1) a secure channel created using J antennas 2) an unsecured public channel Unsecured channel can be used for synch, keying, etc Bob: Eve: Eve doesn't know h or H e...alice and Bob don't either.

20 Achieving LPI Goal: low BER for Bob, high BER for Alice Approach: Alice can estimate the channel to Bob using training data and embed the channel characteristic into the signal Alice can carefully tailor the antenna weights w i (n) so Bob can decode the signal (via deconvolution) Since the weights depend on the Alice Bob channel, Eve needs additional information or has to decode blindly (via blind deconvolution) Deliberate randomization (with distribution unknown to Eve) ensures Eve's blind decoding fails

21 Evaluation

22 Summary Highlighted three papers that show different techniques to leverage physical layer properties for authentication and secrecy Implicit physical authentication Faria & Cheriton, Detecting Identity-Based Attacks in Wireless Networks Using Signalprints, WISE Explicit physical authentication Yu, Baras, & Sadler, Physical-Layer Authentication, IEEE TIFS, vol 3, no 1, Mar Securing transmission against eavesdropping Li, Hwu, & Ratazzi, Array Redundancy and Diversity for Wireless Transmissions with Low Probability of Interception, ICASSP 2006.

23 Questions?

24 Discussion Questions Could signalprinting be useful in ad hoc / mesh networks, essentially letting other nodes take the roles of APs? What are the limitations? Is signal tagging practical? Overhead? Is array transmission practical? Overhead?