Adhocnow04

Uploaded from authorPOINT Lite
Download as
 PPT
Presentation Description 

No description available

Comments Sign in to comment
Embed URL Thumbnail


Custom Embed WordPress Embed

Views: 234
Like it  ( Likes) Dislike it  ( Dislikes)
Added: January 31, 2008 This Presentation is Public 
Presentation Category : Education All Rights Reserved
Presentation Transcript

Wireless Communications Security Issues, Solutions and Challenges : Wireless Communications Security Issues, Solutions and Challenges Michel Barbeau and Jeyanthi Hall


Outline: Outline Availability Privacy Integrity Legitimate Participants Absence of misbehavior


Security Requirements: Security Requirements Availability no jamming, adaptability to unforeseen topologies Privacy nondisclosure of cell phone communications and 802.11 frames Integrity data is not intercepted and tampered Legitimate participants no cell phone cloning and 802.11 frame spoofing Absence of misbehavior fairness, greedy user detection


Availability: Availability Jamming Inability to deal with unforeseen topologies


Jamming: Jamming Shannon’s model:


How to Deal With Jamming?: How to Deal With Jamming? Increase the bandwidth Frequency Hopping/Direct Sequence Spread Spectrum 801.11(b) : 2.4 - 2.4835 Giga Hertz 801.11(a): 5.15- 5.35 Giga Hertz; 5.725- 5.825 Giga Hertz Ultra Wide Band Bandwidth greater than 25% if center frequency Increase the power GPS III, planned for 2010 [Ashley, Next-Generation GPS, Scientific American, September 2003.]


Inability to Deal With Unforeseen Topologies : Inability to Deal With Unforeseen Topologies Images by: J.&G. Naudet (9/11/2001)


Privacy: Privacy Cellular phone eavesdropping Overview of privacy techniques in 2G and 3G of cellular mobile radiophones Refs.: V. Niemi and K. Nyberg, UMTS Security, Wiley, 2003. M.Y. Rhee, CDMA Cellular Mobile Communications and Network Security, Prentice Hall PTR,1998. GSM, UMTS Challenges Future Reconfigurable security Chaotic communication Quantum cryptography


Cellular Phone Eavesdropping: Cellular Phone Eavesdropping Inexpensive equipment for intercepting analog communications is easy to obtain in Canada. In US, the regulations authorize the sale of scanners to the general public only is cellular frequencies are blocked. However, there are several workarounds Web sites publish modifications to restore reception of cellular frequencies by scanners. Frequency converters can translate cellular frequencies to the frequency range supported by a receiver. With receivers using non quadrature mixing, the image frequency technique can be used. Digital communications can also be intercepted with the appropriate equipment!


Generations of Cellular Mobile Radiophones*: Generations of Cellular Mobile Radiophones* 1G Advanced Mobile Phone System (AMPS): 1980s, Frequency Modulation (FM), Frequency Division Multiple Access (FDMA), handover between cells, limited roaming between networks 2G Global System for Mobile communications (GSM): 1990s, digital-coding of voice, Time Division Multiple Access (TDMA), Subscriber Identity Module (SIM), data communications 3G 3G Partnership Project (3GPP), Universal Mobile Telecommunications System (UMTS): 1998-, Wideband Code Division Multiple Access (WCDMA), use of GSM network model, global roaming; 2 Mbps data 4G All-IP-based, 100 Mbps data * List of cited technologies is not exhaustive.


Security Associations in GSM: Security Associations in GSM


Authentication in GSM: Authentication in GSM RAND Random Number SRES Signed Response


Encryption/Decryption in GSM: Encryption/Decryption in GSM


Stream Cipher Weakness: Stream Cipher Weakness


Security Holes in GSM [Niemi & Nyberg ‘03]: Security Holes in GSM [Niemi & Nyberg ‘03] Active attack Attacker masquerades as a legitimate base station/cell phone Encryption keys Plain text session key inter-network forwarding Brute force attack Some encryption algorithms are kept secret Were not subjected to a comprehensive analysis/peer review


Security Associations in UMTS: Security Associations in UMTS


Mutual Authentication and Key Agreement in UMTS: Mutual Authentication and Key Agreement in UMTS AUTN Authentication Token RES User Response XRES Expected Response


Encryption/Decryption in UMTS: Encryption/Decryption in UMTS COUNT-C: Frame number plus Hyper frame number, incremented when the frame number wraps around Direction: up/down-link


Integrity in UMTS: Integrity in UMTS COUNT-I: similar to COUNT-C, replay protection FRESH: start value of COUNT-I


Challenge: Co-existence of analog technology and digital technology: Challenge: Co-existence of analog technology and digital technology The digital technology has higher potential for being secure than analog technology. For example, the Cellular Digital Packet Data (CDPD) uses data encryption and provides privacy. Most of the cellular phones use hybrid technology, both analog and digital. The reason for that is that digital communications require a relatively stronger signal, for intelligibility, than analog communications, all other things being equal (such as bandwidth of a voice channel). A cell phone will hence operate in digital mode over relatively short distances. In order to enable long range communications, cell phones fall back to the analog mode when the signal gets too weak for digital communications. As a result, digital systems inherit all the security vulnerabilities of analog systems. Co-existence of legacy analog technology and digital technology is a challenge for system security design.


Challenge: Introduction of new defense method in existing systems: Challenge: Introduction of new defense method in existing systems Attack methods evolve Defense methods evolve New defense methods are difficult to introduce in existing systems


Reconfigurable security: Reconfigurable security Reference Al-Muhtadi at al., A lightweight reconfigurable security mechanism for 3G/4G mobile devices, IEEE Wireless Communications, April 2002. Definition Security mechanisms are reconfigured dynamically according to capabilities, processing power, and needs Loading/configuration/unloading of software components that implement security services


Chaotic Communication (1): Chaotic Communication (1)


Chaotic Communication (2): Chaotic Communication (2) Background Abel and Schwarz, Chaos Communications—Principles, Schemes, and System Analysis, Proceedings of the IEEE, 2002. Itoh, Spread Spectrum Communication via Chaos, World Scientific Publishing Company, International Journal of Bifurcation and Chaos, 1999. Theoretical Attacks Guojie, Zhengjin, and Ruiling, Chosen Ciphertext Attack on Chaos Communication Based on Chaotic Synchronization, IEEE Transactions on Circuits and Systems, 2003. Ogorzatek and Dedieu, Some Tools for Attacking Secure Communication Systems Employing Chaotic Carriers, IEEE, 1998.


Theoretically Broken Chaotic Communication (cont’d): Theoretically Broken Chaotic Communication (cont’d) Chaotic masking Low amplitude modulating signal, high amplitude chaotic carrier Chaotic switching Two waveforms representing binary values zero and one Has a differential version Chaotic modulation Chaotic carrier influenced by a non invertible function, according to the information


Quantum Cryptography: Quantum Cryptography Wiesner, “Quantum Money”, 1960 (unpublished) Polarity of photons (angle of vibration) can be verified, but not measured Bennett, Brassard, and Ekert, Quantum Cryptography, Scientific American, October 1992. Hughes et al., Quantum cryptography for secure satellite communications, Aerospace Conference Proceedings, 2000. 0.5 km free-space link Kurtsiefer et al., Long Distance Free Space Quantum Cryptography, SPIE, 2002. 23.4 km free-space link (try to achieve 1000 km) First Quantum Cryptography Network Unveiled, NewScientist.com news service, June 2004. Quantum Net: six servers, 10 km links, software-controlled optical switches


Legitimate Devices: Legitimate Devices PROBLEM AUTHENTICATION OF USERS IS INSUFFICIENT DUE TO MALLEABILITY OF USER IDENTITY


Need for Device Authentication: Need for Device Authentication Outline Problem: User Authentication is incapable of detecting identity theft Malleability of user identity Result Unauthorized access to network resources Within cellular domain (cloning fraud) and wireless network domain (Media Access Control – MAC address spoofing)


Wireless Network (e.g. 802.11): Wireless Network (e.g. 802.11) MAC address spoofing (over the air) MAC Address* List of Authorized MAC Addresses (Access Control) Wired Network MAC Address 1 2 3 * MAC address is sent in the clear even with WEP [Arbaugh et al., 2002] Intruder Sniff MAC Address and use it Legitimate User


Wireless Network (e.g. 802.11): Wireless Network (e.g. 802.11) With 802.11i standard – uses 802.1x Extensible Authentication Protocol: [Mishra and Arbough, 2002] Absence of authentication of access point by device Man-in-Middle attack using (*) Session Hijacking using (*) * MAC address of access point and supplicant


Cellular Network - Identification of 1G Cell Phone: Cellular Network - Identification of 1G Cell Phone Every cellular phone is assigned, by the service provider, a phone number (Mobile station Identification Number (MIN)): 10 digits: area code (3), switching station (3), and individual number (4) by the manufacturer, an Electronic Serial Number (ESN)


Identification of 2G or 3G Cell Phones [Koien, 2004]: Identification of 2G or 3G Cell Phones [Koien, 2004] According to: ITU-T Recommendation E.212 International Mobile Station Equipment Identity (IMEI) - Check against the Equipment Identity Register


Types of Cellular Phone Fraud: Types of Cellular Phone Fraud Cellular theft Stolen phone is used by thief until theft is reported to the service provider who blocks the number and adds IMEI to the EIR Countermeasures: PINs and biometrics [Schiller, 2000] Subscription fraud A subscription with a cellular phone provider is obtained using false or stolen pieces of identification Tumbling fraud Cellular phone service providers grant automatic access for the first call to every visitor subscriber


Cellular Network : Cellular Network Cloning fraud 1 [J. Hynninen, 2000] 2 [I. Goldberg and M. Briceno, 2002] With a smartcard reader, derive the secret key by challenging the SIM-card (approx. 150,000 queries; eight to 11 hours) 3 [R.Lemos, 2002] Ask seven questions and analyze electromagnetic field changes and power fluctuations for each response


User Authentication in GSM: User Authentication in GSM RAND Random Number SRES Signed Response SIM Subscriber Identity Module (IMSI, AuthKey Ki, CipherKey Kc, Algorithms, PIN) SIM


References: References Wireless Network Arbaugh et al. Your 802.11 Wireless Network has no clothes, IEEE Wireless Communications. Dec. 2002. Mishra and Arbough. An Initial Security Analysis of the IEEE 802.1X Standard. 2002. Cellular Network G. Koien et al. An Introduction to Access Security in UMTS, IEEE Wireless Communications. Feb. 2004. I. Goldberg and M. Briceno. GSM Cloning. 2002 [Web]. J. Hynninen. Experiences in Mobile Phone fraud. Helsinki University of Technology [Web]. R.Lemos. IBM: Cell phones easy targets for hackers. CNET News. 2002. Others J. Schiller. Mobile Communications. Addison-Wesley. 2000.


Radio Frequency Fingerprinting: Radio Frequency Fingerprinting Mechanism for addressing the malleability of user identity


Radio Frequency Fingerprinting (RFF): Radio Frequency Fingerprinting (RFF) Background Technique used by research teams including [H. Choe et al., 1995, Ureten 1999] for the purpose of identifying RF transceivers Premise: a transceiver can be uniquely identified based on the characteristics of the transient section of the signal it generates Primary benefit: Non-malleability of device identity based on hardware characteristics of the transceiver Key Objective: Create a profile of the user’s device (transceiver) using RFF Make use of both user and device profiles for authentication purposes Wireless Network – device profile and MAC address Cellular Network – device profile and IMSI


RFF: RFF Key Phases Create profile for each transceiver Phase 1: Collection of Signals Phase 2: Extraction of Transient Phase 3: Extraction of Features (transceiverprint - TP) Phase 4: Definition of Transceiver Profile Classify/Compare an observed TP with transceiver profiles Phase 1-3: Repeated for each observed TP Phase 5: Identification of transceiver Improve Classification Success Rate (CSR) – Proposed Extension to RFF process Phase 6: Enhancement of CSR (work in progress)


RFF: Phase 1 - Collect Signals: RFF: Phase 1 - Collect Signals CM MM RR LAPDm – TDMA Frame Radio - Burst CM – Call Management MM – Mobility Management RR – Radio Resource Management LAPD – Link Access Procedure for D-Channel in ISDN system Layer 1 MAC - Frame PHY – FHSS/DSSS Frame GSM Protocol Stack 802.11 Protocol Stack [Schiller, 2000] Analog Signal transmitted by physical layer = 1 frame Authentication Response = more than 1 frame/signal LLC – Logical Link Control FHSS – Frequency Hopping Spread Spectrum DSSS – Direct Sequence Spread Spectrum TCP IP LLC


RFF: Phase 1 - Collect Signals: RFF: Phase 1 - Collect Signals Capture analog signals from each transceiver and convert it to a digital format using an ADC View/Analyze digital signal in the time, frequency, phase domain


RFF: Phase 2 – Extraction of Transient: RFF: Phase 2 – Extraction of Transient Extract transient section of digital signal Step 1: Preprocessing Segmenting the signal and applying first-order statistics (data reduction exercise) Results in a smaller vector – data/fractal trajectory Step 2: Detection of the start of the transient using data trajectory Using the variance in the amplitude characteristics of the signal Threshold Detection Bayesian Step Change Detection Using the variance in the phase characteristics of the signal Threshold Detection using Phase Characteristics


RFF: Phase 2 – Extraction of Transient: RFF: Phase 2 – Extraction of Transient Threshold Detection [Shaw and Kinsner, 1997]


RFF: Phase 2 – Extraction of Transient: RFF: Phase 2 – Extraction of Transient Bayesian Step Change Detection [Ureten, 1999]


RFF: Phase 2 – Extraction of Transient: RFF: Phase 2 – Extraction of Transient Threshold Detection using Phase Characteristics [Hall, Barbeau, Kranakis (IASTED, 2003)] demo


RFF: Phase 3 – Extraction of Components: RFF: Phase 3 – Extraction of Components Extract components/characteristics from the transient Instantaneous amplitude [Proakis and Manolakis, 1996] Instantaneous phase Instantaneous frequency components [Polikar, 1999] using Discrete Wavelet Transform (Daubechies filter) Wavelet function Scaling function


RFF: Phase 3 – Extraction of Components: RFF: Phase 3 – Extraction of Components


RFF: Phase 3 – Extraction of Features: RFF: Phase 3 – Extraction of Features Extract features from components (vector of 1000 samples) Average, Standard Deviation, Energy, Variance Representation of features (dependent on classification tool) Challenge/Goal: Select features (transceiverprint) that accentuate the distinguishing characteristics of transceivers, especially those from the same manufacturer


RFF: Phase 4 – Definition of Profile: RFF: Phase 4 – Definition of Profile Create profile for each transceiver Obtain TPs from each signal in the collected data set (Phases 2-3) Select a subset of TPs and store them in a profile (remaining TPs used for testing/classification) Using Self-Organizing Maps [Fausett, 1994] Take TPs from the data set as input Create group(s) / cluster(s) of transceiverprints based on their distance (Euclidean distance) from a given centroid Select a representative sample of TPs from the various clusters to create a profile Other approaches include Random selection of TPs from the data set Use of probabilistic neural network [Hunter, 2000]


RFF: Phase 5 – Identification of transceiver: RFF: Phase 5 – Identification of transceiver Classification Techniques Pattern matching – e.g. Neural Networks (Artificial NN, Probabilistic NN, etc.) [Fausett, 1994] Based on Bayes Probabilistic Model Genetic Algorithms [Toonstra and Kinsner, 1995] Achieve an optimized solution through multiple iterations Statistical classifiers [Brickle, 2003] Determine probability of a match between an observed transceiverprint (TP) and each of the transceiver profiles TP to be classified centroid – center of cluster covariance matrix of TPs in profile Modified Kalman Filter


RFF: Phase 6 – Enhancement of CSR: RFF: Phase 6 – Enhancement of CSR Weakness in current classification techniques attempt to identify transceiver using a single observation (TP) unable to accommodate moderate level of variation (interference and noise) in the TPs being classified Address weakness using the Bayes Filter [Fox et al., 2003] Identify transceiver with highest probability after several rounds (using consecutive TPs) of classification xt = Transceiver at time t Bel(xt) = Probability of Transceiver x at time t p(xt | ot) = Probability of TP belonging to transceiver x at time t Bel(xt-1) = Probability of transceiver x at t-1 Bel(xt) = p(xt|ot)Bel(xt-1)


RFF: Phase 6 – Enhancement of CSR: RFF: Phase 6 – Enhancement of CSR


Conclusions: Conclusions Use of RFF can prove beneficial in addressing malleability of identity (MAC address spoofing, cloning fraud) Level of confidence can be increased by using the Bayes Filter before rendering a final decision (legitimate user/intruder) The issue of scalability can be addressed Application of Bayes filter to the target transceiver profile only for transceiver recognition/confirmation Based on the final probability, Bayes filter can then be applied to identify other potential transceivers Future Research Initiatives Enhancing the composition of TPs – improve classification rate Using RFF with Bluetooth and cellular phones Assessing the technical feasibility of incorporating RFF into current security systems


References: References Radio Frequency Fingerprinting Amplitude O. Ureten and N. Serinken. Detection of radio transmitter turn-on transients. Electronic Letters, 35:1996–1997, 1999. D. Shaw and W. Kinsner, Multifractal Modeling of Radio Transmitter Transients for Classification, Proc. Conference on Communications, Power and Computing, 1997, 306-312. Phase J. Hall, M. Barbeau, E. Kranakis. Detection of transient in radio frequency fingerprinting using phase characteristics of signals. In L.Hesslink (Ed.), Proceedings of the 3rd International IASTED Conference on Wireless and Optical Communication, Banff, Canada, 13-18, 2003. Wavelet Coefficients H. Choe et al. Novel identification of intercepted signals from unknown radio transmitters. SPIE, 2491:504–516, 1995. R.D. Hippenstiel and Y.P. Wavelet based transmitter identification. In International Symposium on Signal Processing and its Applications, Gold Coast Australia, August 1996.


References: References Bayes Filter D. Fox et al. Bayesian Filtering for location estimation. Pervasive Computing. 24-33, 2003. Statistical Classifier Frank Brickle. Automatic signal classification for software defined radios. QEX, pages 34–41, November 2003. Others A. Hunter. Feature Selection using Probabilistic Neural Networks. Neural Computing and Applications. 124-132, 2000. J. Schiller. Mobile Communications. Addison-Wesley, 2000. J. Proakis and D. Manolakis. Digital Signal Processing. Prentice-Hall, 1996. J. Toonstra and W. Kinsner. Transient Analysis and Genetic Algorithms for Classification. IEEE WESCANEX 95. 432-437, 1995 L. Fausett. Fundamentals of Neural Networks. Prentice-Hall, 1994. R. Polikar. The Wavelet Tutorial. [web]


Thank You: Thank You Michel Barbeau (barbeau@scs.carleton.ca) Jeyanthi Hall (jeyanthihall@rogers.com) Questions ?