Bruce DeBruhl

Digital Filter Design for Jamming Mitigation in 802.15.4 Communication

Jamming attackers can dramatically increase attack efficiency and stealth by randomly or periodically cycling the jamming transmission on and off, attacks respectively known as random and periodic jamming. In this paper, we analyze the impact of such attacks on the IEEE 802.15.4 communication protocol, commonly used in wireless sensor networking applications, and show that the cycling behavior introduces a narrow spectral component into the received signal. We propose the inclusion of a digital filter at the receiver side to effectively eliminate this spectral component, and we discuss the benefits involved in this filter design. We evaluate the impacts of random and periodic jamming with and without the proposed filter, through implementation in software defined radios. Through our evaluation, we observe over 90% reduction in packet error rate with the proposed digital filter.

Is your commute driving you crazy?: a study of misbehavior in vehicular platoons

Traffic is not only a source of frustration but also a leading cause of death for people under 35 years of age. Recent research has focused on how driver assistance technologies can be used to mitigate traffic fatalities and create more enjoyable commutes. In this work, we consider cooperative adaptive cruise control (CACC) or platooning, a driver assistance technology that controls the speed of vehicles and inter-vehicle spacing. CACC equipped cars use radar to fine tune inter-vehicle spacing and dedicated short-range communication (DSRC) to collaboratively accelerate and decelerate. Platooning can reduce fuel consumption by over 5% and increases the density of cars on a highway. Previous work on platooning has focused on proving string stability, which guarantees that the error between cars does not grow with the length of a platoon, but little work has considered the impact an attacker can have on a platoon. To design safe distributed controllers and networks it is essential to understand the possible attacks that could be mounted against platoons. In this work, we design a set of insider attacks and abnormal behaviors that occur in a platoon of cars. For example, we introduce the collision induction attack where an attacker exploits the platoon controller to cause a high-speed accident with the car following it. To mitigate these insider attacks we design a model-based detection scheme that leverages the broadcast nature of DSRC. Each car uses DSRC messages from other cars in the platoon to model the expected behavior of the car directly preceding it. If the expected behavior and actual behavior differ the monitoring vehicle switches to non-cooperative ACC, relying solely on radar, to mitigate the impact of the attack. We show that our detection scheme is able to detect many of our proposed insider attacks and when combined with a well designed ACC controller can avoid collisions. We propose combining our detection scheme with a global reputation scheme to detect when a car is malicious or needs maintenance.

Power napping with loud neighbors: optimal energy-constrained jamming and anti-jamming

The openness of wireless communication and the recent development of software-defined radio technology, respectively, provide a low barrier and a wide range of capabilities for misbehavior, attacks, and defenses against attacks. In this work we present finite-energy jamming games, a game model that allows a jammer and sender to choose (1) whether to transmit or sleep, (2) a power level to transmit with, and (3) what channel to transmit on. We also allow the jammer to choose on how many channels it simultaneously attacks. A major addition in finite-energy jamming games is that the jammer and sender both have a limited amount of energy which is drained according to the actions a player takes. We develop a model of our system as a zero-sum finite-horizon stochastic game with deterministic transitions. We leverage the zero-sum and finite-horizon properties of our model to design a simple polynomial-time algorithm to compute optimal randomized strategies for both players. The utility function of our game model can be decoupled into a recursive equation. Our algorithm exploits this fact to use dynamic programming to construct solutions in a bottom-up fashion. For each state of energy levels, a linear program is solved to find Nash equilibrium strategies for the subgame. With these techniques, our algorithm has only a linear dependence on the number of states, and quadratic dependence on the number of actions, allowing us to solve very large instances. By computing Nash equilibria for our game models, we explore what kind of performance guarantees can be achieved both for the sender and jammer, when playing against an optimal opponent. We also use the optimal strategies to simulate finite-energy jamming games and provide insights into robust communication among reconfigurable, yet energy-limited, radio systems. To test the performance of the optimal strategies we compare their performance with a random and adaptive strategy. Matching our intuition, the aggressiveness of an attacker is related to how much of a discount is placed on data delay. This results in the defender often choosing to sleep despite the latency implication, because the threat of jamming is high. We also present several other findings from simulations where we vary the strategies for one or both of the players.

MeshJam: Intelligent Jamming Attack and Defense in IEEE 802.11s Wireless Mesh Networks

Wireless mesh networks represent an emerging network architecture which has been actively studied and standardized for the last several years. Because of their flexible network architecture, wireless mesh networks can provide alternative paths even when wireless links are broken by node failures or routing attacks. Among a variety of mesh network protocols, we focus on the recently ratified IEEE 802.11s WLAN mesh standard. With analysis of the path selection scheme in 802.11s, we show the effect of conventional jamming on 802.11s-based wireless mesh networks via simulation. We then introduce mesh jamming, which can more efficiently attack the mesh path selection process by exploiting cross-layer knowledge and more harmfully influence on the path discovery performance compared to conventional jamming. We propose a proof-of-concept defense, bi-directional path discovery to mitigate the devastating effect of mesh jamming.

Living with boisterous neighbors: Studying the interaction of adaptive jamming and anti-jamming

Jamming has long been a problem in wireless communications, but with recent advances in adaptive jamming, adaptive anti-jamming, and other advanced physical layer security techniques, it is hard to understand whether we can keep the jammer at bay. In this work, we consider this problem and introduce a game-theoretic framework which gives us a tool to analyze the complex adaptive jamming and anti-jamming space. To illustrate the strengths and weaknesses in intelligent jamming and anti-jamming techniques, we present a straightforward two-player instance and analyze a number of possible jamming and anti-jamming techniques.

How to jam without getting caught: Analysis and empirical study of stealthy periodic jamming

Despite the widespread commercial use of spread spectrum technology, advanced algorithms and modern hardware capabilities still allows efficient denial-of-service attacks against wireless communication systems using jamming. Much of the recent work on jamming mitigation has focused on how to adjust the transmitter-receiver system once a jamming attack has been detected. However, characterizing the detectability of certain classes of jamming attacks remains a largely unstudied problem. We aim to narrow this gap by analyzing the effect of a class of periodic jamming attacks on the attack detection metrics of packet delivery ratio (PDR) and received signal strength (RSS). We show that a well-designed jamming signal can effectively defeat RSS-based detection while causing a significant and often devastating reduction in PDR, demonstrating that RSS-based detection is insufficient. We further evaluate our claims through implementation of a periodic jammer using a wide range of signal parameters against a transmitter-receiver pair communicating using IEEE 802.15.4, demonstrating the validity of our analytical claims.

Stochastic optimization of flow-jamming attacks in multichannel wireless networks

An attacker can launch an efficient jamming attack to deny service to flows in wireless networks by using cross-layer knowledge of the target network. For example, flow-jamming defined in existing work incorporates network layer information into the conventional jamming attack to maximize its attack efficiency. In this paper, we redefine a discrete optimization model of flow-jamming in multichannel wireless networks and provide metrics to evaluate the attack efficiency. We then propose the use of stochastic optimization techniques for flow-jamming attacks by using three stochastic search algorithms: iterative improvement, simulated annealing, and genetic algorithm. By integrating the algorithms into a simulation based on the OPNET Modeler network simulator, we demonstrate the optimization process and provide performance comparisons of the algorithms. From our results, genetic algorithm provides the most efficient flow-jamming configuration.

JADE: Jamming-averse routing on cognitive radio mesh networks

The spectrum sensing capability of cognitive radio (CR) enables a lot of opportunities to wireless networks, but also enables intelligent attacks by malicious players. One attack in this category is reactive jamming, in which the attacker senses the wireless spectrum, decodes parts of packets, and selectively interferes with packets. In so doing, an attacker can reduce energy expenditure and increase stealth while maintaining a high impact. Of the approaches to mitigate jamming, in this work, we focus on the jamming resilient routing in CR mesh networks. To do this we use signal-to-noise-interference ratio (SINR) which reflects the jamming impact. This metric is difficult to measure with commodity radio chipsets that cannot differentiate jamming interference from the received signal. Detecting SINR becomes even harder if reactive jamming is used by an attacker. In this study, we develop a mechanism to estimate SINR under reactive jamming. The estimated SINR information of each wireless link is then used to determine the jamming-averse directivity (JAD) of packets, which improves the routing performance of the victim network. We validate the proposed mechanism with a simulation study, showing that the proposed JAD escorted (JADE) routing dramatically improves routing path discovery performance including path discovery probability, path length, elapsed time for path discovery, retransmission attempts, and path quality under reactive jamming. Among the 200 route requests at 10 different configurations in our simulation, the reactive jammer disrupts the 77.5% of total requests. However, our JADE routing decreases the route discovery failure rate to 7.5% by saving the 96.7% of failed requests.

Keeping up with the jammers: Observe-and-adapt algorithms for studying mutually adaptive opponents ☆

Abstract Securing the wireless medium is essential to provide the ubiquitous wireless services that we desire. Many studies have explored adaptive attackers and defenders but few have explored the interaction when both players adapt. In this work, we explore the design of an adaptive defender and attacker using an observe-and-adapt strategy. We simulate these algorithms and explore the interaction of adaptive players in two different jamming games. We show that when only one player adapts they improve their performance but when both players adapt the outcome it is often reflective of biases in the game.

Demo: TV white space networking capabilities and potential with an embedded & open-API platform

Over the past decade, white space networking has garnered significant effort and attention from media, industry, regulators, and academics world-wide. Together, these entities have helped push white space in to a unique position of potentially changing how we access the spectrum (more efficiently) forever. Now, building white space networks with full-featured and fully certified equipment is critical in moving forward and retaining the spectrum and position that we have put ourselves in. In our demonstration, we will exhibit a fully embedded and FCC-certified white space networking platform that is available and capable of building out TV white space networks. Additionally, we provide an interactive display with data taken from our commercial deployments that further show its capabilities of supporting various applications. Using the many available channels at the conference location, we will demonstrate some of these capabilities (e.g., ability to penetrate in-door environments), as well as future capabilities (e.g., novel functionality built on the platform). With an open-API (across all layers), the platform is conducive to studying current capabilities and novel research.