COMPREHENSIVE SURVEY OF POSSIBLE SECURITY ISSUES ON 4G NETWORKS
seminar presentation
1. SEMINAR REPORT
PHYSICAL LAYER SECURITY IN WIRELESS
NETWORKS
IEEE Wireless Communications Journal, April 2011
Authors:
YI-SHENG SHIU AND SHIH YU CHANG, NATIONAL TSING HUA UNIVERSITY
HSIAO-CHUN WU, LOUISIANA STATE UNIVERSITY
SCOTT C.-H. HUANG, CITY UNIVERSITY OF HONG KONG
HSIAO-HWA CHEN, NATIONAL CHENG KUNG UNIVERSITY
SHAANTNU ANAND
149/EC/12
3. OSI MODEL (1)
• Conceptual model that standardizes the communication functions of a
telecommunication system.
4. OSI MODEL (2)
• The Physical layer : Transmission and reception of bit streams over a
physical medium . In wireless communications the physical layer can
also be radio waves and infrared light.
• CRYPTOGRAPHY :
5. ABSTRACT (1)
• Wireless Network : Any type of a computer network using wireless data
connections for connecting network nodes.
• Wireless networks are generally implemented using radio
communication.
6. ABSTRACT (2)
• In today's age wireless communication plays an extremely important role
in civil and military applications.
• The transfer of confidential information over wireless networks is a
challenging task.
• Thus , it becomes essential that data is only accessible to the intended
users.
• The two most prevalent attacks at the physical layer are jamming and
eavesdropping.
7. OVERVIEW (1)
• Wireless communication is an indispensible part of our daily life.
• Security is now a critical issue when it comes to transmission of
important private information such as electronic transactions and
banking related data communications.
• Most commonly used methods to ensure security rely on cryptographic
techniques employed at the upper layers of the OSI model.
• A secure channel is required for key exchange to implement the
cryptographic technique.
• Instead of using an additional layer the physical layer method can be
employed to distribute secret keys, supply location privacy and to
supplement upper layer algorithms.
• The application of physical layer security schemes makes it more difficult
for attackers to decipher transmitted information.
8. OVERVIEW (2)
• Existing physical layer security techniques can be classified into five
major categories :
(1) Theoretical secure capacity
(2) Power approach
(3) Code approach
(4) Channel approach
(5) Signal Detection approach
• Physical layer can have some built-in security to assist the traditional
upper layer encryption techniques.
• This seminar report aims at evaluating and comparing the physical layer
security methods based on two metrics .
• First, secret channel capacities and second, computational complexities.
10. SECURITY ATTACKS (2)
Passive Attacks
•Intruder/adversary’s objective is to
steal information from wireless
networks.
•Network operation is not disrupted.
•Types : (1) Traffic analysis
(2) Eavesdropping intrusion.
Active Attacks
• Adversary tries to alter the
communication data.
• Interferes with the normal network
operation.
•Types : DoS, Masquerade,
Information disclosure, replay,
message modification,
Resource consumption.
11. SECURITY ATTACKS (3)
• ACTIVE ATTACKS :
(1) Denial of Service (Dos) : An intruder tries to exhaust the resource
available to its legitimate users.
• At the physical layer, radio frequency jamming is used to occupy the
transmitted signal band.
• In this way the communication is disrupted and an adversary makes the
attacked nodes suffer from DoS.
12. SECURITY ATTACKS (4)
(2) Masquerade attacks : In a masquerade attack an intruder deceives the
authentication mechanism and pretends to be a legitimate user thus
disrupting the communication .
(3) Information Disclosure and Message Modification : A compromised node
acts as an information leaker.
• Information such as periodicity of traffic between two nodes can be
valuable to an intruder.
• Message modification refers to addition or deletion of network
communication content by an adversary.
13. SECURITY ATTACKS (5)
• PASSIVE ATTACKS
(1) Eavesdropping : It is the unauthorized real-time interception of private
communication such as a phone call or instant message.
• Generally encryption is used to overcome this problem.
(2) Traffic Analysis : Process of intercepting and analyzing messages in order
to deduce patterns in communication.
• The greater the number of messages stored the more can be inferred
form the traffic.
• Traffic analysis can also be done with encrypted information.
15. SECURITY REQUIREMENTS (1)
• Services in a wireless communication system should satisfy certain
requirements.
(A) AUTHENTICATION AND NON-REPUDIATION
• Authentication is used to confirm that a communication request comes
from a legitimate user.
• Types : (1) Entity Authentication - Justifies identity of parties in the
system.
(2) Data origin Authentication – Confirms the identity of data
creator.
• Non-repudiation guarantees that the transmitter of a message cannot
deny having sent it.
• Similarly the recipient cannot deny having received it. Example : digital
signature.
16. SECURITY REQUIREMENTS (2)
(B) CONFIDENTIALITY AND ACCESS CONTROL
• Confidentiality is the protection of data to prevent access to
unauthorized users.
• Encryption ensures that data is accessible to intended users only.
• Access control limits and controls devices that have access to
communication links.
17. SECURITY REQUIREMENTS (3)
(C) INTEGRITY AND AVAILABILITY
• Trustworthiness and reliability of information.
• Integrity means data that was sent is exactly the same as to what was
received.
• Availability : Communication should remain fully operational when a
legitimate user is trying to communicate.
18. SECURITY REQUIREMENTS (4)
(D) RESISTANCE TO JAMMING
• Jamming is a simple technique to interfere with communication
channels.
• A jammer may send out interference signals which disrupt signal
reception.
• Active jammers send out continuous radio signals into the channel and
thus block the communication of users.
• Reactive jammers sit idle till the time they sense transmission in the
channel.
• As soon as this happens they send out jamming signals.
19. SECURITY REQUIREMENTS (5)
(E) RESISTANCE TO EAVESDROPPING
• Typical secrecy problem :
• Hiding information is a method to embed private information into
background signal or noise process.
TRANSMITTER
EAVESDROPPERR
RECEIVER
20. PHYSICAL LAYER SECURITY
APPROACHES (1)
• Physical layer security approaches are divided into five major categories :
(1) Theoretical Secure Capacity
(2) Channel Approach
(3) Coding Approach
(4) Power Approach
(5) Signal Design Approach
21. PHYSICAL LAYER SECURITY
APPROACHES (2)
(A) THEORETICAL SECURE CAPACITY
• Secrecy Capacity : maximum rate achievable between a transmitter-
receiver pair subject to information attainable by the unauthorized
receiver (or intruder).
• The theoretical secure capacity approach is basically the information –
theoretic security approach.
• A huge amount of research is still going on in this field.
• This approach requires complete knowledge of the communication
channels ( e.g. : Gaussian or memory less)
• A few systems have been deployed but this technology is largely
unavailable due to high implementation cost.
22. PHYSICAL LAYER SECURITY
APPROACHES (3)
(B) CHANNEL APPRAOCHES
(i) R F Fingerprinting : This system consists of multiple sensor systems that
capture and extract RF features from each received signal.
• An intrusion detection system processes the feature sets and generates
a dynamic fingerprint for each internal source identifier derived from a
few packets.
• This RF system monitors the temporal evolution of each fingerprint and
issues an alert when a strange fingerprint is detected, thus
distinguishing an intruder.
23. PHYSICAL LAYER SECURITY
APPROACHES (4)
(ii) ACDM Precoding : Transmitted code vectors are generated by singular
value decomposition (SVD) of the correlation matrix which describes the
channel characteristics between transmitter and receiver.
• SVD : Singular value decomposition is a factorization of a real or complex
matrix
• The transmitted message is sent in terms of blocks and then modulated
in order to provide high-data-rate communication.
24. PHYSICAL LAYER SECURITY
APPROACHES (5)
(iii) Randomization of MIMO transmission coefficients :
• The transmitter generates a diagonal matrix dependent on the impulse
response of the transmitter receiver channel.
• The diagonal matrix has the unique property of being undetectable to an
intruder.
• Reduces signal interception.
25. PHYSICAL LAYER SECURITY
APPROACHES (6)
(C) CODE APPROACH
• Main objective is to improve resilience against jamming and
eavesdropping.
(i) Error Correction Coding :
• A single error in the received ciphertext will cause a large number of
errors in the decrypted plaintext.
• In order to overcome this problem a scheme with encrypted turbo
coding is used.
• A secure communication channel is set up based on selecting N pseudo
random bits from M encoded bits.
26. PHYSICAL LAYER SECURITY
APPROACHES (7)
(ii) Spread Spectrum Coding :
• Spread spectrum coding is a signaling technique in which a signal is
spread by a noise sequence over a wide frequency band with frequency
greater that that of the original signal.
• Traditional cryptographic techniques can have a large key size however,
spread spectrum system is limited to range of carrier frequencies.
• In the CDMA ( Code-division multiple access) system all users share the
same channel using different spreading codes to distinguish their signals.
27. PHYSICAL LAYER SECURITY
APPROACHES (8)
(D) POWER APPROACH
• Data protection can also be facilitated using power approaches. The
usual schemes in these approaches involve the employment of
directional antennas and the injection of artificial noise.
(i) Directional Antenna :
• Beam width is inversely proportional to peak gain in a directional
antenna.
• If a directional antenna is used a node can receive data from directions
not covered by a jamming signal.
• Thus, directional antennas improve network capacity, avoid physical
jamming attempts and enhance data availability.
28. PHYSICAL LAYER SECURITY
APPROACHES (9)
(ii) Artificial Noise Scheme :
• Perfect secrecy can be achieved when the intruders channel is noisier
than the receivers channel.
• Artificial noise is utilized to impair the intruder’s channel, but it does not
affect the receiver’s channel since the noise is generated in the null-
space of the receiver’s channel.
Receiver’s channel ( noise
generated in null spaces)
Noisier
channel
ReceiverTransmitter
Intruder
29. PHYSICAL LAYER SECURITY
APPROACHES (10)
(E) SIGNAL DESIGN APPROACH
• Consider a network that consists of multiple antenna transmitter and
several single antenna receiver (receiver and eavesdropper).
• Transmitter has knowledge of the channel and the receiver’s feedback is
recorded.
• Artificial Noise scheme is utilized and quality of service (Qos) can be
obtained by using higher modulation or higher error correction codes.
31. COMPARISON (2)
• The comparison is based on some assumptions .
• The assumptions include that an unauthorized user has a much worse
channel than that of an intended user, or has no idea about the
spreading codes or channel characteristics.
• The comparison of the prevalent techniques is done on the basis of two
metrics .
(i) Secret Channel Capacity :
• Low probability of interception (LPI) is an important factor in physical
layer security.
• Secret channel capacity is defined as; an intruder will acquire no more
information than a random guess from the communication than an
intended receiver at some given information rate.
32. COMPARISON (3)
(ii) COMPUTATIONAL COMPLEXITY
• Intruder cannot obtain information in encrypted transmission without
the secret key.
• Larger the number of the keys , higher is the security level.
• Computational complexity becomes an issue when receivers have to
decrypt all messages, thus data authentication is employed to
distinguish between intruders and transmitters.
33. CONCLUSIONS
• Existing physical layer security approaches have been compared on two
metrics namely, secret channel capacity and computational complexity.
• Due to hardware complexity the low cost implementation of most
physical layer security schemes is still beyond the capability of current
microelectronic technologies.
• FUTURE WORK :
• The existing physical layer security can be improved upon by catering for
multi user access and cross – layer protocols.
• The security approaches can also be put through cryptanalysis to test
their strength.