849 resultados para 802.11 security protocols
Resumo:
This paper presents a formal methodology for attack modeling and detection for networks. Our approach has three phases. First, we extend the basic attack tree approach 1 to capture (i) the temporal dependencies between components, and (ii) the expiration of an attack. Second, using the enhanced attack trees (EAT) we build a tree automaton that accepts a sequence of actions from input stream if there is a traverse of an attack tree from leaves to the root node. Finally, we show how to construct an enhanced parallel automaton (EPA) that has each tree automaton as a subroutine and can process the input stream by considering multiple trees simultaneously. As a case study, we show how to represent the attacks in IEEE 802.11 and construct an EPA for it.
Resumo:
This paper describes the implementation of the first portable, embedded data acquisition unit (BabelFuse) that is able to acquire and timestamp generic sensor data and trigger General Purpose I/O (GPIO) events against a microsecond-accurate wirelessly-distributed ‘global’ clock. A significant issue encountered when fusing data received from multiple sensors is the accuracy of the timestamp associated with each piece of data. This is particularly important in applications such as Simultaneous Localisation and Mapping (SLAM) where vehicle velocity forms an important part of the mapping algorithms; on fast-moving vehicles, even millisecond inconsistencies in data timestamping can produce errors which need to be compensated for. The timestamping problem is compounded in a robot swarm environment especially if non-deterministic communication hardware (such as IEEE-802.11-based wireless) and inaccurate clock synchronisation protocols are used. The issue of differing timebases makes correlation of data difficult and prevents the units from reliably performing synchronised operations or manoeuvres. By utilising hardware-assisted timestamping, clock synchronisation protocols based on industry standards and firmware designed to minimise indeterminism, an embedded data acquisition unit capable of microsecond-level clock synchronisation is presented.
Resumo:
IEEE 802.11p is the new standard for Inter-Vehicular Communications (IVC) using the 5.9 GHz frequency band, as part of the DSRC framework; it will enable applications based on Cooperative Systems. Simulation is widely used to estimate or verify the potential benefits of such cooperative applications, notably in terms of safety for the drivers. We have developed a performance model for 802.11p that can be used by simulations of cooperative applications (e.g. collision avoidance) without requiring intricate models of the whole IVC stack. Instead, it provide a a straightforward yet realistic modelisation of IVC performance. Our model uses data from extensive field trials to infer the correlation between speed, distance and performance metrics such as maximum range, latency and frame loss. Then, we improve this model to limit the number of profiles that have to be generated when there are more than a few couples of emitter-receptor in a given location. Our model generates realistic performance for rural or suburban environments among small groups of IVC-equipped vehicles and road side units.
Resumo:
Security protocols are designed in order to provide security properties (goals). They achieve their goals using cryptographic primitives such as key agreement or hash functions. Security analysis tools are used in order to verify whether a security protocol achieves its goals or not. The analysed property by specific purpose tools are predefined properties such as secrecy (confidentiality), authentication or non-repudiation. There are security goals that are defined by the user in systems with security requirements. Analysis of these properties is possible with general purpose analysis tools such as coloured petri nets (CPN). This research analyses two security properties that are defined in a protocol that is based on trusted platform module (TPM). The analysed protocol is proposed by Delaune to use TPM capabilities and secrets in order to open only one secret from two submitted secrets to a recipient
Resumo:
Security in a mobile communication environment is always a matter for concern, even after deploying many security techniques at device, network, and application levels. The end-to-end security for mobile applications can be made robust by developing dynamic schemes at application level which makes use of the existing security techniques varying in terms of space, time, and attacks complexities. In this paper we present a security techniques selection scheme for mobile transactions, called the Transactions-Based Security Scheme (TBSS). The TBSS uses intelligence to study, and analyzes the security implications of transactions under execution based on certain criterion such as user behaviors, transaction sensitivity levels, and credibility factors computed over the previous transactions by the users, network vulnerability, and device characteristics. The TBSS identifies a suitable level of security techniques from the repository, which consists of symmetric, and asymmetric types of security algorithms arranged in three complexity levels, covering various encryption/decryption techniques, digital signature schemes, andhashing techniques. From this identified level, one of the techniques is deployed randomly. The results shows that, there is a considerable reduction in security cost compared to static schemes, which employ pre-fixed security techniques to secure the transactions data.
Resumo:
We provide a survey of some of our recent results ([9], [13], [4], [6], [7]) on the analytical performance modeling of IEEE 802.11 wireless local area networks (WLANs). We first present extensions of the decoupling approach of Bianchi ([1]) to the saturation analysis of IEEE 802.11e networks with multiple traffic classes. We have found that even when analysing WLANs with unsaturated nodes the following state dependent service model works well: when a certain set of nodes is nonempty, their channel attempt behaviour is obtained from the corresponding fixed point analysis of the saturated system. We will present our experiences in using this approximation to model multimedia traffic over an IEEE 802.11e network using the enhanced DCF channel access (EDCA) mechanism. We have found that we can model TCP controlled file transfers, VoIP packet telephony, and streaming video in the IEEE802.11e setting by this simple approximation.
Resumo:
Different medium access control (MAC) layer protocols, for example, IEEE 802.11 series and others are used in wireless local area networks. They have limitation in handling bulk data transfer applications, like video-on-demand, videoconference, etc. To avoid this problem a cooperative MAC protocol environment has been introduced, which enables the MAC protocol of a node to use its nearby nodes MAC protocol as and when required. We have found on various occasions that specified cooperative MAC establishes cooperative transmissions to send the specified data to the destination. In this paper we propose cooperative MAC priority (CoopMACPri) protocol which exploits the advantages of priority value given by the upper layers for selection of different paths to nodes running heterogeneous applications in a wireless ad hoc network environment. The CoopMACPri protocol improves the system throughput and minimizes energy consumption. Using a Markov chain model, we developed a model to analyse the performance of CoopMACPri protocol; and also derived closed-form expression of saturated system throughput and energy consumption. Performance evaluations validate the accuracy of the theoretical analysis, and also show that the performance of CoopMACPri protocol varies with the number of nodes. We observed that the simulation results and analysis reflects the effectiveness of the proposed protocol as per the specifications.
Resumo:
Mobile ad hoc networking of dismounted combat personnel is expected to play an important role in the future of network-centric operations. High-speed, short-range, soldier-to-soldier wireless communications will be required to relay information on situational awareness, tactical instructions, and covert surveillance related data during special operations reconnaissance and other missions. This article presents some of the work commissioned by the U. K. Ministry of Defence to assess the feasibility of using 60 GHz millimeter-wave smart antenna technology to provide covert communications capable of meeting these stringent networking needs. Recent advances in RF front-end technology, alongside physical layer transmission schemes that could be employed in millimeter-wave soldier-mounted radio, are discussed. The introduction of covert communications between soldiers will require the development of a bespoke directive medium access layer. A number of adjustments to the IEEE 802.11 distribution coordination function that will enable directional communications are suggested. The successful implementation of future smart antenna technologies and direction of arrival-based protocols will be highly dependent on thorough knowledge of transmission channel characteristics prior to deployment. A novel approach to simulating dynamic soldier-to-soldier signal propagation using state-of-the-art animation-based technology developed for computer game design is described, and important channel metrics such as root mean square angle and delay spread for a team of four networked infantry soldiers over a range of indoor and outdoor environments is reported.
Resumo:
Traditional Time Division Multiple Access (TDMA) protocol provides deterministic periodic collision free data transmissions. However, TDMA lacks flexibility and exhibits low efficiency in dynamic environments such as wireless LANs. On the other hand contention-based MAC protocols such as the IEEE 802.11 DCF are adaptive to network dynamics but are generally inefficient in heavily loaded or large networks. To take advantage of the both types of protocols, a D-CVDMA protocol is proposed. It is based on the k-round elimination contention (k-EC) scheme, which provides fast contention resolution for Wireless LANs. D-CVDMA uses a contention mechanism to achieve TDMA-like collision-free data transmissions, which does not need to reserve time slots for forthcoming transmissions. These features make the D-CVDMA robust and adaptive to network dynamics such as node leaving and joining, changes in packet size and arrival rate, which in turn make it suitable for the delivery of hybrid traffic including multimedia and data content. Analyses and simulations demonstrate that D-CVDMA outperforms the IEEE 802.11 DCF and k-EC in terms of network throughput, delay, jitter, and fairness.
Resumo:
The susceptibility of WiFi networks to Rogue Access Point attacks derives from the lack of identity for 802.11 devices. The most common means of detecting these attacks in current research is through tracking the credentials or the location of unauthorised and possibly malicious APs. In this paper, the authors outline a method of distinguishing WiFi Access Points using 802.11 MAC layer management frame traffic profiles. This system does not require location estimation or credential tracking techniques as used in current research techniques, which are known to be inaccurate. These characteristic management traffic profiles are shown to be unique for each device, tantamount to a MAC identity. The application of this technique to solving Rogue AP attacks under the constraints of an open access, public WiFi environment is discussed with the conclusion that the identity is practically very difficult to forge
Resumo:
In this reported work, the frequency diverse array concept is employed to construct an orthogonal frequency-division multiplexing (OFDM) transmitter that has the capability of securing wireless communication in free space directly in the physical-layer without the need for mathematical encryption. The characteristics of the proposed scheme in terms of its secrecy performance are validated via bit error rate simulation under both high and low signal to noise ratio scenarios using the IEEE 802.11 OFDM physical-layer specification.
Resumo:
Key generation from wireless channels is a promising alternative to public key cryptography for the establishment of cryptographic keys. It is the first paper to experimentally study the channel reciprocity principle of key generation, through investigating and quantifying channel measurements' cross-correlation relationship affected by noise and non-simultaneous measurements. Channel measurements, both received signal strength and channel state information, are collected from a real experimental platform using the wireless open access research platform (WARP) in a multipath office room. We found that in a slow fading channel (e.g., with a coherence time of about 50~ms), the channel cross-correlation is impacted greatly by noise but little by non-simultaneous measurements with a small sampling time difference (e.g., 0.06 ms). The resolution of the sampling time difference can be satisfied by wireless systems such as IEEE 802.11 to maintain an acceptable cross-correlation coefficient without affecting the bandwidth and communication efficiency.
Resumo:
This paper presents a new encryption scheme implemented at the physical layer of wireless networks employing orthogonal frequency-division multiplexing (OFDM). The new scheme obfuscates the subcarriers by randomly reserving several subcarriers for dummy data and resequences the training symbol by a new secure sequence. Subcarrier obfuscation renders the OFDM transmission more secure and random, while training symbol resequencing protects the entire physical layer packet, but does not affect the normal functions of synchronization and channel estimation of legitimate users while preventing eavesdroppers from performing these functions. The security analysis shows the system is robust to various attacks by analyzing the search space using an exhaustive key search. Our scheme is shown to have a better performance in terms of search space, key rate and complexity in comparison with other OFDM physical layer encryption schemes. The scheme offers options for users to customize the security level and key rate according to the hardware resource. Its low complexity nature also makes the scheme suitable for resource limited devices. Details of practical design considerations are highlighted by applying the approach to an IEEE 802.11 OFDM system case study.
Resumo:
Mestrado em Engenharia Electrotécnica e de Computadores - Área de Especialização de Telecomunicações
Resumo:
Nykypäivän maailma tukeutuu verkkoihin. Tietokoneverkot ja langattomat puhelimet ovat jo varsin tavallisia suurelle joukolle ihmisiä. Uusi verkkotyyppi on ilmestynyt edelleen helpottamaan ihmisten verkottunutta elämää. Ad hoc –verkot mahdollistavat joustavan verkonmuodostuksen langattomien päätelaitteiden välille ilman olemassa olevaa infrastruktuuria. Diplomityö esittelee uuden simulaatiotyökalun langattomien ad hoc –verkkojen simulointiin protokollatasolla. Se esittelee myös kyseisten verkkojen taustalla olevat periaatteet ja teoriat. Lähemmin tutkitaan OSI-mallin linkkikerroksen kaistanjakoprotokollia ad hoc –verkoissa sekä vastaavan toteutusta simulaattorissa. Lisäksi esitellään joukko simulaatioajoja esimerkiksi simulaattorin toiminnasta ja mahdollisista käyttökohteista.
