Anti-Jamming: A Study

Transcription

1 Anti-Jamming: A Study Karthikeyan Mahadevan, Sojeong Hong, John Dullum December 14, 25 Abstract Addressing jamming in wireless networks is important as the number of wireless networks is on the increase. In this paper, we present a new mechanism to mitigate jamming attacks. We have developed a random channel selection protocol to facilitate communications among nodes in the presence of jammers. Furthermore, we adopt pairwise key predistribution protocol based on bivariate polynomial in order to build a secure random frequency hopping schedule between two nodes. We discuss the security and connectivity characteristics for our scheme and we also present simulations. 1 Introduction With the proliferation of wireless networks, we are experiencing a paradigm shift from traditional wired networks towards mobile computing. As the ubiquity of deploying these wireless networks increase, it is vital that we understand the various security problems that it might pose. Provisioning security for these wireless networks has been a problem. Security for these wireless networks is particularly challenging since these devices are resource-constrained and use a broadcast channel for communication. Furthermore, as these wireless devices are easily available and are cheap. This opens up the wireless networks to a spectrum of attacks that were not present in the traditional wired networks. A very important attack called jamming is preventing the legitimate users from communicating. An attacker could disable his MAC-layer protocol or send a powerful signal to interfere with PHY-layer decoding of messages. It is well-known that these attacks are simple to launch and very hard to protect from. It is essential to understand intrinsic properties of the radio channel [12]. The quest of preventing an attacker to launch a DoS using the wireless medium relies on our understanding of the channel itself. Addressing jamming is difficult since we cannot directly apply the standard cryptographic paradigms. Frequency hopping spread spectrum (FHSS) is a technique which splits the communication channel into different sub channels, and allocating a hopping pattern to every user. In [3], the authors have shown how to improve the channel capacity of ad hoc wireless networks. FHSS has been considered a potential solution for preventing jamming and has been used by the military for many years. There is a vast body of literature on jamming [2]. As a result of using a single communication channel, jamming can be performed easily. Frequency hopping is an alternative which alleviates jamming if it is used correctly. There are real-world implementations that employ the same hopping pattern for all the nodes. But this is not a very secure approach, as an attacker has to compromise a single node to obtain the hopping sequence and thereby jam the network. The reason for following this approach is due to synchronization issues that might arise if we employ different hopping sequences for each node. Furthermore, we cannot assume the location of a node before deployment. A reasonable solution is to adopt one of the key management solutions [7, 5, 11] and use the shared keys between nodes as the basis of frequency hopping. Then the security offered by this approach would be restricted to the number of keys that a node possesses. This would also dictate that nodes would have to use a control channel to figure out with which neighbors it shares a key. This again opens the network for the jammer. 2 Related Work 2.1 Jamming DoS attacks on sensor networks was studied in [15]. The authors explored various attacks that could stem from various layers of the protocol stack and proposed defense mechanisms. The authors suggest employing spread spectrum techniques to avoid physical layer jamming and rerouting around the claimed jammed region. As for defenses at the MAC layer, there is not one single strategy that could be used. 1

2 Channel surfing [16] is a work that basically suggests and provides a framework to prevent jamming. The frequency hopping pattern suggested by [16] is C(n + 1) = C(n)+1 mod M. The authors also understand the consequence of using this pattern and have suggested use of a pre-shared secret between the communicating parties. Another approach suggested by [16], called spatial retreats is suited for wireless devices that are mobile: moving away from jammed areas. The success of [16], relies on predicting whether the channel is jammed or not. Strategies based on both MAC and PHY-layer are presented. In the MAC-layer approach, each device keeps track of how long it had to wait to access the channel and compares this with a preset threshold (which can be determined theoretically or by experiments). If the current access time is greater than the threshold, the node determines that it is being jammed. On the other hand for PHYlayer based detection, each node samples the noise levels many times within a specified interval and estimates whether or not it is being jammed. It is easy to observe that these approaches have a lot of false-positives due to congestion or wireless devices moving away and/or loss of power. RID [8], is a real-time adaptive protocol designed to detect interference in radio communications. The concept of this protocol is that a sender sends a high-powered signal followed by a normal-powered signal, using which the receiver estimates the interference for the sender. Broadcast anti-jamming has been analyzed [6] from a theoretical perspective. Emergent properties [9] are characteristics that arise from a group of nodes, their behavior and so on. It is essential that we understand these properties to build secure protocols. In [13], the authors have analyzed jamming based on the power expenditure for the jammer. 2.2 Bivariate Polynomial The group key predistribution based on bivariate polynomial is proposed by Blundo et al [4]. We employ the bivariate polynomial protocol in order to achieve pairwise key predistribution as same as [11]. The central authority (CA) generates a bivariate polynomial as follows. f(x,y) = t i,j= a ijx i y j over a finite field GF(q), where q is a large prime number, satisfying the requirement f(x,y) = f(x,y) and keep it secret. t is decided based on the storage capacity of the mobile wireless node. t is also considered as threshold that the secret bivariate polynomial can be kept even though if there are t compromised nodes (t-collusion resistant). Let U i is a node whose id is i and is certified by CA. Then CA give U i a secret polynomial f(i,y). This key predistribution is done prior to node distribution (or formation of ad hoc network). After an ad hoc network is formed, U i can share a key with U j by substituting y with j such as f(i,j). Also U j can compute the shared key by substituting y with i such as f(j,i). Since the bivariate polynomial satisfies f(i,j) = f(j,i), U i and U j can derive the same key. Hence without knowing the other peer s secret polynomial, they can agree upon the same key by simply sending their id in clear text. 3 Physical and MAC Layer Jamming 3.1 PHY layer Jamming When two nodes are communicating, an attacker could insert noise making the communications unintelligible. This is basically how PHY layer jamming is done. Bluetooth and microwave devices operate in the same frequency spectrum as 82.11b devices. Furthermore an attacker who knows the frequency of operation can use noise emitters to jam the communications. The sole purpose of an attacker performing this attack is to ensure that communication do not happen. 3.2 MAC Layer Jamming The standard mandates that implementations of Distributed Coordination Function (DCF) follow carrier sensing. The primary objective of CSMA protocols is to avoid nodes communicating at the same time which would cause collisions, which would result in retransmissions thereby reducing the utility of the network. The working of the protocol in a nutshell is as follows: every node wanting to communicate has to sense the channel. If the channel is idle, then the node can send a Request to Send (RTS) packet with the duration it wants to transmit. A receiver can acknowledge this request by sending a Clear to Send (CTS) packet with the appropriate duration. Once this exchange is taking place, the neighbors know that the channel is reserved for the duration specified. By explicitly reserving the channel, collisions are avoided. Inter-frame spacing is another feature of this protocol. After every transmission, there is a dead time frame wherein all the nodes wait. For more details on the inner working of this protocol please refer to [1]. An adversary can exploit this protocol by reserving the channel (of course an attacker does not have to follow the protocol), but by just sending the RTS packets, an attacker can bring down the utility of the network considerably. Furthermore the energy expended for this type of attack is 2

3 very limited compared to a noise generator. The following are the options for the jammer to avoid legitimate nodes from communicating: Send RTS packets, which would reserve the channel for the maximum duration. This ensures that legitimate nodes cannot communicate for the duration of time. The energy expended by the attacker is basically the cost of sending an RTS packet. Create collisions to ensure that RTS packets are not properly decoded at the receiver. In either case the attacker s goal is to bring down the utility of the network. We are looking at the strategies an attacker can employ to bring the network utility to minimum. 4 Channel Selection - A Randomized Approach We could imagine a situation wherein the participating nodes use a single common channel to establish the frequency hopping patterns with its neighbors. The serious issue that arises out of this approach is that an attacker can jam this common channel thereby ensuring that the legitimate nodes will not be able to communicate. This is the threat which we are trying to address by frequency hopping. Distributing a common hopping pattern to all nodes is not an option since an attacker has to compromise only one node to compromise a major portion of the network. Therefore, it is necessary that the nodes use an algorithm that does not need any stored information. For clarity, we use the the following terminology: Physical Neighbors: Nodes that fall within the communication range of a node. Logical Neighbors: Nodes that fall within the communication range of a node A and picks the same frequency as the node A. 4.1 Protocol Version 1 Let us consider a network with n nodes with an average of k physical neighbors per node. After deployment, each node boots up and tries to establish communication channels. Each node (for instance node A) picks a channel at random from the C channels available. It senses the channel and ensures that there is no communication in that channel (CSMA protocol), once that happens, it sends out a join request. If there is some other node listening in that channel, it replies back and they negotiate the hopping sequence. If there is no response to the join request for t seconds, then node A picks another channel in random and tries to connect to someone. This boot up phase happens for a fixed amount of time or till the node attains a threshold number of neighbors. The following is the algorithm that details the workings of the channel selection protocol: Algorithm 1 :Channel Selection 1: counter = 2: while counter threshold do 3: Pick a channel c at random 4: if c is not busy then 5: Send join request 6: Wait for t seconds 7: if Obtained response then 8: Negotiate hopping schedule 9: else 1: counter++ 11: end if 12: end if 13: end while 4.2 Analysis Let us see what guarantees we can obtain from Algorithm 1. First and foremost arises the question whether we can ensure connectivity among nodes. Let us analyze this from a single node s perspective: each node picks a channel at random and then senses the channel. Let the event that two nodes pick different channels be denoted as A. The probability of occurrence of event A is given by: P[A] = 1 1/C Symbol n C k Meaning Number of nodes Number of channels Average number of neighbors per node Table 1: Notation Given that each node has on an average k physical neighbors, let us denote the event that all of k neighbors of a given node pick channels different from the given node as B. The probability of occurrence of event B is given by: P[B] = (1 1/C) k 3

4 The minimum requirement for a node to be connected is that it shares a channel with at least one of its k neighbors and let us denote this event as S. The probability of this event to occur is given by: 4.3 Connectivity P[S] = 1 (1 1/C) k (1) The probability that any two nodes can communicate is a measure of connectivity. In [14], the authors have presented a case for using directional antennas to improve connectivity. We do not think that is not an option for our protocol. Based on equation 1, we can determine the probability of successful connection establishment. We varied the average number of physical neighbors for given number of channels. From Figure 1 the probability of estab- Probability of success Average number of physical neighbors Figure 1: Average number of logical neighbors established lishing a neighbor varies from.6 to.4 depending on the number of channels available given that there are 4 physical neighbors. We make two important observations here: How many logical neighbors does each node need so that the graph is completely connected? How many physical neighbors are necessary to ensure complete connectivity? In [7] the authors analyze connectivity using random graph theory. As the concepts are similar, we will also adopt random graph theory for our purposes. In other words we will use random graph theory to answer the questions we have raised. For a graph to be connected with desired probability P c, the threshold function p is defined as follows [7]: P c = lim n P r[g(n,p)is connected] = e e c (2) where p = ln(n) n + c and c is any real constant (3) n Given these equations, the authors have derived the expected degree and based on that the connectivity. Given that there are 4 physical neighbors for each node, different channels, the expected probability is approximately.4. So we would need at most 3 rounds to ensure that there is at least one logical connection. 4.4 An Example To present our scheme better we provide two numerical examples, one with the numbers used in [7] and another one. Let us consider that we have a network with 1 nodes. We want the network to be connected with probability P c =.99999, by using equation 2 the value for c is Substituting this value of c, in equation 2 p = We can find d = p (n 1), the expected node degree is found to be 18. Hence we would need to run the channel selection protocol about 54 times. We have validated this claim by simulation which can be found in Section 6. But this is the case for the network to be completely connected. It is desirable to reduce the number of runs of the channel selection protocol, so let us take the case when we would need a probability of connectivity to be P c =.98. In this case c = 4 and we found p =.19. The expected degree is 11, for which we need to run our channel selection protocol about 33 times. It can be noted that the probability of connectivity is a design parameter and it can be left to designers to choose the appropriate value for it. 4.5 Discussion Although the channel selection protocol discussed above provides better resistance to jamming, there are a couple of problems that arises out of this. If a jammer is listening on some frequency, he would be able to figure out the hopping patterns negotiated by nodes on that frequency. So a passive attacker gains useful information. Compared to traditional communications, this is better. Furthermore as the number of passive attackers increase, the number of communication links compromised also increases. 5 Secure Channel Selection In our channel selection protocol, nodes pick channels at random and establish logical neighbors. If an attacker happens to be listening in on the frequency selected by 4

5 a node when it is negotiating the hopping schedule in the channel selection protocol then the attacker has complete knowledge of the hopping sequence. Therefore it is imperative to ensure that nodes do not reveal this information thereby leaving the attacker a probability of 1/C to jam communications. 5.1 Protocol Version 2 We discussed polynomial based key predistribution in section 2. In order to provide better security, we will employ that in conjunction with our channel selection protocol. Before deployment each node is assigned a univariate polynomial f(i,y), where i is the node s id. After deployment, each node boots up, picks a channel at random and tries communicating. Once it receives the response the nodes just exchange their id s. As a result, now both the nodes have a shared key K which they use to determine the hopping pattern as follows: F i = h i (K)modC The frequency that they would use in time i is determined by hashing the shared key K i times and reducing it modulo C, which would result in one of the channels. The following is the algorithm 2 that explains the working of the protocol. Algorithm 2 :Secure Channel Selection 1: counter = 2: while counter threshold do 3: Pick a channel c at random 4: if c is not busy then 5: Send join request 6: Wait for t seconds 7: if Obtained response then 8: Exchange node id s 9: Negotiate timing issues 1: else 11: counter++ 12: end if 13: end if 14: end while 5.2 Discussion The probability of a node establishing a logical neighbor is exactly the same, but the difference here is that the hopping pattern is not revealed to anyone else. We achieve this by employing the polynomial based key distribution. When two nodes meet each other in a channel, all they have to exchange is their identifiers. At the end of getting the identifiers, the nodes can generate the shared key independently which can be used as a basis for the hopping pattern. Given this protocol what can an attacker do to deny communications for the legitimate nodes? If an attacker chooses to jam one channel, then the legitimate nodes are left with C 1 channels to communicate. Furthermore, an attacker has a probability of 1/C to guess the next channel in which communication is going to take place. It is obvious that there is going to be a negative effect on the throughput in the presence of an attacker, but legitimate nodes will still be able to communicate. One could imagine the scenario with smart jammers or distributed jammers. Again the bandwidth utilization by legitimate nodes would drop as the case may be, but as we can see from our channel selection protocols analysis, legitimate nodes will definitely be able to communicate. In order to bring down the communications to a stop, there have to be C attackers. Depending on the number of available channels this might or might not be feasible. 5.3 Tradeoffs and Incentives It is imperative for any design to offer flexibility for designers. We have kept that in mind and there are a few tradeoffs we offer. If the designers prefer to reduce the number of rounds of channel selection with required connectivity, they could choose to use a subset of the available channels for the channel selection phase and then employ the complete set of channels for communications. The other tunable parameters are the number of physical neighbors and number of logical neighbors established. One could release different combinations using the different variables. If the nodes know that certain channels are jammed, then they can remove it from the set of available channels and avoid those channels in their hopping schedules. Cluster formation is possible, but that would require more analysis to ensure we can attain security guarantees. 6 Simulation In this section, we explain simulation results; our simulator is implemented with C and OpenSSL. The objective of simulator is two fold: initial channel selection process and key establishment process. In this simulation, we generate thousand nodes and deploy it in the square network area (1 by 1) randomly by assigning two random numbers (<1) to the x-coordinate and y-coordinate of a node. A node is considered as a physical neighbor if the node resides within the other nodes reachable range. We as- 5

6 sumed that reachable range of a node is a r radius circle embracing a node, which is not valid if a directional antenna is used. If r increases (the distance the antenna s signal can reach increases), the number of physical neighbors increases. When a couple of nodes is in the communication range and select the same channel, each node computes the pairwise shared key using its secret polynomial, (which is assigned by the central authority) and neighbor s id. The following simulation analysis is based on the average results out of ten runs of the simulation. Figure 2 shows that the average number of logical neighbors with respect to the average number of physical neighbors. The four legends indicate the number of available channels. The higher the number of channels there are, the greater the security. In reality, however, there are only channels in Bluetooth [1] and IEEE 82.11b [1] that provides FHSS. For the first round channel selection, the average number of logical neighbors with 4 physical neighbor occurrence is about.5 when there are available channels. With same condition, if there are 512 available channels, the average number of logical neighbors is about.8. The result shows that the more channels there are for frequency hopping, the less number of logical neighbors a node can have. Figure 2 also shows that our theoretical analysis is correct displaying almost same graph lines as Figure 1 Average number of neighbors established Average number of physical neighbors Figure 2: Average number of logical neighbors with respect to various number of physical neighbors Section 4.3 discussed about achieving complete graph. Figure 3 shows that the average number of logical neighbors a node can connect to with channels and about 4 physical neighbors. If we want to achieve a probability of so that we can be almost certain to have a completely connected graph, each node needs to run the channel selection protocol 48 times. However, if the connectivity can be decreased to.98, only 26 runs of the channel selection are required Average number of neighbors established (11 neighbors at 26 round) Number of rounds (channel selection) (26 neighbors at 48 round) Figure 3: The required number of logical neighbors for a completely connected ad hoc wireless network with channels, 4 physical neighbors Figure 4 and Figure 5 show that the accumulated average number of logical neighbors with respect to the number of channel selections with given average 15 and 4 physical neighbors respectively. When nodes form an ad hoc network, they start to select a channel in order to find enough number of logical neighbors to share a key, which is used for frequency hopping. When there are available channels, in order to have at least one channel, a node should perform random channel selection about 5 times with 15 physical neighbors and 2 times with 4 physical neighbors. In case of 512 channels, in both cases, a node cannot get one neighbor even after 1 times of random channel selections. Average number of neighbors established Number of rounds (channel selection) Figure 4: Average number of logical neighbors according to number of channel selection with 15 physical neighbors 6

7 Average number of neighbors established Number of rounds (channel selection) Figure 5: Average number of logical neighbors according to number of channel selection with 4 physical neighbors 7 Conclusion In this paper, we have developed a protocol to ensure communications in the presence of jammers. Our protocol offers flexibility for designers to suit the different environments of deployment. The simplicity of this approach is one of its merits. With the increase in the number of wireless users, jamming is an important problem that has to be addressed. In this effort we have presented a solution to address the problem. Several research directions can be pursued. Simulating jammers and studying the performance of our protocol would be the first thing to do. We have presented a theoretical analysis for the success of a jammer, but a simulation or an implementation would strengthen our claims. Smart jamming is one more thing we would have to investigate to make our paper complete. References [1] standards. [2] R. A.Poisel. Modern communications jamming principles and techniques, 23. [3] P. Bahl, R. Chandra, and J. Dunagan. Ssch: slotted seeded channel hopping for capacity improvement in ieee ad-hoc wireless networks. In MobiCom 4: Proceedings of the 1th annual international conference on Mobile computing and networking, pages , New York, NY, USA, 24. ACM Press. [4] C. Blundo, A. D. Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M. Yung. Perfectly-secure key distribution for dynamic conferences. In CRYPTO 92: Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology, pages , London, UK, Springer- Verlag. [5] H. Chan, A. Perrig, and D. Song. Random key predistribution schemes for sensor networks. In IEEE Symposium on Security and Privacy, May 23. [6] Y. Desmedt, R. Safavi-Naini, H. Wang, C. Charnes, and J. Pieprzyk. Broadcast anti-jamming systems. In Seventh IEEE International Conference on Networks (ICON 99), page 349, [7] L. Eschenauer and V. D. Gligor. A key-management scheme for distributed sensor networks. In CCS 2: Proceedings of the 9th ACM conference on Computer and communications security, pages 41 47, New York, NY, USA, 22. ACM Press. [8] J. A. S. T. A. Gang Zhou, Tian He. Rid: Radio interference detection in wireles sensor networks. In IEEE InfoCom 25. [9] V. D. Gligor. Emergent properties in ad-hoc networks: a security perspective. In WiSe 5: Proceedings of the 4th ACM workshop on Wireless security, pages 55 56, New York, NY, USA, 25. ACM Press. [1] B. S. I. Group. Specifications of the bluetooth system. vol. 1 v1.b Core and vol. 2 v1.b Profiles, December [11] D. Liu, P. Ning, and R. Li. Establishing pairwise keys in distributed sensor networks. ACM Trans. Inf. Syst. Secur., 8(1):41 77, 25. [12] U. L.Rohde and J. C.Whitaker. Communications recievers: Principles and design, 2. [13] R. Negi and A. Perrig. Jamming analysis of mac protocols. Technical report, Carnegie Mellon University, 23. [14] G. Noubir. On connectivity in ad hoc network under jamming using directional antennas and mobility. International Conference on Wired /Wireless Internet Communications, 24. [15] A. D. Wood and J. A. Stankovic. Denial of service in sensor networks. Computer, 35(1):54 62, 22. 7

8 [16] W. Xu, T. Wood, W. Trappe, and Y. Zhang. Channel surfing and spatial retreats: defenses against wireless denial of service. In WiSe 4: Proceedings of the 24 ACM workshop on Wireless security, pages 8 89, New York, NY, USA, 24. ACM Press. 8