SecureMAC: Securing Wireless Medium Access Control Against Insider Denial-of-Service Attacks

Sang Yoon Chang, Yih Chun Hu

Research output: Contribution to journalArticle

Abstract

Wireless network dynamically allocates channel resources to improve spectral efficiency and, to avoid collisions, has its users cooperate with each other using a medium access control (MAC) protocol. However, MAC assumes user compliance and can be detrimental when a user misbehaves. An attacker who compromised the network can launch more devastating denial-of-service (DoS) attacks than a network outsider by sending excessive reservation requests to waste bandwidth, by listening to the control messages and conducting power-efficient jamming, by falsifying information to manipulate the network control, and so on. We build SecureMAC to defend against such insider threats while retaining the benefits of coordination between the cooperative users. SecureMAC is comprised of four components: channelization to prevent excessive reservations, randomization to thwart reactive targeted jamming, coordination to counter control-message aware jamming and resolve over-reserved and under-reserved spectrum, and power attribution to determine each node's contribution to the received power. Our theoretical analyses and implementation evaluations demonstrate superior performance over previous approaches, which either ignore security issues or give up the benefit of cooperation when under attack by disabling user coordination (such as the Nash equilibrium of continuous wideband transmission). In realistic scenarios, our SecureMAC implementation outperforms such schemes by 76-159 percent.

Original languageEnglish (US)
Article number7898430
Pages (from-to)3527-3540
Number of pages14
JournalIEEE Transactions on Mobile Computing
Volume16
Issue number12
DOIs
StatePublished - Dec 1 2017

Fingerprint

Medium access control
Jamming
Atmospheric spectra
Wireless networks
Bandwidth
Network protocols
Denial-of-service attack

Keywords

  • Denial of service
  • medium access control (MAC)
  • network compromise
  • wireless network

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Cite this

SecureMAC : Securing Wireless Medium Access Control Against Insider Denial-of-Service Attacks. / Chang, Sang Yoon; Hu, Yih Chun.

In: IEEE Transactions on Mobile Computing, Vol. 16, No. 12, 7898430, 01.12.2017, p. 3527-3540.

Research output: Contribution to journalArticle

@article{9366b6a351b84cecbaf6ccc04ad39e22,
title = "SecureMAC: Securing Wireless Medium Access Control Against Insider Denial-of-Service Attacks",
abstract = "Wireless network dynamically allocates channel resources to improve spectral efficiency and, to avoid collisions, has its users cooperate with each other using a medium access control (MAC) protocol. However, MAC assumes user compliance and can be detrimental when a user misbehaves. An attacker who compromised the network can launch more devastating denial-of-service (DoS) attacks than a network outsider by sending excessive reservation requests to waste bandwidth, by listening to the control messages and conducting power-efficient jamming, by falsifying information to manipulate the network control, and so on. We build SecureMAC to defend against such insider threats while retaining the benefits of coordination between the cooperative users. SecureMAC is comprised of four components: channelization to prevent excessive reservations, randomization to thwart reactive targeted jamming, coordination to counter control-message aware jamming and resolve over-reserved and under-reserved spectrum, and power attribution to determine each node's contribution to the received power. Our theoretical analyses and implementation evaluations demonstrate superior performance over previous approaches, which either ignore security issues or give up the benefit of cooperation when under attack by disabling user coordination (such as the Nash equilibrium of continuous wideband transmission). In realistic scenarios, our SecureMAC implementation outperforms such schemes by 76-159 percent.",
keywords = "Denial of service, medium access control (MAC), network compromise, wireless network",
author = "Chang, {Sang Yoon} and Hu, {Yih Chun}",
year = "2017",
month = "12",
day = "1",
doi = "10.1109/TMC.2017.2693990",
language = "English (US)",
volume = "16",
pages = "3527--3540",
journal = "IEEE Transactions on Mobile Computing",
issn = "1536-1233",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "12",

}

TY - JOUR

T1 - SecureMAC

T2 - Securing Wireless Medium Access Control Against Insider Denial-of-Service Attacks

AU - Chang, Sang Yoon

AU - Hu, Yih Chun

PY - 2017/12/1

Y1 - 2017/12/1

N2 - Wireless network dynamically allocates channel resources to improve spectral efficiency and, to avoid collisions, has its users cooperate with each other using a medium access control (MAC) protocol. However, MAC assumes user compliance and can be detrimental when a user misbehaves. An attacker who compromised the network can launch more devastating denial-of-service (DoS) attacks than a network outsider by sending excessive reservation requests to waste bandwidth, by listening to the control messages and conducting power-efficient jamming, by falsifying information to manipulate the network control, and so on. We build SecureMAC to defend against such insider threats while retaining the benefits of coordination between the cooperative users. SecureMAC is comprised of four components: channelization to prevent excessive reservations, randomization to thwart reactive targeted jamming, coordination to counter control-message aware jamming and resolve over-reserved and under-reserved spectrum, and power attribution to determine each node's contribution to the received power. Our theoretical analyses and implementation evaluations demonstrate superior performance over previous approaches, which either ignore security issues or give up the benefit of cooperation when under attack by disabling user coordination (such as the Nash equilibrium of continuous wideband transmission). In realistic scenarios, our SecureMAC implementation outperforms such schemes by 76-159 percent.

AB - Wireless network dynamically allocates channel resources to improve spectral efficiency and, to avoid collisions, has its users cooperate with each other using a medium access control (MAC) protocol. However, MAC assumes user compliance and can be detrimental when a user misbehaves. An attacker who compromised the network can launch more devastating denial-of-service (DoS) attacks than a network outsider by sending excessive reservation requests to waste bandwidth, by listening to the control messages and conducting power-efficient jamming, by falsifying information to manipulate the network control, and so on. We build SecureMAC to defend against such insider threats while retaining the benefits of coordination between the cooperative users. SecureMAC is comprised of four components: channelization to prevent excessive reservations, randomization to thwart reactive targeted jamming, coordination to counter control-message aware jamming and resolve over-reserved and under-reserved spectrum, and power attribution to determine each node's contribution to the received power. Our theoretical analyses and implementation evaluations demonstrate superior performance over previous approaches, which either ignore security issues or give up the benefit of cooperation when under attack by disabling user coordination (such as the Nash equilibrium of continuous wideband transmission). In realistic scenarios, our SecureMAC implementation outperforms such schemes by 76-159 percent.

KW - Denial of service

KW - medium access control (MAC)

KW - network compromise

KW - wireless network

UR - http://www.scopus.com/inward/record.url?scp=85038213759&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85038213759&partnerID=8YFLogxK

U2 - 10.1109/TMC.2017.2693990

DO - 10.1109/TMC.2017.2693990

M3 - Article

AN - SCOPUS:85038213759

VL - 16

SP - 3527

EP - 3540

JO - IEEE Transactions on Mobile Computing

JF - IEEE Transactions on Mobile Computing

SN - 1536-1233

IS - 12

M1 - 7898430

ER -