Securing wireless medium access control against insider denial-of-service attackers

Sang Yoon Chang, Yih Chun Hu, Zhuotao Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In a wireless network, users share a limited resource in bandwidth. To improve spectral efficiency, the network dynamically allocates channel resources and, to avoid collisions, has its users cooperate with each other using a medium access control (MAC) protocol. In a MAC protocol, the users exchange control messages to establish more efficient data communication, but such MAC assumes user compliance and can be detrimental when a user misbehaves. An attacker who compromised the network can launch a two-pronged denial-of-service (DoS) attack that is more devastating than an outsider attack: first, it can send excessive reservation requests to waste bandwidth, and second, it can focus its power on jamming those channels that it has not reserved. Furthermore, the attacker can falsify information to skew the network control decisions to its favor. To defend against such insider threats, we propose a resource-based channel access scheme that holds the attacker accountable for its channel reservation. Building on the randomization technology of spread spectrum to thwart outsider jamming, our solution comprises of a bandwidth allocation component to nullify excessive reservations, bandwidth coordination to resolve over-reserved and under-reserved spectrum, and power attribution to determine each node's contribution to the received power. We analyze our scheme theoretically and validate it with WARP-based testbed implementation and MATLAB simulations. Our results demonstrate superior performance over the typical solutions that bypass MAC control when faced against insider adversary, and our scheme effectively nullifies the insider attacker threats while retaining the MAC benefits between the collaborative users.

Original languageEnglish (US)
Title of host publication2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages370-378
Number of pages9
ISBN (Electronic)9781467378765
DOIs
StatePublished - Dec 3 2015
Event3rd IEEE International Conference on Communications and Network Security, CNS 2015 - Florence, Italy
Duration: Sep 28 2015Sep 30 2015

Publication series

Name2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015

Other

Other3rd IEEE International Conference on Communications and Network Security, CNS 2015
CountryItaly
CityFlorence
Period9/28/159/30/15

Fingerprint

Medium access control
Jamming
Bandwidth
Atmospheric spectra
Network protocols
Frequency allocation
Testbeds
MATLAB
Wireless networks
Communication

ASJC Scopus subject areas

  • Computer Networks and Communications

Cite this

Chang, S. Y., Hu, Y. C., & Liu, Z. (2015). Securing wireless medium access control against insider denial-of-service attackers. In 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015 (pp. 370-378). [7346848] (2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CNS.2015.7346848

Securing wireless medium access control against insider denial-of-service attackers. / Chang, Sang Yoon; Hu, Yih Chun; Liu, Zhuotao.

2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015. Institute of Electrical and Electronics Engineers Inc., 2015. p. 370-378 7346848 (2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Chang, SY, Hu, YC & Liu, Z 2015, Securing wireless medium access control against insider denial-of-service attackers. in 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015., 7346848, 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015, Institute of Electrical and Electronics Engineers Inc., pp. 370-378, 3rd IEEE International Conference on Communications and Network Security, CNS 2015, Florence, Italy, 9/28/15. https://doi.org/10.1109/CNS.2015.7346848
Chang SY, Hu YC, Liu Z. Securing wireless medium access control against insider denial-of-service attackers. In 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015. Institute of Electrical and Electronics Engineers Inc. 2015. p. 370-378. 7346848. (2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015). https://doi.org/10.1109/CNS.2015.7346848
Chang, Sang Yoon ; Hu, Yih Chun ; Liu, Zhuotao. / Securing wireless medium access control against insider denial-of-service attackers. 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 370-378 (2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015).
@inproceedings{432038a3c1504169a480a2ed4403f8b1,
title = "Securing wireless medium access control against insider denial-of-service attackers",
abstract = "In a wireless network, users share a limited resource in bandwidth. To improve spectral efficiency, the network dynamically allocates channel resources and, to avoid collisions, has its users cooperate with each other using a medium access control (MAC) protocol. In a MAC protocol, the users exchange control messages to establish more efficient data communication, but such MAC assumes user compliance and can be detrimental when a user misbehaves. An attacker who compromised the network can launch a two-pronged denial-of-service (DoS) attack that is more devastating than an outsider attack: first, it can send excessive reservation requests to waste bandwidth, and second, it can focus its power on jamming those channels that it has not reserved. Furthermore, the attacker can falsify information to skew the network control decisions to its favor. To defend against such insider threats, we propose a resource-based channel access scheme that holds the attacker accountable for its channel reservation. Building on the randomization technology of spread spectrum to thwart outsider jamming, our solution comprises of a bandwidth allocation component to nullify excessive reservations, bandwidth coordination to resolve over-reserved and under-reserved spectrum, and power attribution to determine each node's contribution to the received power. We analyze our scheme theoretically and validate it with WARP-based testbed implementation and MATLAB simulations. Our results demonstrate superior performance over the typical solutions that bypass MAC control when faced against insider adversary, and our scheme effectively nullifies the insider attacker threats while retaining the MAC benefits between the collaborative users.",
author = "Chang, {Sang Yoon} and Hu, {Yih Chun} and Zhuotao Liu",
year = "2015",
month = "12",
day = "3",
doi = "10.1109/CNS.2015.7346848",
language = "English (US)",
series = "2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "370--378",
booktitle = "2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015",
address = "United States",

}

TY - GEN

T1 - Securing wireless medium access control against insider denial-of-service attackers

AU - Chang, Sang Yoon

AU - Hu, Yih Chun

AU - Liu, Zhuotao

PY - 2015/12/3

Y1 - 2015/12/3

N2 - In a wireless network, users share a limited resource in bandwidth. To improve spectral efficiency, the network dynamically allocates channel resources and, to avoid collisions, has its users cooperate with each other using a medium access control (MAC) protocol. In a MAC protocol, the users exchange control messages to establish more efficient data communication, but such MAC assumes user compliance and can be detrimental when a user misbehaves. An attacker who compromised the network can launch a two-pronged denial-of-service (DoS) attack that is more devastating than an outsider attack: first, it can send excessive reservation requests to waste bandwidth, and second, it can focus its power on jamming those channels that it has not reserved. Furthermore, the attacker can falsify information to skew the network control decisions to its favor. To defend against such insider threats, we propose a resource-based channel access scheme that holds the attacker accountable for its channel reservation. Building on the randomization technology of spread spectrum to thwart outsider jamming, our solution comprises of a bandwidth allocation component to nullify excessive reservations, bandwidth coordination to resolve over-reserved and under-reserved spectrum, and power attribution to determine each node's contribution to the received power. We analyze our scheme theoretically and validate it with WARP-based testbed implementation and MATLAB simulations. Our results demonstrate superior performance over the typical solutions that bypass MAC control when faced against insider adversary, and our scheme effectively nullifies the insider attacker threats while retaining the MAC benefits between the collaborative users.

AB - In a wireless network, users share a limited resource in bandwidth. To improve spectral efficiency, the network dynamically allocates channel resources and, to avoid collisions, has its users cooperate with each other using a medium access control (MAC) protocol. In a MAC protocol, the users exchange control messages to establish more efficient data communication, but such MAC assumes user compliance and can be detrimental when a user misbehaves. An attacker who compromised the network can launch a two-pronged denial-of-service (DoS) attack that is more devastating than an outsider attack: first, it can send excessive reservation requests to waste bandwidth, and second, it can focus its power on jamming those channels that it has not reserved. Furthermore, the attacker can falsify information to skew the network control decisions to its favor. To defend against such insider threats, we propose a resource-based channel access scheme that holds the attacker accountable for its channel reservation. Building on the randomization technology of spread spectrum to thwart outsider jamming, our solution comprises of a bandwidth allocation component to nullify excessive reservations, bandwidth coordination to resolve over-reserved and under-reserved spectrum, and power attribution to determine each node's contribution to the received power. We analyze our scheme theoretically and validate it with WARP-based testbed implementation and MATLAB simulations. Our results demonstrate superior performance over the typical solutions that bypass MAC control when faced against insider adversary, and our scheme effectively nullifies the insider attacker threats while retaining the MAC benefits between the collaborative users.

UR - http://www.scopus.com/inward/record.url?scp=84966318453&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84966318453&partnerID=8YFLogxK

U2 - 10.1109/CNS.2015.7346848

DO - 10.1109/CNS.2015.7346848

M3 - Conference contribution

AN - SCOPUS:84966318453

T3 - 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015

SP - 370

EP - 378

BT - 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015

PB - Institute of Electrical and Electronics Engineers Inc.

ER -