Large scale proliferation of wireless technology coupled with the increasingly hostile information security landscape is of serious concern. The fundamental broadcast nature of wireless data transmission aggravates the situation since unlike wired networks it introduces multiple avenues for attack and penetration into a network. Attacks on wireless networks have become increasingly sophisticated with the increasing pervasiveness of these networks. It is challenging to detect and counteract intrusions in wireless networks due to the inherent broadcast nature of the medium. Currently known security risks include denial of service attacks, man-in-the-middle attacks, MAC address spoofing attacks, client-to-client attacks, network injection and brute force attacks against access point passwords. Man-in-the-middle attacks and spoofing attacks pose a particularly significant intrusion threat to wireless networks since such attacks allow intruders to hijack a connection already established by a legitimate user. These risks will continue to increase in number and sophistication as wireless networks start to carry increasingly more sensitive information.
Though advanced wireless intrusion protection and detection systems have been developed and deployed to mitigate such threats, it has been repeatedly demonstrated that each method has its point of failure and no single method guarantees protection against all attacks. See, e.g., W. A. Arbaugh, N. R. Shankar and Y. C. Justin Wan, “Your 802.11 Wireless Network has No Clothes,” IEEE Wireless Communications, pages 44-51, 2001; N. Borisov, I. Goldberg, and D. Wagner, “Intercepting mobile communications: the insecurity of 802.11,” MobiCom '01: Proceedings of the 7th annual international conference on Mobile computing and networking, pages 180-189, New York, N.Y., USA, 2001: ACM. Also, while several established protection mechanisms such as cryptography based techniques and wireless intrusion prevention systems exist, each method has its own weaknesses and is susceptible to failure under different circumstances. The resulting uncertainties have led to a significant paradigm shift in the design and implementation of wireless security in recent times, where an increasingly cross-layer approach is being pursued to protect wireless networks. One such avenue for security has been to use the physical layer information to protect against intruders and attackers. Especially channel information available at the physical layer is being increasingly used to provide an additional degree of protection against intruders. The idea of using physical layer information to enhance security has been approached under two broad categories. The first category of work focuses on cryptography based techniques that utilize physical layer information to generate and share keys. See, e.g., B. Azimi-Sadjadi, A. Kiayias, A. Mercado, and B. Yener, “Robust key generation from signal envelopes in wireless networks,” in CCS '07: Proceedings of the 14th ACM conference on Computer and communications security. New York, N.Y., USA: ACM, 2007, pp. 401-410; J. E. Hershey, A. A. Hassan, and R. Yarlagadda, “Unconventional cryptographic keying variable management,” Communications, IEEE Transactions on, 43(1):3-6, 1995; S. Jana, S. N. Premnath, M. Clark, S. K. Kasera, N. Patwari, and S. V. Krishnamurthy, “On the effectiveness of secret key extraction from wireless signal strength in real environments,” in Proceedings of the 15th annual international conference on Mobile computing and networking. New York, N.Y., USA: ACM, 2009, pp. 321-332; and H. Kitaura, A. Sasaoka, “A scheme of private key agreement based on the channel characteristics in OFDM land mobile radio,” Electronics and Communications in Japan Part 3: Fundamental Electronic Science, vol. 88, no. 9, pp. 1-10, 2005; N. Patwari, J. Croft, S. Jana, and S. K. Kasera, “High-Rate Uncorrelated Bit Extraction for Shared Secret Key Generation from Channel Measurements. IEEE Transactions on Mobile Computing, 9:17-30, 2009; and S. Yasukawa, H. Iwai, and H. Sasaoka, “Adaptive key generation in secret key agreement scheme based on the channel characteristics in OFDM,” Information Theory and Its Applications, 2008, ISITA 2008, International Symposium on, pages 1-6, 2008. In the second approach, some form of the physical layer information associated with a device, such as channel frequency response or RSSI, is used as an identifier to differentiate between different devices and thus provide a mechanism for authentication. See e.g., M. Demirbas and Y. Song, “An RSSI-based Scheme for Sybil Attack Detection in Wireless Sensor Networks,” WOWMOM '06: Proceedings of the 2006 International Symposium on World of Wireless, Mobile and Multimedia Networks, pages 564-570, Washington, D.C., USA, 2006, IEEE Computer Society; D. B. Faria and D. R. Cheriton, “Detecting identity-based attacks in wireless networks using signal prints,” in WiSe '06: Proceedings of the 5th ACM workshop on Wireless security. New York, N.Y., USA: ACM, 2006, pp. 43-52; N. Patwari and S. K. Kasera, “Robust location distinction using temporal link signatures,” in MobiCom '07: Proceedings of the 13th annual ACM international conference on Mobile computing and networking. New York, N.Y., USA: ACM, 2007, pp. 111-122; L. Xiao, L. Greenstein, N. Mandayam, and W. Trappe, “Fingerprints in the ether: Using the physical layer for wireless authentication,” in Communications, 2007. ICC '07. IEEE International Conference on, June 2007, pp. 4646-4651; L. Xiao, L. Greenstein, N. Mandayam, and W. Trappe, “Using the physical layer for wireless authentication in time-variant channels,” Wireless Communications, IEEE Transactions on, 7(7):2571-2579, 2008; and “Channel-based spoofing detection in frequency-selective Rayleigh channels,” Wireless Communications, IEEE Transactions on, vol. 8, no. 12, pp. 5948-5956, 2009.
Intrusion detection has traditionally been categorized into misuse detection or anomaly detection techniques. While the former uses patterns characteristic of known attacks to detect known intrusions, the latter relies on detecting deviations from the established behavior patterns in the system. Y. Zhang and W. Lee, “Intrusion detection in wireless ad-hoc networks,” Proceedings of the 6th annual international conference on Mobile computing and networking in MobiCom '00, pages 275-283, New York, N.Y., USA, 2000, ACM. In many usage scenarios, where the physical link remains unchanged over a session, the wireless channel response corresponding to the link can be considered to represent the established behavior pattern for that link. Any changes that violate this pattern abruptly beyond a certain limit can be then checked for adversarial behavior.
In parallel to these developments, significant progress has been made in the design of reconfigurable antennas resulting in numerous designs that are reconfigurable in frequency, pattern, polarization or a combination of these parameters. For many new and emerging high data rate applications, pattern reconfigurable antennas are of special interest due to their ability to generate highly uncorrelated radiation patterns that can produce uncorrelated channel realizations in a multi-path rich wireless medium for a given frequency. See, e.g., A. Forenza and J. Heath, R. W., “Benefit of pattern diversity via two-element array of circular patch antennas in indoor clustered MIMO channels,” Communications, IEEE Transactions on, vol. 54, no. 5, pp. 943-954, May 2006. The ability of pattern reconfigurable antennas to enhance system throughput has been well demonstrated by D. Piazza, P. Mookiah, M. D'Amico, and K. R. Dandekar, “Experimental Analysis of Pattern and Polarization Reconfigurable Circular Patch Antennas for MIMO Systems, Vehicular Technology, IEEE Transactions on, 59(5):2352-2362, 2010. Such antennas have gained widespread attention due to their ability to improve throughput and are gradually finding their way into commercial wireless systems. The uncorrelated nature of the channel realizations due to such an antenna are believed by the inventors to hold great potential to enhance physical layer based security schemes.
Previous works that explored the idea of physical layer information based authentication are based on the use of conventional antennas. It is desired to demonstrate how the capabilities of reconfigurable antennas to generate decorrelated channels can be used to enhance physical layer information based device authentication schemes for wireless systems. However, it should be noted that the security scheme described herein is not meant to be a replacement for existing higher layer security algorithms. Instead, it is desired to leverage the capabilities of reconfigurable antennas to provide an additional layer of security for wireless systems. Moreover, it is also desired to develop a general guideline on how to choose the different elements of the decision metric in order to realize better performance for physical layer based authentication schemes based on any diversity scheme.
The problem that is addressed by the invention is one of establishing the identity of a transmitting device in a wireless network. Spoofing attacks in network security encompasses a wide range of attacks that are based on one entity deceiving another to accept the attacking entity's identity to be something else. Many variants of this attack rely on the attacker monitoring the packet flow between the victims to obtain some sensitive information that identifies one or both of the victims. Information obtained thus serves as the launching pad for more sophisticated attacks. Due to the unbounded nature of the medium employed, such information can be obtained easily in a wireless network making them especially vulnerable to such attacks. Hence, an additional mechanism for protection at the physical layer that can detect intrusion and thwart such attacks can significantly enhance the security of a wireless network. The present invention addresses these needs in the art.