Elsevier

Ad Hoc Networks

Volume 102, 1 May 2020, 102064
Ad Hoc Networks

Benign false-data injection as a moving-target defense to secure mobile wireless communications

https://doi.org/10.1016/j.adhoc.2019.102064Get rights and content

Abstract

The latest advances in the Internet of Vehicle (IoV) networks, and Software Defined Radio (SDR) enabled spectrum sharing between anonymous users. Such enablement raised many concerns in regards to the system’s security and privacy. Therefore, there is a desperate need for transformative solutions to ensure wireless communication security against eavesdropping attacks.

This paper presents a novel Moving-target Defense (MtD) to enhance the channel secrecy capacity in a Decode-and- Forward (DF) dual-phase large network containing K relays and source nodes with multi-antennas operating on different frequencies. Our MtD approach enables multidimensional spatiotemporal diversification for the user’s traffic in cooperative wireless transmission, to obfuscate signal transmission-patterns and data, across the entire spectrum available. In time, we obfuscate the transmitted data by employing real-time shuffling between real and fake data. In space, we enforce real-time hopping between multiple frequencies to evade signal tracing. We examine the ergodic channel secrecy capacity considering two behavioral patterns; cooperative and uncooperative untrustworthy-relays.

Simulation results showed that, for a powerful malicious user with multiple access points, and no pre-knowledge of the diversification patterns used by the system, it is very hard to eavesdrop a meaningful portion of the signal or the data stream.

Introduction

Currently, Wireless communication technologies struggle to cope with the increasing service demands. Several concepts were applied to optimize resource utilization and network performance for different wireless systems operating in urban environments, and smart cities [1], [2].

To this end, cooperative wireless networks were underscored as one of the most promising and efficient solutions to improve channel spectrum utilization in high mobility applications like Vehicular Ad hoc Networks (VANETs) [3], [4].

VANETs evolved over the past decade developing what we note as The Internet of Vehicles (IoV).

IoV is a distributed network that supports data generation, processing, and exchange between connected vehicles and the internet. IoV network enables moving vehicles to communicate with other vehicles, roadside infrastructure, and any other fleet management systems in real-time. Unfortunately, IoV reliance on wireless communication as a base for its infrastructure made it vulnerable to devastating eavesdropping attacks. The heterogeneous nature of the communicating parties, communication technologies, and relying patterns, opened the doors for eavesdroppers to play the role of Man in the Middle and intercept or manipulate the exchanged messages. Researchers investigated wireless communication security issues in cooperative relying environments for years.

Wyner’s [5], [6] introduced the critical notion of the secrecy capacity as a way to evaluate security levels in such networks. Wyner defined secrecy capacity as the difference between the main and wiretap channels.The main channel refers to the legitimate users’ channel while the wiretap channel refers to the eavesdropper’s channel. For years, researches investigated innovative mechanisms aiming to improve the channel secrecy capacity of wireless communication networks [7].

They noted the potential of exploiting the diversified nature of such networks and its constructing components, to enhance the attained level of security. Within this context, approaches like Moving-target defense (MtD) was introduced as a game-changer. Researchers noted that successful realization of MtD could be very effective in mitigating sophisticated eavesdropping attacks [1], [2], [8], [9], [10].

MtD acts on manipulating the network characteristics across multiple dimensions to asymmetrically increase attacker uncertainty of the network behavioral patterns. The induced manipulations reduce the attacker’s window of opportunities and increase the costs of probing and attacks [11].

There is no standardized description or a specific metrics that can help evaluating the effectiveness of MtD in securing wireless networks. In this paper, we demonstrated that channel secrecy capacity can be used as an effective metric to evaluate the efficiency of MtD mechanism securing IoV networks.

In [12], authors assumes the network encompasses both trustworthy and untrustworthy relays. During the analysis, we consider two classes of untrustworthy relays. The first is uncooperative malicious relays, where every relay tries to intercept the message independently. While the second is maliciously cooperative relays, where relays cooperate towards aggregating the received messages to reconstruct as much as possible from the original data.

This paper presents a runtime diversification mechanism as an MtD approach for two-hop DF-cooperative relays based on the DBF technique. Our approach efficiently ensures user’s security by dynamically changing the runtime behavior of the system. The proposed mechanism relies on benign employment of false-data injection to confuse the attacker. Such a technique disorients attackers from compromising user’s information.

The presented approach senses the whole available antennas/frequencies according to the running channel characteristics. Therefore, Software Defined Radio (SDR) technology is presented as a paradigm solution to efficiently re-program/reconfigure the attached SDR-antenna.

The Proposed spatiotemporal multidimensional manipulations randomly re-assign legitimate user’s data to the available frequency bands in a dual-hop cooperative network through a dynamic real-time transmission algorithm. In time, we confuse the attacker by utilizing a real-time shuffler to alternate between real and fake data. In space, we diffuse the transmitted data across all the available frequencies.

The main contribution of this paper can be summarized as follow:

  • Presenting a novel spatiotemporal Moving-target Defense (MtD) mechanism against eavesdropping in wireless dual-hop cooperative networks based on the DBF mechanism.

  • Presenting security evaluation mechanism based on the induced level of confusion, followed by a closed-form derivation with respect to the channel secrecy capacity.

  • Calculating the channel secrecy capacity and intercept probability in case of location-based multi-casting considering two scenarios:

    • The existence of independent uncooperative untrustworthy relays.

    • The existence of cooperative untrustworthy relays aggressively attacking the message.

The remaining part of the paper is organized as follows: Section 2 describes the proposed cooperative wireless communication system model. Section 3 presents a detailed mathematical security assessment for both uncooperative and cooperative untrustworthy relays. Section 4 illustrates the security evaluation model using our randomization mechanism procedure. Section 5 illustrates the intercept probability mathematical calculation for both types of relays. Section 6 presents numerical results to confirm the analytical derivations and provide insight into the system performance. Finally, Section 7 presents the conclusion of this work.

Section snippets

System model

The proposed model illustrates a two-hop cooperative relaying model. The transmission is two phases. The first phase, the source divides its message to fragments and sends every fragment to a distinct directional antenna. The second phase, relays resend the received message towards its desired destination employing the DBF technique.

Fig. 1 illustrates a dual-hop DF cooperative wireless system model consisting of K relays, multi-antennas source (S) and single-antenna destination (D). Each relay

Secrecy capacity calculations

In this paper, we assume that the attacker's goal is to eavesdrop/overhear the transmitted communication aiming to acquire a meaningful portion of the transmitted data. The aim of the presented work is to complicate signal traceability and to increase the effort, and the needed resources for the attacker to reach his goals.

Quantitative evaluations of security enhancements are usually a hard challenge [14]. To overcome this issue; we rely on the Shannon channel security capacity metric [15]

The security evaluation model

A real-time spatiotemporal diversification of transmitted signals is achieved by giving the legitimate user direct access to a group of channels.

The proposed model chooses which user can transmit their data on the available antenna at each time slot. Spatial diversity is induced by manipulating the selection priority of the available channels in each time instant. Temporal diversity is induced by the assist of a dynamically generated Look-Up Table (LUT).

The proposed security model uses a

Intercept probability calculations

In this section, we extract a closed-form for the intercept probability of the proposed system model. From Wyner’s results in [6] and Shanon capacity equation [15], when the channel secrecy capacity falls below zero (Cm<CmeCs<0), the transmission becomes insecure, and the eavesdropper may succeed in intercepting the transmitted signal.

Numerical results

In this section, we present the simulation results to demonstrate the performance of the presented model using Matlab Monte Carlo simulation.

In our simulations, we assume a ρ = ρs,k=ρk,d=ρk,e=5dB, |hs,k¯|2=|hk,d¯|2=|hk,e¯|2=1 and U=13K.

Fig. 6 depicts the performance evaluation for the proposed original system model based on DBF versus the proposed enhanced model that employees runtime diversification and randomization via the MtD technique as presented on Eqs. (11) and (26), with the

Conclusion

In this paper, we managed to present a novel exploitation of the False-data Injection attack to implement a Moving-target Defense to secure DF cooperative wireless communication. Spatial Diversity is induced by using cooperative relays to obfuscate signal transmission patterns by changing the relay selection order overtime. Temporal diversity is induced by alternating the transmission source selection between an actual source, and a fake data generator.

Numerical results showed the effectiveness

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgments

Authors would like to express their appreciation for the ”IoT and Cyber Security lab”, CIS, VMI, USA, for supporting the activities related to this manuscript.

Esraa Mohammed is a researcher at the IoT Cyber Security Lab. She worked with the lab team members towards a set of innovative research and business-oriented projects related to Cyber Security, Smart IoT systems, Software Defined Secure wireless communication. She supervised young researchers working on their 1st papers. Esraa received her M.Sc in Communication Engineering, in 2018 and B.Sc in Electrical Communication Engineering Major with, GPA 3.85 in 2014, from Alexandria University.

References (17)

  • L. Atzori et al.

    The internet of things: a survey

    Comput. Netw.

    (2010)
  • Y. Zou et al.

    Securing physical-layer communications for cognitive radio networks

    IEEE Commun. Mag.

    (2015)
  • Z. Shu et al.

    On physical layer security for cognitive radio networks

    IEEE Netw.

    (2013)
  • A.S. Akki et al.

    A statistical model of mobile-to-mobile land communication channel

    IEEE Trans. Vehicul. Technol.

    (1986)
  • C.S. Patel et al.

    Simulation of rayleigh-faded mobile-to-mobile communication channels

    IEEE Trans. Commun.

    (2005)
  • A.D. Wyner

    The wire-tap channel

    Bell Syst. Techn. J.

    (1975)
  • S. Leung-Yan-Cheong et al.

    The gaussian wire-tap channel

    IEEE Trans. Inf. Theory

    (1978)
  • Y. Zou et al.

    Relay-selection improves the security-reliability trade-off in cognitive radio systems

    IEEE Trans. Commun.

    (2015)
There are more references available in the full text version of this article.

Cited by (12)

View all citing articles on Scopus

Esraa Mohammed is a researcher at the IoT Cyber Security Lab. She worked with the lab team members towards a set of innovative research and business-oriented projects related to Cyber Security, Smart IoT systems, Software Defined Secure wireless communication. She supervised young researchers working on their 1st papers. Esraa received her M.Sc in Communication Engineering, in 2018 and B.Sc in Electrical Communication Engineering Major with, GPA 3.85 in 2014, from Alexandria University. Currently, her research interests cross-cuts the areas of Vehicular Wireless Communication, Trustworthy wireless signals, and Moving-target Defense for secure wireless data exchange.

Mohamed Azab is an assistant professor in the Department of Computer and Information Sciences. Mohamed received his doctorate degree in computer engineering in 2013 from The Bradley Department of Electrical and Computer Engineering at Virginia Tech, USA. He has multiple provisional patents, book chapters among various publications in archival journals and respected conference proceedings. His research interests lie in the area of cybersecurity and trustworthy engineering ranging from theory to design and implementation. His recent research crosscuts the areas of Software Defined Networking (SDN) architectures and protocols, high performance and cloud computing, ubiquitous Internet of Things (IoT), and Cyber-Physical Systems (CPS). Mohamed is the founder of the Cyber Security and IoT lab hosting Mohamed’s Ph.D. and Masters students' research activities. Mohamed acted as a keynote speaker in multiple prestigious conferences. He served on multiple conference and workshop program and steering committees.

1

Authors contributed equally.

View full text
© 2019 Published by Elsevier B.V.