1 / 18

Fingerprints in the Ether: Using the Physical Layer for Wireless Authentication

Fingerprints in the Ether: Using the Physical Layer for Wireless Authentication. L. Xiao, L. Greenstein, N. Mandayam, W. Trappe ICC 2007 Glasgow, Scotland This work is supported in part by NSF grant CNS-0626439. Outline. Motivation & Main Idea System Model & Hypothesis Test

issac
Download Presentation

Fingerprints in the Ether: Using the Physical Layer for Wireless Authentication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Fingerprints in the Ether: Using the Physical Layer for Wireless Authentication L. Xiao, L. Greenstein, N. Mandayam, W. Trappe ICC 2007 Glasgow, Scotland This work is supported in part by NSF grant CNS-0626439

  2. Outline • Motivation & Main Idea • System Model & Hypothesis Test • Simulation & Results • Conclusion & Future Work

  3. Motivation • Wireless networks more “exposed” to security problems: • Spoofing attacks • Passive eavesdropping • DoS attacks • And more…

  4. Main Idea: Fingerprints in the Ether • “Fingerprints”: Distinguishes channel responses of different paths to enhance authentication • Other examples that benefit from multipath fading: • CDMA: Rake processing that transforms multipath into a diversity-enhancing benefit • MIMO: Transforms scatter-induced Rayleigh fading into a capacity-enhancing benefit

  5. Typical indoor wireless channel is a frequency selective channel with spatial variability The channel response can be hard to predict and to spoof Main Idea: Fingerprints in the Ether

  6. Narrow Pulse • Pilot Tones PHY-Authentication Scenario TIME: 0 Bob estimates channel response HAB from Alice at time 0 Bob HAB Alice Probe Signal u(.)

  7. PHY-Authentication Scenario (Cont.) TIME: t Case 1: Alice is still transmitting. Bob estimates Ht at time t, and compares with HAB Bob Ht = HAB Eve Alice Probe Signal Desired result: Bob accepts the transmission.

  8. PHY-Authentication Scenario (Cont.) Case 2: Eve is transmitting, pretending to be Alice. TIME: t Bob estimates Ht at time t, and compares with HAB Bob Ht = HEB Probe Signal Alice Eve Desired result: Bob rejects the transmission.

  9. Measurement result at time 0 Measurement result at time t Receiver Thermal Noise Channel Model • Time-invariant channel (no terminal motion or other changes) • M measurement samples (tones) in the frequency domain with bandwidth W and center frequency f0

  10. Hypothesis Testing • Simple Hypothesis H0: H1: • Test Statistic: • Solution for : • Rejection region of H0:

  11. iid N(0, ) Real & Imaginary part of Hypothesis Analysis • Null Hypothesis H0: • Alternative Hypothesis H1:

  12. Detection Metrics • False Alarm Rate, : • Threshold for given : • Miss Rate, : CDF of chi-square distribution

  13. Simulation Scenario • Wireless Indoor environment • Frequency response for any T-R path obtained as FT of the impulse response • Impulse response obtained using the Alcatel-Lucent ray-tracing tool WiSE • Eve in the same room as Alice • 348*347/2=60,378 Alice-Eve pairs in Room #1 • 150*149/2=11,175 Alice-Eve pairs in Room #2

  14. Thermal noise density Receiver noise figure Noise power per tone Noise bandwidth per tone Transmit power per tone Transmit power Simulation Assumptions • Default false alarm rate, • Receiver noise power:

  15. Average Miss Rate,β (α=0.01) M=5 W = 100 MHz Room # 1

  16. Average Miss Rate,β (α=0.01) M=5 W = 100 MHz Room # 2

  17. Conclusion & Future Work • We proposed a PHY-layer authentication scheme • Channel frequency response measurement and hypothesis testing are used to discriminate between a legitimate user and a would-be intruder • Verified using a ray-tracing tool (WiSE) for indoor environment • Works well, requiring reasonable values of the measurement bandwidth (e.g., W > 10 MHz), number of response samples (e.g., M≤ 5) and transmit power (e.g., PT ~ 100 mW) • Ongoing and future work • Other buildings • Temporal changes (environment and terminal mobility) • Testing via measurements • Combining with existing higher-layer security protocols

  18. Thank you! Questions?

More Related