Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
Center for Wireless Network Security WiNSeC
Dr. Patrick WhiteAssoc. Director – WiNSeCOffice: [email protected]
October 29, 2003
Wireless Network Security Center (WiNSeC)
Principal areas of focus:• Secure, robust wireless communications technologies for
Homeland Defense and Security:– Physical layer vulnerabilities, including anti-jamming/eavesdropping– Spectrally efficient communications– Interoperability of wireless systems– Energy efficient sensor networks– Wireless cyber counter measures
• Situational awareness tools for C2
– Visualization of sensor data– Decision aids
• Secure communications networks and command/control facilities for First Responders
Initial funding from DoD – administered by Picatinny Arsenal
TestBed / Analysis
Research
“Twin Foci” WirelessNetworkSecurity
Technology Commercialization/
Enterprise Development
Multi-Environment
• Background radio noise• Multipath• Shadowing …
MARITIMEURBAN
SUBURBAN
If it works here …
Ferry 1Ferry 2Ferry 3Ferry 4Ferry 5
L-Band Satellite
MTS
Sports FieldStevens Police
CDMA -Verizon Network
Teletype Hand-Held Applications
Ferry
Bluetooth
Networked Sensors
Unmanned Sensor Control
Ferry Pier
Satellite Network
Multi-Network Test Bed
Campus Wireless Network
Internet Network Stevens
Network
GPS Satellite
Situational Awareness
Tools & Decision Aids
Robust physical layerUpper mm λ, Free-space optics, chaotic spreading, etc
Cyber Security detection & mitigation
tools
WiNSeC ResearchInformation Assurance
• Secure and Reliable Wireless Sensor Networking
• Distributed Access Control• Privacy Preserving
information sharing• Robust Multimedia
Networking
Physical Security• Secure Network Infrastructure• Smart Antennas for
Interference Suppression• Modeling and Simulation
Tools• Secure Protocols for Wireless
Applications• RF Transmission Power
Management and Detection: Chaotic Direct Sequence Spread SpectrumNetwork Management
• Visualization: Sensor Data• Secure and Sound Decision
Tools• Cyber Security Risk Analysis
and Evaluation
Privacy-Preserving Information Sharing (Rebecca Wright)
Allow multiple data holders to collaborate to compute important (e.g., security-related)information while protecting the privacy of other information.
Particularly relevant now for agencies that would like to share sensitive information
Privacy-Protecting StatisticsCLIENT
Wishes to compute
statistics of servers’ data
SERVERS
Each holds large database
• Parties communicate using cryptographic protocols designed so that:
– Client learns desired statistics, but learns nothing else about data (including individual values or partial computations for each database
– Servers do not learn which fields are queried, or any information about other servers’ data
– Computation and communications are very efficient
Initial Experimental Results
0
5
10
15
20
25
30
0 20,000 40,000 60,000 80,000 100,000
Database size
Tim
e (m
inut
es)
Total time
Type-Based Distributed Access Control (Dominic Duggan)
Confidential e-mail
Problem: Data leaving owners environment has limited protection
• Investigate use of type checking in combination with key and data encryption to maintain owner control
– Data protected by type and encryption– Copy operations on local and/or remote machines controlled by type
checking
Cyber Security(Susanne Wetzel)
• Explore vulnerability of Ad-Hoc Sensor network fields to a variety of cyber and/or combination (cyber/physical) attacks that disrupt routing tables:
– Disconnect network nodes– Degrade good-put– Hi-jack traffic to/from
selected nodes– Force traffic through a
limited number (1?) of nodes to degrade performance, deplete power, etc.
Visualization of Noisy Sensor Data(George Kamberov)
Noisy Input Data Clean Data
Processing Results & Reconstruction
Facial Reconstruction Facial Feature Line-Based Grids
Photo-Realistic Rendering of Facial Models with Dynamic Texture Mapping
Long λ Laser for Free Space Optics(Rainier Martini)
• Quickly deployed, low cost alternative for access link– No digging required – install, aim and go
• Broadband ≥ 10 Gbps capable• Difficult (impossible?) to intercept or jam• But typical wavelengths, 830/1330/1550 nm, susceptible to
heavy fog
Funded by DARPA
FSO Losses in water fog
• MIR link allows transmission under extreme fog conditions, no strong differences for classical NIR systems.
Fog concentration increased with time• 1.3µm & 1.5µm
strongest losses (> 40dB)
• 830nm strong losses (~40dB)
• 8µm nearly no losses (~3dB)15:07 15:21 15:36 15:50 16:04 16:19
-60
-50
-40
-30
-20
-10
0
Tran
smis
sion
loss
es [d
B]
Time
W avelength: 830 nm 1.3 µm 1.55 µm 8 µm
QC laser: High modulation bandwidth at 8µm
• High frequency limit greater 10 GHz !
• Flat response• Background due to
electrical noise and free radiation
• SNR ~40 dB up to 5 GHz
• No resonance visible0.1 1 10
-90
-80
-70
-60
-50
Background
Mod
ulat
ion
resp
onse
[dB
]
Frequency [GHz]
Upper MM-Wave Radio > 28 GHz
• High capacity, e.g., 10 Gbps, point-to-point Ethernet up to 1km
• High frequency reuse – narrow beams cover small areas (less beam divergence, more limited propagation)
• With high O2 absorption, can provide in-building security; e.g., confine propagation to room.
• Also minimal interference, guaranteeing relatively clean signal reception.
• Less susceptible to fog, but more sensitive to heavy rain
Network Research Test Bed (NSF)
Fiber Optic Backbones
UTP 5
User Terminal
Transparent SoftwareIntegration Layer
802.11b, 802.11a
Satellite
Coaxial
Fiber optic
UTP 5
User Terminal
802.11b, 802.11a
Satellite
Coaxial
Fiber optic
Authentication
Accounting
Wide Area NetworkGateway
Authorization
Transparent SoftwareIntegration Layer
CDMA, GPRS
FSO, Microwave FSO, Microwave
CDMA, GPRS
Authentication
Accounting
Wide Area NetworkGateway
Authorization
• Simultaneous connectivity to multiple networks
• Automatic selection of network with best available capability
• Maximize availability/performance & Coverage
• Optimize spectral & energy efficiency
• Provide extra dimension in security
Network of Networks for Public Safety
A Hybrid Solution for Coverage and Interoperability
• Car maintains connectivity (via software radio) to multiple wireless networks – interoperability with national coverage, minimal dead spots
• Messages automatically sent to network with best instantaneous performance
• Outside the car, option to use the car to relay messages• Most modifications limited to radio in the car, minimizing cost and
deployment interval
Thank You
Patrick WhiteCenter for Wireless Network Security