New Security Threats in Multiple-Antenna Networks: Analysis and Experiments
| dc.contributor.advisor | Knightly, Edward W. | |
| dc.creator | Zhang, Xu | |
| dc.date.accessioned | 2019-05-17T13:21:02Z | |
| dc.date.available | 2019-05-17T13:21:02Z | |
| dc.date.created | 2017-12 | |
| dc.date.issued | 2017-11-06 | |
| dc.date.submitted | December 2017 | |
| dc.date.updated | 2019-05-17T13:21:02Z | |
| dc.description.abstract | Due to the multiple to massive number of antennas at the Access Point (AP), the performance of wireless network has substantially improved over the last decade. However, new security threats also arise, mainly because of the redesign of wireless protocols that adapt to these many antennas, as well as the critical dependence of the multi-fold increases on Channel State Information (CSI), a key parameter in multiple-antenna networks. In this thesis, I study two security threats of CSI that are closely related to its core properties. First, I analyze the confidentiality of CSI with a passive adversary. I discover that CSI is no longer confidential in a multi-user MIMO network, because there is a fundamental conflict between using CSI to optimize PHY design and hiding CSI from malicious nodes. I present CSIsnoop, a framework by which a passive adversary can infer any client's CSI, even when both channel sounding sequence from the AP and CSI measurement feedback from the clients are encrypted during downlink channel sounding, or when uplink channel sounding is employed. I implement CSIsnoop on a software defined radio and collect over 100,000 over-the-air transmissions in various indoor environments. CSIsnoop's high estimation accuracy urges reconsideration of the use of CSI as a tool to enhance physical layer security in multi-user MIMO networks. Second, I analyze the integrity of CSI with an active adversary. I present and model the Pilot Distortion Attack, a highly efficient yet devastating jamming strategy targeting the channel sounding process, in which the adversary distorts the AP's CSI measurement of even a single client leading to denial-of-service for all clients associated with the AP. As a countermeasure, I propose MACE, which exploits the AP's multiple antennas to detect Pilot Distortion Attack, as well as general jamming in wireless network, with zero startup cost, zero additional network overhead, and no coordination between the AP and the clients. I build a testbed with the Argos 72-antenna AP and collect over 3,000,000 over-the-air transmissions. My experiments demonstrate the devastating impacts of the Pilot Distortion Attack, as well as the superior detection performance of MACE. | |
| dc.format.mimetype | application/pdf | |
| dc.identifier.citation | Zhang, Xu. "New Security Threats in Multiple-Antenna Networks: Analysis and Experiments." (2017) Diss., Rice University. <a href="https://hdl.handle.net/1911/105584">https://hdl.handle.net/1911/105584</a>. | |
| dc.identifier.uri | https://hdl.handle.net/1911/105584 | |
| dc.language.iso | eng | |
| dc.rights | Copyright is held by the author, unless otherwise indicated. Permission to reuse, publish, or reproduce the work beyond the bounds of fair use or other exemptions to copyright law must be obtained from the copyright holder. | |
| dc.subject | Multiple-Antenna Wireless Network | |
| dc.subject | Massive MIMO | |
| dc.subject | Physical Layer Security | |
| dc.subject | Channel State Information | |
| dc.subject | Confidentiality | |
| dc.subject | Integrity | |
| dc.subject | Experiment | |
| dc.title | New Security Threats in Multiple-Antenna Networks: Analysis and Experiments | |
| dc.type | Thesis | |
| dc.type.material | Text | |
| thesis.degree.department | Electrical and Computer Engineering | |
| thesis.degree.discipline | Engineering | |
| thesis.degree.grantor | Rice University | |
| thesis.degree.level | Doctoral | |
| thesis.degree.name | Doctor of Philosophy |
Files
Original bundle
1 - 1 of 1