Biblio

Due to its minimal price and expandable wireless open system interconnection options for the coming years, wireless mesh networking is appealing, developing, and novel medium of speech, which is why it is becoming a somewhat widely used communication field. In all network types, one of the essential factors for prevalent and trustworthy communication is cybersecurity. The IEEE 802.11 working gathering has created various correspondence guidelines. Yet, they are by and by focusing on the 802.11s standard because of its dynamic setup and geography learning abilities. Information, voice, and directions are steered between hubs employing remote lattice organising. WMNs incidentally give nearby 802.11g admittance to customers and connection neighbours utilising 802.11a "backhaul," but this isn’t generally the situation because of changing requirements, for example, top information rate and inclusion range. The small cross-sectional organisation emerged as a fundamental innovation to enable broadband system management in large regions. It benefits specialised organisations by reducing the cost of sending networks and end customers by providing ubiquitous Internet access anywhere, anytime. Given the idea of wireless mesh networking and the lack of integrated organisational technology, small grid networks are powerless against malicious attacks. In the meantime, the limit of multi-radio multi-channel correspondence, the need for heterogeneous organisation coordination, and the interest for multi-bounce remote equality often render conventional security strategies ineffectual or challenging to carry out. Thus, wireless mesh networking presents new issues that require more viable and relevant arrangements. WMNs have piqued the curiosity of both scholastics and industry because of their promising future. Numerous testbeds are built for research purposes, and business items for veritable WMNs are accessible. Anyway, a few concerns should be cleared up before they can very well become widespread. For example, the accessible MAC and routing conventions are not customisable; the throughput drops impressively with an increasing number of hubs or bounces in WMNs. Because of the weakness of WMNs against various malicious attacks, the security and protection of correspondence is a serious concern. For example, enemies can sniff long-distance correspondence to obtain sensitive data. Attackers can carry out DoS attacks and control the substance of the information sent through compromised hubs, thereby endangering the company’s secret, accessibility authenticity, and integrity. WMNs, like compact Impromptu Organisations (MANETs), share a typical medium, no traffic aggregate point, and incredible topography. Due to these restrictions, normal safety frameworks in wired associations can’t be quickly applied to WMNs. Also, the techniques utilised in MANETs are not viable with WMNs. This is because of the manner in which WMNs expand MANETs in different ways. Framework centres are generally outfitted with an assortment of radios. Then, at that point, many channels are doled out to every centre to work with concurrent data move and diversity.

This paper proposes an anonymity based mechanism for providing privacy in IoT environment. Proposed scheme allows IoT entities to anonymously interacting and authenticating with each other, or even proving that they have trustworthy relationship without disclosing their identities. Authentication is based on an anonymous certificates mechanism where interacting IoT entities could unlinkably prove possession of a valid certificate without revealing any incorporated identity-related information, thereby preserving their privacy and thwarting tracking and profiling attacks. Through a security analysis, we demonstrate the reliability of our solution.

As a leading industrial wireless standard, WirelessHART has been widely implemented to build wireless sensor-actuator networks (WSANs) in industrial facilities, such as oil refineries, chemical plants, and factories. For instance, 54,835 WSANs that implement the WirelessHART standard have been deployed globally by Emerson process management, a WirelessHART network supplier, to support process automation. While the existing research to improve industrial WSANs focuses mainly on enhancing network performance, the security aspects have not been given enough attention. We have identified a new threat to WirelessHART networks, namely smart selective jamming attacks, where the attacker first cracks the channel usage, routes, and parameter configuration of the victim network and then jams the transmissions of interest on their specific communication channels in their specific time slots, which makes the attacks energy efficient and hardly detectable. In this paper, we present this severe, stealthy threat by demonstrating the step-by-step attack process on a 50-node network that runs a publicly accessible WirelessHART implementation. Experimental results show that the smart selective jamming attacks significantly reduce the network reliability without triggering network updates.

The use of wireless connectivity has increased exponentially in recent years. Fifth generation (5G) communications will soon be deployed worldwide. Six-generation (6G) communications vision and planning have begun, and the use of 6G communications is expected to begin in the 2030s. The 6G system has higher capacity, higher data rates, lower latency, higher security and better quality of service (QoS) compared to the 5G system. This paper presents a brief overview on the vision and requirements of 6G wireless communications and networks. Finally, some of the challenges in launching the 6G are also explained.

A continually growing number of sensors is required for monitoring industrial processes and for continuous data acquisition from industrial plants and devices. The cabling of sensors represent a considerable effort and potential source of error, which can be avoided by using wireless sensor nodes. These wireless sensor nodes form a wireless sensor network (WSN) to efficiently transmit data to the destination. For the acceptance of WSNs in industry, it is important to build up networks with high trustworthiness. The trustworthiness of the WSN depends not only on a secure wireless communication but also on the ability to detect modifications at the wireless sensor nodes itself. This paper presents the enhancement of the WSN's trustworthiness using an optical localization system. It can be used for the preparation phase of the WSN and also during operation to track the positions of the wireless sensor nodes and detect spatial modification. The location information of the sensor nodes can also be used to rate their trustworthiness.

With the improvement of scientific and technological level in China, wireless sensor network technology has been widely promoted and applied, which has now been popularized to various fields of society from military defense. Wireless sensor network combines sensor technology, communication technology and computer technology together, and has the ability of information collection, transmission and processing. In this paper, the structure of wireless sensor network and node localization technology are briefly introduced, and the key technologies of wireless sensor network development are summarized from the four aspects of energy efficiency, node localization, data fusion and network security. As a detection system of perceiving the physical world, WSN is also facing challenges while developing rapidly.

In a smart power grid, phasor measurement devices provide critical status updates in order to enable stabilization of the grid against fluctuations in power demands and component failures. Particularly the trend is to employ a large number of phasor measurement units (PMUs) that are inter-networked through wireless links. We tackle the vulnerability of such a wireless PMU network to message replay and false data injection (FDI) attacks. We propose a novel approach for avoiding explicit data transmission through PMU measurements prediction. Our methodology is based on applying advanced machine learning techniques to forecast what values will be reported and associate a level of confidence in such prediction. Instead of sending the actual measurements, the PMU sends the difference between actual and predicted values along with the confidence level. By applying the same technique at the grid control or data aggregation unit, our approach implicitly makes such a unit aware of the actual measurements and enables authentication of the source of the transmission. Our approach is data-driven and varies over time; thus it increases the PMU network resilience against message replay and FDI attempts since the adversary's messages will violate the data prediction protocol. The effectiveness of approach is validated using datasets for the IEEE 14 and IEEE 39 bus systems and through security analysis.

Inter-substation Generic Object Oriented Substation Events (GOOSE) communications that are used for critical protection functions have several cyber-security vulnerabilities. GOOSE messages are directly mapped to the Layer 2 Ethernet without network and transport layer headers that provide data encapsulation. The high-status-number attack is a malicious attack on GOOSE messages that allows hackers to completely take over intelligent electronic devices (IEDs) subscribing to GOOSE communications. The status-number parameter of GOOSE messages, stNum is tampered with in these attacks. Given the strict delivery time requirement of 3 ms for GOOSE messaging, it is infeasible to encrypt the GOOSE payload. This work proposes to secure the sensitive stNum parameter of the GOOSE payload using systematically encoded polynomial codes. Exploiting linear codes allows for the security features to be encoded in linear time, in contrast to complex hashing algorithms. At the subscribing IED, the security feature is used to verify that the stNum parameter has not been tampered with during transmission in the insecure medium. The decoding and verification using syndrome computation at the subscriber IED is also accomplished in linear time.

Wireless Network-on-Chip (WNoC) broadly adopts single channel for low overhead data transmission. Sharing of the channel among multiple wireless interfaces (WIs) is controlled by a channel access mechanism (CAM). Such CAM can be malfunctioned by a Hardware Trojan (HT) in a malicious WI or a rogue third party intellectual property (IP) core present on the same System-on-Chip (SoC). This may result in denial-of-service (DoS) or spoofing in WNoC leading to starvation of healthy WIs and under-utilization of wireless channel. Our work demonstrates possible threat model on CAM and proposes low overhead decentralized countermeasures for both DoS and spoofing attacks in WNoC.

Over time, the use of wireless technologies has significantly increased due to bandwidth improvements, cost-effectiveness, and ease of deployment. Owing to the ease of access to the communication medium, wireless communications and technologies are inherently vulnerable to attacks. These attacks include brute force attacks such as jamming attacks and those that target the communication protocol (Wi-Fi and Bluetooth protocols). Thus, there is a need to make wireless communication resilient and secure against attacks. Existing wireless protocols and applications have attempted to address the need to improve systems security as well as privacy. They have been highly effective in addressing privacy issues, but ineffective in addressing security threats like jamming and session hijacking attacks and other types of Denial of Service Attacks. In this article, we present an ``architecture for resilient wireless communications'' based on the concept of Moving Target Defense. To increase the difficulty of launching successful attacks and achieve resilient operation, we changed the runtime characteristics of wireless links, such as the modulation type, network address, packet size, and channel operating frequency. The architecture reduces the overhead resulting from changing channel configurations using two communication channels, in which one is used for communication, while the other acts as a standby channel. A prototype was built using Software Defined Radio to test the performance of the architecture. Experimental evaluations showed that the approach was resilient against jamming attacks. We also present a mathematical analysis to demonstrate the difficulty of performing a successful attack against our proposed architecture.

In order to solve the defense problem of wireless network security threats in new energy stations, a new wireless network security risk assessment model which proposes a wireless access security evaluation method for power monitoring system based on fuzzy theory, was established based on the study of security risk assessment methods in this paper. The security evaluation method first divides the security evaluation factor set, then determines the security evaluation weight coefficient, then calculates the network security level membership matrix, and finally combines specific examples to analyze the resulting data. this paper provided new ideas and methods for the wireless access security evaluation of new energy stations.

Compute-intensive platforms such as micro-servers and embedded systems have already undergone a shift from a single-chip to multichip architecture to achieve better yield and lower cost. However, performance of multichip systems is limited by the latency and power-hungry chip-to-chip wired I/Os. On the other hand, wireless interconnections are emerging as an energy-efficient and low latency interconnect solution for such multichip systems as it can mask long multi-hop off-chip wired I/O communication. Despite efficient communication, the unguided on and off-chip wireless communication introduce security vulnerabilities in the system. In this work, we propose a reconfigurable, secure millimeter-wave (mm-Wave) wireless interconnection architecture (AReS) for multichip systems capable of detecting and defending against emerging threats including Hardware Trojans (HTs) and Denial-of-Service (DoS) using a Machine Learning (ML)-based approach. The ML-based approach is used to classify internal and external attack to enable the required defense mechanism. To serve this purpose, we design a reconfigurable Medium Access Control (MAC) and a suitable communication protocol to enable sustainable communication even under jamming attack from both internal and external attackers. The proposed architecture also reuses the in-built test infrastructure to detect and withstand a persistent jamming attack in a wireless multichip system. Through simulation, we show that, the proposed wireless interconnection can sustain chip-to-chip communication even under persistent jamming attack with an average 1.44xand 1.56x latency degradation for internal and external attacks respectively for application-specific traffic.

Wireless security is confronted with the complexity of the secret key distribution process, which is difficult to implement on an Ad Hoc network without a key management infrastructure. The symmetric key extraction mechanism from a response channel in a wireless environment is a very promising alternative solution with the simplicity of the key distribution process. Various mechanisms have been proposed for extracting the symmetric key, but many mechanisms produce low rates of the symmetric key due to the high bit differences that occur. This led to the fact that the reconciliation phase was unable to make corrections, as a result of which many key bits were lost, and the time required to obtain a symmetric key was increased. In this paper, we propose the use of an interval approach that divides the response channel into segments at specific intervals to reduce the key bit difference and increase the key rates. The results of tests conducted in the wireless environment show that the use of these mechanisms can increase the rate of the keys up to 35% compared to existing mechanisms.

The open and broadcast nature of wireless channels makes eavesdropping possible, leading to the inherent problem of information leakage. Inherent problems should be solved by endogenous security functions. Accordingly, wireless security problems should be resolved by channel-based endogenous security mechanisms. Firstly, this paper analyzes the endogenous security principle of the physical-layer-secret-key method. Afterward, we propose a novel conjecture that in a fast-fading environment, there must exist wireless systems where the endogenous secret key rate can match the user data rate. Moreover, the conjecture is well founded by the instantiation validation in a wireless system with BPSK inputs from the perspectives of both theoretical analysis and simulation experiments. These results indicate that it is possible to accomplish the one-time pad via endogenous secret keys in wireless communication.

The development of IPv6-based wireless local area networks is becoming increasingly mature, and it has defined no less than different standards to meet the needs of different applications. Wireless home networks are widely used because they can be seamlessly connected to daily life, especially smart home devices linked to it. There are certain security issues with smart home devices deployed in wireless home networks, such as data tampering and leakage of sensitive information. This paper proposes a smart home management system based on IPv6 wireless home network, and develops a prototype system deployed on mobile portable devices. Through this system, different roles in the wireless home network can be dynamically authorized and smart home resources can be allocated to achieve the purpose of access control and management.

This work examines metrics that can be used to measure the ability of agile software development methods to meet security and privacy requirements of communications applications. Many implementations of communication protocols, including those in vehicular networks, occur within regulated environments where agile development methods are traditionally discouraged. We propose a framework and metrics to measure adherence to security, quality and software effectiveness regulations if developers desire the cost and schedule benefits of agile methods. After providing an overview of specific challenges that a regulated environment imposes on communications software development, we proceed to examine the 12 agile principles and how they relate to a regulatory environment. From this review we identify two metrics to measure performance of three key regulatory attributes of software for communications applications, and then recommend an approach of either tools, agile methods or DevOps that is best positioned to satisfy its regulated environment attributes. By considering the recommendations in this paper, managers of software-dominant communications programs in a regulated environment can gain insight into leveraging the benefits of agile methods.

As networks continue to grow in complexity using wired and wireless technologies, efficient testing solutions should accommodate such changes and growth. Network simulators provide a network-independent environment to provide different types of network testing. This paper is motivated by the observation that, in many cases in the literature, the success of developed network protocols is very sensitive to the initial conditions and assumptions of the testing scenarios. Network services are deployed in complex environments; results of testing and simulation can vary from one environment to another and sometimes in the same environment at different times. Our goal is to propose mutation-based integration testing that can be deployed with network protocols and serve as Built-in Tests (BiT).This paper proposes an integrated mutation testing framework to achieve systematic test cases' generation for different scenario types. Scenario description and variables' setting should be consistent with the protocol specification and the simulation environment. We focused on creating test cases for critical scenarios rather than preliminary or simplified scenarios. This will help users to report confident simulation results and provide credible protocol analysis. The criticality is defined as a combination of network performance metrics and critical functions' coverage. The proposed solution is experimentally proved to obtain accurate evaluation results with less testing effort by generating high-quality testing scenarios. Generated test scenarios will serve as BiTs for the network simulator. The quality of the test scenarios is evaluated from three perspectives: (i) code coverage, (ii) mutation score and (iii) testing effort. In this work, we implemented the testing framework in NS2, but it can be extended to any other simulation environment.

Ultra-Reliable Low Latency Communications (URLLC) has been always a vital component of many industrial applications. The paper proposes a new wireless URLLC solution called RETIS, which is suitable for factory automation and fast process control applications, where low latency, low jitter, and high data exchange rates are mandatory. In the paper, we describe the communication protocol as well as the hardware structure of the network nodes for implementing the required functionality. Many techniques enabling fast, reliable wireless transmissions are used - short Transmission Time Interval (TTI), TimeDivision Multiple Access (TDMA), MIMO, optional duplicated data transfer, Forward Error Correction (FEC), ACK mechanism. Preliminary tests show that reliable endto-end latency down to 350 μs and packet exchange rate up to 4 kHz can be reached (using quadruple MIMO and standard IEEE 802.15.4 PHY at 250 kbit/s).

The time-varying properties of the wireless channel are a powerful source of information that can complement and enhance traditional security mechanisms. Therefore, we propose a cross-layer authentication mechanism that combines physical layer channel information and traditional authentication mechanism in LTE. To verify the feasibility of the proposed mechanism, we build a cross-layer authentication system that extracts the phase shift information of a typical UE and use the ensemble learning method to train the fingerprint map based on OAI LTE. Experimental results show that our cross-layer authentication mechanism can effectively prompt the security of LTE system.

Simultaneous Wireless Information and Power Transfer (SWIPT) technique is introduced in Radio Frequency (RF) communication to carry both information and power in same medium. In this approach, the energy can be harvested while decoding the information carries in an RF wave. Recently, the same concept applied in Visible Light Communication (VLC) namely Simultaneous Light Wave Information and Power Transfer (SLIPT), which is highly recommended in an indoor applications to overcome the problem facing in RF communication. Thus, SLIPT is introduced to transmit the power through a Light Emitting Diode (LED) luminaries. In this work, we compare both SWIPT and SLIPT technologies and realize SLIPT technology archives increased performance in terms of the amount of harvested energy, outage probability and error rate performance.

This talk presents an overview of the latest visible light communication (VLC) and underwater wireless optical communication (UWOC) research and development from the device to the system level. The utilization of laser-based devices and systems for LiFi and underwater Internet of Things (IoT) has been discussed.

In 5G networks, the Cloud Radio Access Network (C-RAN) is considered a promising future architecture in terms of minimizing energy consumption and allocating resources efficiently by providing real-time cloud infrastructures, cooperative radio, and centralized data processing. Recently, given their vulnerability to malicious attacks, the security of C-RAN networks has attracted significant attention. Among various anomaly-based intrusion detection techniques, the most promising one is the machine learning-based intrusion detection as it learns without human assistance and adjusts actions accordingly. In this direction, many solutions have been proposed, but they show either low accuracy in terms of attack classification or they offer just a single layer of attack detection. This research focuses on deploying a multi-stage machine learning-based intrusion detection (ML-IDS) in 5G C-RAN that can detect and classify four types of jamming attacks: constant jamming, random jamming, deceptive jamming, and reactive jamming. This deployment enhances security by minimizing the false negatives in C-RAN architectures. The experimental evaluation of the proposed solution is carried out using WSN-DS (Wireless Sensor Networks DataSet), which is a dedicated wireless dataset for intrusion detection. The final classification accuracy of attacks is 94.51% with a 7.84% false negative rate.

The usage of wireless devices is increased from last decade due to its reliable, fast and easy transfer of data. Ensuring the security to these networks is a crucial thing. There are several types of network attacks, in this paper, DDoS attacks on networks and techniques, consequences, effects and prevention methods are focused on. The DDoS attack is carried out by multiple attackers on a system which floods the system with a greater number of incoming requests to the system. The destination system cannot immediately respond to the huge requests, due to this server crashes or halts. To detect, or to avoid such scenarios Intrusion prevention system is designed. The IPS block the network attacker at its first hop and thus reduce the malicious traffic near its source. Intrusion detection system prevents the attack without the prior knowledge of the attacker. The attack is detected at the router side and path is changed to transfer the files. The proposed model is designed to obtain the dynamic path for efficient transmission in wireless neworks.

The security of wireless network devices has received widespread attention, but most existing schemes cannot achieve fine-grained device identification. In practice, the security vulnerabilities of a device are heavily depending on its model and firmware version. Motivated by this issue, we propose a universal, extensible and device-independent framework called SCAFFISD, which can provide fine-grained identification of wireless routers. It can generate access rules to extract effective information from the router admin page automatically and perform quick scans for known device vulnerabilities. Meanwhile, SCAFFISD can identify rogue access points (APs) in combination with existing detection methods, with the purpose of performing a comprehensive security assessment of wireless networks. We implement the prototype of SCAFFISD and verify its effectiveness through security scans of actual products.

Network security policies contain requirements - including system and software features as well as expected and desired actions of human actors. In this paper, we present a framework for evaluation of textual network security policies as requirements documents to identify areas for improvement. Specifically, our framework concentrates on completeness. We use topic modeling coupled with expert evaluation to learn the complete list of important topics that should be addressed in a network security policy. Using these topics as a checklist, we evaluate (students) a collection of network security policies for completeness, i.e., the level of presence of these topics in the text. We developed three methods for topic recognition to identify missing or poorly addressed topics. We examine network security policies and report the results of our analysis: preliminary success of our approach.