Vehicular networks are likely to become the most relevant form of mobile ad hoc networks. In this paper, we address the security of these networks. We provide a detailed threat analysis and devise an appropriate security architecture. We also describe some major design decisions still to be made, which in some cases have more than mere technical implications. We provide a set of security protocols, we show that they protect privacy and we analyze their robustness, and we carry out a quantitative assessment of the proposed solution.

So far, the problem of positioning in wireless networks has been mainly studied in a non-adversarial setting. In this work, we analyze the resistance of positioning techniques to position and distance spoofing attacks. We propose a mechanism for secure positioning of wireless devices, that we call Verifiable Multilateration. We then show how this mechanism can be used to secure positioning in sensor networks. We analyze our system through simulations.

Abstract—So far, the problem of positioning in wireless networks has been studied mainly in a nonadversarial setting. In this paper, we analyze the resistance of positioning techniques to position and distance spoofing attacks. We propose a mechanism for secure positioning of wireless devices, that we call verifiable multilateration. We then show how this mechanism can be used to secure positioning in sensor networks. We analyze our system through simulations. Index Terms—Ad hoc networks, positioning, secure protocols, security, sensor networks, wireless. I.

We demonstrate the feasibility of fingerprinting the radio of wireless sensor nodes (Chipcon 1000 radio, 433MHz). We show that, with this type of devices, a receiver can create device radio fingerprints and subsequently identify origins of messages exchanged between the devices, even if message contents and device identifiers are hidden. We further analyze the implications of device fingerprinting on the security of sensor networking protocols, specifically, we propose two new mechanisms for the detection of wormholes in sensor networks.

Media access control (MAC) address spoofing can result in the unauthorized use of network resources. This paper demonstrates a novel approach, which incorporates radio frequency fingerprinting (RFF) into a wireless intrusion detection system (IDS), for detecting this attack. RFF is a technique that is used to uniquely identify a transceiver based on the transient portion of the signal it generates. Moreover, the success rate of a wireless IDS is also improved by correlating several observations in time, using a Bayesian filter. Simulation results, with an average success rate of (94-100%), support the feasibility of employing RFF and Bayesian filtering techniques to successfully address the aforementioned problem.

As part of the Detecting Intrusions at Layer ONe (DILON) project, we show that Ethernet devices can be uniquely identified and tracked—using as few as 25 Ethernet frames—by analyzing variations in their analog signal caused by hardware and manufacturing inconsistencies. An optimal detector, the matched filter, is utilized to create signal profiles, which aid in identifying the device the signal originated from. Several non-traditional applications of the filter are presented in order to improve its ability to discriminate between signals from seemingly identical devices of the same manufacturing lot. The experimental results of applying these filters to three different models of Ethernet cards, totaling 16 devices, are presented and discussed. Important applications of this technology include intrusion detection (discovering node impersonation and network tampering), authentication (preventing unauthorized access to the physical network), forensic data collection (tying a physical device to a specific network incident), and assurance monitoring (determining whether a device will or is in the process of failing). 1.

We present a scheme for secure and privacy-preserving communication in hybrid ad hoc networks. Our scheme enables users to secure communication and to protect their anonymity and location privacy. Our approach is based on frequently changing node pseudonyms and cryptographic keys, which enable users to avoid being identified by the locations they visit, or by the type of tra#c they generate. We show how our scheme can be e#ectively used for secure and private routing in hybrid ad hoc networks. We study the robustness of the proposed solution with respect to various attacks. We further show that the proposed solution introduces a very moderate overhead to the network operation.

Radio Frequency Fingerprinting (RFF) is a technique, which has been used to identify wireless devices. It essentially involves the detection of the transient signal and the extraction of the fingerprint. The detection phase, in our opinion, is the most challenging yet crucial part of the RFF process. Current approaches, namely Threshold and Bayesian Step Change Detector, which use amplitude characteristics of signals for transient detection, perform poorly with certain types of signals. This paper presents a new algorithm that exploits the phase characteristics for detection purposes. Validation using Bluetooth signals has resulted in a success rate of approximately 85-90 percent. We anticipate that the higher detection rate will result in a higher classification rate and thus support various device authetication schemes in the wireless domain.

Unauthorized Bluetooth devices or rogue devices can impersonate legitimate devices through address and link key spoofing. Moreover, they can infiltrate a Bluetooth network and initiate other forms of attacks. This paper investigates a novel intrusion detection approach, which makes use of radio frequency fingerprinting (RFF) for profiling, Hotelling’s T 2 statistics for classification and a decision filter, for detecting these devices. RFF is a technique that is used to uniquely identify a transceiver based on the transient portion of the signal it generates. Moreover, the use of a statistical classifier proves advantageous in minimizing requirements for memory. Finally, the detection rate is also improved by incorporating a decision filter, which takes the classification results of a set of events into consideration, prior to rendering the final decision. The average False Alarm Rate of five percent and Detection Rate of ninety-three percent support the feasibility of employing these components to address the aforementioned problem.

Abstract. Impersonation attacks in wireless and mobile networks by professional criminal groups are becoming more sophisticated. We confirm with simple risk analysis that impersonation attacks offer attractive incentives to malicious criminals and should therefore be given highest priority in research studies. We also survey our recent investigations on Radio Frequency Fingerprinting and User Mobility Profiles and discuss details of our methodologies for building enhanced intrusion detection systems for future wireless and mobile networks. 1