The Feasibility of Launching and Detecting Jamming Attacks in Wireless Networks Authors: Wenyuan XU, Wade Trappe, Yanyong Zhang and Timothy Wood Wireless Information Network Laboratory, Rutgers University Presented by Zigeng Wang and Shaobo Zheng 1 What is Jamming? Useful Information Alice Bob 2 What is Jamming? Useful Information Alice Bob Eve (Jammer) 3 What is Jamming? • Jamming is the (usually deliberate) transmission of radio signals that disrupt communications by decreasing the signal-tonoise ratio. • Radio interference attack • In network scenario, how to measure the effectiveness of a Jammer? 4 Jamming Performance Metrics • Packet Send Ratio (PSR) The ratio of packets that are successfully sent out by a legitimate traffic source compared to the number of packets it intends to send out at the MAC layer. • Packet Delivery Ratio (PSR) The ratio of packets that are successfully delivered to a destination compared to the number of packets that have been sent out by the sender. 5 Jamming Attack Models • Constant Jammer • Continually emitting random signals • Deceptive Jammer • Constantly injecting regular packets • Random Jammer • Switching between sleeping and Jamming • Reactive Jammer • Start transmission when senses activity on the channel 6 Jamming Attack Models 7 Jamming Attack Detection • Signal Strength • discrimination - Detect jamming by extracting spectral characteristics of the signal strength for the basis of discrimination by implying higher order crossings (HOC) 8 Jamming Attack Detection • Signal Strength • Signal Strength Spectral Discrimination 9 Jamming Attack Detection • Signal Strength • Signal Strength Spectral Discrimination 10 Jamming Attack Detection • Carrier Sensing Time • Thresholding mechanism: Each time A wishes to transmit, it will monitor the time spent sensing the channel, and if that time is above a threshold (or if it is consistently above the threshold), it will declare that a jamming is occurring. • Theoretically calculating is hard • Statistics approach 11 Jamming Attack Detection 12 Jamming Attack Detection 13 Jamming Attack Detection • Packet Delivery Ratio • Any one of the four jammers, if placed within a reasonable distance from the receiver, can cause the corresponding PDR to become close to 0. • Even under such a congestion level, the PDR measured by the receiver is still around 78%. • It is not as effective for other network dynamics, such as a sender battery failure, or the sender moving out of the receiver's communication range. 14 Basic Detection Summary • Both Signal Strength and Carrier Sensing time can only detect the constant and deceptive jammer. Neither of these two statistics is effective in detecting the random or the reactive jammer. • Packet Delivery Ratio is a powerful statistic to determine Jamming vs. congestion. It can not account for all network dynamics. 15 We need Consistency Checks to be Sure 1. 2. Signal Strength Consistency Checks Location Consistency Checks Assumptions • Each node detects whether it is jammed • Each node maintains a neighbor list from routing layer • Network deployment is dense so each node has several neighbors • All legitimate nodes participate by sending heartbeat beacons( allows for reliable estimate of PDR over time) 16 Advanced Jamming Detection • Signal Strength Consistency Checks • In order to combat false detections due to legitimate causes of link degradation, we use the signal strength as a consistency check. Specifically, we check to see whether a low PDR value is consistent with the signal strength that is measured. • it may not be practical to sample the signal strength with a fine granularity over a long window of time 17 4.1 Signal Strength Consistency Checks 18 4.1 Signal Strength Consistency Checks PDR VS. SS Observed Normal relationships •High signal strength yields a high PDR •Low signal strength yields a low PDR Jammed Region •The Jammed region has above 99% signal strength confidence intervals and whose PDR is below 65% SS(dBm) •Jammed scenario: a high signal strength but a low PDR 19 PDR % Advanced Jamming Detection • Location Consistency Checks • a proactive consistency check. • all legitimate neighbor nodes transmit with a fixed power level • requires the support of a localization infrastructure • every node periodically advertise its current location and further let each node keep track of both the PDR and the location of its neighbors. 20 Advanced Jamming Detection 21 PDR VS Distance Observations: •Neighbors that are close should have high PDR values, if they have low PDR values they are Jammed •All nodes advertise their current location and their PDRs to their neighbors to ensure there is a minimum amount of traffic to establish PDR. Thus PDR = 0 if no packets received •Similar to the SS consistency check. An initial baseline to represent the profile of a normal environment (PDR,d) for each node. •If a lower PDR is observed than should be for a given distance under normal radio conditions than the node declares it is Jammed. 22 • Countermeasures : Physical layer design technologies such as spread spectrum work but have not found wide spread deployment in commodity wireless devices. 23 Conclusions • Protecting our wireless networks is important • Jamming is a viable threat • Detecting Jamming is the first step in defeating it 24