Mission-critical wireless networks are being upgraded to 4G long-term evolution (LTE). As opposed to capacity, these networks require very high reliability and security as well as easy deployment and operation in the field. Wireless communication systems have been vulnerable to jamming, spoofing and other radio frequency attacks since the early days of analog systems. Although wireless systems have evolved, important security and reliability concerns still exist. This paper presents our methodology and results for testing 4G LTE operating in harsh signaling environments. We use software-defined radio technology and open-source software to develop a fully configurable protocol-aware interference waveform. We define several test cases that target the entire LTE signal or part of it to evaluate the performance of a mission-critical production LTE system. Our experimental results show that synchronization signal interference in LTE causes significant throughput degradation at low interference power. By dynamically evaluating the performance measurement counters, the k-nearest neighbor classification method can detect the specific RF signaling attack to aid in effective mitigation.
more »
« less
LTE PHY layer vulnerability analysis and testing using open-source SDR tools
This paper provides a methodology to study the PHY layer vulnerability of wireless protocols in hostile radio environments. Our approach is based on testing the vulnerabilities of a system by analyzing the individual subsystems. By targeting an individual subsystem or a combination of subsystems at a time, we can infer the weakest part and revise it to improve the overall system performance. We apply our methodology to 4G LTE downlink by considering each control channel as a subsystem. We also develop open-source software enabling research and education using software-defined radios. We present experimental results with open-source LTE systems and shows how the different subsystems behave under targeted interference. The analysis for the LTE downlink shows that the synchronization signals (PSS/SSS) are very resilient to interference, whereas the downlink pilots or Cell-Specific Reference signals (CRS) are the most susceptible to a synchronized protocol-aware interferer. We also analyze the severity of control channel attacks for different LTE configurations. Our methodology and tools allow rapid evaluation of the PHY layer reliability in harsh signaling environments, which is an asset to improve current standards and develop new and robust wireless protocols.
more »
« less
- Award ID(s):
- 1642873
- NSF-PAR ID:
- 10057387
- Date Published:
- Journal Name:
- Military Communications Conference (MILCOM), MILCOM 2017 - 2017 IEEE
- Page Range / eLocation ID:
- 744 to 749
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
Cellular networks with D2D links are increasingly being explored for mission-critical applications (e.g., real-time control and AR/VR) which require predictable communication reliability. Thus it is critical to control interference among concurrent transmissions in a predictable manner to ensure the required communication reliability. To this end, we propose a Unified Cellular Scheduling (UCS) framework that, based on the Physical-Ratio-K (PRK) interference model, schedules uplink, downlink, and D2D transmissions in a unified manner to ensure predictable communication reliability while maximizing channel spatial reuse. UCS also provides a simple, effective approach to mode selection that maximizes the communication capacity for each involved communication pair. UCS effectively uses multiple channels for high throughput as well as resilience to channel fading and external interference. Leveraging the availability of base stations (BSes) as well as high-speed, out-of-band connectivity between BSes, UCS effectively orchestrates the functionalities of BSes and user equipment (UE) for light-weight control signaling and ease of incremental deployment and integration with existing cellular standards. We have implemented UCS using the open-source, standards-compliant cellular networking platform OpenAirInterface, and we have validated the UCS design and implementation using the USRP B210 software-defined radios in the ORBIT wireless testbed. We have also evaluated UCS through high-fidelity, at-scale simulation studies; we observe that UCS ensures predictable communication reliability while achieving a higher channel spatial reuse rate than existing mechanisms, and that the distributed UCS framework enables a channel spatial reuse rate statistically equal to that in the state-of-the-art centralized scheduling algorithm iOrder.more » « less
-
This paper presents Virginia Tech’s wireless testbed supporting research on long-term evolution (LTE) signaling and radio frequency (RF) spectrum coexistence. LTE is continuously refined and new features released. As the communications contexts for LTE expand, new research problems arise and include operation in harsh RF signaling environments and coexistence with other radios. Our testbed provides an integrated research tool for investigating these and other research problems; it allows analyzing the severity of the problem, designing and rapidly prototyping solutions, and assessing them with standard-compliant equipment and test procedures. The modular testbed integrates general-purpose software-defined radio hardware, LTE-specific test equipment, RF components, free open-source and commercial LTE software, a configurable RF network and recorded radar waveform samples. It supports RF channel emulated and over-the-air radiated modes. The testbed can be remotely accessed and configured. An RF switching network allows for designing many different experiments that can involve a variety of real and virtual radios with support for multiple-input multiple-output (MIMO) antenna operation. We present the testbed, the research it has enabled and some valuable lessons that we learned and that may help designing, developing, and operating future wireless testbeds.more » « less
-
The continuous increase in demanding for availability and ultra-reliability of low-latency and broadband wireless connections is instigating further research in the standardization of next-generation mobile systems. 6G networks, among other benefits, should offer global ubiquitous mobility thanks to the utilization of the Space segment as an intelligent yet autonomous ecosystem. In this framework, multi-layered networks will take charge of providing connectivity by implementing Cloud-Radio Access Network (C-RAN) functionalities on heterogeneous nodes distributed over aerial and orbital segments. Unmanned Aerial Vehicles (UAVs), High-Altitude Plat-forms (HAPs), and small satellites compose the Space ecosystem encompassing the 3D networks. Recently, a lot of interest has been raised about splitting operations to distribute baseband processing functionalities among such nodes to balance the computational load and reduce the power consumption. This work focuses on the hardware development of C-RAN physical (PHY-) layer operations to derive their computational and energy demand. More in detail, the 5G Downlink Shared Channel (DLSCH) and the Physical Downlink Shared Channel (PDSCH) are first simulated in MATLAB environment to evaluate the variation of computational load depending on the selected splitting options and number of antennas available at transmitter (TX) and receiver (RX) side. Then, the PHY-layer processing chain is software-implemented and the various splitting options are tested on low-cost processors, such as Raspberry Pi (RP) 3B+ and 4B. By overclocking the RPs, we compute the execution time and we derive the instruction count (IC) per program for each considered splitting option so to achieve the mega instructions per second (MIPS) for the expected processing time. Finally, by comparing the performance achieved by the employed RPs with that of Nvidia Jetson Nano (JN) processor used as benchmark, we shall discuss about size, weight, power and cost (SWaP-C)...more » « less
-
Obfuscation of the orthogonal frequency-division multiplexing (OFDM) physical layer is described in this paper as a means to enhance the security of wireless communication. The standardization of the communication channel between two trusted parties results in a variety of security threats, including vulnerabilities in WPA/WPA2 protocols that allow for the extraction of the software layer encryption key. Obfuscating the physical layer of the OFDM pipeline provides an additional layer of security in the event that the software layer key is compromised and allows for rolling updates of the physical layer key without altering the software layer key. The interleaver stage of the OFDM pipeline is redesigned to utilize a physical layer key, which is termed Phy-Leave. The Phy-Leave interleaver is evaluated through both MATLAB simulation and hardware prototyping on the Software Defined Communication (SDC) testbed using a Virtex6 FPGA. The implemented rolling physical layer key policy and Phy-Leave system resulted in a less than 1% increase in the area of a Virtex6 FPGA, demonstrating physical layer obfuscation as a means to increase the security of wireless communication without a significant cost in hardware.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1109/MILCOM.2017.8170787
