skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Secure Authentication in Cross-Technology Communication for Heterogeneous IoT
The emerging Cross-Technology Communication (CTC) has enabled the direct communication among different protocols, which will greatly enhance the spectrum efficiency. However, it will also bring security challenges to end IoT devices since the attacks can be from heterogeneous devices. Current deployed security mechanisms cannot be applied among heterogeneous devices. This work proposes a new mechanism to verify the legitimacy of signal source so that only the signals from legal CTC devices can be further processed. We verify the legitimacy of devices by embedding authorization codes into the packets at the sender side and verify them at the receiver side. Theoretical analysis and experiments show that this mechanism can provide effective protection on heterogeneous communication pairs.  more » « less
Award ID(s):
1947065
PAR ID:
10178864
Author(s) / Creator(s):
; ; ;
Date Published:
Journal Name:
2019 IEEE International Symposium on Dynamic Spectrum Access Networks (DySPAN)
Page Range / eLocation ID:
1 to 2
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; ; ; (, ASIA CCS '20: The 15th ACM Asia Conference on Computer and Communications Security)
    null (Ed.)
    Widely deployed IoT devices have raised serious concerns for the spectrum shortage and the cost of multi-protocol gateway deployment. Recent emerging Cross-Technology Communication (CTC) technique can alleviate this issue by enabling direct communication among heterogeneous wireless devices, such as WiFi, Bluetooth, and ZigBee on 2.4 GHz. However, this new paradigm also brings security risks, where an attacker can use CTC to launch wireless attacks against IoT devices. Due to limited computational capability and different wireless protocols being used, many IoT devices are unable to use computationally-intensive cryptographic approaches for security enhancement. Therefore, without proper detection methods, IoT devices cannot distinguish signal sources before executing command signals. In this paper, we first demonstrate a new defined physical layer attack in the CTC scenario, named as waveform emulation attack, where a WiFi device can overhear and emulate the ZigBee waveform to attack ZigBee IoT devices. Then, to defend against this new attack, we propose a physical layer defensive mechanism, named as AuthCTC, to verify the legitimacy of CTC signals. Specifically, at the sender side, an authorization code is embedded into the packet preamble by leveraging the dynamically changed cyclic prefix. A WiFi-based detector is used to verify the authorization code at the receiver side. Extensive simulations and experiments using off-the-shelf devices are conducted to demonstrate both the feasibility of the attack and the effectiveness of our defensive mechanism. 
    more » « less
  2. ; ; ; ; ; (, 2020 IEEE 14th Dallas Circuits and Systems Conference (DCAS))
    null (Ed.)
    The resource-constrained nature of the Internet of Things (IoT) edges, poses a challenge in designing a secure and high-performance communication for this family of devices. Although side-channel resistant ciphers (either block or stream) could guarantee the security of the communication, the energy intensive nature of these ciphers makes them undesirable for lightweight IoT solutions. In this paper, we introduce ExTru, an encrypted communication protocol based on stream ciphers that adds a configurable switching & toggling network (CSTN) to not only boost the performance of the communication in these devices, it also consumes far less energy than the conventional side-channel resistant ciphers. Although the overall structure of the proposed scheme is leaky against physical attacks, we introduce a dynamic encryption mechanism that removes this vulnerability. We demonstrate how each communicated message in the proposed scheme reduces the level of trust. Accordingly, since a specific number of messages, N, could break the communication and extract the key, by using the dynamic encryption mechanism, ExTru can re-initiate the level of trust periodically after T messages where T <; N, to protect the communication against side-channel and scan-based attacks (e.g. SAT attack). Furthermore, we demonstrate that by properly configuring the value of T, ExTru not only increases the strength of security from per “device” to per “message”, it also significantly improves energy saving as well as throughput vs. an architecture that only uses a conventional side-channel resistant block/stream cipher. 
    more » « less
  3. ; ; (, ACM Transactions on Sensor Networks)
    null (Ed.)
    Low-power wireless mesh networks (LPWMNs) have been widely used in wireless monitoring and control applications. Although LPWMNs work satisfactorily most of the time thanks to decades of research, they are often complex, inelastic to change, and difficult to manage once the networks are deployed. Moreover, the deliveries of control commands, especially those carrying urgent information such as emergency alarms, suffer long delay, since the messages must go through the hop-by-hop transport. Recent studies show that adding low-power wide-area network radios such as LoRa onto the LPWMN devices (e.g., ZigBee) effectively overcomes the limitation. However, users have shown a marked reluctance to embrace the new heterogeneous communication approach because of the cost of hardware modification. In this article, we introduce LoRaBee, a novel LoRa to ZigBee cross-technology communication (CTC) approach, which leverages the energy emission in the Sub-1 GHz bands as the carrier to deliver information. Although LoRa and ZigBee adopt distinct modulation techniques, LoRaBee sends information from LoRa to ZigBee by putting specific bytes in the payload of legitimate LoRa packets. The bytes are selected such that the corresponding LoRa chirps can be recognized by the ZigBee devices through sampling the received signal strength. Experimental results show that our LoRaBee provides reliable CTC communication from LoRa to ZigBee with the throughput of up to 281.61 bps in the Sub-1 GHz bands. 
    more » « less
  4. ; ; ; ; ; ; (, IEICE Transactions on Information and Systems)
    Cellular networks have become a critical part of our networking infrastructure, enabling ubiquitous communication. However, they are likely to be under threat, and can also be the vehicle through which cellular-connected end-systems can be subject to attacks. This paper introduces our efforts to leverage data plane devices such as programmable network interface cards, switches, and end-hosts to efficiently detect attacks and ensure user privacy at terabit per second speeds. Specifically, our project designs a heterogeneous data plane framework that cohesively combines multiple data plane devices, and designs two security solutions on the framework: security monitoring and privacy protection. This paper briefly introduces the goals and initial results for the two solutions. 
    more » « less
  5. ; ; (, ACM Great Lakes Symposium on VLSI (GLSVLSI))
    null (Ed.)
    With Heterogeneous architectures and IoT devices connecting to billions of devices in the network, securing the application and tracking the data flow from different untrusted communication channels during run time and protecting the return address is an essential aspect of system integrity. In this work, we propose a correlated hardware and software-based information flow tracking mechanism to track the data using tagged logic. This scheme leverages the open-source benefits of RISC V by extending the architecture with security policies providing precise coarse grain management along with a simulation model with minimal overhead. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email