Search for: All records

Localization is one form of cooperative spectrum sensing that lets multiple sensors work together to estimate the location of a target transmitter. However, the requisite exchange of spectrum measurements leads to exposure of the physical loca- tion of participating sensors. Furthermore, in some cases, a com- promised participant can reveal the sensitive characteristics of all participants. Accordingly, a lack of sufficient guarantees about data handling discourages such devices from working together. In this paper, we provide the missing data protections by processing spectrum measurements within attestable containers or enclaves. Enclaves provide runtime memory integrity and confidentiality using hardware extensions and have been used to secure various applications [1]–[8]. We use these enclave features as building blocks for new privacy-preserving particle filter protocols that minimize disruption of the spectrum sensing ecosystem. We then instantiate this enclave using ARM TrustZone and Intel SGX, and we show that enclave-based particle filter protocols incur minimal overhead (adding 16 milliseconds of processing to the measurement processing function when using SGX versus unprotected computation) and can be deployed on resource-constrained platforms that support TrustZone (incurring only a 1.01x increase in processing time when doubling particle count from 10,000 to 20,000), whereas cryptographically-based approaches suffer from multiple orders of magnitude higher costs. We effectively deploy enclaves in a distributed environment, dramatically improving current data handling techniques. To our best knowledge, this is the first work to demonstrate privacy-preserving localization in a multi-party environment with reasonable overhead. 

We report results of an experiment in applying deep Q-learning for dynamic spectrum sharing (DSS) in the Alleys of Austin scenario from the DARPA Spectrum Collaboration Challenge. This scenario mimics mobile operations in an urban environment by up to five squads (teams) of soldiers. Each team operates its own wireless network. We consider teamwise– distributed DSS, where there is no central agent to coordinate spectrum usage across teams, but spectrum usage within each team is coordinated by a single member of that team. The spatial distributions of the soldiers creates opportunities for spatial reuse by certain subsets of the teams, and our experiment is set up to evaluate whether the deep Q-learning algorithm can discover and take advantage of these opportunities. The results show that deep Q-learning is able to take advantage of spatial reuse and that doing so results in better performance than a fair-share, disjoint spectrum allocation among the teams. 

A dynamic spectrum sharing problem with a mixed collaborative/competitive objective and partial information about peers’ performances that arises from the DARPA Spectrum Collaboration Challenge is considered. Because of the very high complexity of the problem and the enormous size of the state space, it is broken down into the subproblems of channel selection, flow admission control, and transmission schedule assignment. The channel selection problem is the focus of this paper. A reinforcement learning algorithm based on a reduced state is developed to select channels, and a neural network is used as a function approximator to fill in missing values in the resulting input-action matrix. The performance is compared with that obtained by a hand-tuned expert system. 

An algorithm to identify the bottleneck nodes linking two component networks in a simple network of networks (NoN) configuration is proposed. The proposed bottleneck identification algorithm is based on applying a support vector machine on clustered packet delay measurements. This algorithm has the advantage that it requires almost no information about the topology of the underlying NoN. Simulation results show that this algorithm can provide very good detection performance when the component networks of the NoN are not too small in size, or when the connectivity between nodes within the component networks is not too sparse. 

With close to native performance, Linux containers are becoming the de facto platform for cloud computing. While various solutions have been proposed to secure applications and containers in the cloud environment by leveraging Intel SGX, most cloud operators do not yet offer SGX as a service. This is likely due to a number of security, scalability, and usability concerns coming from both cloud providers and users. Cloud operators worry about the security guarantees of unofficial SDKs, limited support for remote attestation within containers, limited physical memory for the Enclave Page Cache (EPC) making it difficult to support hundreds of enclaves, and potential DoS attacks against EPC by malicious users. Meanwhile, end users need to worry about careful program partitioning to reduce the TCB and adapting legacy applications to use SGX. We note that most of these concerns are the result of an incomplete infrastructure, from the OS to the application layer. We address these concerns with lxcsgx, which allows SGX applications to run inside containers while also: enabling SGX remote attestation for containerized applications, enforcing EPC memory usage control on a per-container basis, providing a general software TPM using SGX to augment legacy applications, and supporting partitioning with a GCC plugin. We then retrofit Nginx/OpenSSL and Memcached using the software TPM and SGX partitioning to defend against known and potential attacks. Thanks to the small EPC footprint of each enclave, we are able to run up to 100 containerized Memcached instances without EPC swapping. Our evaluation shows the overhead introduced by lxcsgx is less than 6.9% for simple SGX applications, 9.5% for Nginx/OpenSSL, and 20.9% for containerized Memcached. 

A protocol for two-party secure function evaluation (2P-SFE) aims to allow the parties to learn the output of function f of their private inputs, while leaking nothing more. In a sense, such a protocol realizes a trusted oracle that computes f and returns the result to both parties. There have been tremendous strides in efficiency over the past ten years, yet 2P-SFE protocols remain impractical for most real-time, online computations, particularly on modestly provisioned devices. Intel's Software Guard Extensions (SGX) provides hardware-protected execution environments, called enclaves, that may be viewed as trusted computation oracles. While SGX provides native CPU speed for secure computation, previous side-channel and micro-architecture attacks have demonstrated how security guarantees of enclaves can be compromised. In this paper, we explore a balanced approach to 2P-SFE on SGX-enabled processors by constructing a protocol for evaluating f relative to a partitioning of f. This approach alleviates the burden of trust on the enclave by allowing the protocol designer to choose which components should be evaluated within the enclave, and which via standard cryptographic techniques. We describe SGX-enabled SFE protocols (modeling the enclave as an oracle), and formalize the strongest-possible notion of 2P-SFE for our setting. We prove our protocol meets this notion when properly realized. We implement the protocol and apply it to two practical problems: privacy-preserving queries to a database, and a version of Dijkstra's algorithm for privacy-preserving navigation. Our evaluation shows that our SGX-enabled SFE scheme enjoys a 38x increase in performance over garbled-circuit-based SFE. Finally, we justify modeling of the enclave as an oracle by implementing protections against known side-channels. 

We consider the problem of jammer placement to partition a wireless network, where the network nodes and jammers are located in the real plane. In previous research, we found optimal and suboptimal jammer placements by reducing the search space for the jammers to the locations of the network nodes. In this paper, we develop techniques to find optimal jammer placements over all possible jammer placements in the real plane. Our approach finds a set of candidate jammer locations (CJLs) such that a jammer-placement solution using the CJLs achieves the minimum possible cardinality among all possible jammer placements in the real plane. The CJLs can be used directly with the optimal and fast, suboptimal algorithms for jammer placement from our previous work. 

Wireless communication systems are susceptible to both unintentional interference and intentional jamming attacks. For mesh and ad-hoc networks, interference affects the network topology and can cause the network to partition, which may completely disrupt the applications or missions that depend on the network. Defensive techniques can be applied to try to prevent such disruptions to the network topology. Most previous research in this area is on improving network resilience by adapting the network topology when a jamming attack occurs. In this paper, we consider making a network more robust to jamming attacks before any such attack has happened. We consider a network in which the positions of most of the radios in the network are not under the control of the network operator, but the network operator can position a few “helper nodes” to add robustness against jamming. For instance, most of the nodes are radios on vehicles participating in a mission, and the helper nodes are mounted on mobile robots or UAVs. We develop techniques to determine where to position the helper nodes to maximize the robustness of the network to certain jamming attacks aimed at disrupting the network topology. Using our recent results for quickly determining how to attack a network, we use the harmony search algorithm to find helper node placements that maximize the number of jammers needed to disrupt the network 

Cooperative spectrum sensing is often necessary in cognitive radios systems to localize a transmitter by fusing the measurements from multiple sensing radios. However, revealing spectrum sensing information also generally leaks information about the location of the radio that made those measurements. We propose a protocol for performing cooperative spectrum sensing while preserving the privacy of the sensing radios. In this protocol, radios fuse sensing information through a distributed particle filter based on a tree structure. All sensing information is encrypted using public-key cryptography, and one of the radios serves as an anonymizer, whose role is to break the connection between the sensing radios and the public keys they use. We consider a semi-honest (honest-but-curious) adversary model in which there is at most a single adversary that is internal to the sensing network and complies with the specified protocol but wishes to determine information about the other participants. Under this scenario, an adversary may learn the sensing information of some of the radios, but it does not have any way to tie that information to a particular radio’s identity. We test the performance of our proposed distributed, tree-based particle filter using physical measurements of FM broadcast stations.