EP1652341A2 - Wireless network security - Google Patents

Wireless network security

Info

Publication number
EP1652341A2
EP1652341A2 EP04743993A EP04743993A EP1652341A2 EP 1652341 A2 EP1652341 A2 EP 1652341A2 EP 04743993 A EP04743993 A EP 04743993A EP 04743993 A EP04743993 A EP 04743993A EP 1652341 A2 EP1652341 A2 EP 1652341A2
Authority
EP
European Patent Office
Prior art keywords
network
signals
message
spurious
tampering
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP04743993A
Other languages
German (de)
French (fr)
Inventor
Christopher Z. Philips IP & Standards CHIMOMBO
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Koninklijke Philips NV
Original Assignee
Koninklijke Philips Electronics NV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics NV filed Critical Koninklijke Philips Electronics NV
Publication of EP1652341A2 publication Critical patent/EP1652341A2/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/22Arrangements for detecting or preventing errors in the information received using redundant apparatus to increase reliability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0852Delays
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • H04W88/04Terminal devices adapted for relaying to or from another terminal or user

Definitions

  • the present invention relates to wireless communication networks and to network security.
  • Wireless communication networks have increased in popularity in recent years. Mobile phones, pagers, personal digital assistants, mobile computers and other communication devices all take advantage of wireless communication technologies.
  • the use of wireless communication networks has become commonplace in business and industrial environments and increasingly these technologies are becoming more popular in a domestic setting.
  • the ambient environment for example the home of the future, may be based on ad-hoc wireless networking technologies, such as ZigBee and Bluetooth. Electronic devices in the ambient environment will form part of this network. Examples could include, but are not limited to, household alarms, thermostats for central heating / air conditioning, light switches and smoke detectors.
  • An example scenario could be one where a home owner requests to find his car keys and the keys send a reply back to the owner.
  • wireless communication is such that broadcasts within the domestic network need not be restricted to the vicinity of the home.
  • domestic networks will extend beyond the confines of the living environment and may overlap with a neighbouring network. This makes the domestic network vulnerable to tampering and security breaches by a third party.
  • the third party may be an innocent user of an adjacent network or a more determined trespasser.
  • Security in ad-hoc domestic wireless networks is an issue of wireless communication which has not been addressed as thoroughly as other aspects of the wireless technologies. In the domestic setting, it will be necessary to avoid, or reduce, interference from neighbouring networks or passers-by to counter information being gleaned from the network and to counter other security breaches.
  • WO 02/078210 describes a wireless communication system in which parts or all of a message are transmitted over different communication paths defined by repeaters in the network, thereby preventing obstacles that inhibit wireless communication on one path from blocking an entire message.
  • WO '210 specifically addresses the problem of fading where messages transmitted between two transceivers in a network are lost or garbled, and does not discuss security against intentional tampering or interference with messages.
  • the expression 'tampering' is intended to indicate all forms of intentional or malicious interference with a signal, including interference with the data content of a signal. Tampering may include effecting an attempted denial-of-service whereby information is prevented from arriving at the intended destination, e.g. by jamming, and access attempts whereby a determined trespasser intentionally attempts to gain unauthorised access to the network.
  • An ad-hoc wireless network is one which accepts (and rejects or sometimes drops) member devices automatically, i.e. with a minimum of fuss and without need for human intervention.
  • Such a network may only have one device until a similarly-enabled device approaches it or is placed in its vicinity.
  • a master-slave configuration is generally preferred in such networks. Both ZigBee and Bluetooth use such a configuration. However, peer-to-peer configurations are also used.
  • the present invention is applicable to these and other wireless network topologies. In the future it is envisaged that such an environment would have tens of such devices. At any one time, therefore, these devices would be starting, participating in and ending conversations with other devices. If the two conversing devices are not in each other's immediate vicinity (i.e. they are out of range of each other's wireless transmissions) then these conversations take place via intermediaries - routers or repeaters - which themselves are capable of conversing with other devices. There is a clear need for security measures in the management of these networks. An object of the present invention is to provide improved security in wireless networks.
  • the present invention provides a method of communication over a wireless communications network, the network comprising at least first and second transceivers, linked by wireless communication paths, each path including at least one repeater disposed within the network for the propagation of messages, the method comprising the steps of: transmitting a plurality of signals that make up a message, through the network to the second transceiver; and determining from received signals, whether one or more of the signals has undergone tampering.
  • the present invention provides a receiver for receiving messages over a wireless communications network and for detecting tampering of the signals in the wireless network, comprising: means for receiving a plurality of signals that make up a message, from the network; and means for determining from the received signals whether one or more of the signals has undergone tampering.
  • the present invention provides a method for detecting the presence of an unauthorised device attempting to connect to a network, comprising the steps of: transmitting a first message, onto a network, which first message includes spurious data which purports to be data that enables or maintains connection of a device to the network; and detecting subsequent use of that data to identify an unauthorised attempt to connect to the network.
  • the present invention provides a device for use on a network, the device comprising: a transmitter for transmitting a first message onto the network, which first message includes spurious data which purports to be data that enables or maintains connection of a device to the network; and detection means for detecting subsequent use of that data, by another device, to identify an unauthorised attempt to connect to the network.
  • Figure 1 shows a schematic representation of an ad-hoc wireless communication network according to a preferred embodiment of the present invention
  • Figure 2 shows a schematic representation of an ad-hoc wireless communication network according to a second embodiment of the present invention.
  • the network 10 is preferably located within a domestic setting, although the network 10 may also be located in other environments.
  • the network 10 includes at least two transceivers 1 , 2 which may be any suitable short-range transceiving devices capable of operating in the 2.4 GHz (ZigBee) frequency band, although other frequency bands may be used.
  • the transceiving devices are preferably compliant with the ZigBee standards-based wireless technology, but may also be compliant with Bluetooth, 802.11 and other wireless standards.
  • the transceivers 1 , 2 are linked by at least two wireless communication paths 4, 4'.
  • the communication paths 4, 4' operate in the frequency bands of the transceivers 1 , 2.
  • the communication paths 4, 4' are each defined by at least one, but preferably more, different repeaters 3i...3 n , 3-i'...3 n ' located within the network.
  • the repeaters may be any suitable short-range transceiving devices capable of operating at the frequency of the transceivers 1 ,2 and are compliant with the preferred wireless technology standard of the transceivers 1 , 2. It will be recognised that the number of repeaters 3 ⁇ ...3 n , 3 ⁇ '...3 n ' required in the network 10 will depend on the dimensions of the domestic environment and the number of desired different communication paths 4, 4'. Therefore, the number of communication paths 4, 4' is interrelated with the number of repeaters 3 ⁇ ...3 n , 3 ⁇ '...3 n '.
  • two transceivers 1 , 2 are linked by two communication paths 4, 4', each path defined by at least one different repeater 3- ⁇ ...3 n , 3 ⁇ '...3 n ' located within the network 10.
  • One of the transceivers 1 transmits a plurality of signals making up a message, through the network 10 to the other transceiver 2.
  • the other transceiver 2 determines, from the received signals, whether one or more of the signals has undergone tampering and thus whether the network is maintaining its integrity (ie. it has not been breached).
  • Each path 4, 4' may have the same number of repeaters 3 ⁇ ...3 n , 3 ⁇ '...3 n ' or a different number of repeaters.
  • one transceiver 1 divides the signals of a message across the two communication paths 4, 4' and transmits a portion of the signals on one path 4 and the remainder of the signals on the other path 4'.
  • the signals of the message may be divided into equal portions or unequal portions.
  • the divided signals may be consecutive or randomly divided so as to be non-consecutive.
  • the divided signals sent on the same path may be separated in time.
  • a significant benefit of this arrangement is that no one communication path carries all the signals of the message. Thus eavesdropping on a particular path does not provide all the information in the message and jamming prevents only a portion of the message from being received.
  • one transceiver 1 sends signals of the message on one communication path 4 and sends the same signals on the other communication path 4'.
  • the signals may be sent on both paths 4, 4' at the same time, or may be sent at different times, either overlapping or separated by a predetermined interval of time.
  • a significant benefit of this arrangement is that jamming of a particular communication path 4 does not prevent the signals of the message from being received on the other communication path 4' by the other transceiver 2.
  • FIG 2 there is shown an alternative network configuration comprising a plurality of nodes N distributed around an ambient network 10, comprising two subnets 11 , 12 each comprising a collection of nodes N, eg node 3 ⁇ in subnet 11 and node 3 2 in subnet 12.
  • a controller node 13 may also be provided, the function of which will be described in greater detail hereinafter.
  • An attacker node 14 attempting to obtain illegal access to the network 10 is also illustrated.
  • a first transceiver node 1 (acting as a message originator) in subnet 12 may communicate with a second transceiver node 2 (acting as a message recipient) over the network either directly or using any convenient set of intermediate nodes N acting as repeaters, eg. node 3 ⁇ and 3 2 . It will be understood that any of the nodes N could act as a message originator or a message recipient or as repeater to other nodes' messages.
  • Delays caused by tampering with signals may be detected by having prior knowledge of expected delays in normal communication paths. For example, the presence of a repeater 3-
  • the transceivers 1 , 2 in the network 10 each include a signal processing module (not shown) to compare the signals received on the two communication paths 4, 4'. It will be understood however, that an attack amounting to a denial-of-service on a particular path 4 will either result in no signals being received on that path 4 or else signals will cease at the moment jamming commences.
  • the signal processing module will notify the receiving transceiver 2 of signal tampering if the transceiver 2 receives signals on one communication path 4 only.
  • the signal processing module will notify the receiving transceiver 2 of signal tampering if the transceiver 2 receives signals on one communication path 4 that do not match the signals received on the other communication path 4', where the transceiver 2 was expecting to receive the same signals on both communication paths.
  • the signal processing module will notify the receiving transceiver 2 of signal tampering if the transceiver receives signals on both communication paths 4, 4' that indicate at least one signal is missing.
  • the signal processing module is preferably adapted to combine portions of signals received on one communication path 4 with portions of signals received on the other communication path 4'. If the combined portions do not make up a whole transmitted message, an attack on the signals is indicated. Preventing one or more signals from being received at the receiving transceiver 2 amounts to a denial-of-service attack. In the preferred arrangement, any notification by the signal processing module to the receiving transceiver 2 to the effect that signal tampering has occurred to one or more signals of the message will preferably lead the transceiver 2 to assert a security breach to the network 10.
  • This may take the form of an alarm signal (not shown) that is transmitted across all communication paths 4, 4' to each transceiver 1 ,2 of the network 10.
  • the assertion of a security breach may inhibit further network communication, either temporarily, or indefinitely, by shutting down the communication path 4, 4' under attack (ie. partly inhibiting the network) or else shutting down all communication paths 4, 4' (ie. fully inhibiting the network).
  • the shutdown may be accomplished by one or more transceivers 1 , 2 or repeaters 3 ⁇ ...3 n , 3 ⁇ '...3 n ' refusing to transmit further signals or else halting signals currently being transmitted.
  • the shutdown may be for a prescribed time interval or until the network 10 is manually reset by an authenticated user.
  • the shut down may comprise only isolation of a node from which there is evidence of tampering.
  • the transceiving devices in the network 10 may each invoke a lock-down condition in response to a security breach assertion to the network 10.
  • the lock-down condition may cause the transceiving devices to refuse any network access requests either temporarily or indefinitely, even if the access request is known to be authentic.
  • the network 10 may only be reset thereafter using a reset authentication code.
  • ...3 n , 3 ⁇ '...3 n ' defining a communication path 4, 4' that is under attack may, in response to the security breach assertion, dynamically re-route the communication path so as to physically avoid that part of the path known to be the region of the signal tampering.
  • the repeaters 3 ⁇ ...3 n , 3 ⁇ '...3 ⁇ ' may re-route the transmitted signals along the next available communication path 4, 4' in a manner so as not to interfere with the transmitted signals of that path. If this is not possible, the repeaters 3 ⁇ ...3 n , 3 ⁇ '...3 n ' may select the next available communication path 4, 4' known to be free of transmitted signals.
  • the re-routed communication may be re-routed to a known secure path.
  • the network 10 is not shut down and the receiving transceiver 2 monitors the other available communication paths 4, 4' for any re-routed signals, allowing additional time for their propagation across the re-routed path.
  • a transceiver 1 , 2 asserting, or receiving, an alarm signal may sound either an audible or visual alarm, or a combination of both.
  • any suitable form of alarm could be used to indicate a security breach.
  • perceived security breaches may detailed in an event log which could be used to trace the activities of an attacker.
  • At least one of the communication paths 4, 4' is configured to be deliberately insecure and vulnerable to security breaches. This may be accomplished by deliberately positioning one or more repeaters 3 ⁇ '...3 n ', which define the communication path 4', in locations which are known to be close to the extremities of the wireless network environment. In the domestic setting, examples would be, although not limited to, an attached garden, out-house or garage.
  • the signals transmitted on the insecure communication path 4' would be particularly vulnerable to eavesdropping and denial-of-service attacks.
  • the signal processing module may be adapted to particularly scrutinise the signals received on the insecure communication path 4' for evidence of tampering, or else to rapidly identify jamming of the signals on the path 4'.
  • the signals of the message could be adapted to contain deliberately spurious or bogus information.
  • the spurious information could be, for example, fake network authentication details, false user ids or fake personal identification numbers (PINs).
  • PINs personal identification numbers
  • the spurious information could be transmitted across the network 10 as part of the signals of the message.
  • a significant benefit of this arrangement is that eavesdropping the network would only in part obtain authentic information. Any spurious information obtained from a spurious signal would be worthless to the determined trespasser.
  • spurious signals is advantageous to the security of the network, since any attempt to access the network 10, or influence transceiving devices in the network 10, using the spurious information would be readily identified by the receiving transceiver 1 ,2 concerned as being fake and arising from earlier signal tampering. It is also possible, in another arrangement, that the spurious signals could be sent separately to the signals of the message. In another arrangement, the spurious signals could be sent only across the insecure communication path 4'. The combination of the spurious information and vulnerability of the path 4' to attack would allow innocent passers-by or determined trespassers to readily obtain information from the network 10, information which is known to the transceiving devices of the network 10 to be fake.
  • the spurious signals may be originated by the first transceiver 1 , and transmitted through the network 10, to the second transceiver 2 across some or all of the communication paths 4, 4'.
  • the spurious signals may be originated by the second transceiver 2, and transmitted through the network 10, to the first transceiver 1 across some or all of the communication paths 4, 4'.
  • the spurious signals may be originated by a transceiver and directed back to itself, by propagation over the network.
  • the spurious signals may also be originated by the one or more repeaters 3 ⁇ ...3 n , 3 ⁇ '...3 n ' and transmitted over some or all of the communication paths 4, 4'.
  • the spurious signals could be sent periodically or at random times.
  • the spurious signals could be transmitted over a pathway that has previously been identified as having been subject to a security breach, ie. tampering has been detected. In this event, the spurious signals could be manifested as an apparent (but fake) continuation of a message that has actually been re-routed due to the alarm condition indicated by the detected tampering. In this way, an attacker node may not be made aware that its existence has been detected until after human intervention can be made.
  • the spurious signals could comprise bogus authentication handshakes between selected devices, in particular those located in relatively insecure parts of the network. In order to detect tampering by the unauthorised use of spurious signals, it may be necessary for at least some authorised devices in the network 10 to be able to distinguish spurious signals (eg. bogus information) that have deliberately been used by authorised devices from spurious signals that originate from an unauthorised device or attacker attempting to gain access to the network.
  • LUTs Look-Up Tables
  • spurious signal entries and their conditions for use may be common throughout the network 10 or specific to certain devices.
  • a particular transmitting device 1 , 2 may select an entry at random, or in a predetermined order, from the LUT for sending in accordance with a predetermined condition of use.
  • a receiving device eg. transceiver 2 compares the signal to the entries in the LUT stored on the transceiver 2, checks the condition of use and thereby determines whether the spurious signal indicates tampering.
  • the conditions for use may include timing constraints (eg.
  • each transceiving device of the network 10 may generate spurious signals using a mathematical algorithm common throughout the network 10. It will be understood that where spurious signals are propagated by a single transceiver over the network and back to itself, only that transceiver need be aware of the status of such spurious signals. Still further, for the purposes of propagation of spurious information to potential attacker devices 14, a network node need not even transmit the spurious information to another authentic node in the network.
  • the network node transmits spurious information which purports to be data that enables or maintains connection of a device to the network. Then, if that data is used by another device in an attempt to connect to the network, tampering will be detected by the network node that originated the spurious data.
  • the repeaters 3 ⁇ ...3 n , 3 ⁇ '...3 n ' of the network 10 are preferably polled by the transceiver 1 prior to transmitting the signals of the message. By polling the repeaters in the network 10, the transceiver 1 is able to determine the availability of the repeaters. The available repeaters indicate which communication paths 4, 4' are available for the transmission of signals.
  • the repeaters 3 ⁇ ...3 ⁇ , 3 ⁇ '...3 n ' are preferably polled by sending an enquiry message from the transceiver 1.
  • the transceiver 1 selects at least two communication paths 4, 4' based on the responses of the polled repeaters 3 ⁇ ...3 n , 3 ⁇ '...3 n '.
  • the transceiver 1 will select repeaters
  • 3 ⁇ '...3 n ' known to define an insecure communication path 4', in preference to other available communication paths 4, on which to send spurious signals.
  • the repeaters 3 ⁇ ...3 n , 3 ⁇ '...3 n ' are adapted to inject spurious signals into the signals of the message.
  • the repeaters may use either a LUT or an algorithm, or combination of both, in order to prepare spurious signals for sending through the network, in accordance with previous arrangements.
  • the repeaters may send the spurious signals periodically or randomly, without interfering with the signals of the message.
  • another arrangement makes use of a central controller node 13 to manage the network security.
  • a controller node may be provided which is connected to a device capable of larger data storage and processing capabilities than other nodes. This controller node could be responsible for the network security measures. There may be several controllers in one ambient environment organised in a hierarchical manner, such that there is an overall master controller. In a peer-to-peer network configuration, the controller may be designated as a node that is queried for authentication or other security related details.
  • An ad-hoc network can consist of just one device. The network starts growing when another enabled device is in the vicinity and joins the network. Preferably, the initial device should be the controller node. Security breaches can begin when a second legitimate device which is in the vicinity, attempts to join the ad-hoc network.
  • An eavesdropping device could capture the details exchanged between controller and new device. These details may be used later by an attacking device in order to access the network.
  • One of the proactive security measures proposed is that even at its smallest (when it consists of just the one device) the ambient network can generate spurious information.
  • An example would be a totally fabricated conversation between two devices (the controller pretends to be both message originator node 1 and message recipient node 2).
  • An eavesdropper picking up these transmissions and attempting at a later time to use the information gleaned in order to access the network would then be identified.
  • the controller 13 originates spurious data (and controls initiation of conversation), therefore the controller easily recognises an attacker 14 attempting to use this spurious data.

Abstract

Strategies for improving security of ad-hoc wireless networks are described. Signals received over the network are analysed to determine whether there has been tampering with the network. The analysis may include detecting divergence in signal integrity or a signal parameter between two different spatially or temporally separated paths or the use of spurious information in a signal, which spurious information has previously been deliberately propagated onto the network by an authorised device. Spurious information may be deliberately propagated in parts of the network that are particularly vulnerable to attack.

Description

DESCRIPTION
WIRELESS NETWORK SECURITY
The present invention relates to wireless communication networks and to network security.
Wireless communication networks have increased in popularity in recent years. Mobile phones, pagers, personal digital assistants, mobile computers and other communication devices all take advantage of wireless communication technologies. The use of wireless communication networks has become commonplace in business and industrial environments and increasingly these technologies are becoming more popular in a domestic setting. The ambient environment, for example the home of the future, may be based on ad-hoc wireless networking technologies, such as ZigBee and Bluetooth. Electronic devices in the ambient environment will form part of this network. Examples could include, but are not limited to, household alarms, thermostats for central heating / air conditioning, light switches and smoke detectors. An example scenario could be one where a home owner requests to find his car keys and the keys send a reply back to the owner. The nature of wireless communication is such that broadcasts within the domestic network need not be restricted to the vicinity of the home. In all likelihood, domestic networks will extend beyond the confines of the living environment and may overlap with a neighbouring network. This makes the domestic network vulnerable to tampering and security breaches by a third party. The third party may be an innocent user of an adjacent network or a more determined trespasser. Security in ad-hoc domestic wireless networks is an issue of wireless communication which has not been addressed as thoroughly as other aspects of the wireless technologies. In the domestic setting, it will be necessary to avoid, or reduce, interference from neighbouring networks or passers-by to counter information being gleaned from the network and to counter other security breaches. Unlike conventional wired networks, where a determined trespasser must gain physical access to the wired link or exploit security weaknesses in firewalls and routers, attacks in an ad-hoc wireless network may arise at any point within the network or at any location capable of receiving the wireless broadcasts. Ad-hoc wireless networks do not have a clear line of defence and measures must be taken to counter or immunise against either innocent or malicious security breaches. WO 02/078210 describes a wireless communication system in which parts or all of a message are transmitted over different communication paths defined by repeaters in the network, thereby preventing obstacles that inhibit wireless communication on one path from blocking an entire message. WO '210 specifically addresses the problem of fading where messages transmitted between two transceivers in a network are lost or garbled, and does not discuss security against intentional tampering or interference with messages. The expression 'tampering' is intended to indicate all forms of intentional or malicious interference with a signal, including interference with the data content of a signal. Tampering may include effecting an attempted denial-of-service whereby information is prevented from arriving at the intended destination, e.g. by jamming, and access attempts whereby a determined trespasser intentionally attempts to gain unauthorised access to the network. An ad-hoc wireless network is one which accepts (and rejects or sometimes drops) member devices automatically, i.e. with a minimum of fuss and without need for human intervention. Such a network may only have one device until a similarly-enabled device approaches it or is placed in its vicinity. A master-slave configuration is generally preferred in such networks. Both ZigBee and Bluetooth use such a configuration. However, peer-to-peer configurations are also used. The present invention is applicable to these and other wireless network topologies. In the future it is envisaged that such an environment would have tens of such devices. At any one time, therefore, these devices would be starting, participating in and ending conversations with other devices. If the two conversing devices are not in each other's immediate vicinity (i.e. they are out of range of each other's wireless transmissions) then these conversations take place via intermediaries - routers or repeaters - which themselves are capable of conversing with other devices. There is a clear need for security measures in the management of these networks. An object of the present invention is to provide improved security in wireless networks.
According to one aspect, the present invention provides a method of communication over a wireless communications network, the network comprising at least first and second transceivers, linked by wireless communication paths, each path including at least one repeater disposed within the network for the propagation of messages, the method comprising the steps of: transmitting a plurality of signals that make up a message, through the network to the second transceiver; and determining from received signals, whether one or more of the signals has undergone tampering.
According to another aspect, the present invention provides a receiver for receiving messages over a wireless communications network and for detecting tampering of the signals in the wireless network, comprising: means for receiving a plurality of signals that make up a message, from the network; and means for determining from the received signals whether one or more of the signals has undergone tampering. According to another aspect, the present invention provides a method for detecting the presence of an unauthorised device attempting to connect to a network, comprising the steps of: transmitting a first message, onto a network, which first message includes spurious data which purports to be data that enables or maintains connection of a device to the network; and detecting subsequent use of that data to identify an unauthorised attempt to connect to the network. According to another aspect, the present invention provides a device for use on a network, the device comprising: a transmitter for transmitting a first message onto the network, which first message includes spurious data which purports to be data that enables or maintains connection of a device to the network; and detection means for detecting subsequent use of that data, by another device, to identify an unauthorised attempt to connect to the network.
Embodiments of the present invention will now be described by way of example and with reference to the accompanying drawing in which: Figure 1 shows a schematic representation of an ad-hoc wireless communication network according to a preferred embodiment of the present invention; and Figure 2 shows a schematic representation of an ad-hoc wireless communication network according to a second embodiment of the present invention.
With reference to figure 1 there is shown an ad-hoc wireless communication network 10 according to an embodiment of the invention. The network 10 is preferably located within a domestic setting, although the network 10 may also be located in other environments. The network 10 includes at least two transceivers 1 , 2 which may be any suitable short-range transceiving devices capable of operating in the 2.4 GHz (ZigBee) frequency band, although other frequency bands may be used. The transceiving devices are preferably compliant with the ZigBee standards-based wireless technology, but may also be compliant with Bluetooth, 802.11 and other wireless standards. The transceivers 1 , 2 are linked by at least two wireless communication paths 4, 4'. The communication paths 4, 4' operate in the frequency bands of the transceivers 1 , 2. The communication paths 4, 4' are each defined by at least one, but preferably more, different repeaters 3i...3n, 3-i'...3n' located within the network. The repeaters may be any suitable short-range transceiving devices capable of operating at the frequency of the transceivers 1 ,2 and are compliant with the preferred wireless technology standard of the transceivers 1 , 2. It will be recognised that the number of repeaters 3ι ...3n, 3ι'...3n' required in the network 10 will depend on the dimensions of the domestic environment and the number of desired different communication paths 4, 4'. Therefore, the number of communication paths 4, 4' is interrelated with the number of repeaters 3ι...3n, 3ι'...3n'. In preferred arrangements, two transceivers 1 , 2 are linked by two communication paths 4, 4', each path defined by at least one different repeater 3-ι...3n, 3ι'...3n' located within the network 10. One of the transceivers 1 transmits a plurality of signals making up a message, through the network 10 to the other transceiver 2. The other transceiver 2 determines, from the received signals, whether one or more of the signals has undergone tampering and thus whether the network is maintaining its integrity (ie. it has not been breached). Each path 4, 4' may have the same number of repeaters 3ι...3n, 3ι'...3n' or a different number of repeaters. In one arrangement, one transceiver 1 divides the signals of a message across the two communication paths 4, 4' and transmits a portion of the signals on one path 4 and the remainder of the signals on the other path 4'. The signals of the message may be divided into equal portions or unequal portions. The divided signals may be consecutive or randomly divided so as to be non-consecutive. The divided signals sent on the same path may be separated in time. A significant benefit of this arrangement is that no one communication path carries all the signals of the message. Thus eavesdropping on a particular path does not provide all the information in the message and jamming prevents only a portion of the message from being received. In another arrangement, one transceiver 1 sends signals of the message on one communication path 4 and sends the same signals on the other communication path 4'. The signals may be sent on both paths 4, 4' at the same time, or may be sent at different times, either overlapping or separated by a predetermined interval of time. A significant benefit of this arrangement is that jamming of a particular communication path 4 does not prevent the signals of the message from being received on the other communication path 4' by the other transceiver 2. With reference to figure 2, there is shown an alternative network configuration comprising a plurality of nodes N distributed around an ambient network 10, comprising two subnets 11 , 12 each comprising a collection of nodes N, eg node 3ι in subnet 11 and node 32 in subnet 12. A controller node 13 may also be provided, the function of which will be described in greater detail hereinafter. An attacker node 14 attempting to obtain illegal access to the network 10 is also illustrated. A first transceiver node 1 (acting as a message originator) in subnet 12 may communicate with a second transceiver node 2 (acting as a message recipient) over the network either directly or using any convenient set of intermediate nodes N acting as repeaters, eg. node 3ι and 32. It will be understood that any of the nodes N could act as a message originator or a message recipient or as repeater to other nodes' messages. It will be understood that the existence of a large number of nodes in the network that can act as repeaters for two communicating transceivers results in a plurality of possible pathways between the transceivers, many of which pathways are completely independent and some of which share at least some common links between adjacent nodes. An aspect of the invention is that tampering with transmitted signals can be detected by the receiving device. A number of ways are provided for achieving this. Tampering may be evidenced by delay, disruption or termination in transmitted or retransmitted signals over multiple paths, or by the existence of corruption of data within a message, or the use of illegal data within a message. This illegal data could be spurious data previously deliberately propagated onto the network as will be described hereinafter. Delays caused by tampering with signals may be detected by having prior knowledge of expected delays in normal communication paths. For example, the presence of a repeater 3-|...3n, 3ι'...3n' introduces a known delay into the signal propagation time. An increasing number of repeaters in a path 4, 4' will increase the signal propagation time by an amount related to the number of repeaters. The amount of time contributed by the repeaters 3ι...3n, 3ι'...3n' will correspond to an expected delay in the signal at the receiving transceiver 2. Knowledge of this delay may allow the receiving transceiver 2 to determine if signal tampering occurs, since a delay greater than the expected delay may be indicative of a security breach. Deliberate delays may be introduced between signals transmitted on different paths and these delays may also be taken account of in detecting tampering. In a preferred arrangement, the transceivers 1 , 2 in the network 10 each include a signal processing module (not shown) to compare the signals received on the two communication paths 4, 4'. It will be understood however, that an attack amounting to a denial-of-service on a particular path 4 will either result in no signals being received on that path 4 or else signals will cease at the moment jamming commences. In one arrangement, the signal processing module will notify the receiving transceiver 2 of signal tampering if the transceiver 2 receives signals on one communication path 4 only. This condition applies to both arrangements whereby either signals of the message are divided and sent across two communication paths 4, 4' or the same signals are sent across two communications paths. A failure to receive any signals at all on one communication path 4, 4' would indicate a denial-of-service attack on that path. In another arrangement, the signal processing module will notify the receiving transceiver 2 of signal tampering if the transceiver 2 receives signals on one communication path 4 that do not match the signals received on the other communication path 4', where the transceiver 2 was expecting to receive the same signals on both communication paths. In another arrangement, the signal processing module will notify the receiving transceiver 2 of signal tampering if the transceiver receives signals on both communication paths 4, 4' that indicate at least one signal is missing. This condition applies to signals of a message that were divided and sent across two communication paths 4, 4'. The signal processing module is preferably adapted to combine portions of signals received on one communication path 4 with portions of signals received on the other communication path 4'. If the combined portions do not make up a whole transmitted message, an attack on the signals is indicated. Preventing one or more signals from being received at the receiving transceiver 2 amounts to a denial-of-service attack. In the preferred arrangement, any notification by the signal processing module to the receiving transceiver 2 to the effect that signal tampering has occurred to one or more signals of the message will preferably lead the transceiver 2 to assert a security breach to the network 10. This may take the form of an alarm signal (not shown) that is transmitted across all communication paths 4, 4' to each transceiver 1 ,2 of the network 10. The assertion of a security breach may inhibit further network communication, either temporarily, or indefinitely, by shutting down the communication path 4, 4' under attack (ie. partly inhibiting the network) or else shutting down all communication paths 4, 4' (ie. fully inhibiting the network). The shutdown may be accomplished by one or more transceivers 1 , 2 or repeaters 3ι...3n, 3ι'...3n' refusing to transmit further signals or else halting signals currently being transmitted. The shutdown may be for a prescribed time interval or until the network 10 is manually reset by an authenticated user. The shut down may comprise only isolation of a node from which there is evidence of tampering. In another arrangement, the transceiving devices in the network 10 may each invoke a lock-down condition in response to a security breach assertion to the network 10. The lock-down condition may cause the transceiving devices to refuse any network access requests either temporarily or indefinitely, even if the access request is known to be authentic. The network 10 may only be reset thereafter using a reset authentication code. In another arrangement, the one or more repeaters 3-|...3n, 3ι'...3n' defining a communication path 4, 4' that is under attack may, in response to the security breach assertion, dynamically re-route the communication path so as to physically avoid that part of the path known to be the region of the signal tampering. The repeaters 3ι...3n, 3ι'...3π' may re-route the transmitted signals along the next available communication path 4, 4' in a manner so as not to interfere with the transmitted signals of that path. If this is not possible, the repeaters 3ι...3n, 3ι'...3n' may select the next available communication path 4, 4' known to be free of transmitted signals. The re-routed communication may be re-routed to a known secure path. In such an arrangement, the network 10 is not shut down and the receiving transceiver 2 monitors the other available communication paths 4, 4' for any re-routed signals, allowing additional time for their propagation across the re-routed path. Preferably, a transceiver 1 , 2 asserting, or receiving, an alarm signal may sound either an audible or visual alarm, or a combination of both. Of course, it is to be understood that any suitable form of alarm could be used to indicate a security breach. Alternatively, or in addition, perceived security breaches may detailed in an event log which could be used to trace the activities of an attacker. In a preferred arrangement, at least one of the communication paths 4, 4' is configured to be deliberately insecure and vulnerable to security breaches. This may be accomplished by deliberately positioning one or more repeaters 3ι'...3n', which define the communication path 4', in locations which are known to be close to the extremities of the wireless network environment. In the domestic setting, examples would be, although not limited to, an attached garden, out-house or garage. The signals transmitted on the insecure communication path 4' would be particularly vulnerable to eavesdropping and denial-of-service attacks. The signal processing module may be adapted to particularly scrutinise the signals received on the insecure communication path 4' for evidence of tampering, or else to rapidly identify jamming of the signals on the path 4'. In another arrangement, at least some of the signals of the message could be adapted to contain deliberately spurious or bogus information. The spurious information could be, for example, fake network authentication details, false user ids or fake personal identification numbers (PINs). The spurious information could be transmitted across the network 10 as part of the signals of the message. A significant benefit of this arrangement is that eavesdropping the network would only in part obtain authentic information. Any spurious information obtained from a spurious signal would be worthless to the determined trespasser. However, the use of spurious signals is advantageous to the security of the network, since any attempt to access the network 10, or influence transceiving devices in the network 10, using the spurious information would be readily identified by the receiving transceiver 1 ,2 concerned as being fake and arising from earlier signal tampering. It is also possible, in another arrangement, that the spurious signals could be sent separately to the signals of the message. In another arrangement, the spurious signals could be sent only across the insecure communication path 4'. The combination of the spurious information and vulnerability of the path 4' to attack would allow innocent passers-by or determined trespassers to readily obtain information from the network 10, information which is known to the transceiving devices of the network 10 to be fake. In other arrangements, the spurious signals may be originated by the first transceiver 1 , and transmitted through the network 10, to the second transceiver 2 across some or all of the communication paths 4, 4'. Alternatively, the spurious signals may be originated by the second transceiver 2, and transmitted through the network 10, to the first transceiver 1 across some or all of the communication paths 4, 4'. Alternatively, the spurious signals may be originated by a transceiver and directed back to itself, by propagation over the network. The spurious signals may also be originated by the one or more repeaters 3ι...3n, 3ι'...3n' and transmitted over some or all of the communication paths 4, 4'. The spurious signals could be sent periodically or at random times. The spurious signals could be transmitted over a pathway that has previously been identified as having been subject to a security breach, ie. tampering has been detected. In this event, the spurious signals could be manifested as an apparent (but fake) continuation of a message that has actually been re-routed due to the alarm condition indicated by the detected tampering. In this way, an attacker node may not be made aware that its existence has been detected until after human intervention can be made. The spurious signals could comprise bogus authentication handshakes between selected devices, in particular those located in relatively insecure parts of the network. In order to detect tampering by the unauthorised use of spurious signals, it may be necessary for at least some authorised devices in the network 10 to be able to distinguish spurious signals (eg. bogus information) that have deliberately been used by authorised devices from spurious signals that originate from an unauthorised device or attacker attempting to gain access to the network. One way of achieving this is to maintain Look-Up Tables (LUTs)
(not shown) in the devices on the network containing spurious signal entries and their conditions for use. The tables and entries may be common throughout the network 10 or specific to certain devices. A particular transmitting device 1 , 2 may select an entry at random, or in a predetermined order, from the LUT for sending in accordance with a predetermined condition of use. On receiving a signal, a receiving device, eg. transceiver 2 compares the signal to the entries in the LUT stored on the transceiver 2, checks the condition of use and thereby determines whether the spurious signal indicates tampering. The conditions for use may include timing constraints (eg. when the spurious information may be passed), association with other data, including source and destination identities, or any other condition of use that can be assessed to verify whether the spurious signal originated from an authorised device or an unauthorised device. Rather than, or as well as, using a LUT, each transceiving device of the network 10 may generate spurious signals using a mathematical algorithm common throughout the network 10. It will be understood that where spurious signals are propagated by a single transceiver over the network and back to itself, only that transceiver need be aware of the status of such spurious signals. Still further, for the purposes of propagation of spurious information to potential attacker devices 14, a network node need not even transmit the spurious information to another authentic node in the network. Rather, all that is required is that the network node transmits spurious information which purports to be data that enables or maintains connection of a device to the network. Then, if that data is used by another device in an attempt to connect to the network, tampering will be detected by the network node that originated the spurious data. In another preferred arrangement, the repeaters 3ι...3n, 3ι'...3n' of the network 10 are preferably polled by the transceiver 1 prior to transmitting the signals of the message. By polling the repeaters in the network 10, the transceiver 1 is able to determine the availability of the repeaters. The available repeaters indicate which communication paths 4, 4' are available for the transmission of signals. The repeaters 3ι...3π, 3ι'...3n' are preferably polled by sending an enquiry message from the transceiver 1. Preferably, the transceiver 1 selects at least two communication paths 4, 4' based on the responses of the polled repeaters 3ι...3n, 3ι'...3n'. In a preferred arrangement, the transceiver 1 will select repeaters
3ι'...3n' known to define an insecure communication path 4', in preference to other available communication paths 4, on which to send spurious signals. In another arrangement, the repeaters 3ι...3n, 3ι'...3n' are adapted to inject spurious signals into the signals of the message. The repeaters may use either a LUT or an algorithm, or combination of both, in order to prepare spurious signals for sending through the network, in accordance with previous arrangements. The repeaters may send the spurious signals periodically or randomly, without interfering with the signals of the message. With further reference to figure 2, another arrangement makes use of a central controller node 13 to manage the network security. In either master-slave or peer-to-peer configurations a controller node may be provided which is connected to a device capable of larger data storage and processing capabilities than other nodes. This controller node could be responsible for the network security measures. There may be several controllers in one ambient environment organised in a hierarchical manner, such that there is an overall master controller. In a peer-to-peer network configuration, the controller may be designated as a node that is queried for authentication or other security related details. An ad-hoc network can consist of just one device. The network starts growing when another enabled device is in the vicinity and joins the network. Preferably, the initial device should be the controller node. Security breaches can begin when a second legitimate device which is in the vicinity, attempts to join the ad-hoc network. An eavesdropping device could capture the details exchanged between controller and new device. These details may be used later by an attacking device in order to access the network. One of the proactive security measures proposed is that even at its smallest (when it consists of just the one device) the ambient network can generate spurious information. An example would be a totally fabricated conversation between two devices (the controller pretends to be both message originator node 1 and message recipient node 2). An eavesdropper picking up these transmissions and attempting at a later time to use the information gleaned in order to access the network would then be identified. In this arrangement, only the controller 13 originates spurious data (and controls initiation of conversation), therefore the controller easily recognises an attacker 14 attempting to use this spurious data. In another arrangement two different controllers could masquerade as nodes 1 and 2. This attack pattern (and proactive security measures) can be scaled-up no matter what the size of the ambient network. Although the described embodiments are ideal for improving security in ad-hoc home wireless communication networks, it will be recognised that the principle can be extended to other types of wireless communication network e.g. non-domestic wireless networks. Other embodiments are intentionally within the scope of the appended claims.

Claims

1. A method of communication over a wireless communications network, the network comprising at least first and second transceivers, linked by wireless communication paths, each path including at least one repeater disposed within the network for the propagation of messages, the method comprising the steps of: transmitting a plurality of signals that make up a message, through the network to the second transceiver; and determining from received signals whether one or more of the signals has undergone tampering.
2. The method of claim 1 further including the step of asserting a security breach condition in response to the determination of a tampering condition.
3. The method of claim 1 wherein the signals of the message are divided and sent across two communication paths.
4. The method of claim 3 wherein the signals sent on the same communication path are separated in time.
5. The method of claim 1 wherein the signals sent on one communication path are also sent on another communication path.
6. The method of claim 5 wherein the signals are sent on both communication paths at the same time or at different times.
7. The method of claim 3 or claim 5 wherein the determining step compares the signals received on the two communication paths.
8. The method of claim 3 or claim 5 wherein the determining step identifies signal tampering if the second transceiver receives signals on one communication path only.
5 9. The method of claim 5 wherein the determining step identifies signal tampering if the signals received on one communication path do not match the signals received on the other communication path.
10. The method of claim 3 wherein the determining step identifieso tampering if relative delays between signal arrival times deviate from an expected delay.
11. The method of claim 3, wherein the determining step identifies signal tampering if the received signals indicate at least one signal is5 missing.
12. The method of claim 1 wherein one of the communication paths is configured to be relatively insecure and vulnerable to security breaches. o
13. The method of claim 12 wherein the determining step compares the signals received on the insecure communication path to signals received on another communication path.
14. The method of claim 1 wherein at least some of the signals of the5 message are adapted to contain spurious information.
15. The method of claim 14 wherein the determining step comprises identifying said spurious signals and determining whether they originate from an authorised device or an unauthorised device.0
16. The method of claim 15 in which the step of determining whether spurious signals originate from an authorised device or an unauthorised device comprises checking a condition of use.
17. The method of claim 1 , comprising the further steps of: configuring, prior to transmitting, one of the communication paths to be insecure and vulnerable to security breaches; and adapting, at least some of the signals of the message to contain spurious information, wherein the transmitting step only sends the spurious signals on the insecure communication path.
18. The method of claim 14 in which the spurious information is inserted by a repeater.
19. The method of claim 2 in which the step of asserting a security breach comprises the step of asserting an alarm condition.
20. The method of claim 19 in which the step of asserting a security breach comprises the step of inhibiting message transmission between at least some devices on the network.
21. A receiver for receiving messages over a wireless communications network and for detecting tampering of the signals in the wireless network, comprising: means for receiving a plurality of signals that make up a message, from the network; means for determining from the received signals whether one or more of the signals has undergone tampering.
22. A method for detecting the presence of an unauthorised device attempting to connect to a network, comprising the steps of: transmitting a first message, onto a network, which first message includes spurious data which purports to be data that enables or maintains connection of a device to the network; and detecting subsequent use of that data to identify an unauthorised attempt to connect to the network.
23. The method of claim 22 in which the step of transmitting the first message comprises sending the message from a first device over the network and back to the first device.
24. The method of claim 22 in which the step of transmitting a message including spurious data comprises sending the message from a first device to a second device according to a predetermined plan.
25. The method of claim 22 further including the step of transmitting a second message that includes spurious data that purports to be a response from a device connecting or connected to the network in response to the first message.
26. The method of claim 25 in which the first and second messages are transmitted by the same device.
27. The method of any one of claims 22 to 26 in which the first message is transmitted from, or is repeated by, a device in a relatively insecure location.
28. The method of any one of the claims 22 to 27 in which a device transmitting the first message is a network controller.
29. A device for use on a network, the device comprising: a transmitter for transmitting a first message onto the network, which first message includes spurious data which purports to be data that enables or maintains connection of a device to the network; and detection means for detecting subsequent use of that data, by another device, to identify an unauthorised attempt to connect to the network.
EP04743993A 2003-07-24 2004-07-15 Wireless network security Withdrawn EP1652341A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GBGB0317308.5A GB0317308D0 (en) 2003-07-24 2003-07-24 Wireless network security
PCT/IB2004/002332 WO2005011195A2 (en) 2003-07-24 2004-07-15 Wireless network security

Publications (1)

Publication Number Publication Date
EP1652341A2 true EP1652341A2 (en) 2006-05-03

Family

ID=27772566

Family Applications (1)

Application Number Title Priority Date Filing Date
EP04743993A Withdrawn EP1652341A2 (en) 2003-07-24 2004-07-15 Wireless network security

Country Status (5)

Country Link
EP (1) EP1652341A2 (en)
JP (1) JP2007501539A (en)
CN (1) CN1826760A (en)
GB (1) GB0317308D0 (en)
WO (1) WO2005011195A2 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008028806A (en) * 2006-07-24 2008-02-07 Nec Corp Information transmission method, information reception method, information transmission device, information reception device, and program
JP5007738B2 (en) * 2009-09-28 2012-08-22 沖電気工業株式会社 Important information transmission system, important information transmission device, important information transmission method, relay device, relay method, and program thereof
IL210169A0 (en) 2010-12-22 2011-03-31 Yehuda Binder System and method for routing-based internet security
EP2719212B1 (en) * 2011-06-10 2020-04-08 Signify Holding B.V. Avoidance of hostile attacks in a network
WO2013113169A1 (en) * 2012-02-03 2013-08-08 Empire Technology Development Llc Pseudo message recognition based on ontology reasoning
US9398035B2 (en) * 2013-12-31 2016-07-19 Cisco Technology, Inc. Attack mitigation using learning machines
US10050981B2 (en) 2015-05-04 2018-08-14 Intel Corporation Attack detection through signal delay monitoring
CN105515717B (en) * 2015-11-30 2018-07-20 华侨大学 One kind being based on the scrambled cooperative relaying safe transmission method of man made noise
CN109765825B (en) * 2019-01-30 2023-09-29 山西天科信息安全科技有限公司 Internet of things multilink safety control terminal and safety control method
US11303653B2 (en) 2019-08-12 2022-04-12 Bank Of America Corporation Network threat detection and information security using machine learning
US11323473B2 (en) 2020-01-31 2022-05-03 Bank Of America Corporation Network threat prevention and information security using machine learning

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
BR9910423A (en) * 1998-05-13 2001-01-09 Ericsson Telefon Ab L M Communications process and system
US20020080888A1 (en) * 2000-12-22 2002-06-27 Li Shu Message splitting and spatially diversified message routing for increasing transmission assurance and data security over distributed networks
EP1265415A1 (en) * 2001-06-07 2002-12-11 Abb Research Ltd. Control monitor for a network and method of network monitoring

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2005011195A3 *

Also Published As

Publication number Publication date
CN1826760A (en) 2006-08-30
GB0317308D0 (en) 2003-08-27
WO2005011195A3 (en) 2005-05-19
JP2007501539A (en) 2007-01-25
WO2005011195A2 (en) 2005-02-03

Similar Documents

Publication Publication Date Title
Butun et al. Security of the Internet of Things: Vulnerabilities, attacks, and countermeasures
Zou et al. Securing physical-layer communications for cognitive radio networks
Raymond et al. Denial-of-service in wireless sensor networks: Attacks and defenses
Joshi Security issues in routing protocols in MANETs at network layer
Hlavacek et al. A layered approach to cognitive radio network security: A survey
Radmand et al. Taxonomy of wireless sensor network cyber security attacks in the oil and gas industries
US20080043695A1 (en) Wireless Perimeter Security Device and Network Using Same
US20110083165A1 (en) Method and system for regulating, disrupting and preventing access to the wireless medium
Ahmed et al. A taxonomy of internal attacks in wireless sensor network
EP1652341A2 (en) Wireless network security
O'Mahony et al. Interference and intrusion in wireless sensor networks
Pruthi et al. Network layers threats & its countermeasures in WSNs
Dubey et al. A survey in hello flood attack in wireless sensor networks
Kumari et al. Cross-layer based intrusion detection and prevention for network
Sohu et al. Analogous study of security threats in cognitive radio
Singh et al. Denial of service attack in wireless data network: A survey
Banerjee et al. A review on different Intrusion Detection Systems for MANET and its vulnerabilities
Balarengadurai et al. Comparative analysis of detection of DDoS attacks in IEEE 802.15. 4 low rate wireless personal area network
Misic et al. MAC layer security of 802.15. 4-compliant networks
Amin et al. Classification and analysis of IEEE 802.15. 4 PHY layer attacks
Kennedy et al. A review of WPAN security: attacks and prevention
US9100429B2 (en) Apparatus for analyzing vulnerability of wireless local area network
Kumar et al. An Intrusion Detection and Prevention System against DOS Attacks for Internet-Integrated WSN
Rajkumari et al. Mitigating spectrum sensing data falsification attack in ad hoc cognitive radio networks
Chen et al. Defending against jamming attacks in wireless local area networks

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20060224

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PL PT RO SE SI SK TR

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 12/26 20060101AFI20050207BHEP

Ipc: H04L 29/06 20060101ALI20060712BHEP

Ipc: H04L 12/28 20060101ALI20060712BHEP

Ipc: H04L 1/22 20060101ALI20060712BHEP

17Q First examination report despatched

Effective date: 20060906

DAX Request for extension of the european patent (deleted)
GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

RTI1 Title (correction)

Free format text: WIRELESS NETWORK SECURITY

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20080701