skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Emulation Platform for Cyber Analysis of Wireless Communication Network Protocols

Abstract

Wireless networking and mobile communications is increasing around the world and in all sectors of our lives. With increasing use, the density and complexity of the systems increase with more base stations and advanced protocols to enable higher data throughputs. The security of data transported over wireless networks must also evolve with the advances in technologies enabling more capable wireless networks. However, means for analysis of the effectiveness of security approaches and implementations used on wireless networks are lacking. More specifically a capability to analyze the lower-layer protocols (i.e., Link and Physical layers) is a major challenge. An analysis approach that incorporates protocol implementations without the need for RF emissions is necessary. In this research paper several emulation tools and custom extensions that enable an analysis platform to perform cyber security analysis of lower layer wireless networks is presented. A use case of a published exploit in the 802.11 (i.e., WiFi) protocol family is provided to demonstrate the effectiveness of the described emulation platform.

Authors:
 [1];  [1]
  1. Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Publication Date:
Research Org.:
Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Sponsoring Org.:
USDOE National Nuclear Security Administration (NNSA); USDOE Laboratory Directed Research and Development (LDRD) Program
OSTI Identifier:
1410244
Report Number(s):
SAND-2017-12715
658971
DOE Contract Number:
AC04-94AL85000
Resource Type:
Technical Report
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING

Citation Formats

Van Leeuwen, Brian P., and Eldridge, John M. Emulation Platform for Cyber Analysis of Wireless Communication Network Protocols. United States: N. p., 2017. Web. doi:10.2172/1410244.
Van Leeuwen, Brian P., & Eldridge, John M. Emulation Platform for Cyber Analysis of Wireless Communication Network Protocols. United States. doi:10.2172/1410244.
Van Leeuwen, Brian P., and Eldridge, John M. 2017. "Emulation Platform for Cyber Analysis of Wireless Communication Network Protocols". United States. doi:10.2172/1410244. https://www.osti.gov/servlets/purl/1410244.
@article{osti_1410244,
title = {Emulation Platform for Cyber Analysis of Wireless Communication Network Protocols},
author = {Van Leeuwen, Brian P. and Eldridge, John M.},
abstractNote = {Wireless networking and mobile communications is increasing around the world and in all sectors of our lives. With increasing use, the density and complexity of the systems increase with more base stations and advanced protocols to enable higher data throughputs. The security of data transported over wireless networks must also evolve with the advances in technologies enabling more capable wireless networks. However, means for analysis of the effectiveness of security approaches and implementations used on wireless networks are lacking. More specifically a capability to analyze the lower-layer protocols (i.e., Link and Physical layers) is a major challenge. An analysis approach that incorporates protocol implementations without the need for RF emissions is necessary. In this research paper several emulation tools and custom extensions that enable an analysis platform to perform cyber security analysis of lower layer wireless networks is presented. A use case of a published exploit in the 802.11 (i.e., WiFi) protocol family is provided to demonstrate the effectiveness of the described emulation platform.},
doi = {10.2172/1410244},
journal = {},
number = ,
volume = ,
place = {United States},
year = 2017,
month =
}

Technical Report:

Save / Share:
  • Most wireless sensor network (comprising of thousands of WSNs) applications require operation over extended periods of time beginning with their deployment. Network lifetime is extremely critical for most applications and is one of the limiting factors for energy-constrained networks. Based on applications, there are wide ranges of different energy sources suitable for powering WSNs. A battery is traditionally used to power WSNs. The deployed WSN is required to last for long time. Due to finite amount of energy present in batteries, it is not feasible to replace batteries. Recently there has been a new surge in the area of energymore » harvesting were ambient energy in the environment can be utilized to prolong the lifetime of WSNs. Some of the sources of ambient energies are solar power, thermal gradient, human motion and body heat, vibrations, and ambient RF energy. The design and development of TEGs to power WSNs that would remain active for a long period of time requires comprehensive understanding of WSN operational. This motivates the research in modeling the lifetime, i.e., power consumption, of a WSN by taking into consideration various node and network level activities. A WSN must perform three essential tasks: sense events, perform quick local information processing of sensed events, and wirelessly exchange locally processed data with the base station or with other WSNs in the network. Each task has a power cost per unit tine and an additional cost when switching between tasks. There are number of other considerations that must also be taken into account when computing the power consumption associated with each task. The considerations includes: number of events occurring in a fixed active time period and the duration of each event, event-information processing time, total communication time, number of retransmission, etc. Additionally, at the network level the communication of information data packets between WSNs involves collisions, latency, and retransmission, which result in unanticipated power losses. This report focuses rigorous stochastic modeling of power demand for a schedule-driven WSN utilizing Institute of Electrical and Electronics Engineers 802.11 and 802.15.4 communication protocols. The model captures the generic operation of a schedule-driven WSN when an external event occurs, i.e., sensing, following by processing, and followed by communication. The report will present development of an expression to compute the expected energy consumption per operational cycle of a schedule-driven WSN by taking into consideration the node level activities, i.e., sensing and processing, and the network level activities, i.e., channel access, packet collision, retransmission attempts, and transmission of a data packet.« less
  • The goal of this research was to combine theoretical and computational approaches to better understand the potential emergent behaviors of large-scale cyber systems, such as networks of {approx} 10{sup 6} computers. The scale and sophistication of modern computer software, hardware, and deployed networked systems have significantly exceeded the computational research community's ability to understand, model, and predict current and future behaviors. This predictive understanding, however, is critical to the development of new approaches for proactively designing new systems or enhancing existing systems with robustness to current and future cyber threats, including distributed malware such as botnets. We have developed preliminarymore » theoretical and modeling capabilities that can ultimately answer questions such as: How would we reboot the Internet if it were taken down? Can we change network protocols to make them more secure without disrupting existing Internet connectivity and traffic flow? We have begun to address these issues by developing new capabilities for understanding and modeling Internet systems at scale. Specifically, we have addressed the need for scalable network simulation by carrying out emulations of a network with {approx} 10{sup 6} virtualized operating system instances on a high-performance computing cluster - a 'virtual Internet'. We have also explored mappings between previously studied emergent behaviors of complex systems and their potential cyber counterparts. Our results provide foundational capabilities for further research toward understanding the effects of complexity in cyber systems, to allow anticipating and thwarting hackers.« less
  • The central aims of the DOE-supported “Cyber Wind Facility” project center on the recognition that wind turbines over land and ocean generate power from atmospheric winds that are inherently turbulent and strongly varying, both spatially over the rotor disk and in temporally as the rotating blades pass through atmospheric eddies embedded within the mean wind. The daytime unstable atmospheric boundary layer (ABL) is particularly variable in space time as solar heating generates buoyancy-driven motions that interact with strong mean shear in the ABL “surface layer,” the lowest 200 - 300 m where wind turbines reside in farms. With the “Cybermore » Wind Facility” (CWF) program we initiate a research and technology direction in which “cyber data” are generated from “computational experiments” within a “facility” akin to a wind tunnel, but with true space-time atmospheric turbulence that drive utility-scale wind turbines at full-scale Reynolds numbers. With DOE support we generated the key “modules” within a computational framework to create a first generation Cyber Wind Facility (CWF) for single wind turbines in the daytime ABL---both over land where the ABL globally unstable and over water with closer-to-neutral atmospheric conditions but with time response strongly affected by wave-induced forcing of the wind turbine platform (here a buoy configuration). The CWF program has significantly improved the accuracy of actuator line models, evaluated with the Cyber Wind Facility in full blade-boundary-layer-resolved mode. The application of the CWF made in this program showed the existence of important ramp-like response events that likely contribute to bearing fatigue failure on the main shaft and that the advanced ALM method developed here captures the primary nonsteady response characteristics. Long-time analysis uncovered distinctive key dynamics that explain primary mechanisms that underlie potentially deleterious load transients. We also showed that blade bend-twist coupling plays a central role in the elastic responses of the blades to atmospheric turbulence, impacting turbine power.« less
  • While holistically defining the smart grid is a challenge, one area of interest is demand-response. In 2009, the Department of Energy announced over $4 billion in grant and project funding for the Smart Grid. A significant amount of this funding was allotted to utilities for cost sharing projects to deploy Smart Grid technologies, many of whom have deployed and are deploying advanced metering infrastructure (AMI). AMI is an enabler to increase the efficiency of utilities and the bulk power grid. The bulk electrical system is unique in that it produces electricity as it is consumed. Most other industries have amore » delay between generation and consumption. This aspect of the power grid means that there must be enough generation capacity to meet the highest demand whereas other industries could over produce during off-peak times. This requires significant investment in generation capacity to cover the few days a year of peak consumption. Since bulk electrical storage doesn't yet exist at scale another way to curb the need for new peak period generation is through demand-response; that is to incentivize consumers (demand) to curtail (respond) electrical usage during peak periods. Of the various methods proposed for enabling demand-response, this paper will focus on the communication requirements for creating an energy market using transactional controls. More specifically, the paper will focus on the communication requirements needed to send the peak period notices and receive the response back from the consumers.« less