US20100100936A1 - Secure Wireless Network Using Radiometric Signatures - Google Patents
Secure Wireless Network Using Radiometric Signatures Download PDFInfo
- Publication number
- US20100100936A1 US20100100936A1 US12/555,369 US55536909A US2010100936A1 US 20100100936 A1 US20100100936 A1 US 20100100936A1 US 55536909 A US55536909 A US 55536909A US 2010100936 A1 US2010100936 A1 US 2010100936A1
- Authority
- US
- United States
- Prior art keywords
- mobile
- radio signals
- transceivers
- secure network
- modulation domain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0823—Errors, e.g. transmission errors
- H04L43/0829—Packet loss
- H04L43/0835—One way packet loss
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/02—Capturing of monitoring data
- H04L43/028—Capturing of monitoring data by filtering
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/04—Processing captured monitoring data, e.g. for logfile generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/742—Route cache; Operation thereof
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/20—Traffic policing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/12—Protocol engines
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
Definitions
- the present invention relates to security systems for computer networks and, in particular, to a security system for networks employing wireless communication links.
- Providing security for data transmitted electronically over a computer network is important to prevent the theft of data or services, preserve privacy, and prevent the introduction of malware such as viruses.
- One common method of ensuring network security uses a “white list” of authorized users and checks the identity of network users against this list at the time the users enter the network and/or periodically during their connection.
- determining the identity of a user connecting to the network is not a simple matter.
- One method is through the use of a personal identification number (PIN), password, or encryption key known only to the user. But such keys are often lost or stolen.
- PIN personal identification number
- password password
- encryption key known only to the user. But such keys are often lost or stolen.
- Additional security may be had by combining a user entered key, a machine identifier such as the MAC address of a network interface card, and a unique serial number assigned to each network interface card chip.
- a machine identifier such as the MAC address of a network interface card
- a unique serial number assigned to each network interface card chip Unfortunately, it is relatively easy to forge a MAC address. For this reason, more sophisticated machine/user identifiers may be used such as hardware fobs generating a series of pseudorandom numbers in parallel with similar hardware at a network gateway. All of these authenticating techniques, which allow the authentication to be implemented through data transmitted over the network, will be termed “network data implemented authenticators” because the authenticating information is conveyed using the data transmitting qualities of the network.
- network data implemented authenticators may be supplemented with techniques that do not rely on the data conveyed by the network, for example limiting connection to the network to physically secure network jacks within a building. These measures are resistant to the loss or theft of passwords or hardware password devices.
- the present invention provides a system that extracts a nearly unique “fingerprint” of the wireless device from imperfections in its radio transmitter circuitry and then uses such fingerprints to identify the physical transmitting device for security-related purposes.
- the present invention operates primarily in the “modulation domain,” i.e. at the last stages of conversion of analog signal to digital data in contrast to some radio transmitter identifications systems which represent device identity in the “waveform domain”, i.e., based on information gathered in early stages of signal acquisition that do not take advantage of the signal properties due to modulation.
- a test of the present invention with off-the-shelf wireless network cards indicates that sufficient variation exists even with mass-produced wireless network cards to reliably differentiate cards from each other in a typical wireless environment subject to noise, multipath effects, and channel distortion.
- the exploited imperfections in the radio transmitters used for this identification are a product of the underlying difficulty and cost of controlling these imperfections, making the creation of a “mimic” for any particular transmitter card disproportionately expensive to someone who would breach the security of the network.
- modulation domain parameters that make up the fingerprint are extracted using a process very similar to that already used in existing transceivers, making implementation of the invention relatively simple and inexpensive.
- the present invention provides a secure network transceiver system for communicating network data with a plurality of mobile transceivers, each mobile transceiver having a digital signal portion communicating with an analog radio portion.
- the secure network includes at least one base transceiver having: (1) an analog radio portion exchanging radio signals with the mobile transceivers, the analog radio portion providing modulation domain outputs reading modulation domain qualities of received radio signals from the mobile transceivers; (2) a digital signal portion communicating digital data with the analog radio portion related to encoded content of the radio signals; and (3) an electronic computer including a processor and a memory, the electronic computer exchanging network data related to the digital data with the digital signal portion and receiving modulation domain outputs from the analog radio portion.
- the electronic computer executes a stored program contained in memory to: (1) execute an authentication process with mobile transceivers through the exchange of network data, the authentication process employing a network data authenticator; (2) characterize received radio signals of mobile transceivers according to the modulation domain qualities indicated by the modulation domain outputs; (3) compare the characterized radio signals to pre-established characterizations of authorized mobile transceivers; and (d) generate an output indicating a possible security violation when the characterized radio signals do not match pre-established characterizations to within a predetermined threshold.
- the electronic computer may further execute the stored program to revoke authorization of mobile transmitters whose characterized radio signals do not match pre-established characterizations to within a predetermined threshold.
- the modulation domain qualities may be selected from the group consisting of measurements related to trajectory of a received signal's phasor in the modulation domain. Including, but not limited to symbol phase error, symbol magnitude error, and symbol error vector magnitude. Alternatively or in addition, measurements may be related to overall modulation-domain characteristics of a received signal including, but not limited to carrier frequency offset, symbol clock offset, SYNC correlation. It is thus an object of the invention to use fundamental characteristics of analog transmitter circuitry revealed in a radio signal that provide sufficient variation to serve as transmitter identification.
- the comparison may provide a multidimensional comparison using multiple different modulation domain qualities.
- the network may include multiple base transceivers, and each of the base transceivers may use different pre-established characterizations each unique to one base transceiver receiver or the multiple base transceivers may share pre-established characterizations.
- the comparison of the characterized radio signals may employ comparison algorithms selected from the group consisting of: k-nearest-neighbor, support vector machines, decision trees, neural networks, Bayesian-based algorithms, polynomial classifiers, regression fitting, hidden Markov models, Gaussian mixture models, radial basis functions, classifier boosting, classifier ensembles.
- the electronic computer may further execute the stored program contained in memory to change a pre-established characterization for a mobile transceiver on a periodic basis using recent transmissions when the characterization of the recent transmissions match existing characterizations to within a second predetermined threshold or when the characterization of the recent transmissions matches an original characterization to within a second predetermined threshold.
- FIG. 1 is a representation of a simple wireless network having three multiple mobile users communicating with two base stations, the latter connected on a network with a central server;
- FIG. 2 is a block diagram of a transceiver of the type used by the mobile users and base stations also showing a modification used in the base stations only;
- FIG. 3 is a block diagram of the central server of FIG. 1 such as may contain the radiometric identification program of the present invention, radiometric information, and network data authenticators for use by the invention;
- FIG. 4 is a flow chart of a program executed by the server of FIG. 4 during the commissioning of new mobile wireless device
- FIG. 5 is a flow chart of a program executed by the server of FIG. 4 during a typical authorization of a pre-commissioned mobile wireless device
- FIG. 6 is a constellation diagram of one type of quadrature modulation suitable for use with the present invention showing the radiometric information used by the present invention
- FIG. 7 is a simplified representation of a nearest neighbor classification algorithm
- FIG. 8 is a simplified representation of a support vector machine algorithm suitable for use with the present invention.
- FIG. 9 is a detailed fragmentary view of one quadrant of quadrature constellation of FIG. 7 showing a possible strategy for heuristic modification of the radiometric fingerprints.
- FIG. 10 an example of a possible phasor trajectory.
- an example network 10 suitable for use with the present invention employs multiple mobile devices 12 , for example, laptop computers having wireless adapters 14 such as those employing the IEEE 802.11 wireless standard well known in the art.
- the present invention however is not limited to the IEEE 802.11 standard.
- the mobile devices 12 When connected in a network, the mobile devices 12 may communicate by radio waves over a wireless communication channel with one of two base stations 16 (typically stationary) that may in turn communicate on a wire or optical carrier medium 18 with a central server 20 .
- the central server 20 may have additional connections, for example, to a secure institutional network 22 . In this way the mobile devices 12 may flexibly connect to the secure institutional network 22 .
- each of the wireless adapters 14 and base stations 16 may include a transceiver 24 .
- transceivers 24 are used in both the network adapters and base stations 16 ; however, a receiver portion of the transceiver 24 is modified slightly for the base station 16 only, as will be described below.
- the depicted transceiver 24 is simplified and is one of many possible designs that can work with the present invention as will be understood from the following description to those of ordinary skill in the art.
- the transceiver 24 may receive data from a processor 26 communicating with a memory 28 and executing a stored program in the memory 28 to produce a data stream 30 to be transmitted over the wireless communication channel.
- This data stream 30 may be data exchanged between the base stations 16 and the mobile devices 12 as part of standard network communication and may include network data authenticators for authorizing the user.
- the processor 26 may operate simply to exchange data with the server 20 and is connected to a network card 72 connecting it to the carrier medium 18 .
- the processor 26 may be the microprocessor of a laptop or other mobile device such as a cell phone, portable digital assistant, camera, music player or the like and the network card 72 is not required.
- data of the data stream 30 will typically be organized in a frame including a data packet encoded by the data link layer for digital transmission to a node (either the base station 16 or mobile device 12 ).
- a frame will typically include a header synchronization section, a payload of network data, and a trailer, for example, of error correction codes or the like.
- the data stream 30 will be received by a symbol encoder 32 which accepts sets of bits of each data packet in sequence and encodes them according to the particular encoding scheme used by the transceiver 24 .
- the transceiver 24 uses QPSK modulation (quadrature phase-shift keying) in which data is encoded in the phase of quadrature subcarriers of the transmitter radiowave.
- QPSK modulation quadrature phase-shift keying
- I in-phase subcarrier
- Q quadrature-phase subcarrier
- the present invention can be used with a variety of other modulation systems including but not limited to 16-QAM, and 256 QAM.
- a transmitter encodes discrete data onto a carrier signal by continuously varying, or modulating in time some analog, that is to say, continuous property of the carrier signal.
- the receiver measures those variations and reconstructs signal's data payload according to the communication standard in use.
- Practitioners in the art use the term “phasor” to describe an instantaneous value of those modulated properties (state of the signal) at a given point in time (see FIG. 10 ).
- the exact relationship between phasor value and physical properties of a signal is defined by the communication protocol in use. Therefore, as time passes and signal's properties are changed by the transmitter, the phasor value changes accordingly.
- I in-phase component
- Q quadrature component
- a physical radio wave is then equivalent to the trajectory of the phasor in an abstract two-dimensional space commonly called I/Q or modulation domain.
- information may be encoded in higher-dimensional space, as is the case, for example, with MIMO (multiple input and multiple output) technology. Handling such cases would require only minor changes to the overall procedure, since, as long as the modulation format's number of symbols is finite, they can be mapped onto a two-dimensional space or multiple two-dimensional spaces.
- the relationship between the dimensions of the modulation domain representation and waveform characteristics is determined by the communication protocol.
- the I-dimension could correspond to the amplitude or the I-subcarrier at a point in time
- Q-dimension could be related to the phase of the Q-subcarrier.
- the exact relationships between waveform-domain representation and modulation-domain representation for the purposes of this invention are irrelevant, as long as they are known.
- phasor trajectory as the entity encoding information.
- keeping accurate track of phasor's trajectory is resource-intensive. Instead, practical systems periodically measure phasor's position at times dictated by the communication standard, and generally disregard phasor's intermediate transitions. Phasor values at these critical points in time form a “constellation” that serves as basis for analog-to-digital conversion, and a basis for representing identity in this invention.
- One contributions of some embodiments of this invention is to base the notion of the transmitter's identity on the persistent device-specific properties of phasor trajectory of its signals that persistently manifest themselves regardless of the information encoded in the signal.
- a signature, or a fingerprint of a specific device is based on some notion of difference between the phasor trajectory observed at the receiver and the phasor trajectory of the “ideal signal”, i.e. theoretical signal generated by conceptual model of a perfect transmitter, unaffected by hardware impairments or channel distortion.
- the notion of the ideal reference signal is inevitably defined by the communication protocol in use, as part of the procedure for decoding of received signals.
- phasor trajectory is periodically sampled at frequency determined by the communication standard, effectively producing a single position of the phasor corresponding to every elementary quantum of information encoded in the signal. Therefore, the most economical embodiment of the invention will represent phasor trajectory as a single point per quantum of information encoded in the signal, thereby leveraging capabilities of existing hardware.
- the QPSK modulation system provides a modulation “constellation” admitting four different encoding states or “symbols” represented by points 34 a (with the I and Q phases positive), points 34 b (with the I phase positive and the Q phase negative), points 34 c , (with the I and Q phases negative), and points 34 d (with the I phase negative and the Q phase positive).
- encoding points 34 permit the encoding of two bits per symbol with point 34 a encoding bits 00 , point 34 d encoding bits 01 , point 34 b encoding bits 10 , and point 34 c encoding bits 11 .
- Symbol encoder 32 thus takes pairs of bits and encodes them into I and Q phases represented, for example, as two voltages indicating positive or negative I and Q phase shifts.
- the I and Q phases produced by the symbol encoder 32 may be subject to a baseband filter 36 band limiting the transmission of data (for example by metering the symbol values appropriately).
- the output of the baseband filter 36 may then be received by digital-to-analog converter 38 for conversion to analog I and Q values.
- phase values from the digital-to-analog converter 38 are received by a mixer 40 multiplying these values by appropriate quadrature carriers produced by a carrier oscillator 42 according to standard modulation techniques.
- the vector sum of the modulated phase values is then provided to an IF (intermediate frequency) filter 44 removing the out-of-band signal and then up-converted at up-converter 46 by a phase-locked, up-converting signal also from the carrier oscillator 42 (of different frequency than that provided to mixer 40 ).
- the output of the up-converter 46 is amplified by amplifier 48 and transmitted over antenna 50 .
- the transceivers 24 may also receive a modulated signal through the antenna 50 .
- This signal is amplified by amplifier 52 and provided to down-converter 54 receiving a down converting signal from carrier oscillator 57 (possibly the same oscillator structure used for oscillator 42 ).
- the oscillator 57 must be closely phase (and frequency) locked to the incoming signal for phase detection and thus may employ phase and frequency lock circuit naturally providing a carrier frequency output signal which will be used as described below.
- the output of down-converter 54 is received by IF filter 56 removing out-of-band signals and then demodulated by demodulator 58 receiving a quadrature demodulation signal from carrier oscillator 57 (typically a different frequency than that provided to the down converter 54 ).
- the output of the demodulator 58 is received by an analog-to-digital converter 60 (for example, a threshold detector) providing digital I and Q signals to a symbol decoder 62 .
- the symbol decoder 62 matching the phase of the digital I and Q signals per FIG. 7 then provides network data 63 to the processor 26 .
- the described circuitry of the transceiver 24 may be generally divided into an analog section 64 and a digital section 66 .
- the analog section 64 holds the mixer 40 , oscillators 42 and 57 , the up converter 46 and down converter 54 , IF filters 44 and 56 , the demodulator 58 , and amplifiers 48 and 52 .
- the digital section 66 holds the symbol encoder 32 , the symbol decoder 62 , and the baseband filter 36 .
- Digital-to-analog converter 38 and analog-to-digital converter 60 form bridges between the analog section 64 and the digital section 66 .
- Analog circuitry deals generally with continuous voltage and current ranges as understood in the art.
- the signals manipulated by the analog section 64 will vary continuously and slightly with slight changes in values of the analog components. Further minor changes in the signals in one section of the analog circuitry will cause additional changes in those signals in later sections of the analog circuitry as a result of the continuous functions implemented by typical analog circuitry.
- measurable differences in the resulting transmitted signal will be produced in the analog sections of different transceivers 24 for identical digital signals being modulated by different network cards. These differences manifest themselves as, for example, phase and amplitude variations that provide for the radiometric fingerprint used by the present invention.
- Digital circuitry deals generally with discontinuous voltages providing discrete binary levels. For this reason, minor variations in the component values within normal manufacturing tolerances and the requirements of standards such as IEEE 8802.11 do not provide significant differences in the digital signals conveyed by the digital section 66 . Further, minor changes in the digital signal in one part of the digital circuitry will normally not be propagated through the digital circuitry.
- the transceiver 24 and in particular the receiver portion of the transceiver 24 in the base stations 16 only, is modified to measure modulation parameters of the received signals by the addition of a monitoring block 70 .
- the monitoring block 70 captures naturally occurring signals in the analog section 64 of the receiver and digitizes them as radiometric information 71 , sending them to the processor 26 . Because the monitoring block 70 may make use of circuitry already present in the receiver, the monitoring block represents a relatively minor modification of the transceiver 24 of the base station 16 and may be readily implemented. Further, this modification is not required of the transceivers 24 of the mobile devices 12 allowing the present invention to scale well with additional users.
- the monitoring block 70 may first capture frequency data 59 from the demodulation oscillator 57 and is phase locked to the frequency of the incoming signal from antenna 50 .
- This frequency data 59 characterizes minor frequency shifts in the carrier signal of the received signal.
- the monitoring block 70 may receive one or more of the raw I and Q phase values per symbol from the demodulator 58 to detect minor variations in phase and amplitude of the carrier before digitization by the analog-to-digital converter 60 .
- This radiometric information 71 from the monitoring block 70 is digitized, and provided to the processor 26 to be conveyed in the base stations by a network card 72 to the server 20 .
- the server 20 may include a network interface card 74 connecting it to the carrier medium 18 for receiving network data 63 and radiometric data 71 .
- the network interface card 74 may communicate with a microprocessor 76 , the latter of which connects via an internal bus with an electronic memory 78 , for example, composed of hard disk and solid-state memory elements.
- the memory 78 may hold a network data authentication program 80 (employing network data authenticators) and a radiometric identification program 82 (employing modulation domain data) as will be described and which operate jointly to ensure network security.
- the memory 78 may also include NDA (network data authenticator) table 84 holding passwords or secure keys of the type known in the art and one or more radiometric identification tables 86 holding radiometric templates used for radiometric comparison as will be described.
- NDA network data authenticator
- the authentication program 80 and radiometric identification program 82 may work together as indicated by process block 90 to commission a new mobile device 12 .
- This process involves assigning a network data authenticator (e.g. a password or encryption key) to the user of the mobile devices 12 as will be required for entry onto the network 22 .
- This network data authenticator may be assigned by a network administrator or may be generated in part by the user according to well-known techniques.
- the resulting authenticator is then stored in the NDA table 84 providing a “white list” of authorized network users.
- This authentication process may accept or transmit the authenticator data over the network itself or may use a more secure or different channel including but not limited to person-to-person transfer, mail or voice telephone communication.
- the particular mobile device 12 being commissioned is operated for a period of time either in a controlled environment or during an initial login by the user required to exchange authenticator data.
- radiometric data is collected from transmissions from the mobile device 12 .
- This radiometric data may be collected by monitoring of arbitrary transmissions from the mobile device 12 or may use a special teaching transmission set intended to expose various modulation domain properties.
- modulation domain properties are generally those that make measurements of modulated qualities of the radiowave including, for example, those related to the frequency or phase. Many such measurements require modulation circuitry for detection and are not apparent in conventional time domain monitoring tools such as, for example, oscilloscopes.
- the radiometric data collected may include any of the modulation domain information provided in the following Table I.
- phase error The angle between the ideal and measured phasors Average (peak) phase error The average (or peak) value of symbol phase errors within a single frame Symbol magnitude error The difference in the scalar magnitude between the ideal and measured phasors Average (peak) magnitude The average (or peak) value of symbol error magnitude errors within a single frame Symbol error vector The magnitude of the vector difference magnitude between the measured and ideal phasors Average (peak) error vector The average (or peak) magnitude of the magnitude vector difference between measured and ideal phasors of a frame Frame I/Q origin offset The distance between the constellation origin (0, 0) and the average of measured I/Q values of a frame Frame frequency error The difference between ideal and observed carrier frequencies Frame SYNC correlation Normalized cross correlation of the observed and the ideal SYNC preambles. This is the SYNC correlation of a frame. The larger the value, the higher the modulation quality.
- Each of these radiometric quantities may be derived from the analog section 64 used to convert digital data into transmittable radio signals by modulation, filtering, and up or down converting. These measurements may be distinguished from measurements such as signal transients, which are time domain measurements.
- the modulation domain outputs are characteristics of the radio transmitter and largely indifferent to the underlying data being transmitted or the network protocol.
- these different radiometric measurements may be further explained by considering the point 34 a as a point defined by the tip of an ideal phasor (vector) 94 leading from the origin 96 of the constellation diagram and representing the de-modulated phase of the transmitted signal.
- This ideal vector 94 shown represents a perfectly modulated quadrature carrier having positive I and positive Q phases. It will be understood that similar ideal vectors 94 exist for each of the points 34 b - d.
- an actual vector 102 may be measured representing an actual measured point 34 a ′ of the transmitted signal.
- This vector 102 may be extracted before the analog-to-digital converter 60 by the monitoring block 70 and deviates from the ideal vector 94 defined by point 34 a to be defined instead by a point 34 a ′ that nevertheless remains within an acceptable boundary 100 for the particular modulation standard (for example 802.11).
- This actual vector 102 will have a different length from vector 94 and thus can be used to generate a scalar magnitude difference 104 with respect to ideal vector 94 (being their difference in length).
- This magnitude difference 104 is the symbol magnitude error described above and may be used also to calculate the average (peak) magnitude errors described above.
- a difference vector 106 can also be defined between point 34 a and 34 a ′.
- the magnitude (lanes) of this vector 106 provides the symbol error vector magnitude described above.
- Vectors 94 and 102 have an angular phase difference 108 .
- This angular phase difference 108 provides the symbol phase error and the average (peak) phase errors described above.
- the frame frequency error is the difference between the carrier frequency and the ideal carrier frequency described with respect to oscillator 57 above and extractable from the phase frequency lock circuitry used in the receiver.
- the frame SYNC correlation correlates an ideal frame SYNC signal with that actually detected and serves as a measurement of modulation quality. Normally each of these last three errors will be evaluated over multiple bits in a given transmission frame.
- the collected radiometric information is stored as a radiometric template associated with a particular mobile device 12 and a network data authenticator (e.g., password) as indicated by process block 114 .
- a network data authenticator e.g., password
- a single copy of these radiometric templates is stored in the radiometric identification tables 86 described above at the server 20 to be shared by both base stations 16 .
- each base station 16 may provide its own radiometric identification table 86 reflecting the coloring of the modulation data of received signals as affected by the receiver of that base station 16 .
- the commissioning process requires sequential data collection at each of the base stations 16 for the purpose of generating the radiometric templates.
- the receiver path of each base station 16 may be pre-characterized allowing radiometric data collected by a single base station 16 to be modified for use by the individual base stations 16 to create base station unique radiometric templates.
- the authentication program 80 and radiometric identification program 82 may work in conjunction to permit mobile devices 12 to log on to the network 22 and be authenticated for communication with the network 22 .
- the beginning of this authentication process uses the network data authenticators described above, such as a password or secure key or network fob or MAC address. This step relies on the transfer of digital data conventionally conveyed by wireless communication.
- the user provides an identification that is compared against the identifications in table 84 and used to identify the appropriate radiometric templates from table 86 associated with the user who is logging in.
- radiometric data from the user logging in is collected either through a special authorization sequence executed by the mobile device 12 as prompted by the base stations 16 or by simply monitoring the communication of frames during process block 114 .
- the collected radiometric data is compared with the radiometric templates stored in table 86 (collected per process block 114 in the commissioning process) to detect possible imposters.
- this comparison process may use a variety of techniques and the present invention is not limited to any particular one of these comparison techniques.
- the comparison is made through individual ones or combinations of the known comparison techniques or their equivalents including: k-nearest-neighbor, support vector machines, decision trees, neural networks, Bayesian-based algorithms, polynomial classifiers, regression fitting, hidden Markov models, Gaussian mixture models, radial basis functions, classifier boosting, classifier ensembles.
- SVM system vector machine
- the radiometric templates stored in table 86 represent individual point 122 in an n-dimensional space where n equals the number of different radiometric parameters from Table I that will be used in a comparison process and which are embodied in the radiometric templates.
- frame frequency error, SYNC correlation, frame I/Q offset, frame magnitude error, and frame phasor error are used in that order of importance. It will be understood that variations in these subsets are also possible.
- Each template point 122 is constructed by monitoring frames during process block 92 of the commissioning process, described above, and discarding half of the collected frames for each parameter furthest from their average in the n-dimensional space. The remaining frames are then averaged to produce a single n-dimensional point 122 stored in table 86 and indexed to the user identification obtained in process block 116 .
- the comparison of process block 120 analyzes the distance 124 from an average of the collected data 126 at process block 118 to the template point 122 .
- the authorization of the mobile device 12 is rejected and the program proceeds to process block 130 .
- the program may generate an output signal indicating a mismatched output to a system operator or a log entry.
- the authorization of the mobile device 12 may be revoked either temporarily or until a reauthorization process per FIG. 5 maybe completed again. This revocation may be effected by removing or flagging the data in table 84 .
- the comparison process of process block 120 uses a support vector machine algorithm.
- data points 131 obtained in process block 114 , are collected into clusters identified to a particular mobile device 12 according to table 84 and stored as the radiometric templates.
- Data points 126 collected during the authentication process are compared to the cluster using a support vector machine algorithm which provides a confidence value indicating whether the collected data point 126 belongs to that cluster. This confidence value may be used like the threshold value above to determine the presence of an imposter if the confidence value is below a certain value. Again, depending on the confidence value at decision block 128 , the program will branch to process block 130 or 132 .
- the sensitivity of the present invention may be varied by simply adjusting the threshold or confidence levels of the comparison process of process block 120 to either increase or decrease the security of the network.
- the present invention is intended to work together with an identifier, for example, secure key or password and to provide an augmentation of security or to increase security of an otherwise insecure system.
- a trade-off between high levels of security and high levels of false negatives in the system may be implemented by allowing the evolution of the template stored in table 86 over a pre-established time period, for example, a given session being the time between logging in and logging out.
- an initial template point 140 may be replaced with a later template point 141 so that the template value may evolve over time. Restraints on this process may be had by limiting the increment of evolution 142 per given time or session and providing a limit on the maximum evolution 144 until reauthorization.
- points 140 and 141 are points in n-dimensional space similar to that described with respect to FIGS. 8 and 9 .
- the program for radiometric identification of the present invention is located in a server 20 shared among base stations 16 ; however, it will be recognized that the base stations 16 themselves may provide for this functionality and, in fact, there is no particular significance to how the authentication program is distributed among hardware components, this being a matter of engineering choice to the extent that it does not affect security
- the present invention was applied to differentiating among 138 identical IEEE 802.11 network interface cards and provided accuracy in excess of 99.99%.
- the optimal feature set for differentiation of network interface cards in order of positive effect on performance for SVM comparison was (1) frequency error, (2) SYNC correlation, (3) I/Q offset, (4) magnitude, and phase errors.
- the optimal feature set for differentiation of network interface cards in order of positive effect on performance was: (1) frequency error, (2) SYNC correlation, (3) I/Q offset.
- the set of network cards most susceptible to false rejections with SVM were different from the set of network cards most susceptible to false rejections with k-nearest neighbor, so improved performance may be obtained by a combination of approaches to reduce false rejection rates. Details of the methodology of this experiment are provided in the attached appendix.
- the present invention may also find use in identifying illegal transmitters based on fingerprints extracted from their illegal transmissions.
- the present invention may base device identity of some notion of difference between the ideal and the observed phasor trajectories.
- the present inventors have determined that good performance is possible when the trajectory is represented by a single measurement per symbol. This approach has the advantage of minimizing the necessary modifications to the existing hardware designs.
- performance can be improved further by collecting more fine-grained information about the phasor trajectory (this is a mathematical fact; informally, the more data the less chance of a mistake).
- Such optimization may require a more capable receiver but will allow to capture each symbol's signal state as a curve rather than a point, thus allowing use of additional metrics of deviation from the ideal signal.
- curves could be represented using splines and wavelets, which are well-known in the art.
- Such mathematical entities can be defined as a set of numeric parameters. The difference in the corresponding parameters between the ideal and observed signal could serve as a basis for a new dimension of analysis.
- further optimization can be derived from the fact that modulation fidelity of adjacent symbols is not independent.
- the correlation can be due to environmental factors as well as the fundamental properties of the transmitter hardware. In either case correlations between modulation errors of groups of symbols can be used to detect outliers or generate new ways to compare signals.
- Analog transmissions of the same digital data by different transmitters differ, in part, due to relative reference-level differences between them. For example, one transmitter may be biased toward positive carrier frequency offset, while another to a negative offset. This happen while neither of them is aware of the inaccuracy nor has reliable means of measuring it. A further embodiment may focus on measuring such inaccuracies at the base station. However, a natural extension to the scheme would be for a sufficiently capable base station to alter characteristics of its outgoing signals based on the intended receiver to determine the point at which the receiver is unable to demodulate the signal, and use this information as an additional dimension of transceiver's signature.
- a receiver that is biased toward positive carrier frequency offset will fail to demodulate a signal whose carrier frequency offset is higher than some critical number. This critical number will be even higher for another receiver with a negative carrier frequency bias.
- the transmitter can use the difference between these critical values as another way of differentiating the receivers. Similar technique can be applied to other modulation accuracy metrics discussed here.
- the main challenge of transmitter identification based on characteristics of its transmissions is dealing with noise and distortion.
- Performing signature extraction and comparison in the modulation domain is superior to prior approaches because it leverages existing signal processing facilities whose purpose is, essentially, to de-noise the signal for the purposes of data recovery.
- knowledge of the signal's structure allows the invention to collect at least as many measurements as there are symbols in a signal (and more in practice), further improving resilience to noise since there is enough data to perform outlier removal, for example, by considering the middle quartile of measurements.
- there is only one short transient per transmission meaning that misclassifications need to be averaged out across entire transmissions, not symbols.
Abstract
A network security system for wireless devices derives a fingerprint from the modulation imperfections of the analog circuitry of the wireless transceivers. These fingerprints may be compared to templates obtained when the wireless devices are initially commissioned in a secure setting and used to augment passwords or other security tools in detecting intruders on the network.
Description
- This application claims the benefit of U.S. provisional applications 61/097,406 filed Sep. 16, 2008 and 61/095,216 filed Sep. 8, 2008, both hereby incorporated by reference.
- This invention was made with United States government support awarded by the following agency:
-
- NSF 0520152
- The United States government has certain rights in this invention.
- The present invention relates to security systems for computer networks and, in particular, to a security system for networks employing wireless communication links.
- Providing security for data transmitted electronically over a computer network is important to prevent the theft of data or services, preserve privacy, and prevent the introduction of malware such as viruses. One common method of ensuring network security uses a “white list” of authorized users and checks the identity of network users against this list at the time the users enter the network and/or periodically during their connection.
- Reliably determining the identity of a user connecting to the network is not a simple matter. One method is through the use of a personal identification number (PIN), password, or encryption key known only to the user. But such keys are often lost or stolen.
- Additional security may be had by combining a user entered key, a machine identifier such as the MAC address of a network interface card, and a unique serial number assigned to each network interface card chip. Unfortunately, it is relatively easy to forge a MAC address. For this reason, more sophisticated machine/user identifiers may be used such as hardware fobs generating a series of pseudorandom numbers in parallel with similar hardware at a network gateway. All of these authenticating techniques, which allow the authentication to be implemented through data transmitted over the network, will be termed “network data implemented authenticators” because the authenticating information is conveyed using the data transmitting qualities of the network.
- For highly secure networks, “network data implemented authenticators” may be supplemented with techniques that do not rely on the data conveyed by the network, for example limiting connection to the network to physically secure network jacks within a building. These measures are resistant to the loss or theft of passwords or hardware password devices.
- This latter type of supplemental identification of the user is far more difficult with a wireless network which anticipates that users may be mobile and where it is difficult to contain the wireless signal within a building or controlled environment.
- The present invention provides a system that extracts a nearly unique “fingerprint” of the wireless device from imperfections in its radio transmitter circuitry and then uses such fingerprints to identify the physical transmitting device for security-related purposes. The present invention operates primarily in the “modulation domain,” i.e. at the last stages of conversion of analog signal to digital data in contrast to some radio transmitter identifications systems which represent device identity in the “waveform domain”, i.e., based on information gathered in early stages of signal acquisition that do not take advantage of the signal properties due to modulation. A test of the present invention with off-the-shelf wireless network cards indicates that sufficient variation exists even with mass-produced wireless network cards to reliably differentiate cards from each other in a typical wireless environment subject to noise, multipath effects, and channel distortion.
- Importantly, the exploited imperfections in the radio transmitters used for this identification are a product of the underlying difficulty and cost of controlling these imperfections, making the creation of a “mimic” for any particular transmitter card disproportionately expensive to someone who would breach the security of the network.
- Significantly, too, all network communication over the wireless card must reveal the data necessary to extract the modulation domain fingerprint making this technique inescapable. At the same time, implementation of the invention does not require any modifications to the mobile wireless devices, making it easy to deploy in existing environments.
- As an additional benefit, the modulation domain parameters that make up the fingerprint are extracted using a process very similar to that already used in existing transceivers, making implementation of the invention relatively simple and inexpensive.
- In detail, then, the present invention provides a secure network transceiver system for communicating network data with a plurality of mobile transceivers, each mobile transceiver having a digital signal portion communicating with an analog radio portion. The secure network includes at least one base transceiver having: (1) an analog radio portion exchanging radio signals with the mobile transceivers, the analog radio portion providing modulation domain outputs reading modulation domain qualities of received radio signals from the mobile transceivers; (2) a digital signal portion communicating digital data with the analog radio portion related to encoded content of the radio signals; and (3) an electronic computer including a processor and a memory, the electronic computer exchanging network data related to the digital data with the digital signal portion and receiving modulation domain outputs from the analog radio portion.
- The electronic computer executes a stored program contained in memory to: (1) execute an authentication process with mobile transceivers through the exchange of network data, the authentication process employing a network data authenticator; (2) characterize received radio signals of mobile transceivers according to the modulation domain qualities indicated by the modulation domain outputs; (3) compare the characterized radio signals to pre-established characterizations of authorized mobile transceivers; and (d) generate an output indicating a possible security violation when the characterized radio signals do not match pre-established characterizations to within a predetermined threshold.
- It is thus an object of the invention to provide a method of uniquely identifying a wireless transmitter that is difficult to forge and that is inescapably revealed in network communications. It is another object of the invention to provide a method that does not require special modification of the wireless transmitters of mobile devices and thus is scalable at low cost.
- The electronic computer may further execute the stored program to revoke authorization of mobile transmitters whose characterized radio signals do not match pre-established characterizations to within a predetermined threshold.
- It is thus an object of the invention to provide a system that may automatically and rapidly stop security breaches.
- The modulation domain qualities may be selected from the group consisting of measurements related to trajectory of a received signal's phasor in the modulation domain. Including, but not limited to symbol phase error, symbol magnitude error, and symbol error vector magnitude. Alternatively or in addition, measurements may be related to overall modulation-domain characteristics of a received signal including, but not limited to carrier frequency offset, symbol clock offset, SYNC correlation. It is thus an object of the invention to use fundamental characteristics of analog transmitter circuitry revealed in a radio signal that provide sufficient variation to serve as transmitter identification.
- The comparison may provide a multidimensional comparison using multiple different modulation domain qualities.
- Thus it is an object of the invention to produce a “fingerprint” that is extremely difficult to forge requiring the simultaneous control of multiple parameters of a radio transmitter that are normally electrically inter-dependent.
- The network may include multiple base transceivers, and each of the base transceivers may use different pre-established characterizations each unique to one base transceiver receiver or the multiple base transceivers may share pre-established characterizations.
- It is thus an object of the invention to provide a flexible trade-off between a simple commissioning process in which a set of measurements at one base station serve all base stations, and extremely precise radiometric characterization wherein each base transceiver creates a fingerprint unique to its own receiver characteristics.
- The comparison of the characterized radio signals may employ comparison algorithms selected from the group consisting of: k-nearest-neighbor, support vector machines, decision trees, neural networks, Bayesian-based algorithms, polynomial classifiers, regression fitting, hidden Markov models, Gaussian mixture models, radial basis functions, classifier boosting, classifier ensembles.
- Thus it is an object of the invention to provide high accuracy by using a sophisticated multidimensional comparison algorithm.
- The electronic computer may further execute the stored program contained in memory to change a pre-established characterization for a mobile transceiver on a periodic basis using recent transmissions when the characterization of the recent transmissions match existing characterizations to within a second predetermined threshold or when the characterization of the recent transmissions matches an original characterization to within a second predetermined threshold.
- It is thus an object of the invention to permit tighter characterizations of mobile transceivers by accommodating slow evolution of transceiver parameters.
- These particular objects and advantages may apply to only some embodiments falling within the claims, and thus do not define the scope of the invention.
-
FIG. 1 is a representation of a simple wireless network having three multiple mobile users communicating with two base stations, the latter connected on a network with a central server; -
FIG. 2 is a block diagram of a transceiver of the type used by the mobile users and base stations also showing a modification used in the base stations only; -
FIG. 3 is a block diagram of the central server ofFIG. 1 such as may contain the radiometric identification program of the present invention, radiometric information, and network data authenticators for use by the invention; -
FIG. 4 is a flow chart of a program executed by the server ofFIG. 4 during the commissioning of new mobile wireless device; -
FIG. 5 is a flow chart of a program executed by the server ofFIG. 4 during a typical authorization of a pre-commissioned mobile wireless device; -
FIG. 6 is a constellation diagram of one type of quadrature modulation suitable for use with the present invention showing the radiometric information used by the present invention; -
FIG. 7 is a simplified representation of a nearest neighbor classification algorithm; -
FIG. 8 is a simplified representation of a support vector machine algorithm suitable for use with the present invention; -
FIG. 9 is a detailed fragmentary view of one quadrant of quadrature constellation ofFIG. 7 showing a possible strategy for heuristic modification of the radiometric fingerprints; and -
FIG. 10 an example of a possible phasor trajectory. - Referring now to
FIG. 1 , anexample network 10 suitable for use with the present invention employs multiplemobile devices 12, for example, laptop computers havingwireless adapters 14 such as those employing the IEEE 802.11 wireless standard well known in the art. The present invention however is not limited to the IEEE 802.11 standard. - When connected in a network, the
mobile devices 12 may communicate by radio waves over a wireless communication channel with one of two base stations 16 (typically stationary) that may in turn communicate on a wire oroptical carrier medium 18 with acentral server 20. Thecentral server 20 may have additional connections, for example, to a secureinstitutional network 22. In this way themobile devices 12 may flexibly connect to the secureinstitutional network 22. - Referring now to
FIG. 2 , each of thewireless adapters 14 andbase stations 16 may include atransceiver 24. Generally,similar transceivers 24 are used in both the network adapters andbase stations 16; however, a receiver portion of thetransceiver 24 is modified slightly for thebase station 16 only, as will be described below. The depictedtransceiver 24 is simplified and is one of many possible designs that can work with the present invention as will be understood from the following description to those of ordinary skill in the art. - Referring still to
FIG. 2 , during transmission, thetransceiver 24 may receive data from aprocessor 26 communicating with amemory 28 and executing a stored program in thememory 28 to produce adata stream 30 to be transmitted over the wireless communication channel. Thisdata stream 30, for example, may be data exchanged between thebase stations 16 and themobile devices 12 as part of standard network communication and may include network data authenticators for authorizing the user. When thetransceiver 24 is in thebase station 16, theprocessor 26 may operate simply to exchange data with theserver 20 and is connected to anetwork card 72 connecting it to thecarrier medium 18. When thetransceiver 24 is in themobile devices 12, theprocessor 26 may be the microprocessor of a laptop or other mobile device such as a cell phone, portable digital assistant, camera, music player or the like and thenetwork card 72 is not required. - As is understood in the art, data of the
data stream 30 will typically be organized in a frame including a data packet encoded by the data link layer for digital transmission to a node (either thebase station 16 or mobile device 12). A frame will typically include a header synchronization section, a payload of network data, and a trailer, for example, of error correction codes or the like. - Within the
transceiver 24, thedata stream 30 will be received by asymbol encoder 32 which accepts sets of bits of each data packet in sequence and encodes them according to the particular encoding scheme used by thetransceiver 24. In this example, it will be assumed that thetransceiver 24 uses QPSK modulation (quadrature phase-shift keying) in which data is encoded in the phase of quadrature subcarriers of the transmitter radiowave. These quadrature subcarriers will be termed the in-phase subcarrier (I) and the quadrature-phase subcarrier (Q) and are separated in phase by 90°. While this modulation technique is assumed in the following example, it should be emphasized that the present invention can be used with a variety of other modulation systems including but not limited to 16-QAM, and 256 QAM. - In general, a transmitter encodes discrete data onto a carrier signal by continuously varying, or modulating in time some analog, that is to say, continuous property of the carrier signal. The receiver measures those variations and reconstructs signal's data payload according to the communication standard in use. Practitioners in the art use the term “phasor” to describe an instantaneous value of those modulated properties (state of the signal) at a given point in time (see
FIG. 10 ). The exact relationship between phasor value and physical properties of a signal is defined by the communication protocol in use. Therefore, as time passes and signal's properties are changed by the transmitter, the phasor value changes accordingly. As instantaneous value of a phasor is most commonly described using two independent components known as I (in-phase component) and Q (quadrature component). In the art, a physical radio wave is then equivalent to the trajectory of the phasor in an abstract two-dimensional space commonly called I/Q or modulation domain. In fact, information may be encoded in higher-dimensional space, as is the case, for example, with MIMO (multiple input and multiple output) technology. Handling such cases would require only minor changes to the overall procedure, since, as long as the modulation format's number of symbols is finite, they can be mapped onto a two-dimensional space or multiple two-dimensional spaces. - The relationship between the dimensions of the modulation domain representation and waveform characteristics is determined by the communication protocol. For example, the I-dimension could correspond to the amplitude or the I-subcarrier at a point in time, and Q-dimension could be related to the phase of the Q-subcarrier. The exact relationships between waveform-domain representation and modulation-domain representation for the purposes of this invention are irrelevant, as long as they are known.
- Therefore, we can treat phasor trajectory as the entity encoding information. However, keeping accurate track of phasor's trajectory is resource-intensive. Instead, practical systems periodically measure phasor's position at times dictated by the communication standard, and generally disregard phasor's intermediate transitions. Phasor values at these critical points in time form a “constellation” that serves as basis for analog-to-digital conversion, and a basis for representing identity in this invention.
- One contributions of some embodiments of this invention is to base the notion of the transmitter's identity on the persistent device-specific properties of phasor trajectory of its signals that persistently manifest themselves regardless of the information encoded in the signal. Specifically, a signature, or a fingerprint of a specific device is based on some notion of difference between the phasor trajectory observed at the receiver and the phasor trajectory of the “ideal signal”, i.e. theoretical signal generated by conceptual model of a perfect transmitter, unaffected by hardware impairments or channel distortion. The notion of the ideal reference signal is inevitably defined by the communication protocol in use, as part of the procedure for decoding of received signals.
- Consumer-grade transceivers typically do not keep precise track of phasor trajectory, as doing so would require higher sampling rates and more capable hardware than what is minimally necessary to communicate in typical environments. Instead, phasor trajectory is periodically sampled at frequency determined by the communication standard, effectively producing a single position of the phasor corresponding to every elementary quantum of information encoded in the signal. Therefore, the most economical embodiment of the invention will represent phasor trajectory as a single point per quantum of information encoded in the signal, thereby leveraging capabilities of existing hardware.
- In our implementation even such concise trajectory representation allowed degree of accuracy suitable for many applications. However, since in such embodiment most information about phasor trajectory is discarded, an embodiment designed to deliver maximal accuracy can benefit from a more enhanced and consequently costly receiver that is required strictly for data communication alone. Referring momentarily to
FIG. 7 , the QPSK modulation system provides a modulation “constellation” admitting four different encoding states or “symbols” represented by points 34 a (with the I and Q phases positive), points 34 b (with the I phase positive and the Q phase negative), points 34 c, (with the I and Q phases negative), and points 34 d (with the I phase negative and the Q phase positive). These four encoding points 34 permit the encoding of two bits per symbol with point 34 a encoding bits 00,point 34 d encoding bits 01,point 34b encoding bits 10, andpoint 34 c encoding bits 11.Symbol encoder 32 thus takes pairs of bits and encodes them into I and Q phases represented, for example, as two voltages indicating positive or negative I and Q phase shifts. - The I and Q phases produced by the
symbol encoder 32 may be subject to abaseband filter 36 band limiting the transmission of data (for example by metering the symbol values appropriately). The output of thebaseband filter 36 may then be received by digital-to-analog converter 38 for conversion to analog I and Q values. - These phase values from the digital-to-analog converter 38 are received by a
mixer 40 multiplying these values by appropriate quadrature carriers produced by a carrier oscillator 42 according to standard modulation techniques. The vector sum of the modulated phase values is then provided to an IF (intermediate frequency)filter 44 removing the out-of-band signal and then up-converted at up-converter 46 by a phase-locked, up-converting signal also from the carrier oscillator 42 (of different frequency than that provided to mixer 40). The output of the up-converter 46 is amplified byamplifier 48 and transmitted overantenna 50. - The
transceivers 24 may also receive a modulated signal through theantenna 50. This signal is amplified byamplifier 52 and provided to down-converter 54 receiving a down converting signal from carrier oscillator 57 (possibly the same oscillator structure used for oscillator 42). Theoscillator 57 must be closely phase (and frequency) locked to the incoming signal for phase detection and thus may employ phase and frequency lock circuit naturally providing a carrier frequency output signal which will be used as described below. - The output of down-
converter 54 is received byIF filter 56 removing out-of-band signals and then demodulated bydemodulator 58 receiving a quadrature demodulation signal from carrier oscillator 57 (typically a different frequency than that provided to the down converter 54). The output of thedemodulator 58 is received by an analog-to-digital converter 60 (for example, a threshold detector) providing digital I and Q signals to asymbol decoder 62. Thesymbol decoder 62 matching the phase of the digital I and Q signals perFIG. 7 then providesnetwork data 63 to theprocessor 26. - The described circuitry of the
transceiver 24 may be generally divided into ananalog section 64 and adigital section 66. Theanalog section 64 holds themixer 40,oscillators 42 and 57, the upconverter 46 and downconverter 54, IFfilters demodulator 58, andamplifiers digital section 66 holds thesymbol encoder 32, thesymbol decoder 62, and thebaseband filter 36. Digital-to-analog converter 38 and analog-to-digital converter 60 form bridges between theanalog section 64 and thedigital section 66. - Analog circuitry deals generally with continuous voltage and current ranges as understood in the art. Generally, the signals manipulated by the
analog section 64 will vary continuously and slightly with slight changes in values of the analog components. Further minor changes in the signals in one section of the analog circuitry will cause additional changes in those signals in later sections of the analog circuitry as a result of the continuous functions implemented by typical analog circuitry. Within normal manufacturing tolerances and the tolerances imposed by standards such as IEEE 802.11, measurable differences in the resulting transmitted signal will be produced in the analog sections ofdifferent transceivers 24 for identical digital signals being modulated by different network cards. These differences manifest themselves as, for example, phase and amplitude variations that provide for the radiometric fingerprint used by the present invention. - Digital circuitry deals generally with discontinuous voltages providing discrete binary levels. For this reason, minor variations in the component values within normal manufacturing tolerances and the requirements of standards such as IEEE 8802.11 do not provide significant differences in the digital signals conveyed by the
digital section 66. Further, minor changes in the digital signal in one part of the digital circuitry will normally not be propagated through the digital circuitry. - Referring still to
FIG. 2 , thetransceiver 24, and in particular the receiver portion of thetransceiver 24 in thebase stations 16 only, is modified to measure modulation parameters of the received signals by the addition of amonitoring block 70. Themonitoring block 70 captures naturally occurring signals in theanalog section 64 of the receiver and digitizes them asradiometric information 71, sending them to theprocessor 26. Because themonitoring block 70 may make use of circuitry already present in the receiver, the monitoring block represents a relatively minor modification of thetransceiver 24 of thebase station 16 and may be readily implemented. Further, this modification is not required of thetransceivers 24 of themobile devices 12 allowing the present invention to scale well with additional users. - The
monitoring block 70 may first capturefrequency data 59 from thedemodulation oscillator 57 and is phase locked to the frequency of the incoming signal fromantenna 50. Thisfrequency data 59 characterizes minor frequency shifts in the carrier signal of the received signal. In addition, themonitoring block 70 may receive one or more of the raw I and Q phase values per symbol from thedemodulator 58 to detect minor variations in phase and amplitude of the carrier before digitization by the analog-to-digital converter 60. Thisradiometric information 71 from themonitoring block 70 is digitized, and provided to theprocessor 26 to be conveyed in the base stations by anetwork card 72 to theserver 20. - Referring now to
FIG. 4 , theserver 20 may include anetwork interface card 74 connecting it to thecarrier medium 18 for receivingnetwork data 63 andradiometric data 71. Thenetwork interface card 74 may communicate with a microprocessor 76, the latter of which connects via an internal bus with anelectronic memory 78, for example, composed of hard disk and solid-state memory elements. Thememory 78 may hold a network data authentication program 80 (employing network data authenticators) and a radiometric identification program 82 (employing modulation domain data) as will be described and which operate jointly to ensure network security. Thememory 78 may also include NDA (network data authenticator) table 84 holding passwords or secure keys of the type known in the art and one or more radiometric identification tables 86 holding radiometric templates used for radiometric comparison as will be described. - Referring now to
FIG. 5 , theauthentication program 80 andradiometric identification program 82 may work together as indicated byprocess block 90 to commission a newmobile device 12. This process involves assigning a network data authenticator (e.g. a password or encryption key) to the user of themobile devices 12 as will be required for entry onto thenetwork 22. This network data authenticator may be assigned by a network administrator or may be generated in part by the user according to well-known techniques. The resulting authenticator is then stored in the NDA table 84 providing a “white list” of authorized network users. This authentication process may accept or transmit the authenticator data over the network itself or may use a more secure or different channel including but not limited to person-to-person transfer, mail or voice telephone communication. - At
process block 92, the particularmobile device 12 being commissioned is operated for a period of time either in a controlled environment or during an initial login by the user required to exchange authenticator data. During this operation, radiometric data is collected from transmissions from themobile device 12. This radiometric data may be collected by monitoring of arbitrary transmissions from themobile device 12 or may use a special teaching transmission set intended to expose various modulation domain properties. - Referring momentarily to
FIG. 7 , modulation domain properties are generally those that make measurements of modulated qualities of the radiowave including, for example, those related to the frequency or phase. Many such measurements require modulation circuitry for detection and are not apparent in conventional time domain monitoring tools such as, for example, oscilloscopes. In a preferred embodiment of the invention, the radiometric data collected may include any of the modulation domain information provided in the following Table I. -
TABLE I Radiometric Data Type Short description Symbol phase error The angle between the ideal and measured phasors Average (peak) phase error The average (or peak) value of symbol phase errors within a single frame Symbol magnitude error The difference in the scalar magnitude between the ideal and measured phasors Average (peak) magnitude The average (or peak) value of symbol error magnitude errors within a single frame Symbol error vector The magnitude of the vector difference magnitude between the measured and ideal phasors Average (peak) error vector The average (or peak) magnitude of the magnitude vector difference between measured and ideal phasors of a frame Frame I/Q origin offset The distance between the constellation origin (0, 0) and the average of measured I/Q values of a frame Frame frequency error The difference between ideal and observed carrier frequencies Frame SYNC correlation Normalized cross correlation of the observed and the ideal SYNC preambles. This is the SYNC correlation of a frame. The larger the value, the higher the modulation quality. - Each of these radiometric quantities may be derived from the
analog section 64 used to convert digital data into transmittable radio signals by modulation, filtering, and up or down converting. These measurements may be distinguished from measurements such as signal transients, which are time domain measurements. The modulation domain outputs are characteristics of the radio transmitter and largely indifferent to the underlying data being transmitted or the network protocol. - Referring again to
FIG. 7 , these different radiometric measurements may be further explained by considering the point 34 a as a point defined by the tip of an ideal phasor (vector) 94 leading from theorigin 96 of the constellation diagram and representing the de-modulated phase of the transmitted signal. Thisideal vector 94 shown, represents a perfectly modulated quadrature carrier having positive I and positive Q phases. It will be understood that similarideal vectors 94 exist for each of thepoints 34 b-d. - As a signal is received by the
transceiver 24, anactual vector 102 may be measured representing an actual measured point 34 a′ of the transmitted signal. Thisvector 102 may be extracted before the analog-to-digital converter 60 by themonitoring block 70 and deviates from theideal vector 94 defined by point 34 a to be defined instead by a point 34 a′ that nevertheless remains within anacceptable boundary 100 for the particular modulation standard (for example 802.11). Thisactual vector 102 will have a different length fromvector 94 and thus can be used to generate ascalar magnitude difference 104 with respect to ideal vector 94 (being their difference in length). Thismagnitude difference 104 is the symbol magnitude error described above and may be used also to calculate the average (peak) magnitude errors described above. - A
difference vector 106 can also be defined between point 34 a and 34 a′. The magnitude (lanes) of thisvector 106 provides the symbol error vector magnitude described above. -
Vectors angular phase difference 108. Thisangular phase difference 108 provides the symbol phase error and the average (peak) phase errors described above. - It will be understood that similar metrics can be derived for the other quadrants of the constellation and used for the average or peak measurements.
- When multiple actual points 34′ are averaged (in an average that includes equal numbers of symbols from each quadrant) they provide an average value 110 offset from the origin by an
amount 112. This is the frame I/Q origin offset. - The frame frequency error is the difference between the carrier frequency and the ideal carrier frequency described with respect to
oscillator 57 above and extractable from the phase frequency lock circuitry used in the receiver. - The frame SYNC correlation correlates an ideal frame SYNC signal with that actually detected and serves as a measurement of modulation quality. Normally each of these last three errors will be evaluated over multiple bits in a given transmission frame.
- Referring again to
FIG. 5 , after radiometric information has been collected for themobile device 12 to be commissioned, the collected radiometric information is stored as a radiometric template associated with a particularmobile device 12 and a network data authenticator (e.g., password) as indicated by process block 114. - In one embodiment, a single copy of these radiometric templates is stored in the radiometric identification tables 86 described above at the
server 20 to be shared by bothbase stations 16. Alternatively, eachbase station 16 may provide its own radiometric identification table 86 reflecting the coloring of the modulation data of received signals as affected by the receiver of thatbase station 16. In this case, the commissioning process requires sequential data collection at each of thebase stations 16 for the purpose of generating the radiometric templates. Alternatively, the receiver path of eachbase station 16 may be pre-characterized allowing radiometric data collected by asingle base station 16 to be modified for use by theindividual base stations 16 to create base station unique radiometric templates. - Referring now to
FIG. 6 , after themobile devices 12 have been commissioned and radiometric templates established for theirtransceivers 24, theauthentication program 80 andradiometric identification program 82 may work in conjunction to permitmobile devices 12 to log on to thenetwork 22 and be authenticated for communication with thenetwork 22. The beginning of this authentication process, as indicated byprocess block 116, uses the network data authenticators described above, such as a password or secure key or network fob or MAC address. This step relies on the transfer of digital data conventionally conveyed by wireless communication. In this authentication, the user provides an identification that is compared against the identifications in table 84 and used to identify the appropriate radiometric templates from table 86 associated with the user who is logging in. - At
process block 118, radiometric data from the user logging in is collected either through a special authorization sequence executed by themobile device 12 as prompted by thebase stations 16 or by simply monitoring the communication of frames during process block 114. - At
process block 120, the collected radiometric data is compared with the radiometric templates stored in table 86 (collected per process block 114 in the commissioning process) to detect possible imposters. - Referring now to
FIG. 8 , this comparison process may use a variety of techniques and the present invention is not limited to any particular one of these comparison techniques. In the preferred embodiments, the comparison is made through individual ones or combinations of the known comparison techniques or their equivalents including: k-nearest-neighbor, support vector machines, decision trees, neural networks, Bayesian-based algorithms, polynomial classifiers, regression fitting, hidden Markov models, Gaussian mixture models, radial basis functions, classifier boosting, classifier ensembles. The techniques of a “k-nearest neighbor” comparison or a “system vector machine” (SVM) comparison are described briefly below. - In the k-nearest neighbor approach, the radiometric templates stored in table 86 represent
individual point 122 in an n-dimensional space where n equals the number of different radiometric parameters from Table I that will be used in a comparison process and which are embodied in the radiometric templates. In a preferred version of this embodiment of the present invention, frame frequency error, SYNC correlation, frame I/Q offset, frame magnitude error, and frame phasor error are used in that order of importance. It will be understood that variations in these subsets are also possible. - Each
template point 122, in this case, is constructed by monitoring frames duringprocess block 92 of the commissioning process, described above, and discarding half of the collected frames for each parameter furthest from their average in the n-dimensional space. The remaining frames are then averaged to produce a single n-dimensional point 122 stored in table 86 and indexed to the user identification obtained inprocess block 116. - The comparison of
process block 120, in this case, analyzes thedistance 124 from an average of the collecteddata 126 at process block 118 to thetemplate point 122. - If that
distance 124 is greater than a certain amount, then atdecision block 128, the authorization of themobile device 12 is rejected and the program proceeds to process block 130. Atprocess block 130, the program may generate an output signal indicating a mismatched output to a system operator or a log entry. As noted, optionally atprocess block 134, the authorization of themobile device 12 may be revoked either temporarily or until a reauthorization process perFIG. 5 maybe completed again. This revocation may be effected by removing or flagging the data in table 84. - On the other hand, if the average of the collected
data 126 is within a predetermined distance of the indicatedtemplate point 122, then network connection is authorized and the program proceeds to process block 132 allowing themobile device 12 access to thenetwork 22. - Referring to
FIG. 9 , in a second embodiment, the comparison process of process block 120 uses a support vector machine algorithm. In this embodiment,data points 131, obtained in process block 114, are collected into clusters identified to a particularmobile device 12 according to table 84 and stored as the radiometric templates. Data points 126 collected during the authentication process are compared to the cluster using a support vector machine algorithm which provides a confidence value indicating whether the collecteddata point 126 belongs to that cluster. This confidence value may be used like the threshold value above to determine the presence of an imposter if the confidence value is below a certain value. Again, depending on the confidence value atdecision block 128, the program will branch to process block 130 or 132. - It will be understood that the sensitivity of the present invention may be varied by simply adjusting the threshold or confidence levels of the comparison process of process block 120 to either increase or decrease the security of the network. The present invention is intended to work together with an identifier, for example, secure key or password and to provide an augmentation of security or to increase security of an otherwise insecure system.
- Referring now to
FIG. 10 , a trade-off between high levels of security and high levels of false negatives in the system may be implemented by allowing the evolution of the template stored in table 86 over a pre-established time period, for example, a given session being the time between logging in and logging out. In such a system, aninitial template point 140 may be replaced with alater template point 141 so that the template value may evolve over time. Restraints on this process may be had by limiting the increment ofevolution 142 per given time or session and providing a limit on themaximum evolution 144 until reauthorization. It will be understood thatpoints FIGS. 8 and 9 . - As described, the program for radiometric identification of the present invention is located in a
server 20 shared amongbase stations 16; however, it will be recognized that thebase stations 16 themselves may provide for this functionality and, in fact, there is no particular significance to how the authentication program is distributed among hardware components, this being a matter of engineering choice to the extent that it does not affect security - The present invention was applied to differentiating among 138 identical IEEE 802.11 network interface cards and provided accuracy in excess of 99.99%. The optimal feature set for differentiation of network interface cards in order of positive effect on performance for SVM comparison was (1) frequency error, (2) SYNC correlation, (3) I/Q offset, (4) magnitude, and phase errors. For k-nearest neighbor comparison, the optimal feature set for differentiation of network interface cards in order of positive effect on performance was: (1) frequency error, (2) SYNC correlation, (3) I/Q offset. Interestingly, the set of network cards most susceptible to false rejections with SVM, were different from the set of network cards most susceptible to false rejections with k-nearest neighbor, so improved performance may be obtained by a combination of approaches to reduce false rejection rates. Details of the methodology of this experiment are provided in the attached appendix.
- The present invention may also find use in identifying illegal transmitters based on fingerprints extracted from their illegal transmissions.
- As noted, the present invention may base device identity of some notion of difference between the ideal and the observed phasor trajectories. The present inventors have determined that good performance is possible when the trajectory is represented by a single measurement per symbol. This approach has the advantage of minimizing the necessary modifications to the existing hardware designs.
- However, in an alternative embodiment, performance can be improved further by collecting more fine-grained information about the phasor trajectory (this is a mathematical fact; informally, the more data the less chance of a mistake). Such optimization may require a more capable receiver but will allow to capture each symbol's signal state as a curve rather than a point, thus allowing use of additional metrics of deviation from the ideal signal. For example, in addition to analyses described here, curves could be represented using splines and wavelets, which are well-known in the art. Such mathematical entities can be defined as a set of numeric parameters. The difference in the corresponding parameters between the ideal and observed signal could serve as a basis for a new dimension of analysis.
- In a further embodiment, further optimization can be derived from the fact that modulation fidelity of adjacent symbols is not independent. The correlation can be due to environmental factors as well as the fundamental properties of the transmitter hardware. In either case correlations between modulation errors of groups of symbols can be used to detect outliers or generate new ways to compare signals.
- Analog transmissions of the same digital data by different transmitters differ, in part, due to relative reference-level differences between them. For example, one transmitter may be biased toward positive carrier frequency offset, while another to a negative offset. This happen while neither of them is aware of the inaccuracy nor has reliable means of measuring it. A further embodiment may focus on measuring such inaccuracies at the base station. However, a natural extension to the scheme would be for a sufficiently capable base station to alter characteristics of its outgoing signals based on the intended receiver to determine the point at which the receiver is unable to demodulate the signal, and use this information as an additional dimension of transceiver's signature.
- For example, a receiver that is biased toward positive carrier frequency offset will fail to demodulate a signal whose carrier frequency offset is higher than some critical number. This critical number will be even higher for another receiver with a negative carrier frequency bias. The transmitter can use the difference between these critical values as another way of differentiating the receivers. Similar technique can be applied to other modulation accuracy metrics discussed here.
- The main challenge of transmitter identification based on characteristics of its transmissions is dealing with noise and distortion. Performing signature extraction and comparison in the modulation domain is superior to prior approaches because it leverages existing signal processing facilities whose purpose is, essentially, to de-noise the signal for the purposes of data recovery.
- For example, approaches based on signal transients during power-on ramps (waveform domain techniques) are necessarily performed at the lowest layer of measurement because transients are unstructured and it is difficult to tell which properties of the transient are due to the transmitter's hardware and which are due to noise. In contrast, the present invention leverages structural knowledge of the modulation scheme being used to separate intentional (due to transmitter) and unintentional (due to noise) features of the signal. In a sense, this approach operates at the last analog stage of the communication process where continuous (I/Q) values falling in certain ranges are mapped to discrete values, as specified by the modulation format.
- The theoretical downside of this approach is that it requires knowledge of the modulation scheme being used (unlike transient-based approaches). However, this is a nonissue in the context of network security, where all necessary information is always available.
- Moreover, knowledge of the signal's structure allows the invention to collect at least as many measurements as there are symbols in a signal (and more in practice), further improving resilience to noise since there is enough data to perform outlier removal, for example, by considering the middle quartile of measurements. In contrast, there is only one short transient per transmission, meaning that misclassifications need to be averaged out across entire transmissions, not symbols.
- It is specifically intended that the present invention not be limited to the embodiments and illustrations contained herein, but include modified forms of those embodiments including portions of the embodiments and combinations of elements of different embodiments as come within the scope of the following claims.
Claims (19)
1. A secure network transceiver system for communicating network data with a plurality of mobile transceivers, each mobile transceiver having a digital signal portion communicating with an analog radio portion, the secure network transceiver system comprising:
at least one base transceiver having:
an analog radio portion exchanging radio signals with the mobile transceivers, the analog radio portion including modulation domain outputs reading modulation domain qualities of received radio signals from the mobile transceivers;
a digital signal portion communicating digital data with the analog radio portion related to encoded content of the radio signals;
an electronic computer including a processor and a memory, the electronic computer exchanging network data related to the digital data with the digital signal portion and receiving modulation domain outputs from the analog radio portion, the electronic computer further executing a stored program contained in memory to:
(a) execute an authentication process with mobile transceivers through an exchange of network data, the authentication process employing a networks data authenticator;
(b) characterize received radio signals of mobile transceivers according to the modulation domain qualities indicated by the modulation domain outputs;
(c) compare the characterized radio signals to pre-established characterizations of authorized mobile transceivers; and
(d) generate an output indicating a possible security violation when the characterized radio signals do not match pre-established characterizations to within at least one predetermined criterion.
2. The secure network transceiver system of claim 1 wherein the electronic computer further executes the stored program contained in memory to:
(e) respond to the output to revoke authorization of mobile transmitters whose characterized radio signals do not match pre-established characterizations to within a predetermined threshold.
3. The secure network transceiver system of claim 1 wherein the modulation domain qualities are selected from the group consisting of measurements of: symbol phase error, symbol magnitude error, and symbol error vector magnitude.
4. The secure network transceiver system of claim 3 wherein the modulation domain qualities include each of: symbol phase error and symbol magnitude error
5. The secure network transceiver system of claim 3 wherein the modulation domain qualities include each of: radio frequency error and frame SYNC correlation error.
6. The secure network transceiver system of claim 1 wherein the modulation domain qualities are selected from the group consisting of measurements of: carrier frequency offset, symbol clock offset, SYNC correlation.
7. The secure network transceiver system of claim 6 wherein the transceivers are 802.11 compliant.
8. The secure network transceiver system of claim 1 wherein the comparison of characterized radio signals provides a multidimensional comparison using multiple different modulation domain qualities.
9. The secure network transceiver system of claim 1 wherein the comparison of characterized radio signals employs comparison algorithms selected from the group consisting of: k-nearest-neighbor, support vector machines, decision trees, neural networks, Bayesian-based algorithms, polynomial classifiers, regression fitting, hidden Markov models, Gaussian mixture models, radial basis functions, classifier boosting, classifier ensembles.
10. The secure network transceiver system of claim 9 wherein the comparison of characterized radio signals employs a combination of at least two different comparison algorithms operating independently to make a comparison and then combining the results.
11. The secure network transceiver system of claim 1 including multiple base transceivers wherein each of the base transceivers uses a different pre-established characterization specific to a given base transceiver receiver.
12. The secure network transceiver system of claim 1 including multiple base transceivers wherein the multiple base transceivers share pre-established characterizations.
13. The secure network transceiver system of claim 1 wherein the electronic computer further executes the stored program contained in memory to characterize a new authorized mobile transceiver having a new secure key to produce a pre-established characterization for the new authorized mobile transceiver to be added to the pre-established characterizations of authorized mobile transceivers.
14. The secure network transceiver system of claim 1 wherein the electronic computer further executes the stored program contained in memory to change a pre-established characterization for a mobile transceiver on a periodic basis using recent transmissions when the characterization of the recent transmissions matches existing characterizations to within a second predetermined threshold.
15. The secure network transceiver system of claim 1 wherein the electronic computer further executes the stored program contained in memory to change a pre-established characterization for a mobile transceiver on a periodic basis using recent transmissions when the characterization of the recent transmissions matches an original characterization to within a second predetermined threshold.
16. A method of establishing a secure wireless network using a base transceiver communicating with a plurality of mobile transceivers, the base transceiver having an analog radio portion exchanging radio signals with the mobile transceivers, the analog radio portion including modulation domain outputs reading modulation domain qualities of received radio signals from the mobile transceivers, the method comprising:
(a) executing an authentication process with mobile transceivers through an exchange of network data, the authentication process employing a network data authenticator;
(b) characterizing received radio signals of mobile transceivers according to the modulation domain qualities indicated by the modulation domain outputs;
(c) comparing the characterized radio signals to pre-established characterizations of authorized mobile transceivers;
(d) generating an output indicating a possible security violation when characterized radio signals do not match pre-established characterizations to within a predetermined threshold.
17. The method of claim 16 further including:
(e) responding to the output to revoke authorization of mobile transmitters whose characterize radio signals do not match pre-established characterizations to within a predetermined threshold until a new security key has been established for those mobile transmitters.
18. The method of claim 16 further wherein the modulation domain qualities are selected from the group consisting of measurements of: symbol phase error, symbol magnitude error, radio frequency error, frame SYNC correlation error.
19. The method of claim 16 further including:
(e) allowing the mobile transceivers to use any commercially available 802.11 compatible wireless transceiver.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/555,369 US20100100936A1 (en) | 2008-09-08 | 2009-09-08 | Secure Wireless Network Using Radiometric Signatures |
US15/600,220 US10397080B2 (en) | 2008-09-08 | 2017-05-19 | Secure wireless network using radiometric signatures |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US9521608P | 2008-09-08 | 2008-09-08 | |
US9740608P | 2008-09-16 | 2008-09-16 | |
US12/555,369 US20100100936A1 (en) | 2008-09-08 | 2009-09-08 | Secure Wireless Network Using Radiometric Signatures |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/600,220 Continuation US10397080B2 (en) | 2008-09-08 | 2017-05-19 | Secure wireless network using radiometric signatures |
Publications (1)
Publication Number | Publication Date |
---|---|
US20100100936A1 true US20100100936A1 (en) | 2010-04-22 |
Family
ID=42007171
Family Applications (6)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/555,369 Abandoned US20100100936A1 (en) | 2008-09-08 | 2009-09-08 | Secure Wireless Network Using Radiometric Signatures |
US12/555,452 Active 2030-09-23 US8218493B2 (en) | 2008-09-08 | 2009-09-08 | System and method for interference mitigation in wireless networks |
US12/555,379 Active 2030-10-23 US8498592B2 (en) | 2008-09-08 | 2009-09-08 | Method and apparatus for improving energy efficiency of mobile devices through energy profiling based rate adaptation |
US12/555,462 Active 2030-10-07 US8233493B2 (en) | 2008-09-08 | 2009-09-08 | Packet router having improved packet classification |
US12/555,353 Active 2030-01-30 US8005114B2 (en) | 2008-09-08 | 2009-09-08 | Method and apparatus to vary the transmission bit rate within individual wireless packets through multi-rate packetization |
US15/600,220 Active US10397080B2 (en) | 2008-09-08 | 2017-05-19 | Secure wireless network using radiometric signatures |
Family Applications After (5)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/555,452 Active 2030-09-23 US8218493B2 (en) | 2008-09-08 | 2009-09-08 | System and method for interference mitigation in wireless networks |
US12/555,379 Active 2030-10-23 US8498592B2 (en) | 2008-09-08 | 2009-09-08 | Method and apparatus for improving energy efficiency of mobile devices through energy profiling based rate adaptation |
US12/555,462 Active 2030-10-07 US8233493B2 (en) | 2008-09-08 | 2009-09-08 | Packet router having improved packet classification |
US12/555,353 Active 2030-01-30 US8005114B2 (en) | 2008-09-08 | 2009-09-08 | Method and apparatus to vary the transmission bit rate within individual wireless packets through multi-rate packetization |
US15/600,220 Active US10397080B2 (en) | 2008-09-08 | 2017-05-19 | Secure wireless network using radiometric signatures |
Country Status (1)
Country | Link |
---|---|
US (6) | US20100100936A1 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100313025A1 (en) * | 2009-06-05 | 2010-12-09 | Rochester Institute Of Technology | Methods establishing a symmetric encryption key and devices thereof |
US9083527B1 (en) * | 2012-08-31 | 2015-07-14 | Symantec Corporation | Using mobile data to establish a shared secret in second-factor authentication |
US20210204122A1 (en) * | 2018-06-19 | 2021-07-01 | University Of Notre Dame Du Lac | Security for Wireless Communications |
Families Citing this family (51)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060167838A1 (en) * | 2005-01-21 | 2006-07-27 | Z-Force Communications, Inc. | File-based hybrid file storage scheme supporting multiple file switches |
ATE537670T1 (en) * | 2008-12-23 | 2011-12-15 | Abb Research Ltd | MULTI-NETWORK MANAGER, METHOD AND SYSTEM |
CN101860948B (en) * | 2009-04-13 | 2014-07-30 | 华为技术有限公司 | Method, equipment and system for regulating power consumption |
US8213453B1 (en) * | 2009-08-07 | 2012-07-03 | Juniper Networks, Inc. | Quality of service (QoS) configuration for network devices with multiple queues |
WO2011071425A1 (en) * | 2009-12-08 | 2011-06-16 | Telefonaktiebolaget L M Ericsson (Publ) | Method and arrangement for energy consumption balancing between base stations in a communication system |
US20110298598A1 (en) * | 2010-06-02 | 2011-12-08 | Sokwoo Rhee | System and Method for Low Latency Sensor Network |
US8627448B2 (en) | 2010-11-02 | 2014-01-07 | Jose Renato Santos | Selective invalidation of packet filtering results |
JP5807676B2 (en) * | 2010-12-15 | 2015-11-10 | 日本電気株式会社 | Packet classifier, packet classification method, and packet classification program |
EP2472948A2 (en) * | 2010-12-28 | 2012-07-04 | Thomson Licensing | Method and processing device for optimal interference estimation and scheduling in a multi-hop wireless network with centralized control |
US8966182B2 (en) * | 2011-02-08 | 2015-02-24 | International Business Machines Corporation | Software and hardware managed dual rule bank cache for use in a pattern matching accelerator |
US9208438B2 (en) | 2011-08-02 | 2015-12-08 | Cavium, Inc. | Duplication in decision trees |
US9183244B2 (en) | 2011-08-02 | 2015-11-10 | Cavium, Inc. | Rule modification in decision trees |
US10229139B2 (en) | 2011-08-02 | 2019-03-12 | Cavium, Llc | Incremental update heuristics |
WO2013020001A1 (en) | 2011-08-02 | 2013-02-07 | Cavium, Inc. | Lookup front end output processor |
US8645412B2 (en) * | 2011-10-21 | 2014-02-04 | International Business Machines Corporation | Computing correlated aggregates over a data stream |
US9379868B2 (en) * | 2011-12-05 | 2016-06-28 | Broadcom Corporation | Subsequent association identifier (AID) update within single user, multiple user, multiple access, and/or MIMO wireless communications |
US20140006537A1 (en) * | 2012-06-28 | 2014-01-02 | Wiliam H. TSO | High speed record and playback system |
WO2014006507A2 (en) * | 2012-07-02 | 2014-01-09 | Marvell Israel (M.I.S.L.) Ltd. | Systems and methods for providing replicated data from memories to processing clients |
US9672239B1 (en) * | 2012-10-16 | 2017-06-06 | Marvell Israel (M.I.S.L.) Ltd. | Efficient content addressable memory (CAM) architecture |
US11044009B2 (en) | 2013-03-14 | 2021-06-22 | Everactive, Inc. | Methods and apparatus for networking using a proxy device and backchannel communication |
US10420072B2 (en) | 2013-03-14 | 2019-09-17 | Everactive, Inc. | Methods and apparatus for low power wireless communication |
CN105379155B (en) * | 2013-03-14 | 2019-06-14 | 皮斯基克有限公司 | Method and apparatus for being carried out wireless communication via predefined sequence |
US10083200B2 (en) | 2013-03-14 | 2018-09-25 | Cavium, Inc. | Batch incremental update |
US9595003B1 (en) | 2013-03-15 | 2017-03-14 | Cavium, Inc. | Compiler with mask nodes |
US9195939B1 (en) * | 2013-03-15 | 2015-11-24 | Cavium, Inc. | Scope in decision trees |
US10229144B2 (en) | 2013-03-15 | 2019-03-12 | Cavium, Llc | NSP manager |
US9219694B2 (en) * | 2013-03-15 | 2015-12-22 | Wisconsin Alumni Research Foundation | Content addressable memory with reduced power consumption |
CN104427632B (en) * | 2013-09-11 | 2019-11-26 | 中兴通讯股份有限公司 | Data transmission scheduling method, device and system |
US9020483B1 (en) | 2013-11-26 | 2015-04-28 | At&T Mobility Ii Llc | Setting voice and data priority using a registration message |
US9544402B2 (en) | 2013-12-31 | 2017-01-10 | Cavium, Inc. | Multi-rule approach to encoding a group of rules |
US9275336B2 (en) | 2013-12-31 | 2016-03-01 | Cavium, Inc. | Method and system for skipping over group(s) of rules based on skip group rule |
US9667446B2 (en) | 2014-01-08 | 2017-05-30 | Cavium, Inc. | Condition code approach for comparing rule and packet data that are provided in portions |
US10129181B2 (en) * | 2014-08-16 | 2018-11-13 | New York University | Controlling the reactive caching of wildcard rules for packet processing, such as flow processing in software-defined networks |
US9591021B2 (en) * | 2014-08-20 | 2017-03-07 | Mcafee, Inc. | Zero day threat detection using host application/program to user agent mapping |
US20160335298A1 (en) * | 2015-05-12 | 2016-11-17 | Extreme Networks, Inc. | Methods, systems, and non-transitory computer readable media for generating a tree structure with nodal comparison fields and cut values for rapid tree traversal and reduced numbers of full comparisons at leaf nodes |
WO2017130824A1 (en) * | 2016-01-26 | 2017-08-03 | 日本電気株式会社 | Information processing device, information processing method, and recording medium containing information processing program |
US9854528B2 (en) | 2016-04-05 | 2017-12-26 | At&T Intellectual Property I, L.P. | Tuning networks and user equipment using a power profile |
US10517021B2 (en) | 2016-06-30 | 2019-12-24 | Evolve Cellular Inc. | Long term evolution-primary WiFi (LTE-PW) |
EP3270621B1 (en) * | 2016-07-11 | 2020-02-26 | Alcatel Lucent | Method and device for controlling a wireless access point |
US10616030B2 (en) | 2017-05-20 | 2020-04-07 | Microsoft Technology Licensing, Llc | Signal design for diverse data rates |
WO2019136713A1 (en) * | 2018-01-12 | 2019-07-18 | Oppo广东移动通信有限公司 | Data transmission method and device |
US11096191B2 (en) * | 2018-05-21 | 2021-08-17 | Qualcomm Incorporated | UE-centric clustering and efficient scheduling for CoMP |
US10594727B2 (en) | 2018-07-17 | 2020-03-17 | Levl Technologies, Inc. | Relay attack prevention |
GB2580284B (en) * | 2018-08-13 | 2021-01-06 | Metaswitch Networks Ltd | Generating packet processing graphs |
WO2020044233A1 (en) | 2018-08-27 | 2020-03-05 | Levl Technologies, Inc. | Carrier frequency offset modeling for radio frequency fingerprinting |
WO2020070594A1 (en) * | 2018-10-03 | 2020-04-09 | Levl Technologies, Inc. | Carrier frequency estimation for radio frequency fingerprinting |
US10873488B2 (en) * | 2019-01-22 | 2020-12-22 | Qualcomm Incorporated | Intra-packet rate adaptation for high capacity |
US11146299B2 (en) | 2019-09-09 | 2021-10-12 | Everactive, Inc. | Wireless receiver apparatus and method |
US11431434B2 (en) | 2019-12-10 | 2022-08-30 | Electronics And Telecommunications Research Institute | Method and apparatus for secure communication in wireless communication system |
US11758480B2 (en) | 2020-02-14 | 2023-09-12 | Everactive Inc. | Method and system for low power and secure wake-up radio |
WO2023113110A1 (en) * | 2021-12-15 | 2023-06-22 | Samsung Electronics Co., Ltd. | Method and system for authenticating wireless devices |
Citations (38)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5440758A (en) * | 1994-04-12 | 1995-08-08 | Motorola, Inc. | Method of preventing unauthorized access to a wireless communication system |
US5706307A (en) * | 1994-03-18 | 1998-01-06 | Detemobil Deutsche Telekom Mobilfunk Gmbh | Method and arrangement for the determination of the ratio for common-channel or adjacent-channel interferers in digital mobile communication networks |
US5715518A (en) * | 1996-03-06 | 1998-02-03 | Cellular Technical Services Company, Inc. | Adaptive waveform matching for use in transmitter identification |
US5905949A (en) * | 1995-12-21 | 1999-05-18 | Corsair Communications, Inc. | Cellular telephone fraud prevention system using RF signature analysis |
US5999806A (en) * | 1997-02-28 | 1999-12-07 | Cellular Technical Services Company, Inc. | Waveform collection for use in wireless telephone identification |
US6035188A (en) * | 1996-06-27 | 2000-03-07 | Cellular Technical Services Company, Inc. | Active waveform collection for use in transmitter identification |
US6269246B1 (en) * | 1998-09-22 | 2001-07-31 | Ppm, Inc. | Location determination using RF fingerprinting |
US20020034191A1 (en) * | 1998-02-12 | 2002-03-21 | Shattil Steve J. | Method and apparatus for transmitting and receiving signals having a carrier interferometry architecture |
US6385448B1 (en) * | 1998-03-16 | 2002-05-07 | Ericsson Inc. | Predictive registration identification timer |
US6396818B1 (en) * | 1998-03-20 | 2002-05-28 | Ericsson Inc. | Call routing interface for satellite communications user terminals |
US20020065048A1 (en) * | 1999-07-28 | 2002-05-30 | Kazuo Nagatani | Method and apparatus for compensating for distortion in radio apparatus |
US6437735B1 (en) * | 2000-09-07 | 2002-08-20 | Ericsson Inc. | Position detection system integrated into mobile terminal |
US20020118834A1 (en) * | 2001-02-28 | 2002-08-29 | Wilson Dennis L. | Analog privacy scrambler and scrambling method |
US20020196188A1 (en) * | 2001-06-25 | 2002-12-26 | Harris Corporation | System and method for determining the location of a transmitter using passive reflectors or refractors as proxy receivers and using database querying |
US20030008668A1 (en) * | 1998-09-22 | 2003-01-09 | Ppm, Inc. | Location determination using RF fingerprinting |
US20030021582A1 (en) * | 2001-07-27 | 2003-01-30 | Nec Corporation | Time shift reproduction method and device and bookmark being used in same |
US20030110400A1 (en) * | 2001-12-10 | 2003-06-12 | Cartmell Brian Ross | Method and system for blocking unwanted communications |
US20030227342A1 (en) * | 2002-06-07 | 2003-12-11 | Dongtai Liu | Multimode modulator employing a phase lock loop for wireless communications |
US20040015990A1 (en) * | 2000-10-18 | 2004-01-22 | Sharp Kabushiki Kaisha | Radio communication apparatus, transmitter apparatus and receiver apparatus |
US6748036B1 (en) * | 1997-12-18 | 2004-06-08 | Nec Corporation | Radio receiving method and apparatus |
US20040166818A1 (en) * | 2003-02-24 | 2004-08-26 | Networkfab Corporation | Method and system for emitter identification using transmission signatures |
US20040192361A1 (en) * | 2003-03-31 | 2004-09-30 | Tadiran Communications Ltd. | Reliable telecommunication |
US20050143051A1 (en) * | 2003-12-30 | 2005-06-30 | Welgate Corporation | Mobile authentication/financial transaction system using a unique mobile identification code and method thereof |
US6915123B1 (en) * | 2000-03-02 | 2005-07-05 | Lucent Technologies Inc. | Method and system for monitoring an operational area of a subscriber station |
US20050163090A1 (en) * | 2002-12-25 | 2005-07-28 | Nobuhisa Aoki | Wireless communications system, relaying apparatus and mobile terminal |
US20050225396A1 (en) * | 2004-04-08 | 2005-10-13 | M/A-Com, Eurotec B.V. | Bias circuit for power amplifier operated as a digital to analog converter |
US20060008029A1 (en) * | 2002-12-18 | 2006-01-12 | Houman Jafari | Transmitter stage |
US20060126754A1 (en) * | 2003-02-20 | 2006-06-15 | Nikolai Filimonov | Efficient modulation of rf signals |
US20070025265A1 (en) * | 2005-07-22 | 2007-02-01 | Porras Phillip A | Method and apparatus for wireless network security |
US20070178914A1 (en) * | 2006-01-31 | 2007-08-02 | Microsoft Corporation | Determining the network location of a user device based on transmitter fingerprints |
US20070253499A1 (en) * | 2006-01-26 | 2007-11-01 | Texas Instruments Incorporated | Robust Detection of Packet Types |
US20070264939A1 (en) * | 2006-05-09 | 2007-11-15 | Cognio, Inc. | System and Method for Identifying Wireless Devices Using Pulse Fingerprinting and Sequence Analysis |
US20080024269A1 (en) * | 2006-07-28 | 2008-01-31 | Fuji Xerox Co., Ltd. | Authenticity determination system of responder, identification system, and interrogation unit |
US20080244707A1 (en) * | 2007-03-26 | 2008-10-02 | Bowser Robert A | Wireless transmitter identity validation in a wireless network |
US20090287764A1 (en) * | 2008-05-15 | 2009-11-19 | Motorola, Inc. | Media access control server for radio access network |
US7639806B2 (en) * | 2004-03-24 | 2009-12-29 | Iowa State University Research Foundation, Inc. | Fingerprinting digital devices using electromagnetic characteristics of their communications |
US8176533B1 (en) * | 2006-11-06 | 2012-05-08 | Oracle America, Inc. | Complementary client and user authentication scheme |
US8509735B2 (en) * | 2005-08-25 | 2013-08-13 | Motorola Mobility Llc | Method and apparatus to facilitate detection of an unauthorized communication system user |
Family Cites Families (57)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5329591A (en) * | 1993-04-23 | 1994-07-12 | Magrill Barry J | Transmitter identification and validation system and method |
US5893031A (en) * | 1996-06-27 | 1999-04-06 | Cellular Technical Services Company, Inc. | System and method for collection of transmission characteristics |
GB2315955B (en) * | 1996-07-31 | 1998-06-24 | Lucent Technologies Inc | Subscriber authentication for radio local loop system |
US5970405A (en) * | 1997-02-28 | 1999-10-19 | Cellular Technical Services Co., Inc. | Apparatus and method for preventing fraudulent calls in a wireless telephone system using destination and fingerprint analysis |
US5999807A (en) * | 1997-02-28 | 1999-12-07 | Cellular Technical Services Company, Inc. | System and method for the verification of authentic telephone numbers in a wireless telephone system |
JP3202658B2 (en) * | 1997-06-20 | 2001-08-27 | 日本電気株式会社 | Variable rate CDMA transmission power control method |
US6101168A (en) * | 1997-11-13 | 2000-08-08 | Qualcomm Inc. | Method and apparatus for time efficient retransmission using symbol accumulation |
AU743933B2 (en) * | 1998-07-20 | 2002-02-07 | Robert Bosch Gmbh | An entry system |
EP1177668A2 (en) * | 1999-05-10 | 2002-02-06 | Nokia Corporation | Header compression |
JP3334753B2 (en) * | 1999-06-15 | 2002-10-15 | 日本電気株式会社 | Mobile terminal, mobile communication system, and method for suppressing power consumption of mobile terminal |
JP4385489B2 (en) * | 2000-03-03 | 2009-12-16 | ソニー株式会社 | COMMUNICATION SYSTEM, COMMUNICATION METHOD, AND COMMUNICATION DEVICE |
US7257094B2 (en) * | 2001-01-16 | 2007-08-14 | Texas Instruments Incorporated | Jointly controlling transmission rate and power in a communications system |
US7193997B2 (en) * | 2001-03-19 | 2007-03-20 | International Business Machines Corporation | Packet classification |
US20020147025A1 (en) * | 2001-04-05 | 2002-10-10 | Telefonaktiebolaget Lm Ericsson | Systems and methods for base station signal transmission power control |
US6526031B1 (en) * | 2001-06-21 | 2003-02-25 | Motorola, Inc. | Forward power control determination in spread spectrum communications systems |
US6819938B2 (en) * | 2001-06-26 | 2004-11-16 | Qualcomm Incorporated | System and method for power control calibration and a wireless communication device |
JP4149145B2 (en) * | 2001-06-27 | 2008-09-10 | 富士通株式会社 | Network side apparatus and power management method for mobile communication system |
US7095715B2 (en) * | 2001-07-02 | 2006-08-22 | 3Com Corporation | System and method for processing network packet flows |
US7046966B2 (en) * | 2001-08-24 | 2006-05-16 | Kyocera Wireless Corp. | Method and apparatus for assigning data rate in a multichannel communication system |
CN1235354C (en) * | 2001-10-04 | 2006-01-04 | 株式会社Ntt都科摩 | Radio control apparatus, base station, mobile communication method, mobile communication program recording medium containing the same, and mobile communication system |
US6735420B2 (en) * | 2001-12-18 | 2004-05-11 | Globespanvirata, Inc. | Transmit power control for multiple rate wireless communications |
US7184407B1 (en) * | 2002-05-10 | 2007-02-27 | Cisco Systems Wireless Networking (Australia) Pty Limited | Detecting, reporting and mitigating hidden nodes in a wireless data network |
US7079812B2 (en) * | 2002-05-16 | 2006-07-18 | Cognio, Inc. | Systems and methods for interference mitigation with respect to periodic interferers in short-range wireless applications |
KR100429904B1 (en) * | 2002-05-18 | 2004-05-03 | 한국전자통신연구원 | Router providing differentiated quality-of-service and fast internet protocol packet classification method for the same |
US7221701B2 (en) * | 2002-08-28 | 2007-05-22 | Altratek, Inc. | System and method for CDMA communications |
BRPI0315991B1 (en) * | 2002-11-04 | 2016-08-23 | Blackberry Ltd | mobile device for transmitting a wireless signal and method of amplifying a signal generated on a mobile device |
US7328037B2 (en) * | 2002-12-09 | 2008-02-05 | Intel Corporation | Method and apparatus to control transmitter |
JP3809415B2 (en) * | 2002-12-26 | 2006-08-16 | 松下電器産業株式会社 | Transmission power determination device and transmission power determination method |
WO2004095758A2 (en) * | 2003-04-22 | 2004-11-04 | Cognio, Inc. | Signal classification methods for scanning receiver and other applications |
JP4030482B2 (en) * | 2003-08-18 | 2008-01-09 | シャープ株式会社 | I / Q demodulation circuit |
US7831087B2 (en) * | 2003-10-31 | 2010-11-09 | Hewlett-Packard Development Company, L.P. | Method for visual-based recognition of an object |
US7610495B2 (en) * | 2003-11-25 | 2009-10-27 | Agere Systems Inc. | Method and apparatus for power management using transmission mode with reduced power |
US7894844B2 (en) * | 2003-12-26 | 2011-02-22 | Agere Systems Inc. | Method and apparatus for automatic transmit power variation in a wireless communication system |
US7333563B2 (en) * | 2004-02-20 | 2008-02-19 | Research In Motion Limited | Method and apparatus for improving power amplifier efficiency in wireless communication systems having high peak to average power ratios |
US7436832B2 (en) * | 2004-05-05 | 2008-10-14 | Gigamon Systems Llc | Asymmetric packets switch and a method of use |
US7653408B1 (en) * | 2004-10-08 | 2010-01-26 | Marvell International Ltd. | Self-adaptive transmit power control for wireless network |
US7408898B1 (en) * | 2004-12-20 | 2008-08-05 | The United States Of America As Represented By The United States Department Of Energy | Flexible network wireless transceiver and flexible network telemetry transceiver |
US20060136997A1 (en) * | 2004-12-21 | 2006-06-22 | Eastman Kodak Company | Authentication system and method |
US7463583B2 (en) * | 2005-03-03 | 2008-12-09 | Stmicroelectronics Ltd. | Wireless LAN data rate adaptation |
US7813695B2 (en) * | 2005-05-06 | 2010-10-12 | Telefonaktiebolaget L M Ericsson (Publ) | Mobile assisted relay selection in a telecommunications system |
KR20080016943A (en) * | 2005-06-08 | 2008-02-22 | 아바야 테크놀러지 코퍼레이션 | Avoding exposed node problems in wireless local area networks |
US7940897B2 (en) * | 2005-06-24 | 2011-05-10 | American Express Travel Related Services Company, Inc. | Word recognition system and method for customer and employee assessment |
US7522569B2 (en) * | 2005-06-30 | 2009-04-21 | Netgear, Inc. | Peripheral device with visual indicators to show utilization of radio component |
JP2007019939A (en) * | 2005-07-08 | 2007-01-25 | Renesas Technology Corp | Radio communications equipment and portable telephone terminal using the same |
ITMI20051321A1 (en) * | 2005-07-12 | 2007-01-13 | St Microelectronics Srl | EQUAL METHOD OF PLANNING FOR THE ACCESS TO THE CHANNEL OF A WIRELESS TYPE NETWORK |
US8249028B2 (en) * | 2005-07-22 | 2012-08-21 | Sri International | Method and apparatus for identifying wireless transmitters |
KR100736044B1 (en) * | 2005-09-01 | 2007-07-06 | 삼성전자주식회사 | Method and apparatus for managing power in wireless device |
JP4633592B2 (en) * | 2005-09-28 | 2011-02-16 | 京セラ株式会社 | Wireless communication terminal |
JP4761365B2 (en) * | 2005-12-28 | 2011-08-31 | Kddi株式会社 | Communication scheduling method |
US20070165526A1 (en) * | 2006-01-14 | 2007-07-19 | Hyun Lee | Wireless QoS by hardware packet sizing, data rate modulation, and transmit power controlling based on the accumulated packet drop rate |
US7583625B2 (en) * | 2006-04-06 | 2009-09-01 | Broadcom Corporation | Access point multi-level transmission power and protocol control based on the exchange of characteristics |
US20090225682A1 (en) * | 2006-04-04 | 2009-09-10 | Alex Peter Grote-Lopez | Optimization Procedure for Wireless Networks Operating in Infrastructure Mode with Standard Protocol IEEE 802.11 |
US7672645B2 (en) * | 2006-06-15 | 2010-03-02 | Bitwave Semiconductor, Inc. | Programmable transmitter architecture for non-constant and constant envelope modulation |
US7924864B2 (en) * | 2006-07-26 | 2011-04-12 | Nokia Corporation | Terminal-based contention free low overhead access |
US8774140B2 (en) * | 2006-10-19 | 2014-07-08 | Intel Corporation | Method and apparatus to provide hidden node protection |
US7949315B2 (en) * | 2007-09-25 | 2011-05-24 | Broadcom Corporation | Power consumption management and data rate control based on transmit power and method for use therewith |
US8041375B2 (en) * | 2007-10-31 | 2011-10-18 | Qualcomm Incorporated | Methods and apparatus for use in peer to peer communications devices and/or systems relating to rate scheduling, traffic scheduling, rate control, and/or power control |
-
2009
- 2009-09-08 US US12/555,369 patent/US20100100936A1/en not_active Abandoned
- 2009-09-08 US US12/555,452 patent/US8218493B2/en active Active
- 2009-09-08 US US12/555,379 patent/US8498592B2/en active Active
- 2009-09-08 US US12/555,462 patent/US8233493B2/en active Active
- 2009-09-08 US US12/555,353 patent/US8005114B2/en active Active
-
2017
- 2017-05-19 US US15/600,220 patent/US10397080B2/en active Active
Patent Citations (39)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5706307A (en) * | 1994-03-18 | 1998-01-06 | Detemobil Deutsche Telekom Mobilfunk Gmbh | Method and arrangement for the determination of the ratio for common-channel or adjacent-channel interferers in digital mobile communication networks |
US5440758A (en) * | 1994-04-12 | 1995-08-08 | Motorola, Inc. | Method of preventing unauthorized access to a wireless communication system |
US5905949A (en) * | 1995-12-21 | 1999-05-18 | Corsair Communications, Inc. | Cellular telephone fraud prevention system using RF signature analysis |
US5715518A (en) * | 1996-03-06 | 1998-02-03 | Cellular Technical Services Company, Inc. | Adaptive waveform matching for use in transmitter identification |
US6035188A (en) * | 1996-06-27 | 2000-03-07 | Cellular Technical Services Company, Inc. | Active waveform collection for use in transmitter identification |
US5999806A (en) * | 1997-02-28 | 1999-12-07 | Cellular Technical Services Company, Inc. | Waveform collection for use in wireless telephone identification |
US6748036B1 (en) * | 1997-12-18 | 2004-06-08 | Nec Corporation | Radio receiving method and apparatus |
US20020034191A1 (en) * | 1998-02-12 | 2002-03-21 | Shattil Steve J. | Method and apparatus for transmitting and receiving signals having a carrier interferometry architecture |
US6385448B1 (en) * | 1998-03-16 | 2002-05-07 | Ericsson Inc. | Predictive registration identification timer |
US6396818B1 (en) * | 1998-03-20 | 2002-05-28 | Ericsson Inc. | Call routing interface for satellite communications user terminals |
US6269246B1 (en) * | 1998-09-22 | 2001-07-31 | Ppm, Inc. | Location determination using RF fingerprinting |
US20030008668A1 (en) * | 1998-09-22 | 2003-01-09 | Ppm, Inc. | Location determination using RF fingerprinting |
US20020065048A1 (en) * | 1999-07-28 | 2002-05-30 | Kazuo Nagatani | Method and apparatus for compensating for distortion in radio apparatus |
US6915123B1 (en) * | 2000-03-02 | 2005-07-05 | Lucent Technologies Inc. | Method and system for monitoring an operational area of a subscriber station |
US6437735B1 (en) * | 2000-09-07 | 2002-08-20 | Ericsson Inc. | Position detection system integrated into mobile terminal |
US20040015990A1 (en) * | 2000-10-18 | 2004-01-22 | Sharp Kabushiki Kaisha | Radio communication apparatus, transmitter apparatus and receiver apparatus |
US20020118834A1 (en) * | 2001-02-28 | 2002-08-29 | Wilson Dennis L. | Analog privacy scrambler and scrambling method |
US20020196188A1 (en) * | 2001-06-25 | 2002-12-26 | Harris Corporation | System and method for determining the location of a transmitter using passive reflectors or refractors as proxy receivers and using database querying |
US20030021582A1 (en) * | 2001-07-27 | 2003-01-30 | Nec Corporation | Time shift reproduction method and device and bookmark being used in same |
US20030110400A1 (en) * | 2001-12-10 | 2003-06-12 | Cartmell Brian Ross | Method and system for blocking unwanted communications |
US20030227342A1 (en) * | 2002-06-07 | 2003-12-11 | Dongtai Liu | Multimode modulator employing a phase lock loop for wireless communications |
US20060008029A1 (en) * | 2002-12-18 | 2006-01-12 | Houman Jafari | Transmitter stage |
US20050163090A1 (en) * | 2002-12-25 | 2005-07-28 | Nobuhisa Aoki | Wireless communications system, relaying apparatus and mobile terminal |
US20060126754A1 (en) * | 2003-02-20 | 2006-06-15 | Nikolai Filimonov | Efficient modulation of rf signals |
US20040166818A1 (en) * | 2003-02-24 | 2004-08-26 | Networkfab Corporation | Method and system for emitter identification using transmission signatures |
US20040192361A1 (en) * | 2003-03-31 | 2004-09-30 | Tadiran Communications Ltd. | Reliable telecommunication |
US20050143051A1 (en) * | 2003-12-30 | 2005-06-30 | Welgate Corporation | Mobile authentication/financial transaction system using a unique mobile identification code and method thereof |
US7639806B2 (en) * | 2004-03-24 | 2009-12-29 | Iowa State University Research Foundation, Inc. | Fingerprinting digital devices using electromagnetic characteristics of their communications |
US20050225396A1 (en) * | 2004-04-08 | 2005-10-13 | M/A-Com, Eurotec B.V. | Bias circuit for power amplifier operated as a digital to analog converter |
US20070025265A1 (en) * | 2005-07-22 | 2007-02-01 | Porras Phillip A | Method and apparatus for wireless network security |
US8509735B2 (en) * | 2005-08-25 | 2013-08-13 | Motorola Mobility Llc | Method and apparatus to facilitate detection of an unauthorized communication system user |
US20070253499A1 (en) * | 2006-01-26 | 2007-11-01 | Texas Instruments Incorporated | Robust Detection of Packet Types |
US20070178914A1 (en) * | 2006-01-31 | 2007-08-02 | Microsoft Corporation | Determining the network location of a user device based on transmitter fingerprints |
US20070264939A1 (en) * | 2006-05-09 | 2007-11-15 | Cognio, Inc. | System and Method for Identifying Wireless Devices Using Pulse Fingerprinting and Sequence Analysis |
US20080024269A1 (en) * | 2006-07-28 | 2008-01-31 | Fuji Xerox Co., Ltd. | Authenticity determination system of responder, identification system, and interrogation unit |
US8176533B1 (en) * | 2006-11-06 | 2012-05-08 | Oracle America, Inc. | Complementary client and user authentication scheme |
US20080244707A1 (en) * | 2007-03-26 | 2008-10-02 | Bowser Robert A | Wireless transmitter identity validation in a wireless network |
US8018883B2 (en) * | 2007-03-26 | 2011-09-13 | Cisco Technology, Inc. | Wireless transmitter identity validation in a wireless network |
US20090287764A1 (en) * | 2008-05-15 | 2009-11-19 | Motorola, Inc. | Media access control server for radio access network |
Non-Patent Citations (11)
Title |
---|
Banerjee (Banerjee et al. "Spectrum Enforcement in a Spectrum Sharing World", June 2008, "Congitive Wireless Networking Summit 2008), * |
Chandra et al., "Wireless Networking: Know It All", Sep. 2007, ISBN-13:978-0-7506-8582-5. * |
Gralla (Preston Gralla, "How Wireless Works", 2nd Edition, ISBN 0789733447, Oct. 2005, pg, 20-25 30-43. * |
Hall-Detecting Rogue (Hall et al, "Detecting Rogue Devices in Bluetooth Networks Using Radio Frequency Fingerprinting", In the Proceedings of the IASTED International Conference on Communications and Computer Networks (CCN '06), October 2006, * |
Hall-Detection of Transient (Hall et al., "Detection of Transient in Radio Frequency Fingerprinting Using Signal Phase", In the Proceedings of IASTED International Conference on Wireless and Optical Communications (WOC '03), 2003), * |
Kirkhorn, "Introduction to IQ-demodulation of RF-data", 9/99, * |
RadioElectronics.com, "Comparison of 8-QAM, 16-QAM, 32-QAM, 64-QAM 128-QAM, 256-QAM, Types, 9/14. * |
RadioElectronics.com, "Quadrature FM Demodulator/Detector Tutorial, 8/14, * |
Ureten, (Ureten et al., "Bayesian Detection of Wi-Fi Transmitter RF Fingerprints", In IEEE Electronics Letters 41(6), 2005, pages 373-374, * |
Wikipedia, "In-phase and quadrature components", 11/13, * |
Xiao (Xaio et al., "Fingerprints in the Ether: Using the Physical Layer for Wireless Authentication", In the Proceedings of the 2007 IEEE International Conference on Communications (ICC '07), June 2007, * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100313025A1 (en) * | 2009-06-05 | 2010-12-09 | Rochester Institute Of Technology | Methods establishing a symmetric encryption key and devices thereof |
US8959348B2 (en) * | 2009-06-05 | 2015-02-17 | Rochester Institute Of Technology | Methods establishing a symmetric encryption key and devices thereof |
US9083527B1 (en) * | 2012-08-31 | 2015-07-14 | Symantec Corporation | Using mobile data to establish a shared secret in second-factor authentication |
US20210204122A1 (en) * | 2018-06-19 | 2021-07-01 | University Of Notre Dame Du Lac | Security for Wireless Communications |
Also Published As
Publication number | Publication date |
---|---|
US8218493B2 (en) | 2012-07-10 |
US20170257300A1 (en) | 2017-09-07 |
US8233493B2 (en) | 2012-07-31 |
US8005114B2 (en) | 2011-08-23 |
US20100067546A1 (en) | 2010-03-18 |
US20100067535A1 (en) | 2010-03-18 |
US20100098138A1 (en) | 2010-04-22 |
US10397080B2 (en) | 2019-08-27 |
US20100080183A1 (en) | 2010-04-01 |
US8498592B2 (en) | 2013-07-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10397080B2 (en) | Secure wireless network using radiometric signatures | |
Vo-Huu et al. | Fingerprinting Wi-Fi devices using software defined radios | |
Zheng et al. | FID: Function modeling-based data-independent and channel-robust physical-layer identification | |
Brik et al. | Wireless device identification with radiometric signatures | |
US8249028B2 (en) | Method and apparatus for identifying wireless transmitters | |
Polak et al. | Identifying wireless users via transmitter imperfections | |
Danev et al. | Attacks on physical-layer identification | |
US10742461B2 (en) | Carrier frequency estimation for radio frequency fingerprinting | |
Knox et al. | Wireless fingerprints inside a wireless sensor network | |
Candore et al. | Robust stable radiometric fingerprinting for wireless devices | |
Zhao et al. | A robust authentication scheme based on physical-layer phase noise fingerprint for emerging wireless networks | |
CN110381510B (en) | Non-orthogonal multiple access authentication system based on superimposed physical layer authentication label | |
Edman et al. | Active attacks against modulation-based radiometric identification | |
US10944603B2 (en) | Wireless device profiling, classifying, and onboarding using baseband profiles of the wireless device | |
CN110035425A (en) | Based on wireless network card to the physical fingerprint extracting method of wireless device | |
Ashtari et al. | A new RF-PUF based authentication of internet of things using random forest classification | |
CN110324830B (en) | Non-orthogonal multiple access authentication system based on time division multiplexing physical layer authentication label | |
CN110381511B (en) | Non-orthogonal multiple access authentication system based on shared physical layer authentication label | |
Li et al. | {PhyAuth}:{Physical-Layer} Message Authentication for {ZigBee} Networks | |
Li et al. | Fractal dimension of dsss frame preamble: Radiometric feature for wireless device identification | |
Guo et al. | Taming the errors in cross-technology communication: a probabilistic approach | |
Lin et al. | Using SDR Platform to Extract the RF Fingerprint of the Wireless Devices for Device Identification | |
Rubino | Wireless device identification from a phase noise prospective | |
CN110380798B (en) | Non-orthogonal multiple access authentication system based on shared authentication label and parameter optimization method | |
JP2018129715A (en) | Radio communication system, detector, radio communication terminal, method and program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: WISCONSIN ALUMNI RESEARCH FOUNDATION,WISCONSIN Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BRIK, VLADIMIR;BANERJEE, SUMAN;SIGNING DATES FROM 20090518 TO 20090721;REEL/FRAME:023642/0326 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- AFTER EXAMINER'S ANSWER OR BOARD OF APPEALS DECISION |
|
AS | Assignment |
Owner name: NATIONAL SCIENCE FOUNDATION, VIRGINIA Free format text: CONFIRMATORY LICENSE;ASSIGNOR:UNIVERSITY OF WISCONSIN, MADISON;REEL/FRAME:044445/0371 Effective date: 20171113 |