Virginia Tech logo
ARIAS Research

Current and Prior Research Projects

EARS: Collaborative Research: Automated Enforcement in Spectrum Sharing: Technical Challenges and Policy Considerations
Sponsor: NSF

Description:

NSF logo This is a collaborative project between the University of Pittsburgh and Virginia Tech, and the total amount of the funding is $1.4 million. The increased demand for wireless communications over the last 25 years has led to the emergence of a new national priority: dynamic sharing of the radio spectrum among different stakeholders. Users with different rights and priorities must now collaborate to share a common resource without interfering with each other. A reliable enforcement regime that ensures rights is a way to make these rights meaningful and mitigate the associated risks. As spectrum sharing becomes a more widely adopted paradigm for utilizing the spectrum, it will become necessary to deploy a systematic enforcement regime that can be automated to the maximum extent possible so that the enforcement processes can occur in near real time and at scale while incurring reasonable financial costs. Much of the research and practice to date has focused on interference protection of the incumbents and on preventative (i.e., ex ante) approaches. The primary objectives of the project are to examine approaches ​for improving ex ante protections, detecting interference events, identifying the interfering parties, and determining how these events are best enforced and adjudicated using technologies and techniques that can be readily automated.

NSF Award Information Link



CRI: II-EN: Radio Testbed Upgrade to Enable Wideband and MIMO Experiments
Sponsor: NSF

Description:

NSF logoThe project upgrades Virginia Tech’s (VT’s) Cognitive Radio Network Testbed (CORNET) by adding new processing, networking and radio frequency (RF) hardware and software and redesigning the testbed architecture to enable cutting edge research across many engineering and science disciplines.​ CORNET currently comprises 48 software-programmable radio nodes that have facilitated experimental research and education in wireless communications for seven years. Although CORNET has proven useful, it lacks the radio and computing infrastructure that is needed to support compelling CISE research and experimentation in emerging and new technological/regulatory/economic areas in communications, computing and transportation, among others, through collaborations with computer science, electrical and computer engineering and aerospace and ocean engineering researchers at Virginia Tech. The new CORNET testbed enables advancing research in radio frequency (RF) spectrum access, resource virtualization for effective on demand service provisioning through sharing, and federation of distributed resources (RF spectrum, radio nodes, computing nodes, testbeds) with applications to coexistence of government-commercial communications systems and radars, autonomous vehicles, fifth generation (5G) cellular communications, Internet of Things, and many others.​ While CORNET has been used by several researchers from other institutions and is being used​ to host an international student design contest in spectrum-sharing radio, CORNET is primarily​ used as an internal resource for research at VT. The proposed upgrades are needed to enable​ CORNET to continue to serve VT’s cross-department and interdisciplinary research needs. The testbed allows a diverse student and faculty population to learn, cooperate and innovate in science and technology across several disciplines. The educational activities include extending undergraduate and graduate classes at Virginia Tech with experimental hands-on sessions that leverage the new testbed capabilities. ​A​ward link



NeTS: Medium: Collaborative Research: Coexistence of Heterogeneous Wireless Access Technologies in the 5 GHz Band
Sponsor: NSF

Description:

NSF logoEnabling harmonious spectrum sharing between heterogeneous wireless technologies is a challenging problem, but one that needs to be urgently addressed in order to quell the exploding demand for more spectrum by existing as well as burgeoning wireless applications. The importance of this problem is especially acute for the 5 GHz bands because these bands have emerged as the most coveted bands for launching new wireless applications and services. Access to spectrum in the 5 GHz bands has emerged as a major bone of contention between the LTE-U, Wi-Fi, and Dedicated Short-Range Communications (DSRC) stakeholders. More importantly, the 5 GHz bands have become a proving ground for demonstrating the viability of spectrum sharing between three heterogeneous technologies—viz., LTE-U, Wi-Fi (802.11ac/802.11ax), and DSRC. Recognizing the importance of this problem, the PIs propose to embark on an in-depth study that focuses on two particular coexistence scenarios: (1) coexistence between LTE-U and Wi-Fi and (2) coexistence between DSRC and Wi-Fi. The proposed work on the coexistence of Wi-Fi and LTE-U is expected to have tangible impacts on today’s technologies as well as those of the future. The PIs will study avant-garde approaches that exploit the advanced functionalities envisioned in future technologies, such as 802.11ax, as well as backward-compatible techniques that can be applied to today’s technologies (e.g., LTE-U, 802.11ac). The proposed work on DSRC-Wi-Fi coexistence will be one of the first systematic studies that investigate incumbent protection techniques designed for highly mobile incumbent users that are very sensitive to communication latency. Award Link



Anonymity-Preserving Authentication for Large Networks
Sponsor: Cisco

Description:

In many network applications, we need to be able to authenticate the data while, at the same time, protect the anonymity or privacy of the data source—in other words, anonymity-preserving authentication (APA) is needed. APA schemes are needed in applications where the receivers (or verifiers) of data should not learn the actual identity of the data sender (or ​prover​), and are willing to accept tokens of authentication that are verifiably linked to an anonymous user, knowing that the sender’s identity can be revealed by a trusted third party, if disputes need to be resolved. Examples of applications that require APA include identity escrow schemes, digital auctions, e-cash protocols, remote attestation of computing platforms, safety applications in vehicular networks, and a number of Internet-of-Things (IoT) applications. The conventional approach for authenticating entities and messages in large networks​ (i.e., networks with a large number of nodes)​ is to employ digital signatures. However, the concept of digital signatures conflicts with the notion of privacy, especially in terms of the signer’s anonymity and unlinkability of the issued signatures. To achieve both authentication and privacy, it is necessary to decouple the information that uniquely identifies the signer from the signature verification procedure. APA schemes enable this decoupling. Existing approaches for APA have limited utility in large networks due to their high computational complexity and/or high communication overhead. ​In this project, the investigators​ are ​conducting research on​​ novel approaches for APA​ and study​ing​ the performance and security requirements of a number of important ​​applications ​that​ require APA. ​--

CISCO Award

 



Collaborative research: Dynamic exclusion zones: Balancing incumbent protection and spectrum utilization efficiency
Sponsor: NSF

Description:

NSF logoThis is a collaborative research project between​ the​​ researchers at Virginia Tech (lead) and MIT. ​ In dynamic spectrum sharing, a spatial separation region, often referred to as an “exclusion zone,” is defined around incumbent users (IUs) to provide sufficient separation between the IUs and the secondary users (SUs) and protect IUs from SU-induced interference. In such a spectrum sharing environment, IUs and SUs coexist in the same swath of spectrum rather than being siloed in their respective segments of spectrum. However, IUs have absolute priority in accessing the spectrum, whereas SUs can access fallow spectrum not utilized by IUs. The exclusion zone is the primary enforcement mechanism that the federal regulatory agencies (e.g., the Federal Communications Commission (FCC)) employ to protect IUs from harmful interference. ​ The primary goal of the project is to develop new frameworks for supporting dynamic exclusion zones that will enable much finer-grained, dynamic management of spectrum resources in multiple dimensions (i.e., time, space, and by user-class) to facilitate increased sharing among all classes of spectrum applications and users, including those that are very sensitive to interference such as radio astronomy. Legacy frameworks for defining exclusion zones produce spatial separation regions that are overly conservative and static, which often results in significant under-utilization of the spectrum. The proposed framework expands opportunities for SUs to coexist with IUs without causing harmful interference. Further, this approach provides valuable insights into the interplay and tradeoff between two essential requirements of spectrum sharing -- protecting IUs from interference and enhancing spectrum utilization efficiency. This research is intended to provide a practical framework that is both technically and economically viable for implementing dynamic spectrum sharing solutions.
NSF Award Information​ Link #1

NSF Award Information Link #2

 



Advanced materials manufacturing, sensing, and wireless controls for intelligent automobile environments
Sponsor: NSF

Description:

NSF logoThis project ​is a collaborati​ve research endeavor​ involving ​researchers with expertise in mechanical ​e​ngineering, ​materials engineering, and wireless communications and networking​ In intelligent vehicles envisioned to be manufactured in the near future, safety-critical components, such as tires and seat belts, play critical roles in the development of intelligent controls as they can provide information on the most relevant parameters​,​ such as friction, slip, pressure, and driver conditions. The overall goal of the project is to actively monitor those parameters through embedded sensors based upon piezoelectrics and dielectrics. Park​ and his team are lead​ing ​the ​research on the ​design and implementation of the mechanisms and protocols needed to enable reliable, secure, and efficient wireless ​communications​ of the sensor-collected data.



The 2nd NSF Workshop on Enhancing Access to the Radio Spectrum (EARS)
Sponsor: NSF

Description:

NSF logoDrs. ​Jeff Reed (PI) and Jerry Park (co-PI) ​were​ awarded a grant by NSF to organize a major workshop on Enhancing Access to the Radio Spectrum (EARS). This EARS Workshop ​was​ held on October 19-20, 2015 in Arlington, VA. At this workshop, an interdisciplinary group of highly-visible academic researchers, relevant government officials, and industry stakeholders gather​ed​ to discuss technologies and polices that will enable us to unlock the true potential of the spectrum while respecting the needs of incumbent users. This group create​d​ a vision for future spectrum use, identifying the problems to be overcome, the research needed to overcome th​o​se problems, and the financial and human capital resources necessary to support this vision.​ The major outcomes of the Workshop will be described in the Workshop Report. ​

EARS Workshop Website



Collaborative Research: Coexistence of Heterogeneous Secondary Networks for Shared Spectrum Access
Sponsor: NSF

Description:

NSF logoSpectrum sharing plays a key role in realizing plans to make available new swaths of spectrum for wireless applications. The benefits of spectrum sharing cannot be fully realized without addressing interference among coexisting heterogeneous secondary networks. Although coexistence issues in the ISM bands have been studied before, the situation in the TV bands and other shared access spectrum (e.g., 3.5 GHz band) is more complex and challenging due to the signal propagation characteristics, incumbent protection rules, and the disparity of PHY/MAC strategies of secondary systems. To date, most research efforts have focused on incumbent protection, and little attention has been given to the coexistence of secondary systems in the context of spectrum sharing. The proposed research aspires to fill this void by (1) studying the viability of using stochastic neural networks for modeling and solving the CDM problem and (2) developing novel rendezvous techniques for unicast and multicast scenarios.

NSF Award Information



LTE-Enhanced Cognitive Radio Testbed (LTE-CORNET)
Sponsor: Army Research Office

Description:

ARL logoDrs. Jerry Park, Carl Dietrich, Vuk Marojevic, and Jeff Reed were awarded a grant from the Army Research Office (ARO) to design and build a LTE-enhanced cognitive radio testbed. Testbeds play a major role in developing and testing new wireless communications technologies and systems. Virginia Tech’s COgnitive Radio NETwork (CORNET) is a large-scale testbed featuring forty-eight remotely accessible software radio nodes that are used in education and research. The CORNET nodes enable dynamic spectrum access (DSA) and cognitive radio (CR) related research and education using open-source software and flexible hardware. CORNET is unique in that it offers a wide range of experimental research and educational tools, including an FCC experimental license agreement for several frequency bands. As communications systems gradually move towards 4G using long-term evolution (LTE) technology, LTE nodes need to be integrated into the CORNET testbed to be able to train engineers and students on this emerging technology and its evolution.

ARO Award Information



Broadband Wireless Access & Applications Center (BWAC)
Sponsor: National Science Foundation

Description:

NSF logoThe Broadband Wireless Access & Applications Center (BWAC) is a multi- university research center sponsored by the National Science Foundation (NSF) under its Industry/University Cooperative Research Center (I/UCRC) program. BWAC partner universities (sites) include University of Arizona, Auburn University, University of Virginia, Virginia Tech, and the University of Notre Dame. The primary mission of BWAC is to work with industry and academic partners to pursue large-scale research projects, address challenging spectrum access problems through novel broadband technologies, and create new visions for the wireless industry. BWAC researchers work closely with industrial partners through its Industrial Affiliates Program (IAP) for the purpose of furthering research and developing new and innovative wireless technologies and applications. Each university has an in-house department or €œcenter€, dedicated to the further development of wireless applications and technology, with each department serving as a part of the overall center.

NSF Award Information

NSF Factsheet on BWAC

BWAC @ Virginia Tech Website

BWAC @ Univ. of Arizona Website



Ensuring Operational Privacy of Primary Users in Geolocation Database-Driven Spectrum Sharing
Sponsor: Motorola Solutions

Description:


Motorola logoIn the shared spectrum access model, a heterogeneous mix of wireless systems of differing access priorities, QoS requirements, and transmission characteristics need to coexist without causing harmful interference to each other. In this model, secondary users identify fallow spectrum by accessing a geolocation database that is constantly updated with the primary users' spectrum utilization information. One of the critical challenges that need to be addressed to realize the shared access model is addressing the security and privacy issues. This problem is especially paramount when federal government systems, including DoD systems, coexist with non-government systems in the same spectrum bands. Henceforth, we will refer to federal government users as primary users and non-government users as secondary users. Most of the security and privacy issues that arise in database-driven spectrum sharing can be addressed using cryptographic primitives and protocols. For instance, we can thwart unauthorized modifications to the database query request by employing message authentication codes (MACs), which would enable the receiver to readily detect unauthorized modifications to the message. Unfortunately, the problem of operational privacy of primary users cannot be addressed using cryptosystems. To address this problem, we need technologies and/or mechanisms that limit the amount of knowledge that the secondary users can infer about the primary users€™ operational activities by querying the database. Addressing this issue requires solving a challenging trade off problem: minimize the amount of knowledge that the secondary users can infer about the primary users€™ spectrum utilization, while at the same time, maximize overall spectrum utilization by accommodating as much secondary user demand as possible without incurring interference to primary users. This project aims to study this problem and shed light on its solution space. This project'€™s primary goal is to develop mechanisms and techniques for an obfuscated geolocation database that can enable the coexistence of primary and secondary users while preserving the operational privacy of the primary users.



TWC SBE: Medium: Collaborative: Dollars for Hertz: Making Trustworthy Spectrum Sharing Technically and Economically Viable
Sponsor: National Science Foundation
Description:

Motorola

The critical role of spectrum as a catalyst for economic growth was highlighted in the 2010 National Broadband Plan (NBP). A challenge for the NBP is realizing optimal spectrum sharing in the presence of interference caused by rogue transmissions from any source, but particularly secondary users who share the spectrum. This complex problem straddles wireless technology, industrial economics, international standards, and regulatory policy. This interdisciplinary, multi-university collaborative project involves researchers from three academic institutions: Virginia Tech, Duke University, and Vassar College. This project studies the many dimensions of the problem from algorithms to law enforcement. The investigators study (1) ex-ante spectrum rule enforcement mechanisms (i.e., preventive) such as spectrum access control via policy reasoners, (2) ex-post spectrum rule enforcement schemes (i.e., punitive) with policy conformance monitoring that employ cryptographic commitments, (3) ex-post enforcement schemes that can uniquely identify rogue transmitters, and (4) the economic viability of spectrum sharing with different enforcement schemes

NSF Award Information



In Situ Sensing System for the Selective and Sensitive Detection of Biological Toxins in HABs
Sponsor: National Institute of Health & National Science Foundation

Description:

logosThe increasing frequency of harmful algal blooms (HABs) in marine and freshwater environments worldwide is a significant public health and environmental science concern because of the potential release of biological toxins -- in particular, microcystins (MCs) produced from cyanobacterial HABs. Current monitoring methods employing on-site sampling followed by in-lab analysis of HAB toxins (direct micro-observation) are neither sustainable nor practical to meet the vast spatial and temporal measuring need. Alternatively, remote sensing approaches based on identifying standard color products from satellite images (indirect macro-observation) are useful for monitoring general algal bloom activities. However, such color products are neither specific to HABs nor necessarily indicative of toxin release. As a result, it is important to determine the toxic/non-toxic nature of algal blooms and even identify the species of HAB toxins in a more effective, sustainable, and responsive manner. In our efforts to find a complementary approach to the two different observing methods, the overall goal of this proposed study is to real-time monitor the level of MCs in situ using an innovative wireless sensor network. In this project, researchers at the University of Texas at Arlington, New Mexico State University, and Virginia Polytechnic Institute will explore: (1) novel approaches to monitor toxin release during HAB activities, (2) innovative ideas to qualify and quantify various MCs at trace levels, and (3) integrated ways to realize the sensor network suitable for field applications. The proposed sensing system will utilize a surface-customized optical antenna to assay MCs selectively and sensitively. The antenna, consisting of arrays of resonant nanostructures with various transducer layers specific to multiple MCs, detects specific bindings of MCs to the transducer layers by analyzing the spectral characteristics of the sub wavelength surface plasmon. A wireless sensing network to communicate assay data and operation command between sensing nodes and remote authorities will be developed. Most of the components necessary for executing the sensing protocol, including array chip, optical sensor, photo-detector array, and circuitries, are incorporated into a chip-size single substrate for system automation.

NSF Award Information



Cognitive Radio Development
Sponsor: Defense Advanced Research Projects Agency (DARPA)
Description:

DARPAThe main goal of this project is to study, develop, and implement cognitive radio waveforms that are resilient against intentional interference or jamming. The focus of the project is on evaluating the software architecture, real-time functionality, and performance of the software-defined waveforms in hostile RF environments.

 

 



Outdoor Cognitive Radio Network Testbed
Sponsor: Office of Naval Research (ONR)

Description:

ONRVirginia Tech has recently developed a unique heterogeneous wireless communication network testbed called the Cognitive Radio Network Testbed (CORNET). The main purpose of this testbed is to provide a resource that gives researchers the ability to move beyond simulation and the single or dual-node experimentation common in the initial technology phases, to actual implementation on multiple radio nodes. This testbed consists of 48 fixed radio nodes installed inside a campus building, and there is another research effort in progress for integrating 10 portable radio nodes into it. CORNET with its 48 fixed radio nodes and the soon to be available 10 mobile nodes, covers a wide range of indoor scenarios, and allows for relatively short range experimentation within the periphery of a campus building. However, currently there is limited interaction with outdoor signals, which is a current limitation of our testbed because the majority of military operations happen outdoors. This project seeks to enhance this existing testbed by building an Outdoor Cognitive Radio Network Testbed (O-CORNET), which will provide a field trial system for testing and evaluating real world outdoor scenarios. O-CORNET will consist of 15 fixed outdoor radio nodes and 2 additional mobile outdoor nodes that would be installed on Virginia Tech’s main campus in Blacksburg, VA. O-CORNET combined with the original CORNET will create a unique testing environment that no other testbed offers. The outdoor nodes will enable researchers to test their radio systems€™ and protocols€™ performance as they move in and out of buildings, and roam the campus at varying speeds. A number of currently-funded and future Department of Defense (DoD) projects will benefit from this testbed by practical deployment, testing and evaluation, and rapid development of the requisite technologies required for cognitive radio (CR) networks. There are a number of applications that can benefit from the development of this testbed, including CR networks that coexist with radar systems, spectrum profiling and suspicious activity detection, specific emitter identification, wireless cloud computing, and wireless distributed computing.

Testbed Website



AUSTIN - An Initiative to Assure Software Radios have Trusted Interactions
Sponsor: National Science Foundation
Description:

research on trustworthy software defined radiosSoftware and cognitive radios will greatly improve the capabilities of wireless devices to adapt their protocols and improve communication. Unfortunately, the benefits that such technology will bring are coupled with the ability to easily reprogram the protocol stack. Thus it is possible to bypass protections that have generally been locked within firmware. If security mechanisms are not developed to prevent the abuse of software radios, adversaries may exploit these programmable radios at the expense of the greater good. Regulating software radios requires a holistic approach, as addressing threats separately will be ineffective against adversaries that can acquire, and reprogram these devices. The AUSTIN project involves a multidisciplinary team from the Wireless Information Network Laboratory (WINLAB) at Rutgers University, the Wireless@Virginia Tech University group, and the University of Massachusetts. AUSTIN will identify the threats facing software radios, and will address these threats across the various interacting elements related to cognitive radio networks. Specifically, AUSTIN will examine: (1) the theoretical underpinnings related to distributed system regulation for software radios; (2) the development of an architecture that includes trusted components and a security management plane for enhanced regulation; (3) onboard defense mechanisms that involve hardware and software-based security; and (4) algorithms that conduct policy regulation, anomaly detection/punishment, and secure accounting of resources. Developing solutions that ensure the trustworthy operation of software radios is critical to supporting the next generation of wireless technology. AUSTIN will provide a holistic system view that will result in a deeper understanding of security for highly-programmable wireless devices.

NSF Award Information



Cryptographic API and Subsystem Simulator for Software Defined Radios
Sponsor: SCA Technica, Inc.
Description:

SCAThe investigators are developing requirements for, and specification of, a cryptographic application programming interface (Crypto API) suitable for use in an international software defined radio (SDR), based in part on the Security Supplement of SCA 3.0. In addition, the investigators are developing a set of SCA compliant prototype Crypto API adapters corresponding to the new Crypto API specification. To aide in the development of SDR systems that are compliant with the Crypto API specification, a Cryptographic Subsystem (CS/S) simulator module that mimics the behavior of cryptographic services within an international SDR is being developed.



Proactive Cross-Layer Adversary Localization for Hostile or Harsh Wireless Environments
Sponsor: National Science Foundation
Description:

research in identifying a hostile attack in wireless systemsThe objective of this research is to develop a localization system capable of localizing an adversary that is actively trying to disguise its location in a wireless network by distorting its signal features. The approach is a proactive, cross-layer localization design that incorporates attack traceback, cross-layer traffic manipulation, and physical layer position estimation. The attack traceback aspect focuses on narrowing down an adversary's location to the coverage area of a couple of access points. The traffic manipulation aspect will develop trapping techniques to force or lure the adversary to exhibit their true location-related signal features. Leveraging these true location-related signal features, the physical layer position estimation aspect will develop proactive and robust localization techniques to accurately position the adversary. Intellectual Merit: The proposed project will help to establish accountability in wireless networks and will result in the development of key attack countermeasures. It is the first to address many technical challenges in localization and traceback. This project can also enhance the security of systems where location information is used to restrict access to critical resources. Furthermore, the proposed research results can be used to improve the accuracy of localization systems in harsh communication environments that severely distort the characteristics of emitted signals from legitimate users. Broader Impact: The proposed research will foster the integration of research and education by fortifying the existing curriculum with the project's research results. The outreach component of the project will disseminate research results and pedagogical materials via education and industry outreach programs.

NSF Award Information



CAREER: Non-Conventional Solutions for Ensuring Security in Cognitive Radio Networks
Sponsor: National Science Foundation
Description:

research in cognitive radio securityThe PHY and MAC layers of cognitive radio networks are very different from those of conventional wireless networks. The distinguishing attributes of cognitive radio networks such as cooperative spectrum sensing, on-demand spectrum contention, incumbent- and self-coexistence mechanisms, and spectrum etiquette mechanisms raise new security implications that have not been studied previously. The overarching goal of this research is to contribute to the ongoing research and standardization efforts of cognitive radio technology by investigating crucial security issues that hold the key to the success and wide deployment of cognitive radio networks. We are currently focusing on problems that cannot be addressed using conventional security solutions. To solve these challenging problems, research is needed in areas that are considered unconventional within the context of network security.

NSF Award Information

EE Times Article

Newswise Article



TRIESTE: A Trusted Radio Infrastructure for Enforcing Spectrum Etiquettes
Sponsor: National Science Foundation

Description:
research in the lower layers properties

Most commercial wireless devices do not make lower-layer properties (e.g., raw waveform-level samples from an analog-to-digital converter) accessible to users. Recently, however, the research community has directed its attention towards the development of cognitive radios that will expose the lower-layers of the protocol stack to researchers and developers. Although the promise of such a flexible platform is great, there are also some serious potential security drawbacks. It is easily conceivable that cognitive radios could become an ideal platform for abuse since the lowest layers of the protocol stack will be accessible to programmers in an open-source manner. The proposed project addresses these concerns by focusing on two important building blocks needed in constructing a holistic solution to ensuring the trustworthy operation of software radios: first, the investigating team plans to develop tools to quantify the degree to which spectrum etiquette policies are abused in a network of cognitive radios and, second, the team plans to investigate methods for identifying such spectrum abuse, which is necessary in order to drive anomaly detection and response mechanisms. Overall, the broader impact of the effort is centered around the fact that cognitive radios represent an emerging technology that requires security mechanisms to be developed before these highly-programmable radios reach the public market. This is a collaborative research project, and the investigating team is working together with researchers at WINLAB, Rutgers University.

NSF Award Information



Trustworthy Spectrum Sharing in Software Defined Radio Networks
Sponsor: National Science Foundation

Description:

research in spectrum utiliation efficiencySoftware defined radio (SDR) is a revolutionary technology that promises to alleviate the spectrum shortage problem and improve spectrum utilization efficiency. But it also raises new security implications. E.g., it is quite possible for adversaries to modify user services or reconfigure RF parameters by revising the radio software. Recent studies have shown that the possibility of inappropriate operation of SDRs due to malicious software cannot be precluded. To address this concern, in this project, we study security issues that pose the greatest threat to SDR networks, with particular focus on threats that cannot be adequately addressed using "preventive" security measures. This research serves a critical need in the SDR research community by addressing security issues that have not been studied previously. It is expected that the research findings from this project will benefit researchers as well as regulators, service providers, and manufacturers involved in SDR development.



Secure Programming Skills Assessment Exam Development and Curriculum Revision
Sponsor: SANS Institute
Description:

SANS logoThe trustworthiness of software is becoming a matter of paramount importance as computers and embedded systems become ubiquitous and society's reliance on such technologies increases. Experts in academia, industry, and Government agree that the majority of cyber crime and network attacks exploit software vulnerabilities at the code level. Therefore, it is vital for academia to include, within the existing computer engineering and science curricula, courses and course modules that teach students on the principles of secure code writing, and for industry to develop an objective method of evaluating the secure programming skills of its programmers so that they can be given training once deficiencies in their secure programming knowledge are identified. The goal of this project is to take the first step towards the aforementioned two tasks. The objectives of this project include: (1) development of a "prototype" secure programming skills assessment exam and (2) development of pedagogical materials to address the existing curriculum's lack of treatment of secure programming principles and concepts. The first objective will be achieved via the following steps: development of tasks/skills/knowledge (TSK) master list, rating of items in the TSK master list, question bank development, question vetting, online demonstration test, and proctored deployment.



POCKET: A Technical and Behavioral Concept for Protecting Children's Online Privacy
Sponsor: National Science Foundation
Description:

Research in protecting children's privacy As a group, children use the Internet more than any other demographic in the USA: 65% of children between the ages of 10 and 13 use the Internet. Our society has held the protection of children from harmful predatory online behaviors as a paramount goal. Children are easily convinced to share personal information with a small inducement. This research will advance the availability of sophisticated, reliable and cost effective technology to obtain verifiable parental consent, thereby protecting children's online privacy. We have implemented a proof-of-concept framework called "Parental Online Consent for Kids Electronic Transactions (POCKET)" that provides an automated, effective and easy interface for the parents to allow their children to disclose only certain information to websites or online merchants without requiring constant supervision. In fact, if adopted, POCKET is the first implementation that can automatically enforce the Children's Online Privacy Protection Act (COPPA) of 1998. The POCKET framework enforces accountability of online websites and merchants and provides a fine-grained control to the parents over the information their children share online, and it is transparent to both the parent and child who accesses the Internet.



Traceback and Mitigation Mechanisms for Thwarting Denial-of-Service Attacks
Description:

As the Internet's scale and complexity continue to grow, the lack of security mechanisms during its early deployment years has led to serious problems today. In the past few years, many forms of Denial-of-Service (DoS) and malware attacks have been documented and brought to our attention through the news media. Among such attacks, Distributed DoS (DDoS) attacks are particularly menacing and very difficult to defend against. In a DDoS attack, an adversary gradually gains control over a large number of unsecured hosts ("zombies") as a prelude to the actual attack. The adversary then uses these zombies to launch a synchronized attack on a victim machine and overwhelms it by flooding it with packets. DDoS attacks are hard to defend against due to two major reasons. First, in a DDoS attack, the number of zombie machines involved in an attack can reach several hundred or even several thousand. Mitigating the effects of an attack on such a scale is a daunting task. Second, IP source addresses are often forged or spoofed to amplify DDoS attacks and hide the actual attack source. Although ingress filtering is being deployed in many networks to prevent IP spoofing, there still exists a large number of subnets that have not implemented it, thus making IP spoofing still possible. Moreover, ingress filtering is ineffective against subnet IP spoofing.

In this project we are developing new techniques for traceback and mitigation of DDoS attacks. Our objective is to develop DDoS countermeasures that have crucial properties such as fast convergence, minimal communication and computation overhead, scalability, and support for gradual deployment.



Anomaly Detection in High Speed Networks
Description:

In recent years, the speed of many networks has changed from the megabit to the gigabit range. Many institutions are replacing existing networks with high-speed (1 GB and above) optical networks based on technologies such as Multi Protocol Label Switching (MPLS) and Dense Wavelength Division Multiplexing (DWDM). While the deployment and usage of high-speed networks are becoming increasingly prevalent, techniques and technologies for Network Intrusion Detection Systems (NIDS) have not evolved accordingly to meet the new technical challenges. Typical NIDS's of today reside on single hosts or low-end routers; they examine the application-level or system-level logs, or the sniffed network packets. These first generation NIDS's were designed to protect networks by attempting to watch all traffic on a network for signs of attack. Existing approaches for intrusion detection are facing critical limitations when they are applied to high-speed, high-volume networks. Factors such as noisiness of the audit data, constantly changing traffic profiles, and the large amount of network data make it difficult to build a normal traffic profile of the network for the purpose of intrusion detection. Without employing a fundamentally new approach, today's NIDS's cannot claim to offer sufficient protection against network attacks. The overarching goal of this project is to study and demonstrate the feasibility of a novel NIDS architecture that has the capability to detect intrusions in high-speed networks with high accuracy.



Attack-Resilient Routing Protocols for Mobile Ad hoc Networks
Sponsor: Samsung Electronics
Description:

Samsung logoIn a Mobile Ad Hoc Network (MANET), wireless devices communicate by forwarding packets on behalf of other devices. There is no central base station or fixed infrastructure to handle data routing. MANET's are particularly useful when a fixed infrastructure (e.g., a base station or access point) is impractical due to space or time constraints or when an existing infrastructure is not suitable for the required task. Example applications range from mission-critical, such as military communication and disaster relief, to ordinary daily-use applications such as inter-PDA (Personal Digital Assistant) communications. For mission-critical and other information-sensitive applications, the dependability and security aspects of the network, including reliability and availability, are of great importance.

In this project, we focus on mitigating network-layer attacks that disrupt the routing mechanism of MANETs. Specifically, the goal of this project is to study and demonstrate the technical feasibility of a novel routing architecture for MANETs that is resilient against a wide range of routing disruption attacks, including insider and "protocol compliant" attacks.



Key Management in Wireless Sensor Networks Deployed in Hostile Environments
Description:

Samsung logoIn a Mobile Ad Hoc Network (MANET), wireless devices communicate by forwarding packets on behalf of other devices. There is no central base station or fixed infrastructure to handle data routing. MANET's are particularly useful when a fixed infrastructure (e.g., a base station or access point) is impractical due to space or time constraints or when an existing infrastructure is not suitable for the required task. Example applications range from mission-critical, such as military communication and disaster relief, to ordinary daily-use applications such as inter-PDA (Personal Digital Assistant) communications. For mission-critical and other information-sensitive applications, the dependability and security aspects of the network, including reliability and availability, are of great importance.

In this project, we focus on mitigating network-layer attacks that disrupt the routing mechanism of MANETs. Specifically, the goal of this project is to study and demonstrate the technical feasibility of a novel routing architecture for MANETs that is resilient against a wide range of routing disruption attacks, including insider and "protocol compliant" attacks.



Collaborative Research: Enhancing Access to the Radio Spectrum (EARS) Workshop
Sponsor: National Science Foundation
Description:

EARS Workshop Enhancing Access to the Radio Spectrum (EARS) is a multi-disciplinary activity whose goal is to improve the availability of wireless broadband to Americans presently without broadband access, as called for in the American Recovery and Reinvestment Act. Because the radio spectrum is a valuable but finite natural resource, improvements in spectrum efficiency will have significant economic impact to the nation and the world. This award funds the first step, which is an invitational workshop that will bring together some of the key researchers and policy makers involved in radio spectrum access. All relevant fields will be represented, including science, engineering, economics, and policy. The output of the workshop will include a vision for the future of radio spectrum access and use, and a prioritized list of research areas that can help achieve that vision. This workshop is being organized jointly between University of Illinois at Urbana-Champaign and Virginia Tech.

NSF Award Information

EARS Workshop Final Report