TY - JOUR
T1 - Channel-based detection of sybil attacks in wireless networks
AU - Xiao, Liang
AU - Greenstein, Larry J.
AU - Mandayam, Narayan B.
AU - Trappe, Wade
N1 - Funding Information:
Manuscript received April 24, 2008; revised May 18, 2009. First published July 07, 2009; current version published August 14, 2009. This work was supported, in part, through a grant CNS-0626439 from the National Science Foundation. The associate editor coordinating the review of this manuscript and approving it for publication was Dr. M. Kivanc Mihcak.
PY - 2009/9
Y1 - 2009/9
N2 - Due to the broadcast nature of the wireless medium, wireless networks are especially vulnerable to Sybil attacks, where a malicious node illegitimately claims a large number of identities and thus depletes system resources. We propose an enhanced physical-layer authentication scheme to detect Sybil attacks, exploiting the spatial variability of radio channels in environments with rich scattering, as is typical in indoor and urban environments. We build a hypothesis test to detect Sybil clients for both wideband and narrowband wireless systems, such as WiFi and WiMax systems. Based on the existing channel estimation mechanisms, our method can be easily implemented with low overhead, either independently or combined with other physical-layer security methods, e.g., spoofing attack detection. The performance of our Sybil detector is verified, via both a propagation modeling software and field measurements using a vector network analyzer, for typical indoor environments. Our evaluation examines numerous combinations of system parameters, including bandwidth, signal power, number of channel estimates, number of total clients, number of Sybil clients, and number of access points. For instance, both the false alarm rate and the miss rate of Sybil attacks are usually below 0.01, with three tones, pilot power of 10 mW, and a system bandwidth of 20 MHz.
AB - Due to the broadcast nature of the wireless medium, wireless networks are especially vulnerable to Sybil attacks, where a malicious node illegitimately claims a large number of identities and thus depletes system resources. We propose an enhanced physical-layer authentication scheme to detect Sybil attacks, exploiting the spatial variability of radio channels in environments with rich scattering, as is typical in indoor and urban environments. We build a hypothesis test to detect Sybil clients for both wideband and narrowband wireless systems, such as WiFi and WiMax systems. Based on the existing channel estimation mechanisms, our method can be easily implemented with low overhead, either independently or combined with other physical-layer security methods, e.g., spoofing attack detection. The performance of our Sybil detector is verified, via both a propagation modeling software and field measurements using a vector network analyzer, for typical indoor environments. Our evaluation examines numerous combinations of system parameters, including bandwidth, signal power, number of channel estimates, number of total clients, number of Sybil clients, and number of access points. For instance, both the false alarm rate and the miss rate of Sybil attacks are usually below 0.01, with three tones, pilot power of 10 mW, and a system bandwidth of 20 MHz.
KW - Authentication
KW - Radio propagation
KW - Sybil attacks
KW - Wireless networks
UR - https://www.scopus.com/pages/publications/69749083720
UR - https://www.scopus.com/pages/publications/69749083720#tab=citedBy
U2 - 10.1109/TIFS.2009.2026454
DO - 10.1109/TIFS.2009.2026454
M3 - Article
AN - SCOPUS:69749083720
SN - 1556-6013
VL - 4
SP - 492
EP - 503
JO - IEEE Transactions on Information Forensics and Security
JF - IEEE Transactions on Information Forensics and Security
IS - 3
M1 - 5159445
ER -