NSF Award 2044516: CAREER: Data-Driven Wireless Networking Designs for Efficiency and Security
Today's wireless networks are being re-shaped by ubiquitous wireless connectivity (e.g., WiFi and 4G/5G) and emerging network architectures (e.g., Internet of Things, edge/fog computing, and cyber-physical systems). On one hand, wireless networks are being designed to provide efficient, high-bandwidth wireless connectivity to wireless users; on the other hand, the user demand for more efficient, reliable, and secure wireless data services. Wireless network designs have been traditionally guided by theoretical or decision logic frameworks, such as estimation and detection theory, control mechanisms, interference avoidance and cancelation designs. During the past decades, we have witnessed the substantial innovations in the wireless network design domain based on these frameworks. At the same time, wireless network operations are facing increasingly more complicated environments (e.g., network coexistence, cross-technology communication, opportunistic/cognitive networking, and selfish/malicious behaviors). These environments push wireless network designs for even higher requirements of efficiency and security.
The proposed project focuses on exploring the new dimension of creating data-driven approaches towards improving the wireless network performance and security. Our approaches are motivated by the fact that wireless network nodes are able to hear (or overhear) various operational data exchanges broadcast over the wireless channel. The property of such network data reflects various operational conditions (e.g., transmission settings, channel status, node coordinations, and even firmware setups), and becomes an essential enabler for data-driven approaches going beyond traditional ones. We observe that the indications of using the large volume of wireless network data are twofold: on one hand, it should open a door for network nodes to leverage the data property to improve the wireless network efficiency and reliability; on the other hand, the data can also be observed by malicious nodes that try to gradually gain the knowledge about network operations and launch effective attacks. As a result, data-driven approaches proposed in this project aim at improving wireless network efficiency, reliability, as well as security. One key difference between data-driven and traditional network designs is that the online data due to network activities will be collected, processed and used towards a design objective.
In MU-MIMO user selection commonly used in wireless networking, we discovered that this convenient CSI feed-back mechanism actually creates a subtle attack surface for attackers to subvert the user selection in MU-MIMO networks. Specifically, since the CSI feedback is self-reported and is transmitted in plaintext (e.g., in WiFi), an attacker is able to collect and analyze users’ feedback data, and further to delicately fabricate a forged channel feedback to manipulate the user selection results. We investigated the potential attacks against CSI-based user selection algorithms and developed a system, named MU-MIMO user selection strategy inference and subversion (MUSTER), to systematically study a security attacker’s strategies to subvert MU-MIMO user selection commonly used in wireless networking. We also investigated the defense strategies against the proposed MUSTER attack strategies.
During designing detailed MUSTER attack strategies, we focuses on three major attack objectives: (i) Targeted Denial of Service (TDoS): The attacker aims to starve particular users, such that the victims can never or barely get access to the transmitter. Such attacks can specify any victims to amplify its adverse impact, such as disconnecting important users who provide essential services, disrupting users requesting time-sensitive accesses, or starving local-network competitors. (ii) Cooperative Privilege Escalation (CPE): The attacker aims to escalate the privilege of particular users (e.g., a conspirator), increasing their possibility of being selected and obtaining exclusive service. In this way, the attacker and the conspirator can cooperatively gain unfair access to the transmitter and abuse network operations. (iii) Network Throughput Degradation (NTD): One of the key objectives of user selection algorithms is to select a user group that achieves the maximum network throughput. By fabricating a forged CSI feedback, the attacker can subvert user selection results and substantially degrade the target MU-MIMO network throughput.
We implemented MUSTER as a practical system and conduct experiments on real-world MU-MIMO networks with different user selection algorithms and settings. We investigated the proposed attacks on top of user selection predictions. Results shows that TDoS can achieve up to 97.48% success rate, CPE can achieve up to 94.86% success rate, and NTD can substantially leads to 34.7%∼ 54.3% network throughput degradation. The experiment results indicate that MUSTER can effectively launch desired attacks.
◇ Tao Hou, Shengping Bi, Tao Wang, Zhuo Lu, Yao Liu, Satyajayant Misra, and Yalin Sagduyu. MUSTER: Subverting User Selection in MU-MIMO Networks. IEEE Conference on Computer Communications (INFOCOM). pp. 140--149. 2022
◇ Tao Hou, Tao Wang, Zhuo Lu, and Yalin Sagduyu. Undermining Deep Learning Based Channel Estimation via Adversarial Wireless Signal Fabrication. ACM Workshop on Wireless Security and Machine Learning (WiseML), 2022.
The introduction of data-driven approaches for WiFi efficiency and security has been added to the Wireless Mobile Computing and Security class at University of South Florida.
Parts of the research results have been presented in IEEE INFOCOM 2022 and ACM WiSec-WiseML 2022