Title | Comm Project Report - A mysterious phenomenon is the ability of over-water migrants to travel on course. |
---|---|
Author | Shezan Ahmed |
Course | Electronic Device |
Institution | University of Dhaka |
Pages | 9 |
File Size | 279.8 KB |
File Type | |
Total Downloads | 36 |
Total Views | 138 |
A mysterious phenomenon is the ability of over-water migrants to travel on course. Birds, bees, and other species can keep track of time without any sensory cues from the outside world, and such “biological clocks” clearly contribute to their “compass sense.” For example, they can use the position o...
Communication Laboratory Date Of Submission
:
22/07/2018
EEE 310 Communication Laboratory Project Report
Protection, detection, and analysis of intentional and unintentional jamming of WiFi using IoT module Team Members (Authors) :
Sheikh Asif Imran
Student ID #1506042
Student ID #1506043
Naveed Ishraq
Rayhan Hayther Samrat
Student ID #1506044
Student ID #1506045
Section A2, Lab group 3, Department of Electrical and Electronic Engineering .
Raihan Ali
WiFi Jamming Analysis and Detection
Introduction It has long been recognized that complete jamming of wireless networks can be realized by generating continuous noise with sufficient power in the vicinity of the wireless network. There are many disadvantages of this approach including high energy requirements and a high probability of detection. Researchers show that similar jamming effectivenesscanbe achieved with very low energy requirements and low probability of detection. We would studied various measures of performance for jamming and the role of authentication in denial of service attacks. With rampant deployment of wireless technologies such as WLAN, information leakage is increasingly becoming a threat for its serious adopters such as enterprises. Research on antidotes has been mainly focused on logical measures such as authentication protocols and secure channels, but an inside collaborator can readily circumvent such defenses and wirelessly divert the classified information to a conniver outside. A novel approach to the problem that forges a walled wireless coverage, a secure Wi-Fizoneinparticular, employs a defensive jamming. Inspired by the fact that jamming asanattackisinherentlydifficult to defeat, this approach turns the table and uses jamming itself as a defensive weapon to fend off the covert illegal access from outside. Such works motivate us to study jamming techniques, protection and detection mechanisms devised for various protocols,andtheWiFicommunication system itself. There could be situations where a Wifi jammer is useful, desirable, and even ethical, according to Thierry Durand, COO, Comsis. Spectrum sharing and limitation of EM exposure can result in unwanted interruption, too. Hence, it is necessary to study security parameters and employing them.
Theory IEEE 802.11 Wi-Fi devices are designed based on IEEE 802.11 standards. It is a set of medium access control andphysicallayerforimplementing WLAN in a computer network. It is the most widely used wireless computer networking standard. The 802.11 family consists of a series of half-duplex modulation techniques. 802.11b and 802.11g uses the 2.4 GHz band which is much prone to interference from microwaves, Bluetooth devices, telephones etc. For controlling their interference it uses Direct sequence spread spectrum (DSSS) and Orthogonal frequency division multiplexing (OFDM) methods respectively.
WiFi Jamming Analysis and Detection
Direct Sequence Spread Spectrum (DSSS) In DSSS technology the data stream is combined with pseudo random numerical sequence (PRN) by XOR function. This PRN is a 11-chip Barker sequence which is 10110111000. This XOR output is modulated using BPSK and QPSK for 1Mbps and 2 Mbps signals respectively. Complementary code keying (CCK) is used to encode data for 5 Mbps and 11Mbps. It uses 64 eight bit code words for encoding. These code words have unique mathematical characteristics to distinguish them in presence of noise and interference. Thus the data spectrum widens in the frequency domain due to DSSS which helps secure communication and makes it resistant against jamming and interference.
Orthogonal Frequency Division Multiplexing (OFDM) In OFDM the communication channel is divided into many subcarrier channels. Each of these subcarriers carry part of the information and they are orthogonal to each other i.e independent of each other. So these subchannels don’t interfere with each other. In OFDM the data stream is divided into n-bit patterns by using serial to parallel converter. These n- bit patterns are passed throughnsubchannels. Generally narrow bits are susceptible to noise and inter-symbol interference. In OFDM this narrow bits are divided into n wider bits in each subchannel. Thus it has less bit error rate (BER). OFDM reduces BER by sending the information in multiple sub-channels.
Medium Access Control (MAC) A media access control address (MAC address) of a device is a unique identifier assigned to a network interface controller (NIC) for communications at the data link layer of a network segment. MAC addresses are used as a network address for most IEEE 802 network technologies, including ethernet and wifi. MAC addresses are used in MAC protocol sublayer. The 802.11 Medium Access Control (MAC) protocol has been designed to take care of the following needs: ● ● ● ● ●
Reliable delivery mechanism for user Data over noisy and unreliable wireless media Requires participation of all nodes Fair distribution of wireless bandwidth among all nodes Dealing with hidden node problem
Control Frames Control frames facilitate in the exchange of data frames between stations. Some common 802.11 control frames include: ●
Acknowledgement (ACK) frame: After receiving a data frame, the receiving station will send an ACK frame to the sending station if no errors are found. If
WiFi Jamming Analysis and Detection
●
●
the sending station doesn't receive an ACK frame within a predetermined period of time, the sending station will resend the frame. Request to Send (RTS) frame: The RTS and CTS provide an optional collision reduction scheme for access points with hidden stations. A station sends a RTS frame as the first step in a two-way handshake required before sending data frames. Clear to Send (CTS) frame: A station responds to an RTS frame with a CTS frame. It provides clearance for the requesting station to send a data frame. The CTS provides collision control management by including a time value for which all other stations are to hold off transmission while the requesting station transmits.
Difference between Jammer and Deauther: While a jammer just creates noise on a specific frequency range (i.e. 2.4GHz), a deauthentication attack is only possible due to a vulnerability in the WiFi (802.11) standard. The deautherdoes not interfere with any frequencies, it is just sending a few WiFi packets that let certain devices disconnect. It just bursts repeated deauthentication packets to jam WiFi access points. It includes a deauthenticating command which causes WiFi clients to stop using an access point and attempt to reauthenticate themselves. That enables you to specifically select every target.On the other hand a jammer just blocks everything within a radius and is therefore highly illegal to use.
What is a packet? Each piece of information transmitted on a network following any of the IEEE 802 seriesstandardsissentinsomethingcalled a p acket. A packet is simply a chunk of data enclosed in one or more wrappers that help to identify the chunk of data and route it to the correct destination. D estination in this sense means a particular application or process running on a particular machine. These wrappers consist of h eaders, or sometimes headersandt railers. Headers are simply bits of data added to the beginning of a packet. Trailers are added to the end of a packet. Packets are created at the machine sending the information. The application generating the data on the sending machine passes the data to a p rotocol stack running on that machine. The protocol stack breaks the data down into chunks and wraps each chunk in one or more wrappers that will allow the packets to be reassembled in the correct order at the destination. At the receiving end, the process is reversed.
Sniffer Attack: A sniffer isanapplicationthat can capture network packets. Sniffers are also known as network protocol analyzers. Sniffing refers to the process used by attackers to capture network traffic using a sniffer. Once the packet is captured using a sniffer, the
WiFi Jamming Analysis and Detection contents of packets can be analyzed. When data is transmitted across networks, if the data packets are not encrypted, the data within the network packet can be read using a sniffer. Using a sniffer application, an attacker can analyze the network and gain information to eventually cause the network to crash or to become corrupted, or read the communications happening across the network.
Materials Implementation and Their Impact ESP8266 is a low-cost Wi-Fi microchip with full TCP/IP stack and microcontroller capability. It is a self-contained SOC (system-on-a-chip). Different versions of the ESP8266 firmware communicate at different baud rates and have subtly different commands. We possess a NodeMCU and a WeMos board with ESP8266 mounted on them. Open-source ESP8266 WiFi deauther projectsshowcasemultiple approaches of jamming techniques.The802.11WiFi conventioncontainsanalleged deauthentication outline. It is utilized to detach customers securely from a remote system. The ESP8266 is an exceptional microcontroller with implicit WiFi. It contains a capable 160 MHz processor, making it suitable for such studies.
Outcome Measures Results of deauther and jammer techniques, along with protection and detection schemes, would be analyzed in terms of jamming attack metrics suggested by David Thuente, while categorizing and detecting their aspects.
Data Collection and Analysis We might employ IoT capability of ESP8266 and collect the data over MqTT servers, as we have done before for IoT projects. However, while employing other approaches, we might need to collect the data using serial communication between ESP8266 and a laptop.
Potential Impact In Bangladesh, spreading WiFi zones would require scrutinization of intentional and unintentional interferences prior to setting up mass WiFi availability. Studying various techniques to deal with latest protocols would, henceforth, provide us an opportunity to inspire the research in this field. Wireless communication, without verified security measures, cannot fulfill public needs. Webelieve,ethical jamming or defensive jamming can also help build secure WiFi zones. Our study and demonstration would help gathering knowledge in this regard in a systematic manner.
WiFi Jamming Analysis and Detection
Future Plans 1. Working with specific protocols such as IEEE 802.11ac (5 GHz) or 802.11g (2.4 GHz). 2. Improving the aspects of jammer detection and protection by means of power efficiency or other parameters.
Pipeline of Our Developed System
WiFi Jamming Analysis and Detection The functional detector portion (we wrote more than 300 lines of code to implement this) has been stored on Google Drive: t inyurl.com/yasua5ww
Workflow and Further Improvements 1. Analysing Stefan Kremser’s WiFi deauthentication tools. 2. Using promiscuous sniffing mode of ESP8266 to detect deauth packets sent using any of the approaches of Stefan Kremser, which spans a wide range of operational importance in academic interest. 3. Calculating time duration of attack from packet detector end. 4. Logging attack history in a given area (mailing ‘time durations’). Furthermore, we would extend our study in future as we learn more about WiFi, which seems an intriguing topic from our perspective as an undergraduate team: 5. Detecting SSID specific packets to sniff out fake (‘Beacon’) or deauth-packet sending individual networks. 6. Jamming that specific network so that data theft or phishing does not occur, as a protective measure.
Result Analysis We developed a system where attack duration data would be immediately logged and sent as notification to owner’s email address. We expected a 3 second delay in attack beginning point detection and 10 second pessimistic safe window for detecting clean end of an attack section. Some of our gmail logs are attached to demonstrate trials and tweakings. Since we were familiar with Google SMTP server, we used that knowledge to send email from emails created by us : [email protected] to [email protected] .
Code analysis Gmail SMTP server To set up a mail client it’s necessary to configure an SMTP server that will take care of the delivery of emails. We simply have to our email software and add the right S MTP parametres in the settings windows. We have to fill the appropriate parameters of the SMTP server settings. This can be found in the GMAIL sender cpp file in the shared drive file containing all our codes. Since we used SMTP previously for alias mails (e.g. @ieee.org ), we were familiar with the API.
WiFi Jamming Analysis and Detection
Detector ESP8266 famously allows “sniffing” number of packets sent from various SSIDs. We have simply enabled this settings (“promiscuous”), and detected any suspicious packet injection peak. Furthermore, we look forward to implement a rigorous protector with this basic idea only for academic interest.
Demonstration A Wi-Fi deauthentication attack is a type of denial-of-service attack that targets communication between a user (STA or Station) and a Wi-Fi wireless access point (AP). It has long been recognized that complete jamming of wireless networks can be realized by generating continuous noise with sufficient power in the vicinity of the wireless network.
Limitations of existing Wifi network Generally WiFi network supports two type of technology: infrastructure mode and Ad hoc mode. In Ad hoc mode it is possible to connect to internet without any third party access point or routers. Therefore mostly user prefer Ad hoc mode to over infrastructure mode.. The configuration of ad hoc device never disables SSID access while infrastructure mode does. In ad hoc mode existing network attackers will not requisite a lot effort. When you are experienced an Ad hoc mode signal problem may occurs in fact infrastructure mode offers full strength signals. 802.11g standard require ad hoc mode in WiFi network with the bandwidth of 11Mbps. When a user build up WiFi network on infrastructure mode then the rate of transfer data is up to 54 Mbps on the other hand when configuration held on ad hoc mode then only 11 mbps data can be attained. Ad hoc mode is very slow as compared to infrastructure mode.There are some security issues which may cause of wifi limitation because the setting of WiFi network is really very easy but to maintain security need lots of efforts, because there is no encryption methods organize on access point of WiFi network. Some time WiFi network become more vulnerable when hacker attacks on WiFi network and steal your important data and reduce the performance of your network traffic. The slow transfer rate of videos and audios pushed further than their restrictions. When lots of users are getting access to internet via same network then the speed of transfer data came down. When more than few devices are connected to wireless network then this problem is irritated and if you think to download heavy files at the same time you never do this because of division of bandwidth to all equipment’s reduce the speed and sometime makes network unresponsive.
WiFi Jamming Analysis and Detection On the whole no doubt there are some limitations in WiFi network but including all limitations WiFi have excellent features of connectivity which helps to forget the limitation. Therefore in coming days everyone demand for WiFi network to get quick access to internet everywhere and want to get benefit from WiFi hotspots to make their business more profitable and successful beside all limitation of WiFi network.
Acknowledgement References 1. Yu Seung Kim, Patrick Tague, Heejo Lee, Hyogon Kim. Carving Secure Wi-Fi Zones with Defensive Jamming. 2. David J. Thuente, Mithun Acharya. Intelligent Jamming in Wireless Networks with Applications to 802.11b and Other Networks. 3. Abderrahim Benslimane, Abdelouahid El Yakoubi, Mohammed Bouhorma. Analysis of Jamming effects on IEEE 802.11 Wireless Networks. _____________ ...