design and performance analysis of location-based security ... · a g p s w i - f i sensor types...
TRANSCRIPT
Design and Performance Analysis of Location-Based Security System
by Di QiuDepartment of Aeronautics and Astronautics
Stanford [email protected]
Sponsored by FAA Loran Program CRDA 2000-G-028
Security Threats in Information Age
► Data on 25 million / 60 million citizens► $ 500 million loss► Prime Minister Brown issued a public apology
U.K. government's lost data ‘worth billions to criminals’
November 29 2007
U.K. Prime Minister Gordon Brown “profoundly regrets” the loss of 25 million child benefit records. In what is being called the “worst data disaster
12/18/2008 2
More Threats
► Movie piracy$ 6.1 billion in 200562% from piracy of hard goods; 38% from Internet piracy
► Loss of electronic devicesQualcomm CEO, Irwin Jacobs, had his laptop stolen off the podium of a hotel conference room in Sep. 2000.Boeing has fired the employee whose laptop was stolen.
12/18/2008 3
More Security from Location
► Location for security?► Encryption:
hello world □□□□□□□□□″v□Z□&j“Only the secrecy of the key provides security.”
► AuthenticationSource verificationPasswords, smart ID, biometrics
Geo-Security System
Location parameters
Geotag
12/18/2008 4
Applications
► Digital Manners Policy (DMP)Microsoft pending patentRemotely control electronic devices
► Data access controlLocation validationDigital film distribution proposed by Logan Scott and Dorothy Denning
► Geo-fencingEricsson and IntelAnti-theft PC protection technologyAvailable by the second half of 2009
Master Transmitter
12/18/2008 5
Data Access Control
Receiver GeotagGeneration
Calibration
Database
Application
Grant/Deny?
Verification
Matching
12/18/2008 6
Reproducible geotag
AGPS
Wi-Fi
Sensor TypesA
ccur
acy
RangeIndoor Outdoor
1cm
1m
10m
100m
Ultrasound
UWB
Active RFIDInfrared
Bluetooth
GNSS
eLoran
TV
GSM
12/18/2008 7
Location-Based Parameters
► Time of Arrival (TOA)/Time Difference of Arrival (TDOA)
► Direction of Arrival (DOA)/Angle of Arrival (AOA)
► Signal Strength (SS)/Received Signal Strength (RSS)
► Signal to Noise Ratio (SNR)
► Bit Error Rate (BER)
► Envelope to cycle difference (ECD)/Code Carrier Divergence (CCD)
M
X
Y
12/18/2008 8
Approaches
Theoretical Framework• Security & signal property requirement• Geotag computation• Performance metric
Challenges• Security threats• Temporal variations• Offline transmitter
Methods• Attack model and mitigations• Error-tolerant algorithms
Demonstration• Signal selection• Performance evaluation• Comparison of signals
Design Geo-Security System
12/18/2008 9
Outline
► Theoretical framework
► Loran demonstration – performance
► Wi-Fi demonstration – multiplicity of signals
► Fuzzy extractors – continuity
Robust geotag
12/18/2008 10
Theoretical Framework Design
12/18/2008 11
Theoretical Framework
► Basic architectureGeotag generationAttack model and attack mitigations
► Performance analysisConsistency measureSpatial decorrelation measureTradeoff
12/18/2008 12
Geotag Generation
xi
Time
Quantization Mapping function
Δi
Continuous Discrete Binary
xxq T
12/18/2008 13
Attack Model
Types of AttacksSpoofing Trial and error
Assumptions► Tamper resistant device► Self-authenticated signal
Authenticate sourceTESLA on Loran
12/18/2008 14
12 3
6
Receiver GeotagGeneration
MatcherGrant /Deny
4
database
5
Applications
Trial and Error – “Parking Lot Attack”
► False Reject Rate (FRR)Fail to recognize userReproducibility
► False Accept Rate (FAR)Recognize attacker insteadSpatial unpredictability
Aha!
Huh?
What is the security radius?• Low FAR • Spatial decorrelation
12/18/2008 15
Receiver GeotagGeneration
Matcher
database
Receiver GeotagGeneration
Matcher
database
User
Attacker
d
Smart Parking Lot Attack - Tampering
12/18/2008 16
Receiver GeotagGeneration
Matcher
Grant /Deny
database
Applications
delay
delay
delay
delay…
the analog delay device
Search space of parameters is reduced.
Tradeoff between FAR and FRR
0 0.2 0.4 0.6 0.8 10
0.1
0.2
0.3
0.4
0.5
0.6
0.7
False Accept Rate
False
Rej
ect R
ate
Receiver Operating Curve
dattacker = 2σ
dattacker = 3σ
dattacker = 4σ
dattacker = 5σ
dattacker = 6σ
dattacker = 7σ
dattacker = 8σ
dattacker = 9σ
dattacker = 10σ
12/18/2008 17
Loran as a Case Study
12/18/2008 18
Loran for Geo-Security
Picture courtesy: Megapulse
► Low frequency► High power:
400 k~1.6 MW► Hard to jam► Stationary
transmitters► Repeatable
accuracy► Indoor capable► eLoran
12/18/2008 19
Loran Basic Architecture
LORAN-CU.S. WEST COAST CHAIN
GRI 9940
LEGENDTransmitter Station Approximate Limits of Coverage
M FallonW GeorgeX MiddletownY Searchlight
Picture Courtesy: Megapulse12/18/2008 20
TimeM WX
Y
Middletown was Live with Stanford Designed Authentication Scheme
< 50%
> 50%
> 80%
> 90%
> 95%
> 99%
>99.999%
Longitude (deg)
Latit
ude
(deg
)
Authentication Probablity as a Function of User Location
-130 -125 -120 -115 -11032
34
36
38
40
42
44
46
48
38.4 sec to authenticate the signal source with 50% BW
12/18/2008 21
Stanford Seasonal Monitor Station
Loran Locus SatMate 1030 NovAtel GPS Receiver
12/18/2008 22
Loran Seasonal Monitor Data
► TOA from Middletown over 90-day period► Additional secondary factor (ASF)► TOA is non-Gaussian
histogramGaussian fit
12/18/2008 23
σ =12 m
ASF Mitigation – Time Difference
► TD is close to Gaussian after correction► Spatial decorrelation► Lose TOA from master station
histogramGaussian fit
12/18/2008 24
σ =3.8 m
Reproducibility based on 90-day Data
►Day 1: calibration
►Day 2 ~ 90 (89 days): verification
►Parameter: TOA/TD
►Station: Middletown
5 10 15 20 25 3010
-2
10-1
100
Quantization Steps [m]
False
Rej
ect R
ate
Middletown
TOATD
96% FRR improvement for Δ = 15m 12/18/2008 25
Data Collections for Spatial Decorrelation
Parking Structure
Soccer Field
Office Building(Indoor & Outdoor)
12/18/2008 26
Parking Lot Attack – Spatial Decorrelation
212 => 43 hours224 => 248 months236 => 85792 years
12/18/2008 27
Smart Attack – Attack Time Reduction
12/18/2008 28
Wi-Fi as a Case Study
12/18/2008 29
Wi-Fi Data Collection Setup
Intel(R) PRO/Wireless 3945BG WirelessMon
NMEA0813
Garmin GPS 35PC
12/18/2008 30
Spatial Decorrelation
Cell Size Loran Wi-Fi (4 APs) Integrated
Average 10.3 m 12.3 m 8.1 m
Minimum 6.2 m 3.9 m 2.7 m21% cell size reduction
12/18/2008 31
Tradeoff – Office Building
► MAC + RSS
► 28% cell size reduction
► 100% FRR increase
► Loss > Gain
1 2 3 4 5 6 7 80
0.2
0.4
0.6
0.8
1
Fals
e R
ejec
t Rat
e
# of Access Points
Tradeoff
1 2 3 4 5 6 7 8 0
2
4
6
8
10
Averaged C
ell Size [m]
12/18/2008 32
Fuzzy Extractors
12/18/2008 33
Fuzzy Extractor
Generationx P Reproducex’P
…
T T’
Definition. A fuzzy extractor is a tuple (M, t0, Gen, Rep), where M is the metric space with a distance function dis, Gen is a generate procedure and Rep is a reproduce procedure, which has the following properties:
1.If dis(x, x’) ≤ t0, T’ = T.2.If dis(x, x’) ≥ t0, T’ ≠ T.
Y. Dodis el al., “Fuzzy extractors: How to generate strong keys from biometrics and other noisy data,” 2004.
12/18/2008 34
Error Patterns
► Random noise► Seasonal bias: ASF► Quantization error► Missing parameters
Implementation issues or station shutdownLoss track of transmitters
3 13 23 33 43 53 63 73 83 93-60
-40
-20
0
20
40
60
Day of Year 2008
TD (m
)
Middletown
12/18/2008 35
Tag at calibration ≠ Tag at verification
Fuzzy Extractor for Distance Metrics
Fuzzy extractors for location data► Euclidean metric
Random noise and biasQuantization errorOffset adjustment
► Hamming metricMissing parametersdis(x, x’) is the number of positions in which the strings x and x’ differReed-Solomon error correcting code
12/18/2008 36
Performance of Euclidean Fuzzy Extractor- 90 days Seasonal Data
2σ 3σ 4σ 5σ 6σ 7σ 8σ10
−2
10−1
100
Quantization Steps
False
Rej
ect R
ate
Euclidean Metric Fuzzy Extractor Performance
without fuzzy extractorwith fuzzy extractor⎪
⎪⎭
⎪⎪⎬
⎫
⎪⎪⎩
⎪⎪⎨
⎧
SNRECDSSTDparameters 15
9940 GRI
12/18/2008 37
84% FRR improvement for Δ = 4σ
Conclusion
► Location information is good for security applications.
► Tamper-resistance device and self-authenticated signal are required for geo-security system.
► Loran tags are reproducible and unpredictable.Security radius is 10 ~ 20 meters.
► Multiplicity of signals provides robust geotag.Fuzzy extractors
► Stanford filed many patents on geo-security.
12/18/2008 38
Thank You!
12/18/2008 39
Backup Slides
12/18/2008 40
Signal Authentication Survey
GPS P(Y) code – encrypted PRN code for military useLogan Scott proposed authenticated GPS signal for civil navigation• Digital signature to authenticate navigation data• Spread spectrum security codes (SSSC) and digital signature• Tamper resistant Civil Anti-spoof Security Module to process SSSC
Proposed authenticated Galileo signal• Safety of Life (SoL) service - authenticated navigation data• Commercial Service (CS) - encrypt the navigation data• Public Regulated Service (PRS) - both encrypted ranging codes and
navigation messagesProposed TESLA on Loran
Security LocationSignal authentication
Geo-security
12/18/2008 41
Probability of Error in the Presence of Gaussian Noise
-2 0 2 4 6 8 1010-7
10-6
10-5
10-4
10-3
10-2
10-1
100
SNR(dB)
Pro
babi
lity
Erro
r Rat
e
PPM 32 Level
AnalyticalSimulated
• A matched filter: convolutions of the time-reversed version of reference signals with the input signal
• 30 kHz NEBW
• A matched filter: convolutions of the time-reversed version of reference signals with the input signal
• 30 kHz NEBW
)
)(2
)()]()([(1
1 12
20
∑∑∫
∫=
≠= ∞
∞−
−=
M
i
M
iij
ij
iijnorme
dtthdN
dttststsF
MP
12/18/2008 42
Probability of Message Loss
► 1 packet = 5 symbols
► BER packet loss
► 1 message = 24 packets packet loss message loss
► RS code► Error correction
performance0 0.05 0.1 0.15 0.2 0.25
10-40
10-35
10-30
10-25
10-20
10-15
10-10
10-5
100
Average Packet Loss
Mes
sage
Los
s
Analytical Message Loss vs. Packet Loss
jnjn
tj
ppjn
failuredecordererror −
+=
−⎟⎟⎠
⎞⎜⎜⎝
⎛= ∑ )1()_/Pr(
1
12/18/2008 43
Authentication Bandwidth
Data messagesKey 160-bit MAC 160-bit
TESLA Segment (packet)
320/37 9 Loran messages
…
Key + MACData
50% BW 18 Loran messages90% BW 10 Loran messages
12/18/2008 44
Middletown Field Strength Distribution
<20
>20
>30
>40
>50
>60
>70
Longitude (deg)
Latit
ude
(deg
)
Middletown Coverage
-150 -140 -130 -120 -110 -100
25
30
35
40
45
50
55
60
12/18/2008 45
Performance Analysis– Multiple Location Parameters
∑+=
−−⎟⎟⎠
⎞⎜⎜⎝
⎛=
n
tj
jnj ppjn
1)1(}failure decodeor error Pr{
p symbol error
10-3
10-2
10-110
-8
10-6
10-4
10-2
100
Symbol Error
Fals
e R
ejec
t Rat
e
No Error CorrectionRS(15,11)
12/18/2008 46
Key Idea of Fuzzy Encryption
► Construct a polynomial by encoding the secrets► Project parameters on the polynomial► Randomly create chaff points► Recover the secrets using the received parameters
x
P(x)
12/18/2008 47
Fuzzy Extractor for Hamming Distance“Lock”
Signal ProcessingParameter Extraction
x Quantization qx
Mapping MatrixGeneration
QuantizationLevels
1 2 3 4 … n
q1
q2
q3
… … … … … …
c1
c2
c3
Continuous parametersQuantized parameters
Random Generator
Hash T
RSEncode c
Secret message
m
12/18/2008 48
Fuzzy Extractor for Hamming Distance“Unlock”
Signal ProcessingParameter Extraction
x’Quantization q’x
Continuous parametersQuantized parameters
… … … … … …
c1
c2
c3c1
c2
c’3
cn
…RS
Decode Hash Tmq’x
12/18/2008 49
One Location Parameter
Δ
12/18/2008 50
Tradeoff between FAR and FRR
► Δ = 6σ
► FRR 0.01 0.04
► FAR 0.9 0.008
► Optimal N = 5
1 2 3 4 5 6 710
-3
10-2
10-1
100
# of Location Parameters
Err
or R
ate
Tradeoff
FRRFAR
12/18/2008 51
Availability – Office Building
0 5 10 15 20 25 0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Access Points
Ava
ilabi
lity
Durang 4th Floor, 2008-10-31 12:30:4~16:32:52
2 3 4 5 6 7 8 9 10 11 0%
5%
10%
15%
20%
25%
30%
35%
# of Access Points
Perc
enta
ge o
f Tim
e
Durang 4th Floor, 2008-10-31 12:30:4~16:32:52
12/18/2008 52
RSSI Monitor
0 1 2 3 4 5 6 7 8-100
-90
-80
-70
-60
-50
-40
-30
Time (hour)
RSS
I (dB
m)
Residential, 2008-10-15 19:0:1 ~ 10-16 3:2:38
001fb3d87ee1001c103323240218de025e10000f66095c96001217bbc7ee00904c7e006e001d7ef40276001b2f554db4001e2a4fcf0600904c7e0029001fb3f1ba99001ee5674429001ef776c571001fb3c01081001e5836fa87001ef776c570001c10c0b76f0014bf45ddcd00501844dc9a
12/18/2008 53
Availability – Residential
0 2 4 6 8 10 12 14 16 18 20 0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Access Points
Ava
ilabi
lity
Residential, 2008-10-15 19:0:1 ~ 10-16 3:2:38
3 4 5 6 7 8 9 10 0%
5%
10%
15%
20%
25%
30%
35%
# of Access Points
Perc
enta
ge o
f Tim
e
Residential, 2008-10-15 19:0:1 ~ 10-16 3:2:38
12/18/2008 54
Tradeoff - Residential
► Wi-Fi
► MAC + RSS
► 28% cell size reduction
► 98% FRR increase
► Loss > Gain
1 2 3 4 5 6 7 80
0.2
0.4
0.6
0.8
1
Fals
e R
ejec
t Rat
e
# of Access Points
Tradeoff
1 2 3 4 5 6 7 82
4
6
8
10
12
Averaged C
ell Size [m]
12/18/2008 55