Restriction lift date: 2023-05-30
Intelligent low-complexity widely deployable diagnostic tools for wireless edge device security using machine learning
Full Text E-thesis
O'Mahony, George D.
University College Cork
Classifying the fluctuating operating wireless environment and detecting interference is crucial for wireless networks to reliably deliver authentic and confidential packets. Wireless systems have penetrated many aspects of modern lives and are an essential component of the telecommunications infrastructure. Despite significant technological advancements, most wireless networks remain susceptible to radio jamming. Modern stealthy attacks transmit short jamming signals that use little energy (to be more challenging to detect), yet cause entire packet transmission procedures to fail. This thesis concentrates primarily on wireless sensor networks (WSNs) due to their utilization in the Internet of Things and other applications, the rapidly changing wireless landscape, and susceptibility to radio jamming and spectrum coexistence. WSNs have developed significantly over the past decade and typically consist of resource and energy-constrained devices employing open standards and commercial-off-the-shelf equipment. The deployments are diverse and often form essential safety and privacy-related systems, including remote patient monitoring (health-care), space exploration, smart homes and cities and missile defense. The persistent threat of jamming and the abundance of coexisting signals in the industrial, scientific and medical (ISM) radio frequency (RF) band results in WSNs being readily compromised by malicious and/or unintentional signals. As a result, edge devices require increased capabilities to react to the wireless operating environment and make decentralized decisions, especially in remote deployments where it is difficult to have continued surveillance. To detect state-of-the-art subtle jamming attacks and enable decentralized decisions, this thesis exclusively utilizes correlated in-phase (I) and quadrature-phase (Q) samples. This procedure focuses on the interactions of the wireless environment with the received signal. The I/Q data is consistently available to a functioning receiver and novel low-order statistical features are extracted from the time-domain, frequency-domain, and spatial analysis. The extracted features enable low complexity machine learning diagnostic tools that achieve similar accuracy to resource-intensive deep neural networks (DNNs). Diagnostics involve legitimate signal/channel classification for identifying the operating environment and interference detection and classification. The developed framework enables decentralized edge device decision-making, needed to enable appropriate independent security and transmitting mechanisms and to reduce retransmissions and energy usage. Four main work packages (WPs), schematically represented in Fig. 1, are required, each addressing a specific aspect in developing the interference diagnostic framework. To summarize, the initial WP focuses on an extensive Matlab simulation study that neglects hardware restrictions. WP 2 extracts low-order features from wirelessly received ISM band signals and develops optimal machine learning signal classifiers. WP 3 analyzes Global Positioning System (GPS) signals, due to the benefit from accurate time and location measurements, similarities to signal classification due to the low received power levels and GPS signals being vulnerable to interference. This GPS work examines the developed methodology's transferability to a new RF spectrum area and applies different hardware and numerical ranges for feature extraction. WP 4 focuses on WSN (ZigBee) interference detection and classification using the developed low-order features. The optimized machine learning models in WP 2 form the foundation for interference diagnostic tool development. Software-defined radios (SDRs) and Raspberry Pi devices implement low-cost yet high-performance WSN and GPS testbeds, penetration testers and data acquisition tools. Feature analysis uses I/Q samples received from commercial and SDR sources in a domestic wireless operating environment. Noise, ZigBee, continuous wave (CW), WiFi and Bluetooth data are examined for signal classification. Over-the-air ZigBee interference data is collected from SDR jamming of ZigBee signals transmitted from SDR and commercial (XBee) sources. A developed ZigBee wireless testbed is utilized in each approach, where the interference signals are the matched signal (ZigBee) intelligent deceptive jamming attack and conventional CW jamming. Supervised machine learning algorithms, including support vector machines, Random Forest, XGBoost, K Nearest Neighbors and DNNs, evaluate the developed feature set in each application. The designed data analytics and features enable more fundamental approaches to achieve similar accuracy and generalization results, on unseen data, to DNNs, but for a small fraction of the time and computation requirements. Compared to existing schemes, the low-order features that neglect prior network knowledge are novel and prove supervised fundamental approaches can generalize to new data, given powerful data analytics. The principal contribution is the real-world validated intelligent, novel, low complexity, widely deployable interference diagnostic tools. These tools utilize novel low-order features and achieve an average accuracy above 98%, which matches or outperforms the related literature. Adapting the optimized models to GPS signals establishes the transferability of the designed methodology. A Raspberry Pi embedded device implementation exemplifies a relatively resource-constrained deployment.
Cybersecurity , Security , Machine learning , Wireless communications , Edge devices , Wireless sensor networks , Boosted decision trees , Zigbee , Jamming/interference detection , Jamming/interference classification , Global positioning system (GPS) , Deep neural network , Interference diagnostics
O'Mahony, G. D. 2021. Intelligent low-complexity widely deployable diagnostic tools for wireless edge device security using machine learning. PhD Thesis, University College Cork.