Colin Murphy | University College Cork (original) (raw)

Papers by Colin Murphy

Ad Hoc Networks, 2021

Despite Wireless Sensor Networks (WSNs) significantly developing over the past decade, these netw... more Despite Wireless Sensor Networks (WSNs) significantly developing over the past decade, these networks, like most wireless networks, remain susceptible to malicious interference and spectrum coexistence. Other vulnerabilities arise as WSN applications adopt open standards and typically resource and energy-constrained commercial-off-the-shelf equipment. Deployments include safety-critical applications such as the internet of things, medical, aerospace and space and deep-sea exploration. To manage safety and privacy requirements across such a diverse wireless landscape, security on wireless edge devices needs improvement while maintaining low complexity. This paper improves wireless edge device security by developing a novel intelligent interference diagnostic framework. Received in-phase (I) and quadrature-phase (Q) samples are exclusively utilized to detect modern, subtle and traditional crude jamming attacks. This I/Q sample utilization inherently enables decentralized decision-making, where the low-order features were extracted in a previous study focused on classifying typical 2.4-2.5 GHz wireless signals. The associated optimal intelligent models are leveraged as the foundation for this paper's work. Initially, Matlab Monte Carlo simulations investigate the ideal case, which incorporates no hardware limitations, identifies the required data type of signal interactions and motivates a hardware investigation. Software-defined radios (SDRs) collect the required live over-theair I/Q data and transmit matched signal (ZigBee) and continuous-wave interference in developed ZigBee wireless testbeds. Low complexity supervised machine learning models are developed based exclusively on the low-order features and achieve an average accuracy among the developed models above 98%. The designed methodology involves examining ZigBee over-the-air data for artificial jamming and SDR jamming of ZigBee signals transmitted from SDR and commercial (XBee) sources. This approach expands to a legitimate node classification technique and an overall algorithm for wireless edge device interference diagnostic tools. The investigation includes developing Support Vector Machine, XGBoost and Deep Neural Network (DNN) models, where XGBoost is optimal. Adapting the optimized models to global positioning system signals establishes the transferability of the designed methodology. Implementing the designed approaches on a Raspberry Pi embedded device examines a relatively resource-constrained deployment. The primary contribution is the real experimentally validated interference diagnostic framework that enables independent device operation, as no channel assumptions, network-level information or spectral images are required. Developed models exclusively use I/Q data low-order features and achieve high accuracy and generalization to unseen data.

Future Internet

This study proposes a heterogeneous hardware-based framework for network intrusion detection usin... more This study proposes a heterogeneous hardware-based framework for network intrusion detection using lightweight artificial neural network models. With the increase in the volume of exchanged data, IoT networks’ security has become a crucial issue. Anomaly-based intrusion detection systems (IDS) using machine learning have recently gained increased popularity due to their generation’s ability to detect unseen attacks. However, the deployment of anomaly-based AI-assisted IDS for IoT devices is computationally expensive. A high-performance and ultra-low power consumption anomaly-based IDS framework is proposed and evaluated in this paper. The framework has achieved the highest accuracy of 98.57% and 99.66% on the UNSW-NB15 and IoT-23 datasets, respectively. The inference engine on the MAX78000EVKIT AI-microcontroller is 11.3 times faster than the Intel Core i7-9750H 2.6 GHz and 21.3 times faster than NVIDIA GeForce GTX 1650 graphics cards, when the power drawn was 18mW. In addition, the...

2019 30th Irish Signals and Systems Conference (ISSC), 2019

This paper outlines the development of an RF Vector Network Analyser (VNA) laboratory for undergr... more This paper outlines the development of an RF Vector Network Analyser (VNA) laboratory for undergraduate electronic engineering students. Because of the expense of highquality high-frequency vector network analyser systems, these are usually only encountered by a small number of students who undertake a senior-year project in the RF/microwave area. This paper describes a VNA-based laboratory which is intended to be used by all undergraduate Electrical and Electronic Engineering students in the 4 th year of the programme, thus giving all students an insight into this sometimes "mysterious" area of the undergraduate curriculum. The paper moves from the initial "wish list" for what the laboratory might incorporate to the final roll-out to a cohort of 23 students. Feedback from the students indicate that the laboratory session was well received while also indicating that there is potential for improvement in some areas.

2020 Global Internet of Things Summit (GIoTS), 2020

Wireless sensor network (WSN) research and development is producing viable solutions for various ... more Wireless sensor network (WSN) research and development is producing viable solutions for various innovative applications, including critical areas such as the Internet of Things (IoT), which is becoming a significant feature of modern technology. WSNs form an integral component of the IoT infrastructure by, frequently, implementing the communication links between sensors and the access point or central coordinator. This design and use in IoT applications intensifies the incentive to attack WSNs as sensitive data is available and transmitted in wireless links, which inherently contain security vulnerabilities, especially from external malicious interference. To ensure satisfactory performance, safety and privacy, communication links and WSN devices must be secure. Hence, penetration testing to identify security vulnerabilities and responses to external intrusions is a prerequisite to forming secure connections and an overall secure network. Derived from a prior study, this paper explores the benefits of using software-defined radios (SDRs) for WSN/IoT data analysis and penetration testing by concentrating on implementing various intrusions using signal processing block based software like Simulink or GNU Radio. A comparison with traditional WSN packet sniffing/debugging tools is provided and the main security vulnerabilities of existing WSNs are surveyed by adopting the ZigBee protocol. An extension to WSN security analysis and testing is established by utilizing low-cost SDRs and specifying the ease of implementing various analysis techniques even when certain equipment, such as anechoic chambers, are unavailable. Stemming from previous simulations, the benefits of obtaining the in-phase and quadrature-phase samples, both with and without external interference, is also discussed.

2018 International Carnahan Conference on Security Technology (ICCST), 2018

Safety critical, Internet of Things (IoT) and spacebased applications have recently begun to adop... more Safety critical, Internet of Things (IoT) and spacebased applications have recently begun to adopt wireless networks based on commercial off the shelf (COTS) devices and standardized protocols, which inherently establishes the security challenge of malicious intrusions. Malicious intrusions can cause severe consequences if undetected, including, complete denial of services. Particularly, any safety critical application requires all services to operate correctly, as any loss can be detrimental to safety and/or privacy. Therefore, in order for these safety critical services to remain operational and available, any and all intrusions need to be detected and mitigated. Whilst intrusion detection is not a new research area, new vulnerabilities in wireless networks, especially wireless sensor networks (WSNs), can be identified. In this paper, a specific vulnerability of WSNs is explored, termed here the matched protocol attack. This malicious attack uses protocol-specific structures to compromise a network using that protocol. Through attack exploration, this paper provides evidence that traditional spectral techniques are not sufficient to detect an intrusion using this style of attack. Furthermore, a ZigBee cluster head network, which co-exists with ISM band services, consisting of XBee COTS devices is utilized, along with a real time spectrum analyzer, to experimentally evaluate the effect of matched protocol interference on a realistic network model. Results of this evaluation are provided in terms of device errors and spectrum use. This malicious challenge is also examined through Monte-Carlo simulations. A potential detection technique, based on coarse inter-node distance measurements, which can theoretically be used to detect matched protocol interference and localize the origin of the source, is also suggested as a future progression of this work. Insights into how this attack style preys on some of the main security risks of any WSN (interoperability, device limitations and operation in hostile environments) are also provided.

2020 31st Irish Signals and Systems Conference (ISSC), 2020

Knowledge of the wireless channel is pivotal for wireless communication links but varies for mult... more Knowledge of the wireless channel is pivotal for wireless communication links but varies for multiple reasons. The radio spectrum changes due to the number of connected devices, demand, packet size or services in operation, while fading levels, obstacles, path losses, and spurious (non-)malicious interference fluctuate in the physical environment. Typically, these channels are applicable to the time series class of data science problems, as the primary data points are measured over a period. In the case of wireless sensor networks, which regularly provide the device to access point communication links in Internet of Things applications, determining the wireless channel in operation permits channel access. Generally, a clear channel assessment is performed to determine whether a wireless transmission can be executed, which is an approach containing limitations. In this study, received in-phase (I) and quadraturephase (Q) samples are collected from the wireless channel using a software-defined radio (SDR) based procedure and directly analyzed using python and Matlab. Features are extracted from the probability density function and statistical analysis of the received I/Q samples and used as the training data for the two chosen machine learning methods. Data is collected and produced over wires, to avoid interfering with other networks, using SDRs and Raspberry Pi embedded devices, which utilize available opensource libraries. Data is examined for the signal-free (noise), legitimate signal (ZigBee) and jamming signal (continuous wave) cases in a live laboratory environment. Support vector machine and Random Forest models are each designed and compared as channel identifiers for these signal types.

2019 30th Irish Signals and Systems Conference (ISSC), 2019

Wireless sensor network (WSN) applications have expanded considerably over the past decade or so ... more Wireless sensor network (WSN) applications have expanded considerably over the past decade or so and now, solutions exit for various innovative applications. These wireless networks adopt commercial off the shelf devices and standardized protocols, which inherently creates security challenges. These challenges are ever changing as malicious interference and intrusion techniques evolve and dynamic efficient hardware becomes increasingly accessible. This paper presents the development of multiple low-cost hardware and software platforms designed so security enhancements and modifications to WSN protocol architecture and packet structure can be designed and tested. Each testbed has been built satisfying the requirements of being available as unmodified commercial off the shelf (COTS) components and based on open source software. The testbeds provide versatility through operating on various operating systems including Windows and Linux, are reproducible and can be deployed in a way which replicates real world WSNs. Each distinct system provides remote access, real time and off line data analysis, specific control of each network node and the ability to upload data from the WSN. This paper describes in-detail the individual pieces of suitable hardware for WSN protocol and packet structure design and illustrates the system architecture required to form testbeds which can experimentally validate modifications to a WSN protocol. Additionally, a baseline is defined and encapsulates the ZigBee standard. Example results of the distinct testbeds in operation are provided along with the specific open source software being used.

2019 30th Irish Signals and Systems Conference (ISSC), 2019

The radio architectures of and protocols used by wireless sensor networks (WSNs) are, typically, ... more The radio architectures of and protocols used by wireless sensor networks (WSNs) are, typically, very similar and are based on IEEE 802.15.4. By concentrating on this standard and the associated employed security techniques, the possibility of designing a transferable safety and privacy enhancement across protocols and services, becomes a reality. WSN applications have expanded significantly over the past decade or so and adopt commercial off-the-shelf (COTS) devices and publicly available standards, which inherently creates intruder incentives and security challenges. Securing WSNs is a critical requirement due to the challenging burden of protecting the transmitted sensitive information across various applications, while operating under unique security vulnerabilities and a fluctuating radio frequency (RF) spectrum and physical environment. Couple this aspect with establishing a level of trust among network nodes, while providing resilience to interference, it becomes clear that m...

2020 IEEE 6th World Forum on Internet of Things (WF-IoT), 2020

Wireless Sensor Network (WSN) technology has developed substantially over the past decade or so a... more Wireless Sensor Network (WSN) technology has developed substantially over the past decade or so and now numerous solutions exist across a diverse range of innovative applications. The expanding Internet of Things (IoT) sector is becoming an ever more important aspect of modern technology and a key motivator for improving security and privacy in WSNs. Typically, WSN protocols form an integral part of the overall IoT infrastructure by enabling the sensor to access point communication links. These wireless links inherently encompass security challenges, frequently due to external interference and intrusions. As IoT applications incorporate WSNs in their architecture, the incentive to attack and compromise these WSNs escalates. Often, commercial off the shelf devices and standardized openaccess protocols combine to achieve specific WSN deployments. Numerous WSN vulnerabilities exist, whilst attack approaches are abundant and change frequently. Thus, to ensure acceptable performance, safety and privacy in many IoT applications, the adopted WSN must be secure. This paper discusses IoT security and privacy, by evaluating a machine learning approach for interference detection focused entirely on analyzing received In-phase (I) and Quadrature-phase (Q) samples. Significantly, once an intrusion is detected, mitigation strategies can be implemented, thus emphasizing the requirement for interference detection. Random Forest is chosen as the machine learning classifier as it consists of a large number of individual decision trees operating as an ensemble. An intrusion detection system (IDS) is developed based on Matlab simulated ZigBee data as an initial insight into whether a real wireless data approach may be viable.

IoT, 2021

Classifying fluctuating operating wireless environments can be crucial for successfully deliverin... more Classifying fluctuating operating wireless environments can be crucial for successfully delivering authentic and confidential packets and for identifying legitimate signals. This study utilizes raw in-phase (I) and quadrature-phase (Q) samples, exclusively, to develop a low-order statistical feature set for wireless signal classification. Edge devices making decentralized decisions from I/Q sample analysis is beneficial. Implementing appropriate security and transmitting mechanisms, reducing retransmissions and increasing energy efficiency are examples. Wireless sensor networks (WSNs) and their Internet of Things (IoT) utilization emphasize the significance of this time series classification problem. Here, I/Q samples of typical WSN and industrial, scientific and medical band transmissions are collected in a live operating environment. Analog Pluto software-defined radios and Raspberry Pi devices are utilized to achieve a low-cost yet high-performance testbed. Features are extracted...

IEEE Aerospace and Electronic Systems Magazine, 2020

Wireless sensor network (WSN) systems for safety-critical, space and internet of things applicati... more Wireless sensor network (WSN) systems for safety-critical, space and internet of things applications have recently begun to adopt open standards and commercial-off-the-shelf equipment, and persistently face challenges of malicious intrusion and spectrum coexistence. These threats are explored through Monte-Carlo simulation and benchtop testing, including matched protocol interference and sophisticated, interactive intrusion attacks. The need for expanding intrusion detection via a more holistic approach, whilst simultaneously improving WSN security, is illustrated. Discussions on WSN security, vulnerabilities, and attacks are also provided.

Proceedings of the 4th International Conference on Cognitive Radio and Advanced Spectrum Management - CogART '11, 2011

In this paper, the performance of energy detector-based spectrum sensor networks is examined unde... more In this paper, the performance of energy detector-based spectrum sensor networks is examined under the constraints of the IEEE 802.22 draft specification. Additive white Gaussian noise (AWGN) channels are first considered, and a closed form solution for sample complexity is derived for networks of any size. Rayleigh, Nakagami and Rice fading channel models are also examined, with numerical results demonstrating the effect of these models on the required sample complexity for varying numbers of cooperating nodes. Based on these results, the relationship between the sample complexity for AWGN, Rayleigh and Nakagami channels is examined. Through data fitting, an approximate model is derived, allowing the sample complexity for Rayleigh and Nakagami channels to be computed easily. The model is shown to be accurate across a range of practical values.

Proceedings of the 4th International Conference on Cognitive Radio and Advanced Spectrum Management - CogART '11, 2011

2009 1st International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology, 2009

Traditionally, the effects of presampling filtering and of quantisation on the processing of GNSS... more Traditionally, the effects of presampling filtering and of quantisation on the processing of GNSS signals have been dealt with in isolation. Analysis of the losses incurred during the quantisation process has almost invariably been based on the assumption that the signals at IF are distorted by additive white Gaussian noise. This paper, in contrast, considers the joint effect of filtering and quantisation, illustrates the need to consider these losses jointly and presents novel expressions for the total loss incurred.

Lecture Notes in Computer Science, 2007

The HMAC algorithm is widely used to provide authentication and message integrity to digital comm... more The HMAC algorithm is widely used to provide authentication and message integrity to digital communications. However, if the HMAC algorithm is implemented in embedded hardware, it is vulnerable to side-channel attacks. In this paper, we describe a DPA attack strategy for the HMAC algorithm, based on the SHA-2 hash function family. Using an implementation on a commercial FPGA board, we show that such attacks are practical in reality. In addition, we present a masked implementation of the algorithm, which is designed to counteract first-order DPA attacks.

Communications in Computer and Information Science

All-or-Nothing Encryption is a useful technique which can heighten the security of block ciphers.... more All-or-Nothing Encryption is a useful technique which can heighten the security of block ciphers. It can also be used to design faster symmetric-key cryptosystems, by decreasing the number of required encryption operations at run-time. An open problem in the literature regards the speed of all-or-nothing encryption, which we address in this paper by combining two techniques from the literature, forming a new all-or-nothing mode of operation. Trade-offs in the implementation of this design are considered, and theoretical proofs of security are provided.

International Journal of Navigation and Observation, 2011

A new approximation for the distribution of the probability ratio in a sequential probability rat... more A new approximation for the distribution of the probability ratio in a sequential probability ratio test (SPRT) using noncoherent integration across a full code period is presented. The new approximation is valid for the carrier-to-noise power ratios (C/N0) typically encountered in GPS acquisition (20 dB-Hz ≤ C/N0 ≤ 50 dB-Hz), and it allows accurate theoretical performance analysis of the SPRT to be carried out for signals in this C/N0 range, eliminating the need for lengthy simulations for each scenario under investigation. Thus, the SPRT performance can be readily compared to that of other acquisition strategies for receiver design. Previous approximations in the literature are not valid in the range 20 dB-Hz ≤ C/N0 ≤ 50 dB-Hz.

2010 4th International Conference on Signal Processing and Communication Systems, 2010

The method by which individual decisions are combined in cooperative cognitive radio networks is ... more The method by which individual decisions are combined in cooperative cognitive radio networks is crucial to minimising the overall probabilities of false alarm and missed detection. In this paper, general expressions for these probabilities are derived for a double threshold energy detector-based network, and an analytical solution for the optimal value of voting rule is found so that the overall probability of error is minimised. Simulation results show that there are significant advantages to the use of double threshold energy detector-based networks as opposed to their single threshold-based counterparts; additional simulations verify that the analytical solution is optimal.

International Journal of Information Security, 2013

All-or-Nothing Encryption was introduced by Rivest as a countermeasure to brute force key search ... more All-or-Nothing Encryption was introduced by Rivest as a countermeasure to brute force key search attacks. This work identifies a new application for All-or-Nothing Transforms, as a protocol-level countermeasure to Differential Side-Channel Analysis (DSCA). We describe an extension to the All-or-Nothing protocol, that strengthens the DCSA resistance of the cryptosystem. The resultant scheme is a practical alternative to Boolean and arithmetic masking, used to protect implementations of encryption and decryption operations on electronic devices.

IEEE Transactions on Signal Processing, 2012

The tracking bandwidth and variance of the CDMA FLL are considered in this paper. It is shown tha... more The tracking bandwidth and variance of the CDMA FLL are considered in this paper. It is shown that the behaviour of the discriminator can vary significantly with varying SNRc with corresponding variations in loop performance. A model is presented which reflects this SNR-sensitivity and, thus, facilitates accurate loop design.

Ad Hoc Networks, 2021

Despite Wireless Sensor Networks (WSNs) significantly developing over the past decade, these netw... more Despite Wireless Sensor Networks (WSNs) significantly developing over the past decade, these networks, like most wireless networks, remain susceptible to malicious interference and spectrum coexistence. Other vulnerabilities arise as WSN applications adopt open standards and typically resource and energy-constrained commercial-off-the-shelf equipment. Deployments include safety-critical applications such as the internet of things, medical, aerospace and space and deep-sea exploration. To manage safety and privacy requirements across such a diverse wireless landscape, security on wireless edge devices needs improvement while maintaining low complexity. This paper improves wireless edge device security by developing a novel intelligent interference diagnostic framework. Received in-phase (I) and quadrature-phase (Q) samples are exclusively utilized to detect modern, subtle and traditional crude jamming attacks. This I/Q sample utilization inherently enables decentralized decision-making, where the low-order features were extracted in a previous study focused on classifying typical 2.4-2.5 GHz wireless signals. The associated optimal intelligent models are leveraged as the foundation for this paper's work. Initially, Matlab Monte Carlo simulations investigate the ideal case, which incorporates no hardware limitations, identifies the required data type of signal interactions and motivates a hardware investigation. Software-defined radios (SDRs) collect the required live over-theair I/Q data and transmit matched signal (ZigBee) and continuous-wave interference in developed ZigBee wireless testbeds. Low complexity supervised machine learning models are developed based exclusively on the low-order features and achieve an average accuracy among the developed models above 98%. The designed methodology involves examining ZigBee over-the-air data for artificial jamming and SDR jamming of ZigBee signals transmitted from SDR and commercial (XBee) sources. This approach expands to a legitimate node classification technique and an overall algorithm for wireless edge device interference diagnostic tools. The investigation includes developing Support Vector Machine, XGBoost and Deep Neural Network (DNN) models, where XGBoost is optimal. Adapting the optimized models to global positioning system signals establishes the transferability of the designed methodology. Implementing the designed approaches on a Raspberry Pi embedded device examines a relatively resource-constrained deployment. The primary contribution is the real experimentally validated interference diagnostic framework that enables independent device operation, as no channel assumptions, network-level information or spectral images are required. Developed models exclusively use I/Q data low-order features and achieve high accuracy and generalization to unseen data.

Future Internet

This study proposes a heterogeneous hardware-based framework for network intrusion detection usin... more This study proposes a heterogeneous hardware-based framework for network intrusion detection using lightweight artificial neural network models. With the increase in the volume of exchanged data, IoT networks’ security has become a crucial issue. Anomaly-based intrusion detection systems (IDS) using machine learning have recently gained increased popularity due to their generation’s ability to detect unseen attacks. However, the deployment of anomaly-based AI-assisted IDS for IoT devices is computationally expensive. A high-performance and ultra-low power consumption anomaly-based IDS framework is proposed and evaluated in this paper. The framework has achieved the highest accuracy of 98.57% and 99.66% on the UNSW-NB15 and IoT-23 datasets, respectively. The inference engine on the MAX78000EVKIT AI-microcontroller is 11.3 times faster than the Intel Core i7-9750H 2.6 GHz and 21.3 times faster than NVIDIA GeForce GTX 1650 graphics cards, when the power drawn was 18mW. In addition, the...

2019 30th Irish Signals and Systems Conference (ISSC), 2019

This paper outlines the development of an RF Vector Network Analyser (VNA) laboratory for undergr... more This paper outlines the development of an RF Vector Network Analyser (VNA) laboratory for undergraduate electronic engineering students. Because of the expense of highquality high-frequency vector network analyser systems, these are usually only encountered by a small number of students who undertake a senior-year project in the RF/microwave area. This paper describes a VNA-based laboratory which is intended to be used by all undergraduate Electrical and Electronic Engineering students in the 4 th year of the programme, thus giving all students an insight into this sometimes "mysterious" area of the undergraduate curriculum. The paper moves from the initial "wish list" for what the laboratory might incorporate to the final roll-out to a cohort of 23 students. Feedback from the students indicate that the laboratory session was well received while also indicating that there is potential for improvement in some areas.

2020 Global Internet of Things Summit (GIoTS), 2020

Wireless sensor network (WSN) research and development is producing viable solutions for various ... more Wireless sensor network (WSN) research and development is producing viable solutions for various innovative applications, including critical areas such as the Internet of Things (IoT), which is becoming a significant feature of modern technology. WSNs form an integral component of the IoT infrastructure by, frequently, implementing the communication links between sensors and the access point or central coordinator. This design and use in IoT applications intensifies the incentive to attack WSNs as sensitive data is available and transmitted in wireless links, which inherently contain security vulnerabilities, especially from external malicious interference. To ensure satisfactory performance, safety and privacy, communication links and WSN devices must be secure. Hence, penetration testing to identify security vulnerabilities and responses to external intrusions is a prerequisite to forming secure connections and an overall secure network. Derived from a prior study, this paper explores the benefits of using software-defined radios (SDRs) for WSN/IoT data analysis and penetration testing by concentrating on implementing various intrusions using signal processing block based software like Simulink or GNU Radio. A comparison with traditional WSN packet sniffing/debugging tools is provided and the main security vulnerabilities of existing WSNs are surveyed by adopting the ZigBee protocol. An extension to WSN security analysis and testing is established by utilizing low-cost SDRs and specifying the ease of implementing various analysis techniques even when certain equipment, such as anechoic chambers, are unavailable. Stemming from previous simulations, the benefits of obtaining the in-phase and quadrature-phase samples, both with and without external interference, is also discussed.

2018 International Carnahan Conference on Security Technology (ICCST), 2018

Safety critical, Internet of Things (IoT) and spacebased applications have recently begun to adop... more Safety critical, Internet of Things (IoT) and spacebased applications have recently begun to adopt wireless networks based on commercial off the shelf (COTS) devices and standardized protocols, which inherently establishes the security challenge of malicious intrusions. Malicious intrusions can cause severe consequences if undetected, including, complete denial of services. Particularly, any safety critical application requires all services to operate correctly, as any loss can be detrimental to safety and/or privacy. Therefore, in order for these safety critical services to remain operational and available, any and all intrusions need to be detected and mitigated. Whilst intrusion detection is not a new research area, new vulnerabilities in wireless networks, especially wireless sensor networks (WSNs), can be identified. In this paper, a specific vulnerability of WSNs is explored, termed here the matched protocol attack. This malicious attack uses protocol-specific structures to compromise a network using that protocol. Through attack exploration, this paper provides evidence that traditional spectral techniques are not sufficient to detect an intrusion using this style of attack. Furthermore, a ZigBee cluster head network, which co-exists with ISM band services, consisting of XBee COTS devices is utilized, along with a real time spectrum analyzer, to experimentally evaluate the effect of matched protocol interference on a realistic network model. Results of this evaluation are provided in terms of device errors and spectrum use. This malicious challenge is also examined through Monte-Carlo simulations. A potential detection technique, based on coarse inter-node distance measurements, which can theoretically be used to detect matched protocol interference and localize the origin of the source, is also suggested as a future progression of this work. Insights into how this attack style preys on some of the main security risks of any WSN (interoperability, device limitations and operation in hostile environments) are also provided.

2020 31st Irish Signals and Systems Conference (ISSC), 2020

Knowledge of the wireless channel is pivotal for wireless communication links but varies for mult... more Knowledge of the wireless channel is pivotal for wireless communication links but varies for multiple reasons. The radio spectrum changes due to the number of connected devices, demand, packet size or services in operation, while fading levels, obstacles, path losses, and spurious (non-)malicious interference fluctuate in the physical environment. Typically, these channels are applicable to the time series class of data science problems, as the primary data points are measured over a period. In the case of wireless sensor networks, which regularly provide the device to access point communication links in Internet of Things applications, determining the wireless channel in operation permits channel access. Generally, a clear channel assessment is performed to determine whether a wireless transmission can be executed, which is an approach containing limitations. In this study, received in-phase (I) and quadraturephase (Q) samples are collected from the wireless channel using a software-defined radio (SDR) based procedure and directly analyzed using python and Matlab. Features are extracted from the probability density function and statistical analysis of the received I/Q samples and used as the training data for the two chosen machine learning methods. Data is collected and produced over wires, to avoid interfering with other networks, using SDRs and Raspberry Pi embedded devices, which utilize available opensource libraries. Data is examined for the signal-free (noise), legitimate signal (ZigBee) and jamming signal (continuous wave) cases in a live laboratory environment. Support vector machine and Random Forest models are each designed and compared as channel identifiers for these signal types.

2019 30th Irish Signals and Systems Conference (ISSC), 2019

Wireless sensor network (WSN) applications have expanded considerably over the past decade or so ... more Wireless sensor network (WSN) applications have expanded considerably over the past decade or so and now, solutions exit for various innovative applications. These wireless networks adopt commercial off the shelf devices and standardized protocols, which inherently creates security challenges. These challenges are ever changing as malicious interference and intrusion techniques evolve and dynamic efficient hardware becomes increasingly accessible. This paper presents the development of multiple low-cost hardware and software platforms designed so security enhancements and modifications to WSN protocol architecture and packet structure can be designed and tested. Each testbed has been built satisfying the requirements of being available as unmodified commercial off the shelf (COTS) components and based on open source software. The testbeds provide versatility through operating on various operating systems including Windows and Linux, are reproducible and can be deployed in a way which replicates real world WSNs. Each distinct system provides remote access, real time and off line data analysis, specific control of each network node and the ability to upload data from the WSN. This paper describes in-detail the individual pieces of suitable hardware for WSN protocol and packet structure design and illustrates the system architecture required to form testbeds which can experimentally validate modifications to a WSN protocol. Additionally, a baseline is defined and encapsulates the ZigBee standard. Example results of the distinct testbeds in operation are provided along with the specific open source software being used.

2019 30th Irish Signals and Systems Conference (ISSC), 2019

The radio architectures of and protocols used by wireless sensor networks (WSNs) are, typically, ... more The radio architectures of and protocols used by wireless sensor networks (WSNs) are, typically, very similar and are based on IEEE 802.15.4. By concentrating on this standard and the associated employed security techniques, the possibility of designing a transferable safety and privacy enhancement across protocols and services, becomes a reality. WSN applications have expanded significantly over the past decade or so and adopt commercial off-the-shelf (COTS) devices and publicly available standards, which inherently creates intruder incentives and security challenges. Securing WSNs is a critical requirement due to the challenging burden of protecting the transmitted sensitive information across various applications, while operating under unique security vulnerabilities and a fluctuating radio frequency (RF) spectrum and physical environment. Couple this aspect with establishing a level of trust among network nodes, while providing resilience to interference, it becomes clear that m...

2020 IEEE 6th World Forum on Internet of Things (WF-IoT), 2020

Wireless Sensor Network (WSN) technology has developed substantially over the past decade or so a... more Wireless Sensor Network (WSN) technology has developed substantially over the past decade or so and now numerous solutions exist across a diverse range of innovative applications. The expanding Internet of Things (IoT) sector is becoming an ever more important aspect of modern technology and a key motivator for improving security and privacy in WSNs. Typically, WSN protocols form an integral part of the overall IoT infrastructure by enabling the sensor to access point communication links. These wireless links inherently encompass security challenges, frequently due to external interference and intrusions. As IoT applications incorporate WSNs in their architecture, the incentive to attack and compromise these WSNs escalates. Often, commercial off the shelf devices and standardized openaccess protocols combine to achieve specific WSN deployments. Numerous WSN vulnerabilities exist, whilst attack approaches are abundant and change frequently. Thus, to ensure acceptable performance, safety and privacy in many IoT applications, the adopted WSN must be secure. This paper discusses IoT security and privacy, by evaluating a machine learning approach for interference detection focused entirely on analyzing received In-phase (I) and Quadrature-phase (Q) samples. Significantly, once an intrusion is detected, mitigation strategies can be implemented, thus emphasizing the requirement for interference detection. Random Forest is chosen as the machine learning classifier as it consists of a large number of individual decision trees operating as an ensemble. An intrusion detection system (IDS) is developed based on Matlab simulated ZigBee data as an initial insight into whether a real wireless data approach may be viable.

IoT, 2021

Classifying fluctuating operating wireless environments can be crucial for successfully deliverin... more Classifying fluctuating operating wireless environments can be crucial for successfully delivering authentic and confidential packets and for identifying legitimate signals. This study utilizes raw in-phase (I) and quadrature-phase (Q) samples, exclusively, to develop a low-order statistical feature set for wireless signal classification. Edge devices making decentralized decisions from I/Q sample analysis is beneficial. Implementing appropriate security and transmitting mechanisms, reducing retransmissions and increasing energy efficiency are examples. Wireless sensor networks (WSNs) and their Internet of Things (IoT) utilization emphasize the significance of this time series classification problem. Here, I/Q samples of typical WSN and industrial, scientific and medical band transmissions are collected in a live operating environment. Analog Pluto software-defined radios and Raspberry Pi devices are utilized to achieve a low-cost yet high-performance testbed. Features are extracted...

IEEE Aerospace and Electronic Systems Magazine, 2020

Wireless sensor network (WSN) systems for safety-critical, space and internet of things applicati... more Wireless sensor network (WSN) systems for safety-critical, space and internet of things applications have recently begun to adopt open standards and commercial-off-the-shelf equipment, and persistently face challenges of malicious intrusion and spectrum coexistence. These threats are explored through Monte-Carlo simulation and benchtop testing, including matched protocol interference and sophisticated, interactive intrusion attacks. The need for expanding intrusion detection via a more holistic approach, whilst simultaneously improving WSN security, is illustrated. Discussions on WSN security, vulnerabilities, and attacks are also provided.

Proceedings of the 4th International Conference on Cognitive Radio and Advanced Spectrum Management - CogART '11, 2011

In this paper, the performance of energy detector-based spectrum sensor networks is examined unde... more In this paper, the performance of energy detector-based spectrum sensor networks is examined under the constraints of the IEEE 802.22 draft specification. Additive white Gaussian noise (AWGN) channels are first considered, and a closed form solution for sample complexity is derived for networks of any size. Rayleigh, Nakagami and Rice fading channel models are also examined, with numerical results demonstrating the effect of these models on the required sample complexity for varying numbers of cooperating nodes. Based on these results, the relationship between the sample complexity for AWGN, Rayleigh and Nakagami channels is examined. Through data fitting, an approximate model is derived, allowing the sample complexity for Rayleigh and Nakagami channels to be computed easily. The model is shown to be accurate across a range of practical values.

Proceedings of the 4th International Conference on Cognitive Radio and Advanced Spectrum Management - CogART '11, 2011

2009 1st International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology, 2009

Traditionally, the effects of presampling filtering and of quantisation on the processing of GNSS... more Traditionally, the effects of presampling filtering and of quantisation on the processing of GNSS signals have been dealt with in isolation. Analysis of the losses incurred during the quantisation process has almost invariably been based on the assumption that the signals at IF are distorted by additive white Gaussian noise. This paper, in contrast, considers the joint effect of filtering and quantisation, illustrates the need to consider these losses jointly and presents novel expressions for the total loss incurred.

Lecture Notes in Computer Science, 2007

The HMAC algorithm is widely used to provide authentication and message integrity to digital comm... more The HMAC algorithm is widely used to provide authentication and message integrity to digital communications. However, if the HMAC algorithm is implemented in embedded hardware, it is vulnerable to side-channel attacks. In this paper, we describe a DPA attack strategy for the HMAC algorithm, based on the SHA-2 hash function family. Using an implementation on a commercial FPGA board, we show that such attacks are practical in reality. In addition, we present a masked implementation of the algorithm, which is designed to counteract first-order DPA attacks.

Communications in Computer and Information Science

All-or-Nothing Encryption is a useful technique which can heighten the security of block ciphers.... more All-or-Nothing Encryption is a useful technique which can heighten the security of block ciphers. It can also be used to design faster symmetric-key cryptosystems, by decreasing the number of required encryption operations at run-time. An open problem in the literature regards the speed of all-or-nothing encryption, which we address in this paper by combining two techniques from the literature, forming a new all-or-nothing mode of operation. Trade-offs in the implementation of this design are considered, and theoretical proofs of security are provided.

International Journal of Navigation and Observation, 2011

A new approximation for the distribution of the probability ratio in a sequential probability rat... more A new approximation for the distribution of the probability ratio in a sequential probability ratio test (SPRT) using noncoherent integration across a full code period is presented. The new approximation is valid for the carrier-to-noise power ratios (C/N0) typically encountered in GPS acquisition (20 dB-Hz ≤ C/N0 ≤ 50 dB-Hz), and it allows accurate theoretical performance analysis of the SPRT to be carried out for signals in this C/N0 range, eliminating the need for lengthy simulations for each scenario under investigation. Thus, the SPRT performance can be readily compared to that of other acquisition strategies for receiver design. Previous approximations in the literature are not valid in the range 20 dB-Hz ≤ C/N0 ≤ 50 dB-Hz.

2010 4th International Conference on Signal Processing and Communication Systems, 2010

The method by which individual decisions are combined in cooperative cognitive radio networks is ... more The method by which individual decisions are combined in cooperative cognitive radio networks is crucial to minimising the overall probabilities of false alarm and missed detection. In this paper, general expressions for these probabilities are derived for a double threshold energy detector-based network, and an analytical solution for the optimal value of voting rule is found so that the overall probability of error is minimised. Simulation results show that there are significant advantages to the use of double threshold energy detector-based networks as opposed to their single threshold-based counterparts; additional simulations verify that the analytical solution is optimal.

International Journal of Information Security, 2013

All-or-Nothing Encryption was introduced by Rivest as a countermeasure to brute force key search ... more All-or-Nothing Encryption was introduced by Rivest as a countermeasure to brute force key search attacks. This work identifies a new application for All-or-Nothing Transforms, as a protocol-level countermeasure to Differential Side-Channel Analysis (DSCA). We describe an extension to the All-or-Nothing protocol, that strengthens the DCSA resistance of the cryptosystem. The resultant scheme is a practical alternative to Boolean and arithmetic masking, used to protect implementations of encryption and decryption operations on electronic devices.

IEEE Transactions on Signal Processing, 2012

The tracking bandwidth and variance of the CDMA FLL are considered in this paper. It is shown tha... more The tracking bandwidth and variance of the CDMA FLL are considered in this paper. It is shown that the behaviour of the discriminator can vary significantly with varying SNRc with corresponding variations in loop performance. A model is presented which reflects this SNR-sensitivity and, thus, facilitates accurate loop design.