Title:
EAGER: Towards Securing Visible Light Communications, funded by NSF under grant
CNS-1745254, 09/01/2017 – 08/31/2020.
Project
Summary:
Due to the many
nice features of visible light communication (VLC), such as license-free spectrum,
abundant available bandwidth, high energy efficiency, and supporting extremely
high (Gbps-level) transmission rate and dense spatial
reuse of the spectrum, VLC has been considered to be a promising and
urgently-needed small-cell solution for alleviating the RF spectrum scarcity in
the 5G era. While the research on VLC devices has made significant progress in
recent years, the security aspect of VLC has not been well understood so far.
Contrary to the initial belief that VLC is intrinsically secure because the
propagation of visible light is directive and can be confined within a closed
space, recent studies have revealed that VLC is subject to eavesdroppers that
are outside of the direct beam of the light, and even to eavesdroppers that are
outside of the space and do not have direct line-of-sight (LOS) to the light
source. Even for indoor eavesdroppers, because the light illumination that the
VLC piggybacks on is diffusive in most real-world applications, an unintended
receiver may easily receive the communication without being noticed – a “what
you see is what you send” feature of VLC. This makes VLC even more vulnerable
to eavesdropping in reality than its RF counterparts. In addition to
eavesdropping, the special optical nature of visible light, such as being
impermeable to obstacles, also subjects VLC to other types of attacks,
including blocking and spoofing. Altogether, these attacks constitute realistic
threats to many VLC applications, such as VLC access
networks in indoor public space (library, open office, etc.),
fixed-communication VLC links in a data center, and VLC positioning and
sensing, etc. Today’s limited understanding on VLC vulnerabilities and their
countermeasure may lead to the dangerous “zero-day attacks” issue when the
technology is deployed in large scale in the near future.
Figure 1. Types of
VLC attacks
Project
Goals:
The overarching
goal of this EAGER exploratory project is to obtain a comprehensive
understanding on the security vulnerabilities of visible light communication
(VLC), and to develop a solid mathematical framework that can be used to
investigate and develop rigid and provably-secure countermeasures to these
vulnerabilities. In particular, the project includes the following major goals:
·
Study of eavesdropping for VLC channels: The project will
investigate performance metrics related to eavesdropping attacks on a VLC
channel and will propose a friendly-jamming-assisted visible light MIMO
beamforming architecture to counter such attacks from both inside and outside
the room where the VLC channel resides. Compared with existing methods that can
only counter known eavesdroppers, the proposed approach protects VLC against
eavesdroppers of an unknown number and at unknown locations.
·
Study of blocking and spoofing attacks for VLC: The project will
propose methods to effectively detect and mitigate blocking and spoofing
attacks targeting visible light communications (VLC) and visible light sensing
(VLS). The PI will also study the blocking-resilience capacity of the
multi-user VLC MIMO system to provide differential protection for users of
different priorities.
·
A MIMO VLC testbed will be built to evaluate the performance of
the proposed solutions.
Project
Personnel
PI:
Tao Shu, Ph.D.
Graduate
Students
·
Jian Chen
·
Jing Hou
·
Li Sun
·
Xueyang Hu
Project
Activities and Results
1. Statistical modeling and analysis on the confidentiality
of indoor VLC systems
While visible light
communication (VLC) is expected to have a wide range of applications in the
near future, the security vulnerabilities of this technology have not been well
understood so far. In particular, due to the extremely short wavelength of
visible light, the VLC channel presents several unique characteristics than its
radio frequency (RF) counterparts, which impose new features on the VLC
security. Taking a physical-layer security perspective, this research studies
the intrinsic secrecy capacity of VLC as induced by its special channel characteristics.
Different from existing models that only consider the specular reflection in
the VLC channel, a modified Monte Carlo ray tracing model is proposed to
account for both the specular and the diffusive reflections, which is unique to
VLC. A deep neural network model is also proposed to describe the spatial VLC
channel response based on a limited number of channel response samples
calculated from the ray tracing model. Based on these models the upper and the
lower bounds of the VLC secrecy capacity are derived, which allow us to
evaluate the VLC communication confidentiality against a comprehensive set of
factors, including the locations of the transmitter, receiver, and eavesdropper,
the VLC channel bandwidth, the ratio between the specular and diffusive reflections,
and the reflection coefficient. Our results reveal that due to the different
types of reflections, the VLC system becomes more vulnerable at specific
locations where strong reflections exist.
The main outcomes
of this research activity include the following:
·
A modified Monte Carlo ray tracing method is proposed to account
for both the specular and diffusive reflections in calculating VLC channel
impulse response at a given location.
·
A deep neural network (DNN) regression model is proposed to
efficiently estimate the VLC channel impulse response as a function of the VLC
link location in the communication space based on the training data set of a limited
number of channel response samples calculated according to the ray tracing
model.
·
Based on these models, the upper bound and the lower bound of the
VLC secrecy capacity are calculated considering multiple reflections under
specific conditions.
·
Leveraging the secrecy capacity bounds, we depict the spatial
characteristics/distribution of the VLC secrecy capacity over given indoor
communication space. We also study how the multiple types of reflections affect
VLC secrecy capacity against a comprehensive set of factors, including the
locations of the VLC transmitter, receiver, and eavesdropper, the VLC channel
bandwidth, the ratio between the specular and the diffusive reflections, and
the reflection coefficient.
Two papers have
been published as a result of this research activity:
·
Jian Chen and Tao Shu, “Statistical modeling and analysis on the
confidentiality of indoor VLC systems,” IEEE Transactions on Wireless
Communications, vol. 19, no. 7, pp. 4744-4757, July 2020.
·
Jian Chen and Tao Shu, “Impact of multiple reflections on secrecy
capacity of indoor VLC systems,” Proc. 2019 International Conference on
Information and Communication Security, pp. 105-123, Dec. 2019.
Some of our results in this research have been presented as a poster “Indoor VLC fingerprinting and its application to data sniffing and anti-light spoofing” in the 2017 Auburn University Wireless Engineering Research and Education Center Advisory Board Meeting in Nov. 2017.
2. VL-Watchdog: Spoofing detection for indoor visible light
systems
Thanks to the
license-free visible light (VL) spectrum and the pervasive availability of
light fixtures in almost all indoor environment, visible light communication
(VLC) and visible light sensing (VLS) have received an increasing amount of
interest in recent years as a promising solution to offloading the crowded RF
traffic. As more and more VLC and VLS systems are mounted on today’s light
fixtures, how to guarantee the authenticity of the VL signal in these systems becomes
an urgent problem. This is because almost all of today’s light fixtures are
unprotected and can be openly accessed by almost anyone, and hence are subject
to tamperment and substitution attacks. an attacker can easily replace an authentic LED by a rogue
LED under his control to inject spoofed VL signal into user’s receiver. Unfortunately,
most of today’s VLS applications do not have a reliable built-in signal
authentication mechanism to detect these spoofed signals and hence will
mistakenly accept them as authentic sensing inputs, leading to compromised
sensing outcome. Similar situation also arises in VLC. As such, ensuring
received VL signals are coming from the authentic transmitters (LEDs), rather
than from a spoofer, is the key in ensuring the
quality and correctness of the VL communication and sensing outcomes. Existing
cryptography-based authentication methods are mainly applicable to data
applications (i.e., frames of “0” and “1” bits), and is not directly applicable
at the signal level where most of the VLS applications operate and there is no “0”
and “1” bits.
In this research,
by exploiting the intrinsic linear superposition characteristics of visible
light, we propose VL-Watchdog, a scalable and always-on signal-level spoofing
detection framework that is applicable to both VLC and VLS systems. VL-Watchdog
is based on redundant orthogonal encoding of the transmitted visible light, and
can be implemented as a small hardware add-on to an existing VL system. A
proof-of-concept testbed was developed to verify the feasibility of VL-Watchdog.
A theoretical model is also proposed to analyze the spoofing detection accuracy
of VL-Watchdog under various attack and noise conditions. The effectiveness of
the proposed framework was validated through extensive numerical evaluations
against a comprehensive set of factors.
The main outcomes
of this research activity include the following:
·
An orthogonal coding based signal-level always-on VL spoofing
detection framework, VL-Watchdog, is proposed.
·
A theoretical model is also proposed to analyze the spoofing
detection accuracy of VL-Watchdog under various attack and noise conditions.
Its optimal detection threshold is also derived by analysis.
·
A false-warning filter is proposed to improve VL-Watchdog’s detection
accuracy by accounting for random light perturbations caused by human
activities and environmental changes in realistic application scenarios.
·
A proof-of-concept testbed is developed to verify the feasibility
of VL-Watchdog.
·
The performance of VL-Watchdog is evaluated based on extensive
numerical simulations by taking into account a comprehensive set of parameters,
including the number of orthogonal coding basis, the spoofing power to noise
ratio, spoofing detection window size, the spoofer’s
strategies in fabricating its spoofing signals, and random perturbations from
the application environment.
A conference paper
describing the above research has been submitted to IEEE ICC 2021, and a
journal paper will be submitted soon.
·
Jian Chen and Tao Shu, “Spoofing detection for indoor visible
light systems with redundant orthogonal encoding (6-page conference version),”
submitted to IEEE ICC 2021, under review, Oct. 2020.
·
Jian Chen and Tao Shu, “VL-Watchdog: spoofing detection for indoor
visible light systems with redundant orthogonal encoding (12-page journal
version),” to be submitted soon.
3. Study of the value of traded target information in security
games
This research
activity is related to both Goal 1 and Goal 2 of the project in that it
investigates the fundamental theoretical problem of how much the target
information is worth (i.e., the value of target information), which underlays
all attack models. Ample evidence has confirmed the importance of information
in security. While much research on security game has assumed the attackers’
limited capabilities to obtain target information, few work considers the
possibility that the information can be acquired from a data broker, not to
mention exploring the attackers’ profit-seeking behaviors in the shrouded
underground society. This work studies the role of information in security
problem when the target information is sold by a data broker to multiple
attackers. We formulate a novel multi-stage game model to characterize both the
cooperative and competitive interactions of the data broker and attackers.
Specifically, the attacker competition with correlated purchasing and attacking
decisions is modeled as a two-stage stochastic model; and the bargaining
process between the data broker and the attackers is analyzed in a Stackelberg game. Both the attackers’ competitive equilibrium
solutions and data broker’s optimal pricing strategy are obtained. This study generates
new knowledge on the value of target information and contributes to the
literature by characterizing the behaviors of the attackers with labor
specialization, and providing quantitative measures of information value from
an economic perspective.
A conference paper
documenting the above research has been published in SecureComm
2019, and a journal paper has been submitted to IEEE/ACM Transactions on
Networking and is under major revision:
·
Jing Hou, Li Sun, Tao Shu, and Husheng Li, “Target information trading – An economic
perspective of security,” Proc. 15th EAI International Conference on Security
and Privacy in Communication Systems (SecureComm 2019),
vol. 2, pp. 126-145, Oct. 2019.
·
Jing Hou, Li Sun, Tao Shu, and Husheng Li, “The value of traded target information,”
submitted to IEEE/ACM Transactions on Networking (ToN),
major revision, under review, Nov. 2020.
Broader Impacts
Lack of spectrum
resource is the common challenge confronting all RF communication systems
today, which are serving almost every citizen of the nation. VLC provides a
promising solution for wireless traffic offloading, and can significantly
alleviate the RF spectrum scarcity. However, the security aspect of VLC has not
been well understood so far, which constitutes a serious threat to the
technology when it is deployed in large scale in the near future. If
successful, this project will provide the much needed understanding on the
security vulnerabilities of VLC, and will also equip us with the new knowledge
of countermeasures to these vulnerabilities. The outcome of this project will
protect the interest of every wireless user in the new era of broadband
wireless, and thus will generate deep impacts on the nation’s economy and
social wellbeing. The project will also carry out a comprehensive education
plan to broaden its impact to the society, including integrating research
findings with undergraduate and graduate courses, recruiting and outreaching to
minority and under-represented students, disseminating research findings
through open access, and open-lab days.
The following
activities have been taken to broaden the impacts of this project so far:
·
The PI has presented the research outcomes in the 2017 Auburn
University Wireless Engineering Research and Education Center Advisory Board
Meeting in Nov. 2017.
·
The PI has integrated part of the research outcomes in the course
materials he is teaching at Auburn University, including COMP 4320
(Introduction to Computer Networks), COMP 5320/6320/6326 (Design and Analysis
of Computer Networks), and COMP 7370/7376 (Advanced Computer and Network
Security).
·
This project was also introduced to over 1000 high-school students
and their parents during the 2018 Open House Engineering Day (E-day) of the
Samuel Ginn College of Engineering at Auburn
University. This helps to foster the high-school students' interests in taking
science and technology as their future career.
·
This project was introduced to over 1700 high-school students and
their parents during the 2020 Open House Engineering Day (E-day) of the Samuel Ginn College of Engineering at Auburn University. This
helps to foster the high-school students' interests in taking science and
technology as their future career.
·
One of the Ph.D. students supported by this project is a female.
Therefore this project has helped to increase the diversity in the STEM areas
and promote women in engineering.