Date of Award

9-14-2017

Document Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department

Department of Electrical and Computer Engineering

First Advisor

Kenneth M. Hopkinson, PhD.

Abstract

The command and control (C2) of shared space resources are vulnerable to logical credential forgery and impersonation attacks among standardized and interoperable wireless radio frequency (RF) networks. Threats could come from trusted operators (insiders) or from external sources (outsiders). An attacker may gain unauthorized network access and illegally cross into C2 boundaries when conventional network authentication fails. This research proposes an integrated trust management system that uses both application-layer and physical-layer trust markers to authenticate users and their communication sources. In essence, the results from physical-layer RF-DNA fingerprinting techniques are used to improve application-level trust schemes based on command patterns, message structure, and other discernible markers through the use of Bayesian reasoning using an approach adapted from the medical disease diagnostic testing community. In this adapted approach, trust markers of behavior can be used to detect deviations from what is expected, sometimes called byzantine behavior. Suspect communication or traffic patterns are labeled as eNDs (electronic network-diseases). Trust management enabled devices consider the diagnostics of logical and pathological RF-DNA credential pairs and application-layer trust markers to predict and mitigate such eNDs. The method introduced in this dissertation demonstrates an end-to-end physical RF network prototype; introduces a tracking capability for multi-organizational access, and improves upon the accuracy of credential pair identification using either physical-layer or application-layer techniques in isolation. In the experiments run, the discrimination of insider vs. outsider threats improved by 22%, uplink availability was extended by 51.2% for non-offenders, and the proposed trust system achieved 100% posterior predictions using moderate tolerance settings. The trust system also reduced logical credential forgery acceptance by 84% among tested samples. The system shows promise for more general application in domains including Cyber, Space and eHealth ecosystems.

AFIT Designator

AFIT-ENG-DS-17-S-012

DTIC Accession Number

Pending

Share

COinS