When in the field, military service members rely on their mobile devices to provide access to wireless networks in areas lacking a communications infrastructure. The protocols used for these networks determine the best config urations, and therefore trust all information shared about the security and operational state of each node. This poses a huge problem for service members.
In areas lacking trustworthy communications infrastructure, deployed service members rely on wireless devices to perform double duty: they not only provide access to the network; they are the network. In particular, the protocols that have been developed for military wireless networks require the nodes in the network to coordinate among themselves to manage their resources (e.g., spectrum, time, and power) and also to organize themselves in order to provide the functionality necessary to deliver data efficiently.
As the use of wireless systems expands, the likelihood of network compromise (whether maliciously or by unwitting misconfiguration) will increase. Beyond the conventional node-by-node security in use today, a set of network-based checks are needed to ensure that misinformation inserted into the control protocols does not disable the network functionality.
“Current security efforts focus on individual radios or nodes, rather than the network, so a single misconfigured or compromised radio could debilitate an entire network,” said Wayne Phoel, DARPA program manager. Acknowledging that the network can be compromised, the Wireless Network Defense program will develop and demonstrate new technology for robustly controlling wireless networks. This program will not create a new communications waveform nor develop a new tactical radio. Instead, the technology will be developed in such a way as to enable improvement in the robustness of the class of wireless networks that are being procured and fielded in the near future, and also to provide a reliable foundation on which to build the subsequent generation of wireless systems.
To help address these issues, DARPA has created the Wireless Network Defense program. The program aims to develop new protocols that enable military wireless networks to remain operational despite inadvertent misconfigurations or malicious compromise of individual nodes.
“We need to change how we control wireless networks by developing a network-based solution for current and future systems that acknowledges there will be bad nodes and enables the network to operate around them,” said Dr. Phoel. Private-sector technologies and social networking could be the answer to DARPA’s challenges. Phoel gave examples of credit card companies using indicators such as unusual purchase locations to determine whether a credit card has been stolen. He also noted that social sites that buy and sell personal items use ratings to help users decide if a seller is trustworth
DARPA’ Wireless Network Defense program
To meet that objective, the nodes must share information about their state and the state of the world around them, and do so in a way that is not wasteful of the precious network capacity intended for user data. With the shared information, the network nodes make decisions about configuration details such as which frequencies to use, which node gets to transmit when, and to which node(s) to forward data when a direct path to the destination does not exist. These are protocols that determine how the physical channels are used in order to provide a useful network to the devices and people using the wireless network.
A problem with these protocols is that they implicitly trust all information shared about the security and operational state of each node, and the network as a whole. Consequently, inaccurate control or security information can quickly render the network unusable. This shortcoming could put productivity and mission success at risk as use of military wireless systems increases.
The “Wireless Network Defense program” aims to develop new protocols that enable military wireless networks to remain operational despite inadvertent misconfigurations or malicious compromise of individual nodes. A key objective of the program is to develop protocols that determine the viability and trustworthiness of neighboring nodes and automatically adapt the network to operate through problems.
Similar to a neighborhood watch program – where neighbors know each other and can identify suspicious or unusual behavior on their street – the protocols must help identify unusual activity that may indicate a problem on the neighboring nodes. Suspicious or compromised nodes would be ignored and have traffic sent around them.
Phase 1 of the program, announced earlier worked on techniques for estimating the reliability of information on the network and minimizing network degradation. Phases 2 and 3 will focus on developing and building a prototype network and defending it against a Red Team attack in laboratory tests (Phase 2) and a field demonstration (Phase 3).
DARPA is interested in leveraging emerging adaptive radio and network technologies, preferably standards-based technologies. The technical areas included techniques to estimate the reliability of the information shared by network nodes; Techniques that minimize the degradation of network performance in the presence of uncooperative or misbehaving nodes, through either automatic reconfiguration of the network or development and implementation of protocols that are less sensitive to misinformation.
Proposals should include a security architecture that describes how the system interacts with the enterprise-level security architecture. The solution should be able to be scaled on heterogeneous networks, example components of this envisioned network include Soldier Radio Waveform (SRW) on handheld and vehicular devices, augmented by commercial-cellular-based connectivity from a vehicle to each soldier in a unit; or an omnidirectional airborne network, with clusters interconnected by high-rate directional network technology.
“Similar concepts of reliability estimation and control methods could be applied to wireless military networks by calling out specific areas of the network that may have untrustworthy nodes,” Phoel said.
Vencore Labs Wins $4.8 million DARPA Award for Wireless Network Defense for second phase
Vencore, Inc. have announced that its applied research organization, Vencore Labs, was awarded a $4.8 million contract by the U.S. Defense Advanced Research Projects Agency (DARPA) to protect wireless networks against attacks on the control plane, which includes the networking as well as the data link layers.
This work is the second phase of DARPA’s Wireless Network Defense (WND) program. Vencore Labs was also an awardee on the first phase, which was focused on technology development. During Phase 2, the focus will be on applying technologies developed during Phase 1 to heterogeneous wireless networks that are relevant to the U.S. military.
Vencore Labs’ approach is notable in that its output will be applicable to multiple network technologies and be able to protect these disparate networks using a common defensive framework. In addition, the Vencore Labs’ work will deliver a wireless defense framework that is robust in the face of attacks, has a very high accuracy rate, and imposes very little overhead on the network.
Vencore Labs Wins Third Phase of DARPA’s Wireless Network Defense Program
Vencore, Inc. announced today that its applied research organization, Vencore Labs, was awarded a $3.4 million contract by the U.S. Defense Advanced Research Projects Agency (DARPA) to protect wireless networks and the critical data that is shared over them against malicious attacks and/or technical compromises.
“Protecting wireless networks against attacks so that critical information can be properly, securely and effectively routed is a complex problem that requires a deep understanding of the functioning of wireless protocols” said Petros Mouchtaris, Ph.D., president of Vencore Labs. “Vencore Labs has decades of experience in working with these types of networks and finding solutions for the types of issues that they present.”
Vencore Labs intends to deliver a wireless defense framework that is robust in the face of attacks, has a very high accuracy rate, and imposes very little overhead on the network. It aims to manage cost by providing a solution that incorporates existing hardware and equipment. Vencore Labs’ approach is notable in that its output will be applicable to multiple network technologies and be able to protect these disparate networks using a common defensive framework.
In support of the WND program, Vencore Labs is bringing to bear its diverse strengths that span wireless network protocols, cyber security, and data analytics, in order to develop techniques that detect and mitigate the impact of attacks on wireless network elements.