Air Force lab struggles to get a handle on wireless security

Air Force lab struggles to get a handle on wireless security

Researchers must focus on such things as analyzing user patterns because systems lack the tools common to wired networks

Wireless networks present a paradox for security.

'The whole reason for having a wireless network is to broadcast radio frequency energy everywhere,' said Paul Ratazzi, a senior engineer for the Air Force Research Laboratory's Information Connectivity Branch in Rome, N.Y. 'The reason you're using it is the reason it's so much more vulnerable than a wired network.'

About a year ago, Rome researchers started working on ways to detect RF domain intrusion under the lab's new Wireless Information Cyber Defense program.

The lab's research is especially critical because the Defense Department inevitably will expand use of wireless technologies.

Wireless networks 'are going to be used in the Air Force,' Ratazzi said. 'No one is going to stick their head in the sand. The savings on logistics and installation are just too great.'

Lab officials initiated the research last October when they awarded a one-year, $250,000 contract to Logicon Inc. of Herndon, Va., whose engineers centered their investigation on tactical radio systems with an eye to securing next-generation software radios.

'Software radios will play a big part in future military networks,' said Robert Husnay, the Rome lab's program manager for the wireless research.

Off the rack, but tailored

Meanwhile, last spring, the Rome lab started its own wireless research, concentrating on networks that conform to the IEEE 802.11b standard'that is, wireless LANs.

'We don't have the money to develop a military-hardened LAN concept,' Ratazzi said. 'We want to buy the commercial technology and maybe apply military-only modifications to it to meet our security requirements.'

The purpose of the RF research was to develop some preliminary knowledge about detecting intrusions into wireless networks, particularly eavesdropping.

'The passive attack is really our concern,' Ratazzi said.

RF links can be secured by encryption. Radio jamming, equivalent to a denial-of-service attack on Web sites, is a problem, but not an insurmountable one, Ratazzi said.

Intrusion is another matter. How do you tell if someone has entered your RF system?

'If you look at your desktop PC, you've got firewalls, intrusion detection systems and virus checkers,' said Paul Zavidniak, Logicon's technical lead on the project. 'They don't exist for RF communications.'

At Logicon's communications and information systems facility in San Diego, researchers decided to experiment with the Marine Air Ground Task Force's nascent Enhanced Position Location Reporting System, a digital RF backbone of radios and computers designed to connect infantry, artillery, armored vehicles and mobile command units.

EPLRS is in the early fielding stage, Ratazzi said. Its elaborate network control system was the key to finding ways of detecting intrusion in the network.

'It does a lot of quality-of-service monitoring, providing the status on some 74 different attributes,' Zavidniak said. 'When you bring a lot of different attributes together, you can track things.'

Using the attributes, the Logicon team found that it could develop a pattern analysis to detect when a radio 'is less loyal to your network,' said John Whitson, a member of the technical staff at Northrop Grumman Corp., Logicon's parent company.

Zavidniak compared it to pattern analysis used by banks to monitor credit card use.
'Banks are always monitoring for changes in behavior pattern because they're worried about fraud,' he said.

At the Rome lab, the research team developed a sensor to reveal an intrusion by Net Stumbler, an 802.11b tool available to hackers on the Internet.

'That's really the best we can do right now,' Ratazzi said. Ultimately, the lab's plan is to develop sensing systems that detect patterns of intrusive behavior rather than searching for a certain string of data as the lab's first sensor did.

The Rome lab's research so far has been modest in terms of scope and funding. But the results represent an important first step, Ratazzi said.

Learning curves

'Our biggest result to date is that we've been able to raise the awareness [about wireless security] at very high levels with the Defense Department,' Ratazzi said. 'What we're trying to do is get a critical mass here and have a better-funded program, which means having new contractual efforts and additional staff, equipment and resources for our in-house project.'

Rome's team will need that kind of support to keep pace with technology.

'The 802.11b technology is already on a sunset,' Ratazzi said. 'We'll have a whole new generation of products. The 802.11b stuff that we're working with now will be legacy.'

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above