CN106973387B - A kind of method and system identifying camouflage WiFi using physical layer information - Google Patents
A kind of method and system identifying camouflage WiFi using physical layer information Download PDFInfo
- Publication number
- CN106973387B CN106973387B CN201710169111.9A CN201710169111A CN106973387B CN 106973387 B CN106973387 B CN 106973387B CN 201710169111 A CN201710169111 A CN 201710169111A CN 106973387 B CN106973387 B CN 106973387B
- Authority
- CN
- China
- Prior art keywords
- wifi
- physical layer
- camouflage
- layer information
- signal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/10—Small scale networks; Flat hierarchical networks
- H04W84/12—WLAN [Wireless Local Area Networks]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of methods and wifi system that camouflage WiFi is identified using physical layer information, including the acquisition process to physical layer information and the identification to camouflage WiFi;Acquisition process process to physical layer information is the signal acquisition physical layer information received to the receiving end WiFi, then physical layer attributes are calculated from physical layer information;Identification process to camouflage WiFi is: according to the physical layer attributes, the source of the physical layer frame of the signal received to the receiving end WiFi identifies whether identification source is camouflage WiFi or true WiFi.WiFi system further includes physical layer information acquisition interface, physical layer attributes computing module, camouflage WiFi determination module and user's interactive interface on the basis of GRT system.Technical solution of the present invention can solve the attack problem of the camouflage WiFi under several scenes, improve the safety of WiFi network, with high security, usage scenario multiplicity, the technical advantage of compatible existing WiFi network.
Description
Technical field
The invention belongs to wireless communication field, it is related in WiFi network to the identification technology more particularly to one of camouflage behavior
The method and system that kind is identified using WiFi of the physical layer information to the particular network that disguises oneself as.
Background technique
In modern society, with universal and increase in demand of the people to network of mobile terminal, WiFi becomes in life
Essential resource is the important entrance for connecting people and information network.Present WiFi is more more and more universal, and people dispose at home
WiFi, the networking for smart machines such as mobile phone, smart television, laptops;In companies deployment WiFi, it to be used for routine work
And team collaboration;WiFi is disposed in public places such as airport, coffee-houses, businessman provides convenience for client;In internet of things deployment
WiFi, such as camera network, for the communication between internet of things equipment.
Universal and multi-field application also brings security risk on a large scale, and WiFi becomes safely what people were concerned about very much
Factor.When user finds network using WiFi terminals such as mobile phones, surrounding WiFi access point can be by broadcast particular frame (referred to as
Beacon frame) mode inform that the presence (see Fig. 1) of WiFi terminal oneself is only capable of passing through at this time for ordinary user
WiFi network title and whether need to input password to distinguish different WiFi access points, that give malicious attackers can multiply it
Machine.Malicious attacker sets up the WiFi access point of the same name with the WiFi of users to trust, and this WiFi is known as pretending WiFi, Yong Hunan
To distinguish the true WiFi trusted and camouflage WiFi.Other than WiFi title, camouflage WiFi even connects cipher mode and BSSID
(basic service set identification is often the MAC Address of equipment) can also be identical with true WiFi.Utilize common mobile phone or pen
Remember this computer, malicious attacker can complete the very strong camouflage of duplicity with extremely low cost.When the WiFi terminal of user accidentally connects
When entering to pretend WiFi network, malicious attacker can get account, password, payment gesture of user etc. by fishing technology
People's information, or DoS (Denialof Service, service failure) attack is initiated, loss is brought to user.Centre in 2015
Depending in 315 parties, Computer Netware Security Project teacher has pretended the free WiFi of studio, the information for the audience gone fishing,
The photo and mailbox password of spectators' self-timer have been appeared in unexpectedly on the large screen of studio.
In OSI network hierarchy model, physical layer is the bottom of network, is the entrance and WiFi peace of WiFi access
Full first barrier.Certain information of physical layer are related with the build-in attribute of WiFi equipment hardware, and attacker is difficult to initiate puppet
Dress.The information that some researchers are desirable with physical layer improves the safety of WiFi, such as the researcher from Britain is in document
(Junqing Zhang,Roger Woods,Trung Q.Duong,Alan Marshall,Yuan Ding,Yi Huang,
Qian Xu,“Experimental Study on Key Generation for Physical Layer Security in
Wireless Communications ", IEEE Access, 2016) it analyzes in and how to be generated from WiFi physical layer channel
How key and key are used for the encryption in wireless communication.
Aiming at the problem that pretending WiFi, existing some technology and systems prototypes can provide recognition methods, but there are following
It is insufficient:
1) safety is not high, however it remains larger possible generation camouflage behavior.As patent (it is a kind of identification camouflage WiFi
Method, system and system working method, application number/patent No. 201610804042X) in record, pass through and send specific certification
Packet authenticates WiFi in the way of verifying RSA certificate, is then identified as camouflage WiFi not over the WiFi of certification.So
And the method can only identify that certification packet whether from true WiFi, can not identify the authenticity of other packets.Specifically, work as camouflage
When WiFi and true WiFi are existed simultaneously, camouflage WiFi can not reply certification packet, transfer to true WiFi to be replied, then exist
Pretended in the communication process of other packets.In addition, the releasing mode of RSA public key is not referred in this patent, in the side of RSA public key
During method, it is more likely that camouflage behavior also occurs, such as pretends WiFi and sends false public key, complete subsequent verification process.
2) identification scene is limited, it has not been convenient to promote the use of.It is in particular in following three points.Some identification technologies are only used for
True WiFi and camouflage WiFi identify camouflage WiFi when existing simultaneously, such as the research from University College London
Person is in document (Jie Xiong, Kyle Jamieson, " SecureArray Improving WiFi Security with
Fine-Grained Physical-Layer Information ", MobiCom 2013) in propose using receive signal angle
Degree identifies signal source, however this method must exist simultaneously and 5 centimetres of distance in true WiFi and camouflage WiFi
It can work, can not be worked when above when pretending WiFi individualism.In contrast, some identification technologies can only pretended
Identified when WiFi individualism, for example, above 1) in the patent mentioned (a kind of identification camouflage method of WiFi, system and be
System working method, application number/patent No. 201610804042X) it can not the work when true WiFi and camouflage WiFi are existed simultaneously.
Some identification technologies need other hardware to intervene, such as the researcher from University of Michigan is in document (Xianru Du, Dan
Shan,Kai Zeng,Lauren Huie,“Physical layer challenge-response authentication
In wireless networks with relay ", INFOCOMM2014) in propose using wireless relay method to signal
The shortcomings that source identified, this method is to must operate at the scene for being deployed with the relay node authenticated.
3) WiFi network disposed can not be compatible with.Specifically, the method for some identification camouflage WiFi is to WiFi access point
Hardware is customized or proposes high requirement, if to apply these methods, the WiFi equipment disposed needs replacing hardware, this
It will cause the huge wasting of resources, reduce exploitativeness.Such as the researcher of Nanjing University document (YunlongMao,
Yuan Zhang,Sheng Zhong,“Stemming Downlink Leakage from Training Sequences in
Multi-User MIMO Networks”,Proceedings of the 2016ACM SIGSAC Conference on
Computer and Communications Security) in how analyze in MU-MIMO (Multi-User
Multiple Input Multiple Output, multi-user's multiple-input, multiple-output) letter in physical layer information is utilized in wireless network
Road information prevents downlink data to be ravesdropping, however this method needs WiFi access point to be added in the specific fields of message
It is close, and the WiFi access point apparatus disposed at present does not support such operation.
In conclusion the existing recognition methods safety to camouflage WiFi is not high, or can not be under several scenes to puppet
Dress WiFi is identified, or can not be compatible with deployed WiFi network.
Summary of the invention
In order to identify the WiFi for the particular network that disguises oneself as, the present invention propose it is a kind of using physical layer information to camouflage WiFi
The method and system identified, is calculated physical layer attributes from physical layer information, and the object received is judged according to feature
The source of reason layer frame is true WiFi or camouflage WiFi, with high security, wide, compatible existing WiFi network of identification scene etc.
Feature.
It is the agreement to term below:
WiFi terminal: refer to the terminal device that can connect WiFi, such as mobile phone, laptop, tablet computer.
WiFi access point: refer to and the WiFi equipment of access is provided, be the center of WiFi network, other WiFi terminals pass through connection
Same WiFi network is added in WiFi access point.
True WiFi: refer to that user can trust, wish the WiFi access point of connection.
Camouflage WiFi: refer to the WiFi access point for the specific true WiFi that disguises oneself as.
Physical layer frame: in WiFi802.11 agreement, physical layer and MAC layer are transmitted as unit of frame, physical layer
Unit of transfer is physical layer frame.In contrast, network layer, transport layer etc. are transmitted as unit of wrapping.
Physical layer information: referring to the information for belonging to physical layer in WiFi agreement, both including channel characteristics physically, wireless communication
Number feature also includes modulation system, coding mode etc. in physical layer data processing.
Physical layer attributes: it refers in particular to obtain collected multiple physical layers information by specially treated proposed by the present invention
Feature relevant to sending device.
The principle of the present invention is:
The camouflage common technology of WiFi is the title for imitating true WiFi, IP address, BSSID, cipher mode, certification webpage
Deng common ground possessed by these information is unrelated with WiFi equipment hardware itself.The present invention is used to identify the side of camouflage WiFi
Method be using the deviation of the wireless signal received in physical layer information, it is imperfect due to wireless transmitter and receiver hardware
Property, the wireless signal and theoretical value received have a deviation, and wireless receiving end signal treatment process can eliminate deviation and obtain true
Real signal, a typical WiFi receiver structure such as Fig. 2.It is generally acknowledged that the deviation of wireless signal disturbs raw information, but
It is said from another angle, wireless signal deviation and hardware circuit are in close relations, pass through well-designed algorithm using this partial information
Feature relevant to sending device, referred to as physical layer attributes can be calculated.The physical layer attributes of the same equipment are at any time
Less, physical layer attributes difference is larger between two distinct devices for variation.By recording the physical layer attributes of true WiFi, and work as
The preceding physical layer attributes for receiving signal are compared, it can be determined that current Received Signal still pretends WiFi from true WiFi.
Present invention provide the technical scheme that
A method of camouflage WiFi is identified using physical layer information, including acquisition and processing to physical layer information and right
Pretend the identification of WiFi;The method of acquisition and the processing to physical layer information, including physical layer information is selected, it selects
Out with device dependency is high, the physical layer information low with environmental dependence, the receiving end WiFi to received signal acquisition these
Information handles the special algorithm that information proposes through the invention, physical layer attributes is calculated;Described couple of camouflage WiFi
Recognition methods, including being temporarily recorded as not verifying WiFi when receiving a new physical layer frame, if without true WiFi remember
Record and user specify this WiFi when be the WiFi trusted, then are recorded as true WiFi, then remain and do not test when user does not specify
Demonstrate,prove WiFi;If having the record of true WiFi, the physical layer attributes of current Received Signal are compared with true WiFi, are counted
Difference value is calculated, setting judgement threshold judgement still pretends WiFi from true WiFi.The flow chart of above-mentioned recognition methods is shown in Fig. 3.
The method for identifying camouflage WiFi using physical layer information of the invention, comprising the following steps:
That A) designs physical layer information selects strategy and acquisition method.There are many kinds of the physical layers of class to believe in WiFi system
Breath, has modulation system relevant to transmission rate, coding mode etc., having RSSI relevant to transmission environment, (received signal is strong
Degree instruction), CSI (channel state information) etc..Different physical layer informations are different in the acquisition position of the receiving end WiFi, acquisition mode
Also different.Select with acquisition physical layer information the following steps are included:
A1. select it is related to transmitting terminal hardware, be affected by other factors small physical layer information.Physical layer signal is a variety of more
Sample, by selecting, we retain three kinds of physical layer informations as reference frame, receive the frequency shift (FS) of signal, constellation point offset,
With the degree of correlation for sending signal.The frequency shift (FS) for receiving signal refers to obtains digital baseband signal and hair after receiving end demodulates
The difference on the frequency for the baseband signal that sending end issues, from the minute differences of the local frequency of transmitting terminal and receiving end, with transmitting terminal
It is related to receiving end hardware, it is affected by environment small.It receives signal constellation point offset and refers to the distribution for receiving signal on planisphere
And the deviation of signal theory value is sent, deviant is shown in Fig. 4 in BPSK planisphere and QPSK planisphere.It receives signal and sends signal
The degree of correlation refer to receive signal and send signal similarity degree.Receive signal constellation point offset and with send the signal degree of correlation
By transmitting terminal hardware, channel, receiving end hardware impact, when taking multi-point sampling to be averaging, the influence of channel can be reduced.
A2. physical layer information is acquired, acquisition is embodied in and receives the frequency shift (FS) of signal, constellation point offset and send
The degree of correlation of signal.Physical layer information can be acquired from the data handling procedure of the receiving end WiFi, with the 802.11a/g agreement of WiFi
For, the long training word and short training that immobilized substance is had before each physical layer frame are practised handwriting, and receiving end compares long Short Training word
The reception value and theoretical value of signal, available required physical layer information.Specifically, short training, which is practised handwriting, has periodically, passes through
The periodicity for calculating reception signal obtains frequency shift (FS), is obtained by the Amplitude Ratio of comparison reception value and theoretical value and sends signal
The degree of correlation obtain constellation by calculating the offset vector of the corresponding constellation point of reception value and theoretical constellation point on planisphere
Point deviant.
B the calculation method for) designing physical layer attributes, calculates the collected physical layer information of step A), including frequency
Rate offset, constellation point offset, the degree of correlation with transmission signal, obtain corresponding physical layer attributes, including frequency deviation feature, constellation point
Offsets, degree of correlation feature, specifically comprise the following steps:
B1. frequency deviation feature is calculated.In 802.11a/g agreement, 160 groups of samples are had before each physical layer frame
At short training practise handwriting with 160 groups of samples at long training word, short training every 16 sampled values of practising handwriting are that a cycle is followed
Ring, totally 10 periods, wherein preceding 80 sampled points are often affected by automatic growth control, we are chosen after short training practises handwriting
80 sampled points are calculated, and the phase difference of two sampled points at a distance of 16 sampled points is calculated, and ask flat to multi-point sampling calculating
Mean value, the frequency deviation feature of as single frame.
B2. constellation point offsets are calculated.In 802.11a/g agreement, tetra- kinds of BPSK, QPSK, QAM16, QAM64 is shared
Symbol-modulated mode, and train word only and will use BPSK modulation, we choose long training word, calculate each sampled point to theoretical value
Bias vector, bias vector is shown in Fig. 4.The bias vector of the sampled point of 160 long trained word is averaging, the star of single frames is obtained
Seat point offsets.
B3. degree of correlation feature is calculated.Our selections are practised handwriting with short training carries out relatedness computation, will receive the Short Training of signal
160 sampled values of word are compared one by one with theoretical value, and formula finds out normalized related coefficient according to the degree of correlation, as list
The degree of correlation feature of frame.
C) design to camouflage WiFi recognition methods, including record true WiFi physical layer attributes and by current WiFi with
True WiFi physical layer attributes are compared.Specifically, specify whether the WiFi currently found is trusty manually by user
True WiFi judges whether to have recorded with current WiFi's after the physical layer attributes that current WiFi is calculated in step B)
The identical true WiFi of BSSID: if without the record of true WiFi, being temporarily recorded as not verified WiFi, if user is specified
This WiFi is the WiFi trusted, then not verified WiFi is recorded as true WiFi, and user then remains when not specified and do not verify
WiFi;If there is the record of true WiFi, current WiFi and true WiFi are compared, are recorded as puppet if comparison is not identical
Fill WiFi.Camouflage WiFi decision flow chart is shown in Fig. 3.
The above-mentioned method for identifying camouflage WiFi using physical layer information can work under several scenes, specifically: when true
When WiFi and camouflage WiFi are existed simultaneously, because above-mentioned design carries out authenticity judgement to the physical layer frame that each is received,
The frame from true WiFi and the frame from camouflage WiFi can be efficiently differentiated;When pretending WiFi individualism, because in advance
The physical layer attributes of true WiFi were deposited, can be used directly to judge current WiFi;Above-mentioned design does not need to intervene it
Its hardware.In addition, above-mentioned design can be compatible with existing WiFi network, it is not right because being only modified to WiFi terminal
WiFi access point proposes any requirement, so deployed WiFi network can continue to use.
The present invention also provides the WiFi systems of recognizable camouflage WiFi a kind of, and (GRT system is on the basis of GRT system
One WiFi open platform based on FPGA, realizes WiFi 802.11a/g agreement, and physical layer, MAC layer is supported to compile
Journey), it additionally includes physical layer information acquisition interface, physical layer attributes computing module, camouflage WiFi determination module and user and hands over
Mutual interface;Wherein, physical layer information acquisition interface draws required physical layer information in the data processing module of receiving end, passes
It is defeated by physical layer attributes computing module;It is high to calculate device dependency according to physical layer information for physical layer attributes computing module
Physical layer attributes;Pretend WiFi determination module, for recording the physical layer attributes of true WiFi, and by the physical layer of current demand signal
Feature is compared with the physical layer attributes of true WiFi, determines whether camouflage WiFi;User's interactive interface, including user are defeated
Enter current WiFi whether be true WiFi trusty interface, whether output to the current WiFi of user is connecing for true WiFi
Mouthful, whether user's control transmitting terminal replys the interface of the packet received just now.
Compared with prior art, the beneficial effects of the present invention are:
The present invention, which provides, a kind of know method for distinguishing to camouflage WiFi using physical layer information and a kind of can recognize camouflage
The WiFi system of WiFi, the calculation method proposed according to the present invention from physical layer information obtains physical layer attributes, according to feature
The source for judging the physical layer frame received is true WiFi or camouflage WiFi.The utilization physical layer letter provided through the invention
The method of breath identification camouflage WiFi can solve the camouflage WiFi attack problem under several scenes, improve the peace of WiFi network
Quan Xing.The present invention with high security, usage scenario multiplicity, the technical advantage of compatible existing WiFi network.
Detailed description of the invention
Fig. 1 is the schematic diagram of the WiFi terminal equipment discovery multiple WiFi access points in periphery;
Wherein, (a) is the WiFi terminal of user, such as mobile phone, laptop, tablet computer;(b), (c) is no password
Public WiFi;(d) be user office trusty WiFi;(e) it is the users to trust that disguises oneself as that malicious attacker is built
The camouflage WiFi of WiFi.
Fig. 2 is a typical WiFi receiver structure figure.
Fig. 3 is method flow diagram of the present invention using physical layer attributes identification camouflage WiFi.
Fig. 4 is constellation point offset schematic diagram;
Wherein, (a) is that constellation point deviates schematic diagram under QPSK modulation system;(b) inclined for constellation point under BPSK modulation system
Schematic diagram is moved, there are many symbol-modulated modes of WiFi, this is sentenced for QPSK and BPSK.
Fig. 5 is the overall structure block diagram of the WiFi system of recognizable camouflage WiFi provided in an embodiment of the present invention.
Specific embodiment
With reference to the accompanying drawing, the present invention, the model of but do not limit the invention in any way are further described by embodiment
It encloses.
The present invention provides a kind of method for identifying camouflage WiFi using physical layer information, including the acquisition to physical layer information
Method, the recognition methods to the calculation method of physical layer attributes and to camouflage WiFi;Wherein, to the acquisition side of physical layer information
Method is divided into two steps, and the first step is to select suitable physical layer information, selects strategy to choose device-dependent information, exclude with
The relevant information of the other factors such as environment selects result and is the frequency shift (FS) for receiving signal, constellation point offset and sends signal
The degree of correlation, second step are to acquire these physical layer informations, and acquisition method is to increase signaling interface in the corresponding module of receiving end,
Draw collected signal;Calculation method to physical layer attributes is carried out respectively by special algorithm to three kinds of physical layer informations
Processing, is calculated physical layer attributes, including frequency deviation feature, constellation point offsets, degree of correlation feature;Knowledge to camouflage WiFi
Other method, the physical layer attributes including recording the signal from true WiFi, by the physical layer attributes of currently received each frame
It is compared with true WiFi, calculates difference value, setting judgement threshold judgement still pretends WiFi from true WiFi.
An application example of the invention is the WiFi system that can recognize camouflage WiFi, by this example to tool of the invention
Body embodiment is described, so that those skilled in the art more fully understands the present invention.
This example is extended on existing WiFi system, and selected WiFi system is the researcher from Peking University
Publication GRT system (Jiahua Chen, Tao Wang, Haoyang Wu, Jian Gong, Xiaoguang Li, Yang Hu,
Gaohan Zhang,Zhiwei Li,Junrui Yang,and Songwu Lu,“A High-performance and
High-programmability Reconfigurable Wireless Development Platform”,ICFPT
2014), GRT system is the WiFi open platform based on FPGA, realizes WiFi 802.11a/g agreement, and support
Manage layer, MAC layer programming.This example increases following four module or interface: physical layer information acquisition on the basis of GRT system
Interface draws required physical layer information in the data processing module of receiving end, is transferred to physical layer attributes computing module;Physics
Layer feature calculation module, calculates the high physical layer attributes of device dependency according to physical layer information;Pretend WiFi determination module,
For recording the physical layer attributes of true WiFi, and by the physical layer attributes of current demand signal and the physical layer attributes of true WiFi into
Row compares, and determines whether camouflage WiFi;User's interactive interface, including user input whether current WiFi is trusty true
The interface of WiFi, export to the current WiFi of user whether be true WiFi interface, whether user's control transmitting terminal reply just now
The interface of the packet received.
This instance system Overall Structure Design is shown in Fig. 5, and the recognition methods provided by the invention to camouflage WiFi is in this example
In implementation method it is as follows:
A) physical layer information acquisition interface
There are multiple cascade data processing modules in the receiving end WiFi, includes time synchronization module, frequency deviation by data flow direction
Correct module, deprotection interval module, FFT (Fast Fourier Transform (FFT)) module, channel estimation module, phase tracking module, solution
Constellation mapping block, de-interleaving block, Viterbi decoding module, descrambling code module, physical layer information is from synchronization module, frequency deviation
It is acquired in correction module, solution three modules of constellation mapping.Collected data have passed through pretreatment, and pretreated process belongs to object
Layer feature calculation process is managed, in order to improve computational efficiency and reduce interface complexity, is not placed on physical layer attributes computing module
In do, and be dispersed in three acquisition modules and do, pretreated algorithm is still introduced in the design of physical layer attributes computing module.
The usb communication library that collected physical layer information is provided by GRT system is sent on host.Physical interface design is as follows:
A1. the frequency deviation interface drawn from correcting frequency deviation module, the frequency deviation value of the present frame comprising 16 bit wides and one 1
The useful signal of bit wide, the frequency deviation value unit of 16 bit wides are angles, indicate that frequency deviation value is effective when useful signal is high, in a frame only
It can be effectively primary.
A2. the constellation point drawn from solution constellation mapping block deviates interface, the deviant comprising two 16 bit wides, difference
It is the deviant of real and imaginary parts, the useful signal of 1 bit wide is equally that frame appearance is primary effective.
A3. the extraction degree of correlation interface from synchronization module, the degree of correlation comprising 32 bit wides, the useful signal of 1 bit wide,
It is equally that frame appearance is primary effective.
B) physical layer attributes computing module designs
Physical layer attributes computing module is realized on host, can also introduce A herein) in mention each receiving end acquire
The Preprocessing Algorithm realized in module, pretreatment are to improve computational efficiency and reduce interface complexity, the meter of FPGA hardware
Calculate the computational efficiency that efficiency is higher than main frame software.
B1. frequency deviation feature is calculated.In 802.11a/g agreement, 160 groups of samples are had before each physical layer frame
At short training practise handwriting with 160 groups of samples at long training word, short training every 16 sampled values of practising handwriting are that a cycle is followed
Ring, totally 10 periods, wherein preceding 80 sampled points are often affected by automatic growth control, we are chosen after short training practises handwriting
80 sampled points are calculated.
Assuming that k1、k2The sampled value at moment is respectively as follows:
Formula 1 brings k by the mathematical model of received in wireless communications signal1、k2Gained, wherein r (k1)、r(k2) it is k1、k2
The theoretical value of the sampled point at moment, s (k1)、s(k1) it is k1、k2The practical reception value of the sampled point at moment, Δ f are frequency shift (FS),
fsFor sample frequency, r (k1)、r(k2)、s(k1)、s(k1)、fsIt is known that we can find out Δ f by following derivation.According to
Short training is practised handwriting the characteristic that every 16 data points are just repeated once, it is known that, work as k2=k1When+16, k is substituted by formula 12=k1+ 16 can push away
Out:
Formula 2.1 is released by the property of plural number, s (k1)、s(k1) it is all plural number, the result being divided by is also plural number, and plural number is always
It can be write as the form of A+Bj, it is the intermediate variable in order to derive formula 2.2 that A, B, which are real number,.Formula 2.2 is derived by formula 1 and formula 2.1
It obtains.In order to eliminate the influence of noise, 80 sampled points are calculated with the value of 64 Δ f, and is averaged, Mean Value Formulas are as follows:
Wherein, Δ fkFor by the calculated frequency deviation of kth point.As our frequency deviation features of single frames for wanting.
B2. constellation point offsets are calculated.In 802.11a/g agreement, training word field only will use BPSK modulation, I
Choose long training word, calculate each sampled point to the bias vector of theoretical value, bias vector is shown in Fig. 4.In BPSK modulation system
Under, on planisphere the theoretical value of constellation point there are two point (+1,0) and (- 1,0), to long training word sampled point calculate actual value with
The deviation of theoretical value, 160 sampled points are averaging respectively by two mathematical points, and what is obtained is the mean deviation of two constellation points
Value, forms an offset vectorAs constellation point offsets.
B3. degree of correlation feature is calculated.Our selections are practised handwriting with short training carries out relatedness computation, will receive the Short Training of signal
160 sampled values of word are compared one by one with theoretical value, and using related algorithm, every L point forms one group, and L is taken as 16,
It totally 10 groups, is calculated in group and receives signal and send the cross-correlation coefficient of signal and receive the energy of signal, receive the energy of signal
Amount is used for the normalization of decision statistic, it may be assumed that
Formula 4 proposes by the present invention, wherein rn+kFor the theoretical value of n+k sampled point, sn+kFor the practical reception of n+k sampled point
Value, CnFor not normalized cross-correlation coefficient, PnFor actual signal energy, as normalization coefficient.Cross-correlation coefficient is divided by reception
The available normalized cross-correlation coefficient of the ability of signal, is averaged 10 groups, the M of statistical decision are as follows:
M is the degree of correlation feature that we want.
C) pretend WiFi judgment module
After the single frames physical layer attributes of present frame are calculated in physical layer attributes computing module, pretend WiFi judgment module
Single frames characteristic value can be recorded by BSSID, the design of WiFi physical layer attributes database table is shown in Table 1.
WiFi physical layer attributes database table designs in 1 embodiment of table
| Keyword BSSID | WiFi title | State | Remember most times N | Frequency deviation feature | Constellation point offsets | Degree of correlation feature |
State is divided into: not verifying, really
Specifically, BSSID is used to go to find record in physical layer attributes database table as keyword, if not finding this
The record of BSSID state, then using the physical layer attributes of this frame as initial value, flag state is not verified WiFi, record
Number is 1;If find this BSSID as the record and user for not verifying WiFi is appointed as true WiFi manually, database is modified
Middle state be it is true, residual value is constant;If finding record of this BSSID as true WiFi, by the physical layer attributes of present frame
It being compared with record, control methods is to be respectively compared three kinds of features, when difference is less than certain threshold (embodiment is set as ±
20%), it is believed that be the frame from true WiFi, the average value newVal of physical layer attributes is calculated by formula 6:
OldVal be original database in physical layer attributes, curVal be present frame physical layer numerical value, curVal with
The difference of oldVal is the number of the frame recorded in database table less than 20%, N.NewVal is updated into database, and
By the deposit database of N plus 1.
When the physical layer attributes of present frame and the difference of record are more than threshold, illustrate that this frame is camouflage WiFi, pass through user
Interactive interface issues warning signal, and is not recorded in database.
D) user's interactive interface designs
User's interactive interface is divided into three groups, and first group is to verify the interface that current WiFi is true WiFi, and second group is anti-
Feedback receives the interface of the frame from camouflage WiFi, and third group is the interface for controlling transmitting terminal behavior.
D1. it verifies the interface that current WiFi is true WiFi, exports to the WiFi title of 64 byte of user, 48 bytes
BSSID, user input whether 1 byte trusts.Herein with as unit of byte rather than A) in as unit of position, be because in hardware
Port in design is as unit of position, and the interface of software is as unit of byte, same as below.
D2. feedback receives the interface of the frame from camouflage WiFi, exports to the WiFi title of 64 byte of user, 48 bytes
BSSID, the similarity of 8 bytes, the judging result of 1 byte indicate to come from true WiFi, judging result 0 when judging result is 1
When indicate from camouflage WiFi, judging result be -1 when indicate from invalidated WiFi.
D3. the interface of transmitting terminal behavior is controlled, the purpose of this interface is that user can specify when receiving camouflage WiFi or not
The behavior of transmitting terminal when verified WiFi, user input the WiFi title of 48 bytes, the BSSID of 48 bytes, 1 byte and receive
The type of frame, behavior when 1 byte receives such frame.The type of the frame received includes from camouflage WiFi, from invalidated
WiFi.The behavior for receiving such frame includes stopping replying the BSSID, allowing to reply the BSSID.
It should be noted that the purpose for publicizing and implementing example is to help to further understand the present invention, but the skill of this field
Art personnel, which are understood that, not to be departed from the present invention and spirit and scope of the appended claims, and various substitutions and modifications are all
It is possible.Therefore, the present invention should not be limited to embodiment disclosure of that, and the scope of protection of present invention is with claim
Subject to the range that book defines.
Claims (6)
1. a kind of method for identifying camouflage WiFi using physical layer information, including acquisition process process to physical layer information and right
Pretend the identification process of WiFi;The acquisition process process to physical layer information is that the signal received to the receiving end WiFi is adopted
Collecting physical layer information, the physical layer information of the acquisition is and device dependency is high, the physical layer information low with environmental dependence,
Physical layer attributes are calculated from physical layer information again;
The physical layer attributes include frequency deviation feature, constellation point offsets, degree of correlation feature;It is described to fall into a trap from physical layer information
Calculation obtains physical layer attributes and includes the following steps:
B1. calculate frequency deviation feature: have before each physical layer frame 160 groups of samples at short training practise handwriting and 160 sampling
The long training word of point composition, chooses rear 80 sampled points that short training is practised handwriting and is calculated, calculate two at a distance of 16 sampled points
The phase difference of sampled point is calculated multiple phase differences to multi-point sampling, then averages, the frequency deviation feature as single frame;
B2. constellation point offsets are calculated: choosing long training word, calculate each sampled point to theoretical value bias vector, then it is right
The bias vector of the sampled point of 160 long trained word is averaging, and obtains the constellation point offsets of single frames;
B3. calculate degree of correlation feature: selection short training, which is practised handwriting, carries out relatedness computation, 160 that the short training for receiving signal is practised handwriting
Sampled value is compared one by one with theoretical value, and formula finds out normalized related coefficient according to the degree of correlation, the correlation as single frames
Spend feature;
The identification process of described couple of camouflage WiFi is: according to the physical layer attributes, signal that the receiving end WiFi is received
The source of physical layer frame is identified whether identification source is camouflage WiFi or true WiFi.
2. method as described in claim 1, characterized in that the physical layer information of the acquisition includes that the frequency of reception signal is inclined
The constellation point offset of signal is moved, received, signal is received and sends the degree of correlation of signal;Particular by the week for calculating reception signal
Phase property obtains frequency shift (FS);The degree of correlation with transmission signal is obtained by the Amplitude Ratio of comparison reception value and theoretical value;By
The offset vector that the corresponding constellation point of reception value and theoretical constellation point are calculated on planisphere, obtains constellation point deviant.
3. method as described in claim 1, characterized in that the physical layer frame of the signal received to the receiving end WiFi is come
Source identified, specifically:
To the signal for the current WiFi that the receiving end WiFi receives, according to the physical layer attributes that current WiFi is calculated, first
Judge whether to have recorded true WiFi identical with the BSSID of current WiFi;
If there is the record of true WiFi, the physical layer attributes of the physical layer attributes of current WiFi and true WiFi are carried out pair
Than the difference value of the two being calculated, then identify by setting judgement threshold, current WiFi being recorded as camouflage WiFi or true
Real WiFi;
If being temporarily recorded as not verified WiFi without the record of true WiFi;Whether the WiFi is specified by user manually again
For true WiFi trusty;
If it is trusted that user specifies current WiFi at this time, not verified WiFi is recorded as true WiFi;
It is achieved in and utilizes physical layer information identification camouflage WiFi.
4. a kind of WiFi system of recognizable camouflage WiFi, the WiFi system further includes physical layer on the basis of GRT system
Information collecting interface, physical layer attributes computing module, camouflage WiFi determination module and user's interactive interface;Wherein, the GRT system
System is the WiFi open platform based on FPGA realized WiFi 802.11a/g agreement, support physical layer and MAC layer programming;GRT
The multiple cascade data processing modules in the receiving end WiFi of system include time synchronization module, correcting frequency deviation mould by data flow direction
Block, FFT module, channel estimation module, phase tracking module, solution constellation mapping block, deinterleaves mould at deprotection interval module
Block, Viterbi decoding module, descrambling code module;
The physical layer information acquisition interface is passed for drawing required physical layer information in the data processing module of receiving end
It is defeated by physical layer attributes computing module;
The physical layer attributes computing module, for calculating the high physical layer attributes of device dependency according to physical layer information;
The camouflage WiFi determination module, for recording the physical layer attributes of true WiFi, and the physical layer of current demand signal is special
Sign is compared with the physical layer attributes of true WiFi, determines whether camouflage WiFi;
User's interactive interface, including user input current WiFi whether be true WiFi trusty interface, output to
Whether the current WiFi of user is whether interface, the user's control transmitting terminal of true WiFi reply the interface of the packet received just now.
5. system as claimed in claim 4, characterized in that the physical layer information acquisition interface includes frequency deviation interface, constellation point
Deviate interface and degree of correlation interface;It is drawn from time synchronization module, correcting frequency deviation module, solution constellation mapping block respectively;Institute
The usb communication library that the collected physical layer information of physical layer information acquisition interface is provided by GRT system is stated to be sent on host,
It is transferred to physical layer attributes computing module.
6. system as claimed in claim 5, characterized in that the frequency deviation interface, the frequency deviation of the present frame comprising 16 bit wides
The useful signal of value and 1 bit wide;The constellation point deviates interface, includes two deviants of 16 bit wides and having for 1 bit wide
Signal is imitated, the deviant of two 16 bit wides is the deviant of real and imaginary parts respectively;The degree of correlation interface includes one 32
The useful signal of the wide degree of correlation and 1 bit wide.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710169111.9A CN106973387B (en) | 2017-03-21 | 2017-03-21 | A kind of method and system identifying camouflage WiFi using physical layer information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710169111.9A CN106973387B (en) | 2017-03-21 | 2017-03-21 | A kind of method and system identifying camouflage WiFi using physical layer information |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106973387A CN106973387A (en) | 2017-07-21 |
| CN106973387B true CN106973387B (en) | 2019-07-19 |
Family
ID=59329326
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710169111.9A Active CN106973387B (en) | 2017-03-21 | 2017-03-21 | A kind of method and system identifying camouflage WiFi using physical layer information |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106973387B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110943793B (en) * | 2018-09-25 | 2020-11-27 | 北京大学 | Dynamic spectrum access method and system based on cooperative sensing |
| CN114765570A (en) * | 2021-01-15 | 2022-07-19 | 华为技术有限公司 | Data transmission method |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102223637B (en) * | 2011-07-20 | 2013-06-19 | 北京邮电大学 | Identity authentication method and system based on wireless channel characteristic |
| CN102572780B (en) * | 2012-01-12 | 2015-06-24 | 广东盛路通信科技股份有限公司 | Method for automatically registering wireless terminal by utilizing physical characteristics |
| CN105611534B (en) * | 2014-11-25 | 2020-02-11 | 阿里巴巴集团控股有限公司 | Method and device for wireless terminal to identify pseudo-WiFi network |
| CN105357014B (en) * | 2015-11-25 | 2018-09-21 | 东南大学 | Wireless device radio frequency method for extracting fingerprint feature based on difference constellation trajectory diagram |
| CN106330947A (en) * | 2016-09-06 | 2017-01-11 | 西安瀚炬网络科技有限公司 | Method and system for recognizing disguised WiFi and system working method |
-
2017
- 2017-03-21 CN CN201710169111.9A patent/CN106973387B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN106973387A (en) | 2017-07-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Zhang et al. | Physical-layer authentication for Internet of Things via WFRFT-based Gaussian tag embedding | |
| Xiong et al. | Secure transmission against pilot spoofing attack: A two-way training-based scheme | |
| CN106100710B (en) | A kind of unconditional safety of physical layer cooperation transmission method based on interference alignment techniques | |
| CN109309644B (en) | Network watermarking method and system based on biorthogonal carrier | |
| Zhang et al. | Efficient and Privacy‐Aware Power Injection over AMI and Smart Grid Slice in Future 5G Networks | |
| Darsena et al. | Detection and blind channel estimation for UAV-aided wireless sensor networks in smart cities under mobile jamming attack | |
| CN113055882B (en) | Efficient authentication method and device for unmanned aerial vehicle network, computer equipment and storage medium | |
| CN102752269A (en) | Cloud computing-based method and system for identity authentication and cloud server | |
| Al-Moliki et al. | Robust key generation from optical OFDM signal in indoor VLC networks | |
| CN106973387B (en) | A kind of method and system identifying camouflage WiFi using physical layer information | |
| Pan et al. | Physical layer security assisted 5G network security | |
| CN112312363B (en) | Method for preventing eavesdropping in physical layer in D2D communication system | |
| Zhang et al. | A real-world radio frequency signal dataset based on LTE system and variable channels | |
| CN115333845B (en) | Privacy data verification method based on subset | |
| Lu et al. | Optimized low density superposition modulation for 5G mobile multimedia wireless networks | |
| Mao et al. | Secure TDD MIMO networks against training sequence based eavesdropping attack | |
| Cheng et al. | Increasing secret key capacity of OFDM systems: a geometric program approach | |
| Chen et al. | On physical-layer authentication via triple pool convolutional neural network | |
| Fang et al. | Towards phy-aided authentication via weighted fractional fourier transform | |
| CN112911599B (en) | Low-energy-consumption data fusion recessive method supporting integrity verification of wireless sensor network | |
| CN110943833B (en) | Quantum trust model construction method and computer readable storage medium | |
| Li et al. | Performance Analysis of MEC Based on NOMA under Imperfect CSI with Eavesdropper | |
| CN112637837B (en) | Lightweight passive cross-layer authentication method in smart grid | |
| CN112564918B (en) | Lightweight active cross-layer authentication method in smart grid | |
| Wang et al. | Fundamental Properties of Wireless Relays and Their Channel Estimation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |