WO2022002403A1 - Détection de brouillage dans des réseaux sans fil - Google Patents

Détection de brouillage dans des réseaux sans fil Download PDF

Info

Publication number
WO2022002403A1
WO2022002403A1 PCT/EP2020/068638 EP2020068638W WO2022002403A1 WO 2022002403 A1 WO2022002403 A1 WO 2022002403A1 EP 2020068638 W EP2020068638 W EP 2020068638W WO 2022002403 A1 WO2022002403 A1 WO 2022002403A1
Authority
WO
WIPO (PCT)
Prior art keywords
transmission
wireless node
message
configuration message
resource
Prior art date
Application number
PCT/EP2020/068638
Other languages
English (en)
Inventor
Keeth Saliya Jayasinghe LADDU
Philippe Sehier
Fanny JARDEL
Luca Rose
Original Assignee
Nokia Technologies Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Technologies Oy filed Critical Nokia Technologies Oy
Priority to PCT/EP2020/068638 priority Critical patent/WO2022002403A1/fr
Publication of WO2022002403A1 publication Critical patent/WO2022002403A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K1/00Secret communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/20Countermeasures against jamming
    • H04K3/22Countermeasures against jamming including jamming detection and monitoring
    • H04K3/224Countermeasures against jamming including jamming detection and monitoring with countermeasures at transmission and/or reception of the jammed signal, e.g. stopping operation of transmitter or receiver, nulling or enhancing transmitted power in direction of or at frequency of jammer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/20Countermeasures against jamming
    • H04K3/22Countermeasures against jamming including jamming detection and monitoring
    • H04K3/224Countermeasures against jamming including jamming detection and monitoring with countermeasures at transmission and/or reception of the jammed signal, e.g. stopping operation of transmitter or receiver, nulling or enhancing transmitted power in direction of or at frequency of jammer
    • H04K3/226Selection of non-jammed channel for communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/60Jamming involving special techniques
    • H04K3/65Jamming involving special techniques using deceptive jamming or spoofing, e.g. transmission of false signals for premature triggering of RCIED, for forced connection or disconnection to/from a network or for generation of dummy target signal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K1/00Secret communication
    • H04K1/003Secret communication by varying carrier frequency at or within predetermined or random intervals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K1/00Secret communication
    • H04K1/006Secret communication by varying or inverting the phase, at periodic or random intervals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K1/00Secret communication
    • H04K1/06Secret communication by transmitting the information or elements thereof at unnatural speeds or in jumbled order or backwards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K1/00Secret communication
    • H04K1/08Secret communication by varying the polarisation of transmitted waves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K2203/00Jamming of communication; Countermeasures
    • H04K2203/10Jamming or countermeasure used for a particular application
    • H04K2203/16Jamming or countermeasure used for a particular application for telephony
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K2203/00Jamming of communication; Countermeasures
    • H04K2203/10Jamming or countermeasure used for a particular application
    • H04K2203/18Jamming or countermeasure used for a particular application for wireless local area networks or WLAN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K2203/00Jamming of communication; Countermeasures
    • H04K2203/30Jamming or countermeasure characterized by the infrastructure components
    • H04K2203/36Jamming or countermeasure characterized by the infrastructure components including means for exchanging jamming data between transmitter and receiver, e.g. in forward or backward direction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/20Countermeasures against jamming
    • H04K3/22Countermeasures against jamming including jamming detection and monitoring
    • H04K3/222Countermeasures against jamming including jamming detection and monitoring wherein jamming detection includes detecting the absence or impossibility of intelligible communication on at least one channel
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/40Jamming having variable characteristics
    • H04K3/41Jamming having variable characteristics characterized by the control of the jamming activation or deactivation time
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/40Jamming having variable characteristics
    • H04K3/45Jamming having variable characteristics characterized by including monitoring of the target or target signal, e.g. in reactive jammers or follower jammers for example by means of an alternation of jamming phases and monitoring phases, called "look-through mode"
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/40Jamming having variable characteristics
    • H04K3/46Jamming having variable characteristics characterized in that the jamming signal is produced by retransmitting a received signal, after delay or processing

Definitions

  • Various example embodiments relate in general to wireless network security and more specifically, to jamming detection in such networks, particularly for physical layer security arrangements.
  • Modem cryptography may be divided into two schools, comprising information- theoretic and complexity-based security.
  • Information-theoretic cryptography is based on insufficiency of information and hence it does not depend on computational hardness. In other words, information- theoretic cryptography may ensure secure communication, even if unlimited computing power would be available.
  • Information-theoretic cryptography may be considered as unbreakable from the cryptanalytic point of view, because typically there is not enough information for an adversary to break the encryption. The use of information-theoretic cryptography is therefore desirable in many applications.
  • PLS Physical layer security
  • PLS may be seen as one form of information-theoretic cryptography, and PLS may be used to complement and improve security of communications in wireless networks. More recently, a need to design new and robust security procedures based on PLS has arisen, because application level security may not be efficient and secure enough for emerging wireless communication systems. PLS may be used as an additional level of protection on top of, or instead of, conventional security schemes. Thus, it would be desirable to exploit PLS to form a well-integrated security solution for wireless communication networks.
  • a jamming device is typically specialized equipment with high processing power. This equipment can intercept signal intended to the legitimate device, and jam the signal emitted by the legitimate device.
  • An objective of such jamming device may be to interfere with a portion or with all transmission from the legitimate device, while remaining undetected for the longest possible time, e.g. to force the legitimate device to change network, block access to the network, block transmissions, or force the legitimate device to increase power to better eavesdrop the transmissions is to deny service to victim legitimate devices by ‘overshadowing’ uplink (UL) transmissions.
  • UL uplink
  • an apparatus comprising means for transmitting a protected configuration message to a second wireless node, wherein the configuration message is indicative of a transmission resource for detecting a jamming wireless node, means for transmitting a transmission grant message to the second wireless node, wherein the transmission grant message is indicative of transmission being allowed using the transmission resource, means for detecting a transmission from a third wireless node after the transmission grant message, and means for detecting the third wireless node as jamming wireless node on the basis of the transmission from the third wireless node using the transmission resource.
  • an apparatus comprising means for receiving a protected configuration message from a first wireless node, wherein the configuration message is indicative of a transmission resource for detecting a jamming wireless node, means for receiving a transmission grant message from the first wireless node, wherein the transmission grant message is indicative of transmission being allowed using the transmission resource, and means for controlling, after receiving the transmission grant message, refraining transmission using the transmission resource on the basis of the protected configuration message.
  • a method for a first wireless node comprising: transmitting a protected configuration message to a second wireless node, wherein the configuration message is indicative of a transmission resource for detecting a jamming wireless node, transmitting a transmission grant message to the second wireless node, wherein the transmission grant message is indicative of transmission being allowed using the transmission resource, detecting a transmission from a third wireless node after the transmission grant message, and detecting the third wireless node as jamming wireless node on the basis of the transmission from the third wireless node using the transmission resource.
  • a first method for a second wireless node comprising receiving a protected configuration message from a first wireless node, wherein the configuration message is indicative of a transmission resource for detecting a jamming wireless node, receiving a transmission grant message from the first wireless node, wherein the transmission grant message is indicative of transmission being allowed using the transmission resource, and controlling, after receiving the transmission grant message, refraining of transmission using the transmission resource on the basis of the protected configuration message.
  • an apparatus comprising at least one processing core, at least one memory including computer program code, the at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to perform the method of any preceding aspects or an embodiment thereof.
  • non-transitory computer readable medium having stored thereon a set of computer readable instructions that, when executed by at least one processor, cause an apparatus to at least perform the method of any preceding aspects or an embodiment thereof.
  • a computer program configured to, when executed in a data processing apparatus, to perform features in accordance with the first and/or second aspect, or an embodiment thereof.
  • Figure 1 illustrates an example network scenario in accordance with at least some embodiments
  • Figures 2 and 3 illustrate methods in accordance with at least some embodiments
  • Figure 4 and 5 illustrate signaling examples according to at least some embodiments
  • Figure 6 illustrates an example apparatus capable of supporting at least some embodiments.
  • Fig. 1 illustrates a simplified example network scenario, comprising wireless terminals 110, 112 and wireless network nodes 120, 130.
  • Wireless terminal may comprise, for example, a User Equipment, UE, a smartphone, a cellular phone, a Machine-to-Machine, M2M, node, machine-type communications node, an Internet of Things, IoT, node, a car telemetry unit, a laptop computer, a tablet computer or, indeed, any kind of suitable wireless user device or mobile station, i.e., a terminal.
  • Wireless terminal 110 may be attached, or connected to, wireless network node 120 over air interface for wireless communications.
  • Wireless network node 120 may be considered for example as a serving base station (BS), of first wireless terminal 110.
  • wireless terminal 110 and wireless network nodes 120, 130 may be referred to as wireless nodes.
  • wireless network node 120 may be referred to as a first wireless node
  • wireless terminal 110 may be referred to as a second wireless node
  • wireless terminal 112 as third wireless node.
  • Air interface between wireless terminal 110 and wireless network node 120 may be configured in accordance with a Radio Access Technology, RAT, which both first wireless terminal 110 and wireless network node 120 are configured to support.
  • Air interface may support beam based transmission and apply one or more beams between first wireless terminal 110 and wireless network node 120.
  • cellular RATs include Long Term Evolution, LTE, New Radio, NR, which may also be known as fifth generation, 5G, and MulteFire.
  • example of non-cellular RATs includes Wireless Local Area Network, WLAN
  • wireless network node 120, 130 may be referred to as a BS and wireless terminals may be referred to as UEs.
  • wireless node 120, 130 may be referred to as eNB while in the context NR, wireless node 120, 130 may be referred to as gNB.
  • wireless node 120, 130 may be referred to as an access point.
  • embodiments of the present invention are not restricted to any particular wireless technology. Instead, embodiments of the present invention may be exploited in any wireless communication system wherein it is desirable to perform secure communications.
  • Wireless network node 120 may be connected to other network nodes 130, via wired or wireless connection 125.
  • Wireless network nodes 120, 130 may be connected, directly or via at least one intermediate node, with core network (not shown in Fig. 1), such as a Next Generation core network, Evolved Packet Core (EPC), or other network management element.
  • core network such as a Next Generation core network, Evolved Packet Core (EPC), or other network management element.
  • Wireless access network and/or core network may comprise various network functions.
  • a network function in the present application may refer to an operational and/or physical entity.
  • the network function may be a specific network node or element, or a specific function or set of functions carried out by one or more entities, such as virtual network elements. Examples of such network functions include a radio access or resource control or management function, mobility management or control function, session management or control function, interworking, data management or storage function, authentication function or a combination of one or more of these functions.
  • Core network may be, in turn, coupled with another network, via which connectivity to further networks may be obtained, for example via a worldwide interconnection network.
  • a potential j amming terminal or UE (JUE) in the network may try to intercept downlink (DL) data transmissions 115 from the wireless network node 120 to wireless terminal 110, which may also be referred to as legitimate UE (LUE), and jam 117 uplink signal emitted by the LUE.
  • the JUE may be able to receive and interpret medium access control -control element (MAC-CE) commands intended to the LUE and jam its UL transmissions when it is scheduled.
  • MAC-CE medium access control -control element
  • the objective of such JUE may be to deny service to victim legitimate UEs by ‘overshadowing’ uplink (UL) transmissions.
  • This JUE may be a UL jammer who follows the DL/UL slot/frame structure used by the cell and transmits in UL direction such that legitimate UE(s) UL transmissions are get interfered.
  • the attacking JUE may also have more subtle strategies, consisting in capturing and modifying some unencrypted messages in order to mislead network node 120.
  • the attacks may include sending modified versions of UE measurement reports. For example, false indications on the adjacent cells measurements may result in handover failure.
  • the JUE may also detect and interpret the unencrypted DL and UL messages (e.g. system information, scheduling grants, CSI reports). For example, the JUE 112 may resend modified messages to the wireless network node 120.
  • unencrypted DL and UL messages e.g. system information, scheduling grants, CSI reports.
  • the JUE 112 may resend modified messages to the wireless network node 120.
  • FIG. 2 illustrates a method for jamming wireless device detection. The method may be applied by a first wireless node or apparatus communicating with a second wireless node, such as by wireless network node 120 in communication with wireless terminal 110 or UE.
  • the method comprises transmitting 200 a protected configuration message to a second wireless node.
  • the configuration message is indicative of a transmission resource for detecting a jamming wireless node.
  • a transmission grant message is transmitted 210 to the second wireless node.
  • the transmission grant message is indicative of transmission being allowed using the transmission resource.
  • a transmission from a third wireless node is detected 220 after the transmission grant message.
  • the third wireless node is detected 230 as a jamming (or interfering) wireless node on the basis of the transmission from the third wireless node using the transmission resource.
  • the first wireless node may in or before block 230 monitor presence of jamming transmissions for at least one of a time period or a frequency resource indicated by the protected configuration message.
  • the first wireless node may in block 220 receive a message from the third wireless node and/or detect the third wireless node as a jamming wireless node on the basis of interference measurements for the transmission resource.
  • Already known uplink channel measurement operations e.g. by gNB, may be applied for detecting jamming wireless nodes.
  • the third wireless node/JUE does not necessarily emit a signal which corresponds or is similar to an uplink signal that would have been sent by the second wireless node, e.g. a NR physical uplink shared channel (PUSCH).
  • the JUE may send any type of signal (using at least some of the transmission resources associated with the grant). When the signal is at sufficiently high power, the first wireless node may detect it.
  • the detection in blocks 220 and/or 230 may be based on comparison of receive power with a threshold.
  • Fig. 3 illustrates a method for arranging jamming wireless device detection.
  • the method may be applied by a second wireless node or apparatus communicating with a first wireless node, such as wireless terminal node 110 or UE in communication with wireless network node, such as first wireless network node 120.
  • the method comprises receiving 300 a protected configuration message from a first wireless node, wherein the configuration message is indicative of a transmission resource for detecting a jamming wireless node.
  • a transmission grant message is received 310 from the first wireless node.
  • the transmission grant message is indicative of transmission being allowed using the transmission resource.
  • Block 320 comprises controlling, after receiving the transmission grant message, refraining transmission using the transmission resource on the basis of the protected configuration message.
  • the wireless terminal node 110 may operate as the first wireless node, and detect refrain in block 330 transmission at a time period and/or frequency resource indicated by the protected configuration message.
  • the protected configuration message refers generally to a protected message providing an instruction and/or control information for adapting the behaviour of the second wireless node such that the first wireless node may detect a jamming node.
  • the protected configuration message may also be referred to e.g. as ajamming detection configuration message.
  • the transmission grant message refers generally to a message indicating transmission being allowed during the associated transmission resource.
  • the transmission grant message may be a transmission allocation message or a scheduling (grant) message from a base station specifying time resource during which transmission is allowed
  • An example of such grant message is 5G NR UL Grant transmitted by gNB in downlink control information (DCI) by physical downlink control channel (PDCCH).
  • the transmission resource may be a specific time and/or frequency resource.
  • the second wireless node/LUE that is possibly jammed may be instructed to adopt a particular (refraining) behaviour at a certain point in time. JUE not being warned of the instruction applied to the LUE will transmit a signal on the resource designated by the grant, and will, therefore, be unmasked.
  • the present embodiments thus facilitate a solution for physical layer based jamming device detection and reduce problems cause by jamming devices.
  • the first wireless node may be configured to allocate the transmission resource (for jamming detection) on the basis of overall scheduling or transmission resource reservation information, to an unreserved grant, unreserved transmission resource, or a portion thereof. This further enables to reduce effect of jamming detection to overall spectrum use efficiency.
  • various amendments may be performed and there may be further stages/blocks in the above disclosed method(s), some examples being illustrated below.
  • Presently disclosed features may be applied, for example, in networks operating in accordance with 3GPP standards, such as in 5G/NR networks.
  • Some further example embodiments are now illustrated, with references to example nodes of Fig. 1 and also with further references to 3 GPP 5G based system, without however limiting the disclosed features to such system.
  • the methods and at least some of the further embodiments thereof may be applied in various other wireless networks, such as 6G or subsequent generation based networks.
  • the first wireless node is configured, before block 200, to monitor for a need to perform a jamming detection or verification process.
  • the process, and method of Fig. 2 may be entered in response to detecting unreachability of the second wireless node or performance degradation associated with communication with at least the second wireless node.
  • the process may comprises defining the transmission resource for jamming detection, transmitting the protected configuration message, issuing a (fake or jamming detection) grant by the transmission grant message, monitoring for transmissions using the transmission resource, and detecting the third wireless node as a jamming wireless node on the basis of the transmission from the third wireless node using the transmission resource.
  • second wireless node 110 may be terminal node, such as UE and first wireless node 120 may be network node, such as base station or gNB
  • Node 120 transmits a (higher layer) radio resource control (RRC) configuration 400 to node 110.
  • RRC radio resource control
  • the node 120 detects need for jamming (transmission/device) detection and may initiate the jamming detection or verification process.
  • Node 120 transmits the protected configuration message 404 to node 110, indicative of a transmission resource for detecting a jamming wireless node.
  • Node 120 sends a (fake) transmission grant 406, indicative of transmission being allowed using the transmission resource configured with message 404. It is to be noted that node 120 may (define and) transmit the transmission by its own initiative, without requiring a scheduling request from node 110. In block 408 node 110 detects that transmission resource of received grant 406 matches with earlier configured (UL) transmission resource. Node 120 may then refrain from transmitting anything using the granted transmission resource.
  • the configuration message 200, 300, 404 may comprise timing information, indicative of time (period) during which transmission from the second wireless node is to be refrained regardless of transmission being allowed based on the transmission grant message.
  • the configuration message may comprise start or execution time and transmission refraining period.
  • the first wireless node 120 instructs in the protected configuration message 200, 300, 404 the second wireless node 110 to adopt specific or adapted transmission behavior during the subsequent grant.
  • the node 110 may transmit, in response to the received grant 406, UL transmission 410 adapted in accordance with the instructed specific behavior, at indicated time period and/or frequency resource.
  • the node 110 may transmit in response to the (fake) grant 406, but using specific configuration not known by a IUE.
  • the first wireless node 120 may include transmission parameter information in the protected configuration message 200, 300, 404.
  • the second wireless node 110 may configure its transmitter to, instead of or in addition to at least part of the information in the received grant message, to transmit a message (410) using the transmission parameter information in response to the transmission grant message Such message may be transmitted during a specified time period during or outside transmission time scheduled by the grant message, e.g. shifted by a timing advance defined in the protected configuration message.
  • the first wireless node 120 may configure its receiver to receive, after the transmission grant message, a message transmitted using the transmission parameter information, detected as legitimate message from the second wireless node.
  • the transmission parameter information comprises at least one of:
  • - timing advance change i.e. node 110 is instructed to modify its UL timing advance, - phase rotation (may be applied differentially, or selectively on reference signals, such as demodulation reference signal (DM-RS)),
  • DM-RS demodulation reference signal
  • MIMO precoding parameter information which may include polarization parameters.
  • Refraining or absence of transmission in block 320 may comprise refraining or absence of transmission in a portion of time or frequency allocation of the UL transmission (according to the transmission grant message).
  • the gNB uses timing advance (TA) based procedure to detect whether UL transmission is impacted by a JUE. For example, a gNB may instruct the LUE to trigger a TA shift for a short period of time such that gNB may estimate or detect unintended UL transmissions or variation in interference estimation at the (non-shifted) gNB UL reception indicated by the transmission grant 210, 310, 406.
  • TA timing advance
  • All associated (L)UEs excepted JUEs may thus follow that command as a TA update and move their UL transmission timing to the new value, which is not followed by a JUE.
  • the gNB could switch the UL reception time at the gNB by indicating switch, Delta_TA in the TA used by legitimate UEs.
  • the LUE(s) may apply such shift for a given time such that the gNB could measure the changes in interference in time and detect jammer UL transmissions.
  • Another example includes asking selected UEs in the cell to change some of the transmit parameters at a specified time and for a specified duration.
  • the gNB may instruct the LUE to apply a phase rotation between the DMRS and the user plane symbols (for example a multiple of pi/4) for a specified number of frames.
  • the gNB remains capable of demodulating the transmissions originating from the legitimate UEs, but not those from malicious UEs, which are immediately detectable.
  • the protected configuration message 200, 300, 404 may be a transmit perturbation order message (TPOM).
  • TPOM transmit perturbation order message
  • Perturbation herein refers to specific adapted transmission instructed by the first node to be applied during the (fake) grant defined by the transmission grant message.
  • the perturbation message may indicate a perturbation type to be applied during fake grant provided by the transmission grant message, such as one of the types illustrated above (no transmission at all, timing advance change, rotation, power change, perturbation of MIMO parameters, etc.), and associated parameters.
  • the perturbation message may comprise an identifier of the subsequent (fake) grant.
  • the second node may execute the perturbation order at specified time and duration.
  • the first node may check if the perturbation order has been executed as instructed. If not, the first node may retry, with a new protected configuration message. If preconfigured maximum number of attempts have been reached, an executing protocol layer entity of the first node may report to an upper layer entity.
  • Such signal perturbations and adapted LUE transmission 410 can be controlled and applied on the complete UL signal or only on parts of the signal, for example, demodulation reference signals (DMRS).
  • DMRS demodulation reference signals
  • An important requirement of such signal perturbation is to be non-imitable by the attacker. In this respect, the perturbation is applied over a short duration and is immediately detectable by the BS. Even if the JUE benefits of a high UL SNR, its detection and processing times will not allow it to be on time to mimic the LUE behaviour.
  • the protected configuration message 200, 300, 404 may have a specific structure to further impeding recognition by an attacker: parameters of the message should be able to be random, and, preferably there should be no fixed patterns.
  • the protected configuration message 200, 300, 404 may be an encrypted unicast or multicast message, in some embodiments an RRC message.
  • 3GPP 5G RRC message between gNB and UE may be applied in block 200, 300 to provide the transmission grant message. Since RRC messages are encrypted by higher layers, they can be interpreted only by the recipients of the messages, and no separate encryption is required for the configuration message. In 3 GPP 5G NR systems, RRC messages are encrypted by KRRCenc derived from K g NB.
  • the protected configuration message 210, 300, 404 may comprise an information element for configured grant based UL transmission mode for indicating the transmission resource.
  • Configured grant-based UL transmission mode and dynamic grant UL transmission together may be used to detect whether a UE UL transmission is jammed or not.
  • configured grant-based uplink transmission is RRC configured (Type 1) or provided via the physical downlink control channel (PDCCH) with configured scheduling radio network temporary identifier (CS-RNTI) (Type 2).
  • the protected configuration message is provided by Type 1 configured grant, scheduling the uplink transmission via RRC, in which many parameters are configured in the RRC information element ConfiguredGrantConfig such as FH, DMRS configuration, resource allocation, repetition numbers, and others.
  • ConfiguredGrantConfig such as FH, DMRS configuration, resource allocation, repetition numbers, and others.
  • a new information element and/or parameter(s) may be introduced within ConfiguredGrantConfig that enables the dropping of any PUSCH when there is fully (or partially) overlapping of a dynamic grant PUSCH and configured grant PUSCH.
  • the gNB can send a dynamic UL grant (via DCI), which will be decoded by both victim LUE and JUE, and indicate overlapping resources with a configured grant resources of the LUE.
  • DCI dynamic UL grant
  • the LUE UL transmissions will be dropped, but JUE may transmit in UL direction and provide sufficient means to the gNB to detect that jammer.
  • Fig. 5 illustrates a further signalling example for a 3GPP based network.
  • First node in the present example gNB (e g. node 120), schedules 500 UL DCI PUSCH 1 for second node, in the present example referred to as LUE (e.g. node 110), which is also received by jamming third node/JUE (e.g. node 112).
  • LUE uses PUSCH 1 for uplink transmission 504 to gNB.
  • JUE transmits jamming transmission 506 matching PUSCH 1 resources.
  • gNB may detect or suspect potential jamming and decides 508 to check for jamming transmission.
  • gNB transmits to LUE encrypted configuration message, which may comprise grant configuration with enabling cancelation for specified UL transmission.
  • gNB schedules 512 PUSCH resource(s) matching to grant resource(s) configured by the encrypted configuration message and transmits UL DCI 514 scheduling PUSCH 2 resource.
  • LUE detects 516 that scheduling of earlier configured grant (by the encrypted configuration message) and the newly received grant based PUSCH 2 resource are overlapping and thus refrains from transmitting using newly scheduled PUSCH 2 resource.
  • JUE still follows 518 UL grants and transmits a jamming transmission 520 using newly allocated PUSCH 2 resource, on the basis of which gNB detects 522 presence of JUE.
  • the first node/gNB may initiate jamming avoidance procedure, comprising instructing the second node/LUE to change transmission parameters, by encrypted RRC signalling, for example including an information element of TA shift to be applied.
  • RRC signaling with other type of modification may be applied to cause the LUE to stop transmitting according to a valid grant.
  • An electronic device comprising electronic circuitries may be an apparatus for realizing at least some embodiments of the present invention.
  • the apparatus may be or may be comprised in a computer, a laptop, a tablet computer, a cellular phone, a machine to machine (M2M) device (e.g. an IoT sensor device), a base station, an access point or network node device or another apparatus provided with radio communication capability.
  • M2M machine to machine
  • the apparatus carrying out the above-described functionalities is comprised in such a device, e g. the apparatus may comprise a circuitry, such as a chip, a chipset, a microcontroller, or a combination of such circuitries in any one of the above-described devices.
  • the apparatus may comprise a communication circuitry providing the apparatus with capability of communicating in at least one wireless network.
  • the communication circuitry may employ a radio interface providing the apparatus with radio communication capability.
  • the radio interface may comprise a radio modem RF circuitries providing at least a part of the above-described physical layer(s) of the wireless device.
  • the radio interface may be comprised in the apparatus in the embodiments where the apparatus is the wireless device. In other embodiments where the apparatus is a chipset for the wireless device, the radio interface may be external to the apparatus.
  • the radio interface may support frame transmission and reception according to the principles described above.
  • the RF circuitries may comprise radio frequency converters and components such as an amplifier, filter, and one or more antennas.
  • the radio modem may comprise baseband signal processing circuitries such as (de)modulator and encoder/decoder circuitries.
  • the communication circuitry may carry out at least some of the functions described above. In embodiments where the apparatus employs multiple physical layer entities, the radio modem and the RF circuitries may employ a separate transmitter and receiver branch for each of the multiple links supported by the apparatus.
  • the radio modem and the RF circuitries may include a dedicated circuitry for the physical layer and another dedicated circuitry for the physical layer, although the dedicated circuitries may employ partially the same physical components in the transmission and/or reception.
  • the communication circuitry may comprise multiple channel sensing circuitries, each configured to perform channel sensing on a channel.
  • circuitry may refer to one or more or all of the following:
  • circuitry also covers an implementation of merely a hardware circuit or processor (or multiple processors) or portion of a hardware circuit or processor and its (or their) accompanying software and/or firmware.
  • circuitry also covers, for example and if applicable to the particular claim element, a baseband integrated circuit or processor integrated circuit for a mobile device or a similar integrated circuit in server, a cellular network device, or other computing or network device.
  • Fig. 6 illustrates an example apparatus capable of supporting at least some embodiments of the present invention. Illustrated is device 600, which may comprise, for example, wireless terminal/second wireless node 110 or the wireless network/first wireless node 120 of Fig. 1, or device 600 may be configured to control the functioning thereof, possibly when installed therein.
  • the apparatus may be configured to perform the method of Fig. 2 or 3, or an embodiment thereof.
  • processor 610 Comprised in device 600 is processor 610, which may comprise, for example, a single- or multi-core processor wherein a single-core processor comprises one processing core and a multi-core processor comprises more than one processing core.
  • Processor 610 may comprise, in general, a control device.
  • Processor 610 may comprise more than one processor.
  • Processor 610 may comprise at least one application-specific integrated circuit, ASIC.
  • Processor 610 may comprise at least one field-programmable gate array, FPGA.
  • Processor 610 may be means for performing method steps in device 600.
  • Processor 610 may be configured, at least in part by computer instructions, to perform actions.
  • the processor may comprise circuitry, or be constituted as circuitry or circuitries, the circuitry or circuitries being configured to perform operations of methods in accordance with embodiments described herein.
  • Device 600 may comprise memory 620.
  • Memory 620 may comprise random- access memory and/or permanent memory.
  • Memory 620 may comprise at least one RAM chip.
  • Memory 620 may comprise solid-state, magnetic, optical and/or holographic memory, for example.
  • Memory 620 may be at least in part accessible to processor 610.
  • Memory 620 may be at least in part comprised in processor 610.
  • Memory 620 may be means for storing information.
  • Memory 620 may comprise computer instructions that processor 610 is configured to execute. When computer instructions configured to cause processor 610 to perform certain actions are stored in memory 620, and device 600 overall is configured to run under the direction of processor 610 using computer instructions from memory 620, processor 610 and/or its at least one processing core may be considered to be configured to perform said certain actions.
  • Memory 620 may be at least in part comprised in processor 610. Memory 620 may be at least in part external to device 600 but accessible to device 600.
  • the memory may store control parameters affecting the operation of the device, such as some or all of the functions illustrated above in connection with Figs. 2 or 3. Further, the memory may comprise device-specific cryptographic information, such as secret and public key of the device 600.
  • Device 600 may comprise a transmitter 630.
  • Device 600 may comprise a receiver 640.
  • Transmitter 630 and receiver 640 may be configured to transmit and receive, respectively, information in accordance with at least one cellular or non-cellular standard.
  • Transmitter 630 may comprise more than one transmitter.
  • Receiver 640 may comprise more than one receiver.
  • Transmitter 630 and/or receiver 640 may be configured to operate in accordance with Global System for Mobile communication, GSM, Wideband Code Division Multiple Access, WCDMA, 5G/NR, Long Term Evolution, LTE, IS-95, Wireless Local Area Network, WLAN, and/or Ethernet standards, for example.
  • Device 600 may comprise a near-field communication, NFC, transceiver 650.
  • NFC transceiver 650 may support at least one NFC technology, such as NFC, Bluetooth, Wibree or similar technologies.
  • Device 600 may comprise user interface, UI, 660.
  • UI 660 may comprise at least one of a display, a keyboard, a touchscreen, a vibrator arranged to signal to a user by causing device 600 to vibrate, a speaker and a microphone.
  • a user may be able to operate device 600 via UI 660, for example to accept incoming telephone calls, to originate telephone calls or video calls, to browse the Internet, to manage digital files stored in memory 620 or on a cloud accessible via transmitter 630 and receiver 640, or via NFC transceiver 650, and/or to configured the operation of the device.
  • Device 600 may comprise or be arranged to accept a user identity module 670.
  • User identity module 670 may comprise, for example, a subscriber identity module, SIM, card installable in device 600.
  • a user identity module 670 may comprise information identifying a subscription of a user of device 600.
  • a user identity module 670 may comprise cryptographic information usable to verify the identity of a user of device 600 and/or to facilitate encryption and decryption of communicated information effected via device 600, such as decryption of received RRC messages.
  • Processor 610 may be furnished with a transmitter arranged to output information from processor 610, via electrical leads internal to device 600, to other devices comprised in device 600.
  • Such a transmitter may comprise a serial bus transmitter arranged to, for example, output information via at least one electrical lead to memory 620 for storage therein.
  • the transmitter may comprise a parallel bus transmitter.
  • processor 610 may comprise a receiver arranged to receive information in processor 610, via electrical leads internal to device 600, from other devices comprised in device 600.
  • a receiver may comprise a serial bus receiver arranged to, for example, receive information via at least one electrical lead from receiver 640 for processing in processor 610.
  • the receiver may comprise a parallel bus receiver.
  • Device 600 may comprise further devices not illustrated in Fig.6.
  • device 600 may comprise at least one digital camera.
  • Some devices 600 may comprise a back-facing camera and a front-facing camera, wherein the back-facing camera may be intended for digital photography and the front-facing camera for video telephony.
  • Device 600 may comprise a fingerprint sensor arranged to authenticate, at least in part, a user of device 600.
  • device 600 lacks at least one device described above.
  • some devices 600 may lack a NFC transceiver 650 and/or user identity module 670.
  • UI 660 and/or user identity module 670 may be interconnected by electrical leads internal to device 600 in a multitude of different ways.
  • each of the aforementioned devices may be separately connected to a master bus internal to device 600, to allow for the devices to exchange information.
  • this is only one example and depending on the embodiment various ways of interconnecting at least two of the aforementioned devices may be selected without departing from the scope of the present invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Radar, Positioning & Navigation (AREA)
  • Remote Sensing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Selon un aspect donné à titre d'exemple de la présente invention, celle-ci concerne un procédé comprenant : la transmission d'un message de configuration protégé à un deuxième nœud sans fil, le message de configuration indiquant une ressource de transmission pour détecter un nœud sans fil de brouillage, la transmission d'un message d'autorisation de transmission au deuxième nœud sans fil, le message d'autorisation de transmission indiquant une transmission qui est autorisée à l'aide de la ressource de transmission, la détection d'une transmission à partir d'un troisième nœud sans fil après le message d'autorisation de transmission, et la détection du troisième nœud sans fil en tant que nœud sans fil de brouillage sur la base de la transmission à partir du troisième nœud sans fil à l'aide de la ressource de transmission.
PCT/EP2020/068638 2020-07-02 2020-07-02 Détection de brouillage dans des réseaux sans fil WO2022002403A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2020/068638 WO2022002403A1 (fr) 2020-07-02 2020-07-02 Détection de brouillage dans des réseaux sans fil

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2020/068638 WO2022002403A1 (fr) 2020-07-02 2020-07-02 Détection de brouillage dans des réseaux sans fil

Publications (1)

Publication Number Publication Date
WO2022002403A1 true WO2022002403A1 (fr) 2022-01-06

Family

ID=71465342

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2020/068638 WO2022002403A1 (fr) 2020-07-02 2020-07-02 Détection de brouillage dans des réseaux sans fil

Country Status (1)

Country Link
WO (1) WO2022002403A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140341137A1 (en) * 2012-01-19 2014-11-20 Cambium Networks Limited Transmission of data in a broadband radio communication system
EP2833558A1 (fr) * 2013-07-31 2015-02-04 Huawei Technologies Co., Ltd. Procédé de détection d'espionnage électroniques dans un système de communication sans fil
US20150063321A1 (en) * 2013-09-04 2015-03-05 Qualcomm Incorporated Radar detection

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140341137A1 (en) * 2012-01-19 2014-11-20 Cambium Networks Limited Transmission of data in a broadband radio communication system
EP2833558A1 (fr) * 2013-07-31 2015-02-04 Huawei Technologies Co., Ltd. Procédé de détection d'espionnage électroniques dans un système de communication sans fil
US20150063321A1 (en) * 2013-09-04 2015-03-05 Qualcomm Incorporated Radar detection

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
JAEMIN JEUNG ET AL: "A Deception Mechanism against Compromised Station Attacks in IEEE 802.11 Channel-Hopping Systems", IEICE TRANSACTION ON COMMUNICATION, COMMUNICATIONS SOCIETY, TOKYO, JP, vol. E95B, no. 10, October 2012 (2012-10-01), pages 3362 - 3364, XP001578191, ISSN: 0916-8516, [retrieved on 20121001], DOI: 10.1587/TRANSCOM.E95.B.3362 *

Similar Documents

Publication Publication Date Title
US20220109996A1 (en) Secure communication link establishment for a ue-to-ue relay
KR102461556B1 (ko) 디바이스간 탐색을 수행하기 위한 방법 및 장치
US11070981B2 (en) Information protection to detect fake base stations
US20230076156A1 (en) Physical layer security activation
US10708804B2 (en) Systems and methods for radio resource management
US20210111902A1 (en) System information protection at a network function in the core network
US11638152B2 (en) Identifying an illegitimate base station based on improper response
US11463875B2 (en) Detection of system information modification using access stratum security mode command
US20220399950A1 (en) Securing Downlink Control Information in Cellular Communication Networks
US20220338002A1 (en) Security key generation in wireless networks
US11765596B2 (en) Security procedure
CN111345054B (zh) 一种被用于无线通信的用户设备、基站中的方法和装置
US11218881B1 (en) Mitigating fake cell imprisonment
WO2022002403A1 (fr) Détection de brouillage dans des réseaux sans fil
EP3796584B1 (fr) Sécurité de couche physique améliorée dans des réseaux sans fil
US20200358788A1 (en) Data provenance
US11825301B2 (en) Secret construction of physical channels and signals
WO2023155721A1 (fr) Procédé de détection de fausse station de base, et appareil
CN116709332A (zh) 小区切换的方法和装置
WO2023133495A1 (fr) Accès à une cellule pour cacher la présence et le fonctionnement d'un réseau

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20736660

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20736660

Country of ref document: EP

Kind code of ref document: A1