Presentation is loading. Please wait.

Presentation is loading. Please wait.

WUR Security Proposal Date: Authors: September 2017

Published byἩρακλῆς Κεδίκογλου Modified over 5 years ago

Similar presentations

Presentation on theme: "WUR Security Proposal Date: Authors: September 2017"— Presentation transcript:

1 WUR Security Proposal Date: 2017-05-08 Authors: September 2017
Month Year September 2017 WUR Security Proposal Date: Authors: Yunbo Han, et al., Huawei Yunbo Han, et al., Huawei

2 Month Year May 2017 Abstract Malicious attacks on a WUR device running on coin-battery can cause the WUR to falsely wake up the Primary Connectivity Radio (PCR) the battery and ultimately disable the device [1]. Some potential solutions have been shown in [2] “One solution is to encrypt the LP Wakeup Req.” “Another solution could be Wakeup Request frame carries secret information that both AP and destined STA aware.” However, these solutions increase the complexity and power consumption of the WUR receiver (WURx). This presentation proposes a low complexity solution to address issues of potential attacks on WUR devices. Yunbo Han, et al., Huawei Yunbo Han, et al., Huawei

3 Outline of the Proposal
May 2017 Outline of the Proposal Upon waking up, the STA informs the AP the reason of its wake-up. Then, the AP determines whether the STA’s WURx receives a spoofed wake-up packet (under attack). If the AP considers the STA’s WURx is safe, the AP proceeds with the normal wake-up procedure (based on proposal in [3] as shown in the next slide). If the AP considers the STA’s WURx is under attack, AP performs additional steps to mitigate the impact of potential repeated attacks on the STA. Yunbo Han, et al., Huawei

4 WUR Normal Wake-up Procedure
May 2017 WUR Normal Wake-up Procedure Step 1: The AP sends a wake-up packet (WUP) to the STA carrying the STA’s wake-up ID (WUID). Step 2: The STA’s WURx receives the WUP and wakes up its PCR. Step 3: The STA sends a wake-up response frame to the AP using its PCR, indicating that the STA’s PCR is woken up due to receiving a WUP (as opposed to sending a RTS, a data, or a wake-up response frame indicating that the STA wakes up on its own, when the STA indeed wakes up on its own). Step 4: After the AP receives the wake-up response frame, Since the AP did send the WUP to the STA’s WURx, the AP considers the STA is safe. Then, the AP proceeds with the data exchange with the STA’s PCR. Woken by WUP AP WUP Data packet STA’s WURx Wake-up ACK STA’s PCR Wake-up response frame from STA to AP Yunbo Han, et al., Huawei

5 Wake-up Procedure under Attack 1/2
May 2017 Wake-up Procedure under Attack 1/2 Option 1: The Wake-up response frame indicates the reason of wake-up. Since the AP didn’t send the WUP to the STA’s WURx earlier, the AP considers that the STA is under attack and performs additional steps to mitigate potential repeated attacks, such as changing the identifier of WURx (for its next wake-up). Spoofed WUP Attacker STA’s WURx STA’s PCR Wake-up Wake-up response frame carrying the reason of wake-up AP New WUID ACK Woken by WUP (which the AP didn’t send) Option 2: AP asks STA the reason of wake-up, then STA replies to AP’s request. Spoofed WUP Attacker STA’s WURx STA’s PCR Wake-up Wake-up response frame AP ACK Ask for reason of wake-up New WUID Inform reason of wake-up Woken by WUP (which the AP didn’t send) Yunbo Han, et al., Huawei

6 Wake-up Procedure under Attack 2/2
May 2017 Wake-up Procedure under Attack 2/2 Option 3: STA reports the reason of wake-up after sending a wake-up response frame. Attacker Spoofed WUP Wake-up response frame Inform reason of wake-up STA’s WURx Wake-up ACK STA’s PCR timeout AP ACK New WUID Woken by WUP (which the AP didn’t send) Yunbo Han, et al., Huawei

7 Conclusion A low complexity WUR security solution was presented.
May 2017 Conclusion A low complexity WUR security solution was presented. After waking up, the STA informs the AP the reason of its wake-up. The AP determines whether the STA’s WURx is under attack. If the AP determines that the STA’s WURx is under attack, the AP performs additional steps to mitigate potential repeated attacks. Benefits Providing mechanisms, which are implemented over the STA’s PCR, for detecting attacks on WURx and for mitigating potential repeated attacks, without increasing the complexity or power consumption of the WURx. Yunbo Han, et al., Huawei

8 May 2017 Straw Poll Do you support that a STA may include a reason of its wake-up due to a unicast wake-up packet in a frame that the STA sends to the AP using its PCR, in order to assist the AP in determining whether the STA’s WURx receives a spoofed unicast wake-up packet? Y/N/A: Yunbo Han, et al., Huawei

9 May 2017 Reference [1] wur-securing-the-wur [2] wur-wur-mac-discussion [3] ba-initial-thoughts-on-mac- procedures Yunbo Han, et al., Huawei

Download ppt "WUR Security Proposal Date: Authors: September 2017"

Similar presentations

Doc.: IEEE 802.11-13-1415-00 Submission Nov 2013 Betty Zhao et. al., HuaweiSlide 1 Service Discovery with Association Date: 2013-11-11 Authors:

Doc.: IEEE Submission Nov 2013 Betty Zhao et. al., HuaweiSlide 1 Service Discovery with Association Date: Authors:
Supporting Low Power Operation

Supporting Low Power Operation
2200 Mission College Blvd., Santa Clara, CA 95054, USA

2200 Mission College Blvd., Santa Clara, CA 95054, USA
AP Power Saving Date: Authors: May 2017 Month Year

AP Power Saving Date: Authors: May 2017 Month Year
WUR Reconnection Usage Model

WUR Reconnection Usage Model
WUR Negotiation and Acknowledgement Procedure Follow up

WUR Negotiation and Acknowledgement Procedure Follow up
Securing the WUR Date: Authors: July 2016 March 2014

Securing the WUR Date: Authors: July 2016 March 2014
On AP Power Saving Usage Model

On AP Power Saving Usage Model
Review of Multi-user Wakeup Schemes

Review of Multi-user Wakeup Schemes
Purpose Indication of WUR Packets

Purpose Indication of WUR Packets
WUR Negotiation and Acknowledgement Procedure Follow up

WUR Negotiation and Acknowledgement Procedure Follow up
High Level MAC Concept for WUR

High Level MAC Concept for WUR
WUR coexistence with existing power save mode

WUR coexistence with existing power save mode
19, Yangjae-daero 11gil, Seocho-gu, Seoul , Korea

19, Yangjae-daero 11gil, Seocho-gu, Seoul , Korea
WUR MAC issues follow-up

WUR MAC issues follow-up
WUR Acknowledgement Indication

WUR Acknowledgement Indication
Wake Up Frame to Indicate Group Addressed Frames Transmission

Wake Up Frame to Indicate Group Addressed Frames Transmission
2200 Mission College Blvd., Santa Clara, CA 95054, USA

2200 Mission College Blvd., Santa Clara, CA 95054, USA
Consideration on Wake-Up Receiver Security

Consideration on Wake-Up Receiver Security
Assign and Update Wake-Up Signals in WLAN with Wake-Up Radio Receivers

Assign and Update Wake-Up Signals in WLAN with Wake-Up Radio Receivers

Similar presentations

Ads by Google