Enhancing Wireless Security through Cross-Layer Approaches

Compared to wired networks, wireless networks are more susceptible to security attacks due to the shared medium and the broadcast nature. These attacks include but are not limited to sniffer attack, identity spoofing attack, and denial-of-service (DoS) attack. In this dissertation, instead of viewing wireless as a vulnerability, we try to explore novel dimensions of wireless network characteristics to enhance wireless security. The information extracted from new dimensions is utilized in conjunction with the knowledge from other network layers. Through such cross-layer approaches, we defend against attacks and build more secure wireless networks and mobile systems.;We first look at the signal characteristics of wireless channels. The reciprocity property claims that bidirectional wireless channel states should be identical between two transceivers at a given instant of time. We utilize this channel state as an inherent shared secret between two parties, and propose a new and more secure method defending against narrow-band jamming attacks by combining physical layer and MAC layer information.;We also investigate unremarkable but potentially useful information in specific types of wireless networks. In cognitive radio networks, TV towers and wireless microphones are two main types of primary users. The primary user emulation (PUE) attack which targets at the latter type is extremely difficult to detect due to their low transmission power and mobility. We innovatively analyze the correlation between the sound and RF signal emitted by wireless microphones to defend against mobile PUE attacks. In wireless surveillance camera networks, spoofing attacks are easier to launch than their wired counterparts. We combine the camera sensor pattern noise as well as wireless channel signatures to detect wireless camera spoofing attacks, where physical layer and application layer information are exploited simultaneously.;Smartphones have dominated the growth of wireless market in the recent years. User authentication of smartphones and mobile apps is typically achieved by passwords or gesture locks. Although most of today's smartphones are equipped with a front-facing camera, face authentication is rarely used in practice because 2D face recognition can be easily cheated by photos or pre-recorded videos. We inventively make use of the readings from built-in motion sensors of smartphones. Combining with camera data, we build a fast yet secure face authentication system for mobile devices and apps. The security and efficiency of mobile device authentication can be largely improved by adopting our cross-layer approach.