Benjamin W. Ramsey

Bio: Benjamin W. Ramsey is an academic researcher from Air Force Institute of Technology. The author has contributed to research in topics: Critical infrastructure & Spoofing attack. The author has an hindex of 13, co-authored 27 publications receiving 467 citations. Previous affiliations of Benjamin W. Ramsey include Wright-Patterson Air Force Base.

An RF-DNA verification process for ZigBee networks

Abstract: Impersonation of authorized network devices is a serious concern in applications involving monitoring and control of battlefield operations and military installation infrastructure-ZigBee is among the ad hoc network alternatives used for such purposes. There are considerable security concerns given the availability of ZigBee “hacking” tools that have evolved from methods used for IEEE 802.11 Wi-Fi and IEEE 802.15.1 Bluetooth attacks. To mitigate the effectiveness of these bit-level attacks, RF waveform features within the lowest OSI physical (PHY) layer are used to augment bit-level security mechanisms within higher OSI layers. The evolution of RF ‘Distinct Native Attribute’ (RF-DNA) fingerprinting continues here with a goal toward improving defensive RF Intelligence (RFINT) measures and enhancing rogue device detection. Demonstrations here involve ZigBee burst collection and RF-DNA fingerprint generation using experimentally collected emissions from like-model CC2420 ZigBee devices operating at 2.4 GHz. RF-DNA fingerprints from 7 authorized devices are used for Multiple Discriminant Analysis (MDA) training and authorized device classification performance assessed, i.e. answering: “Is the device 1 of M authorized devices?” Additional devices are introduced as impersonating rogue devices attempting to gain unauthorized network access by presenting false bit-level credentials for one of the M authorized devices. Granting or rejecting rogue network access is addressed using a claimed identity verification process, i.e, answering: “Does the device's current RF-DNA match its claimed bit-level identity?” For authorized devices, arbitrary classification and verification benchmarks of %C> 90% and %V > 90% are achieved at SNR«10.0 dB using a test statistic based on assumed Multivariate Gaussian (MVG) likelihood values. Overall, rogue device rejection capability is promising using the same verification test statistic, with %V < 10% (90% or better rejection) achieved for 11 of 14 rogue trials. One case yielded near 85% rogue verification (unauthorized access) and security cannot be a matter of chance-work continues to find a more robust test statistic and improve the proposed process.

PHY foundation for multi-factor ZigBee node authentication

Abstract: The ZigBee specification builds upon IEEE 802.15.4 low-rate wireless personal area standards by adding security and mesh networking functionality. ZigBee networks may be secured through 128-bit encryption keys and by MAC address access control lists, yet these credentials are vulnerable to interception and spoofing via free software tools available over the Internet. This work proposes a multi-factor PHY-MAC-NWK security framework for ZigBee that augments bit-level security using radio frequency (RF) PHY features. These features, or RF fingerprints, can be used to differentiate between dissimilar or like-model wireless devices. Previous PHY-based works on mesh network device differentiation predominantly exploited the signal turn-on region, measured in nanoseconds. For an arbitrary benchmark of 90% or better classification accuracy, this work shows that reliable PHY-based ZigBee device discrimination can be achieved at SNR ≥ 8 dB. This is done using the entire transmission preamble, which is less technically challenging to detect and is over 1000 times longer than the signal turn-on region. This work also introduces a statistical, pre-classification feature ranking technique for identifying relevant features that dramatically reduces the number of RF fingerprint features without sacrificing classification performance.

Rogue Z-Wave controllers: A persistent attack channel

Abstract: The popularity of Wireless Sensor Networks (WSN) is increasing in critical infrastructure, smart metering, and home automation. Of the numerous protocols available, Z-Wave has significant potential for growth in WSNs. As a proprietary protocol, there are few research publications concerning Z-Wave, and thus little is known about the security implications of its use. Z-Wave networks use a gateway controller to manage and control all devices. Vulnerabilities have been discovered in Z-Wave gateways, all of which rely on the gateway to be consistently connected to the Internet. The work herein introduces a new vulnerability that allows the injection of a rogue controller into the network. Once injected, the rogue controller maintains a stealthy, persistent communication channel with all inadequately defended devices. The severity of this type of attack warrants mitigation steps, presented herein.

I and i

Abstract: There is, I think, something ethereal about i —the square root of minus one. I remember first hearing about it at school. It seemed an odd beast at that time—an intruder hovering on the edge of reality. Usually familiarity dulls this sense of the bizarre, but in the case of i it was the reverse: over the years the sense of its surreal nature intensified. It seemed that it was impossible to write mathematics that described the real world in …

The iron cage revisited: Institutional isomorphism and collective rationality in organizational fields (Chinese Translation)

Abstract: What makes organizations so similar? We contend that the engine of rationalization and bureaucratization has moved from the competitive marketplace to the state and the professions. Once a set of organizations emerges as a field, a paradox arises: rational actors make their organizations increasingly similar as they try to change them. We describe three isomorphic processes-coercive, mimetic, and normative—leading to this outcome. We then specify hypotheses about the impact of resource centralization and dependency, goal ambiguity and technical uncertainty, and professionalization and structuration on isomorphic change. Finally, we suggest implications for theories of organizations and social change.

Cyber Security and Privacy Issues in Smart Grids

Abstract: Smart grid is a promising power delivery infrastructure integrated with communication and information technologies. Its bi-directional communication and electricity flow enable both utilities and customers to monitor, predict, and manage energy usage. It also advances energy and environmental sustainability through the integration of vast distributed energy resources. Deploying such a green electric system has enormous and far-reaching economic and social benefits. Nevertheless, increased interconnection and integration also introduce cyber-vulnerabilities into the grid. Failure to address these problems will hinder the modernization of the existing power system. In order to build a reliable smart grid, an overview of relevant cyber security and privacy issues is presented. Based on current literatures, several potential research fields are discussed at the end of this paper.

Deep Learning for RF Device Fingerprinting in Cognitive Communication Networks

Abstract: With the increasing presence of cognitive radio networks as a means to address limited spectral resources, improved wireless security has become a necessity. In particular, the potential of a node to impersonate a licensed user demonstrates the need for techniques to authenticate a radio's true identity. In this paper, we use deep learning to detect physical-layer attributes for the identification of cognitive radio devices, and demonstrate the performance of our method on a set of IEEE 802.15.4 devices. Our method is based on the empirical principle that manufacturing variability among wireless transmitters that conform to the same standard creates unique, repeatable signatures in each transmission, which can then be used as a fingerprint for device identification and verification. We develop a framework for training a convolutional neural network using the time-domain complex baseband error signal and demonstrate 92.29% identification accuracy on a set of seven 2.4 GHz commercial ZigBee devices. We also demonstrate the robustness of our method over a wide range of signal-to-noise ratios.