NSF EARS: Cloud-based Oblivious Spectrum Mapping and Allocation

Spectrum-sensing and mapping technology developed under this NSF EARS grant was leveraged by Team GatorWings (led by Profs. Wong and Shea) to win the DARPA Spectrum Collaboration Challenge.

Goals

Recent rapid advances in dynamic spectrum access (DSA) highlight the philosophical shift in both technology development and policy making of radio spectrum management. The driving force behind this shift is the commonly accepted belief that the radio spectrum, as a scarce public resource, can be utilized more efficiently and fairly by the partnership of smarter management and looser regulations. This in turn will lead to democratization of the radio spectrum to people of wider socioeconomic strata, as well as to a much larger variety of present and future communication needs and services. This work seeks to assist in the democratization of such spectrum through:

• developing techniques for spectrum mapping to protect against internal and external attacks, and evaluating the tradeoffs between privacy protection and accuracy of the spectrum map,

• implementing the privacy-preserving spectrum mapping techniques using software-defined radios and Andriod phones,

• implementing our privacy-preserving spectrum mapping techniques using a Computing Agent/Spectrum Application Server/Spectrum Usage Database framework, run on a commercially available cloud-computing service, and

• conducting an outreach class on radio and dynamic spectrum access at the Cade Museum for Science+Innovation

Activities

We are developing novel techniques to protect the privacy of users involved in sensing the radio spectrum as part of a DSA system. The techniques we propose are built on top of secure computing primitives, such as anonymyizing proxies, public-key encryption, and garbled circuits, which uses cryptographic techniques to allow users to compute a result without any of the parties being able to know the other parties' inputs to the computation. Although complete privacy is not possible in a spectrum sensing system, we are developing systems that achieve k-anonymity in the presence of adversaries with various capabilities. In k-anonymity, a user's location and capabilities may only be reduced to one of k possibilities. A significant challenge in developing such techniques is that many secure computing primitives require high computational complexity, and thus cannot be implemented on many DSA devices, such as future generations of cellular phones. Thus, we are developing privacy-preserving spectrum sensing techniques that have sufficiently low complexity to be implemented on such devices.

• Year 1: In year 1, our activities primarily focused on the development of a distributed, privacy-preserving algorithm to perform localization on a RF source in the presence of a semi-honest (honest-but-curious) adversary. We developed an algorithm to achieve k-anonymity in the presence of such an adversary. Our algorithm is based on a distributed particle-filter algorithm in which information is fused on a binary tree, where information is passed through an anonymizing proxy to obscure the information's source. The anonymyzing proxy is a radio that is internal to the network that is elected through a voting scheme, along with a leader node for the process. This work was reported in a conference paper (see Outcomes below), and a journal version is being prepared with a more thorough security analysis and additional experimental results.
• Year 2: In year 2, our efforts have focused on maturing our approaches to distributed, privacy-preserving localization of a RF source along two major thrusts. We are further developing our efforts on RF localization to allow for mobile sensing agents that can optimize their locations to rapidly localize an RF source in the presence of channel noise, shadowing, and unknown channel path-loss exponents. Deep reinforcement learning is being used to determine the optimal movement for these agents both when privacy is not a concern and when the movements of the agents must be chosen to protect the location of the RF source from an adversary that can observe the movements of the mobile sensing agents. We are building more efficient techniques for preserving privacy during distributed computation by leveraging trusted execution environments, also known as secure enclaves, that are built into many modern processors. In particular, our current efforts focus on considering how the Intel Software Guard Extensions (SGX) can be leveraged in such systems. We are developing systems that enable a mix of SGX and secure multiparty computation (SMC) techniques, which are needed for those systems that are not equipped with SGX-enabled hardware.
• Year 3: Our year 3 activities have four main thrusts: 1) further development of techniques to leverage secure enclaves to provide privacy-preserving computation without the need for heavyweight cryptographic primitives (such as fully homomorphic encryption), 2) implementation of spectrum sensing techniques using software-defined radios, 3) research on applications of machine learning for dynamic spectrum sharing, and 4) research on mobile spectrum sensing in the presence of an adversary. A highlight of this work is our implementation of spectrum sensing and mapping techniques on the USRP X310 software-defined radio. We utilize a FPGA-based spectrum sensor to rapidly monitor spectrum utilization across many channels. This information is fused with spectrum reports and geolocation information by our spectrum mapping software, which is implemented in C++. The result is a time-varying spectrum map that identifies how the radio spectrum is being used across space, frequency, and time. More details can be found in our publications below. A notable outcome from our research was that Team GatorWings, which includes several faculty and students who also worked on this grant, used spectrum sensing and mapping techniques developed under this grant in their radio used in the DARPA Spectrum Collaboration Challenge (SC2). Team GatorWings won the SC2 Championship Event in October 2019.
• Year 4: (extension) Our year 4 activities had 3 main thrusts: 1) We further developed our implementations of spectrum mapping techniques on software-defined radios. 2) We have continued to research privacy in spectral sensing systems, and our current research is primarily focused on privacy implications related to movements of either the RF emitter or mobile sensors that are optimizing their position to localize the RF emitter. 3) We have continued our research on leveraging secure enclaves to aid in privacy-perserving signal localization.
• Year 5: (extension) Our year 5 activities had 2 main thrusts: 1) We completed full implementation and evaluation of centralized and decentralized implementations of privacy-preserving signal localization methods on secure enclaves using Intel SGX and ARM processors. 2) We developed laboratory materials on frequency spectrum, digital radio, and dynamic and collaborative spectrum sharing; the lab is targeted to middle-school age children.

Personnel

• Faculty
• John M. Shea (PI)
• Patrick Traynor (Co-PI)
• Tan F. Wong (Co-PI)
• Ph.D. Students
• Caleb Bowyer, ECE
• Joseph Choi, CISE
• Jixin Feng, ECE (graduated with Ph.D.)
• Tyler Ward, ECE
• David Greene, ECE
• Joshua Marker, ECE
• Anirban Bhattacharya, ECE
• Xioashan Wang, ECE

Outcomes

Our research has resulted in techniques for privacy-preserving localization techniques in distributed networks, analysis techniques for time-varying networks, and techniques to protect networks from jamming attacks. Our work has been reported in three published conference papers (journal articles are in progress):

• In "Privacy Preserving Localization Using a Distributed Particle Filtering Protocol" (IEEE MILCOM 2017), we developed a privacy preserving localization algorithm based on public-key encryption, anonymous proxies, and a distributed particle filtering protocol. Our protocol is described in detail in that work, and simulation and experimental results (using Ettus Research B210 USRP radios) demonstrate that our proposed mechanism allows for accurate localization with low error.

  
  Roles of radios in a distributed network and interations during privacy-preserving localization protocol

  
  Localization is performed using a distributed particle-filter algorithm that fuses information from different radios from the leaves to the root of a binary tree

• In "An Adjacency Matrix Approach to Delay Analysis in Temporal Networks" (IEEE MILCOM 2017), we develop analytical techniques to model the flow of information across a temporal network, which is a graph with time-varying edges. Temporal networks can be used to model mobile wireless networks with time-varying links, and these techniques may be used to analyze the flow of private information in such networks.

• In "Positioning Helper Nodes to Improve Robustness of Wireless Mesh Networks to Jamming Attacks" (IEEE GlobeCom 2017), we develop techniques to enhance the robustness of wireless networks to jamming attacks, which can be used to disrupt spectrum-sensing processes.

• In "Optimal Jammer Placement in the Real Plane to Partition a Wireless Network" (IEEE WCNC 2019), we develop new algorithms to find minimum cardinality jammer placements to partition a wireless network. Prior to this paper, optimal solutions were only available when the placement of jammers was constrained to the locations of the communication nodes. The algorithms in this paper solve a type of disk cover problem in which the objective is not to cover all of the communication nodes but instead only to cover a subset required to achieve a network partition goal. This same approach may be useful for other purposes in communication networks, such as the placement of aerial routers to enhance the robustness of the network topology. A variation on this algorithm may be useful for network clustering. For instance, in the context of distributed RF localization, such a clustering can be used to enable sets of nearby sensing agents to either fuse their measurements, elect a single representative to carry out measurements, or alternate among the agents to provide measurements and carry out distribute computations.

• In “A Hybrid Approach to Secure Function Evaluation using SGX” (ACM Asia CCS 2019), we develop techniques for two-party secure function evaluation (2P-SFE) that allows a designer to partition parts of the protocol that are evaluated inside a secure enclave and those parts that are implemented via standard cryptographic techniques. This approach allows increased performance while providing protections against side-channel attacks on the secure enclave. We can leverage this approach to reduce the cryptographic overhead of privacy-preserving localization and mapping.

• In "Reinforcement Learning for Mixed Cooperative/Competitive Dynamic Spectrum Access" (DySPAN 2019), we report on two appoaches to dynamic spectrum sharing using spectrum sensing and mapping techniques developed under this grant. We compare the performance of a strategy learned via reinforcement learning versus a human-tuned "expert system" strategy. The results show similar performance for the two strategies for the scenario investigated, with the expert system performing slightly better overall. This paper provides some high-level overview of our use of spectrum sensing and mapping, as well as our decision making processes, used in the DARPA Spectrum Collaboration Challenge.

• In “Identifying bottleneck nodes using packet delay statistics” (MILCOM 2019), we investigate methods for identifying single bottlenecks in communication networks when only round-trip delay statistics are available.

• One of the goals of this project is to investigate how we can leverage cloud computing in privacy-preserving spectrum sensing. Our move to leverage secure enclaves has complicated this because most cloud operators do not provide secure enclaves as part of their service because of various technical challenges that it presents. In “A Practical Intel SGX Setting for Linux Containers in the Cloud” (ACM CODASPY 2019), we develop an lxc-based container system that allows Intel SGX (secure enclave) applications to run inside a container in the cloud, while providing all the critical features of SGX, such as remote attestation. We demonstrate that up to 100 containerized SGX applications can be run with reasonable overhead in our system.

• In “A Deep Q-Learning Dynamic Spectrum Sharing Experiment” (IEEE ICC 2021), we report results on applying deep Q-learning for optimizing spectrum sharing among a group of homegeneous networks, where each network makes decisions on how much spectrum to use and which frequencies to transmit on. In particular, we demonstrate that deep Q-learning is able to identify and take advantage of spatial reuse opportunities. All results for the paper are based on experiments carried out in Colosseum and leverage our spectrum mapping and occupancy measurements in making channel assignment decisions.

  A conceptual image of our deep Q-network's structure is shown below. We also include visualizations of each team's frequency use over time for two different strategies. The fair-use strategy assigns each of the 5 teams and equal share of the spectrum resources. The deep Q-learning stratey uses a convolutional neural network with three hidden layers (and 4 convolution kernels) to optimize spectrum usage via machine learning. In both cases, the strategies choose the number of channels to use, and identical processes using spectrum mapping and occupancy information are used to determine the particular channels each network uses. The deep Q-network was able to score approximately 48% higher than the fair share assignment over multiple runs in the Alleys of Austin scenario in Colosseum.

  
  Deep convolutional network trained to perform Q-learning for optimizing the number of channels used by a network of radios in the Alleys of Austin scenario in Colosseum

  
  Spectrum usage for five teams in the Alleys of Austin scenario with a fair-share criterion, in which each team uses 1/5 of the available spectrum.


Spectrum usage for five teams in the Alleys of Austin scenario with spectrum usage for each team decided by a deep Q network. Spectrum use varies across team, and significant spatial reuse is observed between teams 0 and 4. An improvement in match score of approximately 48% was observed in comparison to the fair-share assignment.

• In “ Privacy-Preserving Localization using Enclaves ” (IEEE UEMCON 2021), we present centralized and decentralized architectures for privacy-preserving localization using secure enclaves. In the centralized architecture, there is a fusion center (FC) that is trusted by all of the sensors that performs the fusion of the sensor data. In the decentralized architecture, the fusion operation is performed across the entire set of sensors.

  We identify a common set of security requirements for both architectures, which are:

  • N1: Preventing eavesdropping. Sensor inputs that are transmitted in the clear may be intercepted by an adversary. As a step during remote attestation, a symmetric key is provisioned for all future communication with the target enclave. Hence, the sensor can be confident that its inputs will not be compromised during transit to other enclaves.
  • N2: Confirming authenticity of the fusion result.b> A malicious FC (ArchC) or leader (ArchD) might disregard the true fusion result and disseminate an incorrect result. This could be mitigated by having the fusion code enclave, which is measured by each sensor during attestation, directly return the fusion result to sensors over the established secure channels.
  • N3: Defeating crafted/dishonest inputs. An enclave may be required of all sensors contributing to the localization when considering the presence of malicious sensors. Parts of the spectrum measurement could then be integrated with each sensor’s enclave and verified by the enclaves via attestation to ensure only authentic spectrum measurements are contributed to the ongoing localization.

  We then determing specific security needs for each of the considered architectures. The figures below illustrate the key requirements for each architecture.

  
  Various design requirements for Centralized Architecture (ArchC) for Sensor Fusion.

  
  Various design requirements for Decentralized Architecture (ArchC) for Sensor Fusion.

  The performance of these algorithms is assessed by implementing the sensor fusion algorithms in SGX on an HP computer with an Intel Skylake quad-core CPU supporting SGXv1 and in TrustZone on a Hisilicon HiKey 620 with an ARM Cortex A53 octa-core CPU. Performance results, shown below, show that SGX overhead is generally much less than TrustZone overhead, and results in execution times of less than 1 s for all parameters considered, which will be acceptable for most applications. The TrustZone overhead is much higher and requires execution times as high as 9.5 s, which may not be acceptable in some applications. If a centralized architecture is acceptible, this may motivate the use of a SGX container in the cloud; however, additional research may still be needed on attestation across diverse enclaves.

  
  Micro- and macro-performance of sensor fusion in an enclave on SGX (a-c) and TrustZone (d-e) architectures.

• We developed a laboratory on collaborative spectrum sharing that is appropriate for middle-school children. This lab uses experiments with audio to teach students the fundamental ideas about:
  • frequency
  • digital modulation
  • frequency-division multiple access
  • fixed channel assignments
  • dynamic spectrum sharing
  • collaborative spectrum sharing

  The lab is available as a set of Jupyter notebooks (with separate instructor and student versions), as well as a student handout and pre-recorded audio files for the early labs at

  https://github.com/jmshea/nsf-ears/tree/main/lab

Team GatorWings won the DARPA Spectrum Collaboration Challenge Championship