Software Defined Radio (SDR) technology has the flexibility of implementing a large part of physical layer functions in software. It is one of the major technologies that will provide broadband services to millions of US residences. However, unlike conventional radio whose RF signals are tightly regulated by FCC-certified hardware, the software components of SDR can be easily exploited by hackers to create a wide range of unauthorized waveforms to launch attacks on many security-critical wireless systems. The existing preventive security counter measures are not possible to prevent the myriad of potential software security loopholes and themselves often become targets of the malware. The objective of this project is to design an effective SDR integrity assessment and behavior regulation system. Residing in the vulnerable SDR software and the security-critical SDR hardware, it detects any malicious configuration of the RF device and prevent it from being used to attack wireless systems. The hardware part uses side channel and communication channel information from different SDR components to detect deviations from expected execution status. It also includes a regulation circuit to enforce safety-critical properties of SDR operation. The software part leverages correlations in SDR hardware and software components' interactions to detect deviation from expected execution profile. The generality of the SDR security system design provides a unified security mechanism for SDR design and hence can ease the burden on FCC or any future SDR design verification institutes in certifying security measures of SDR products. Of late, there has been an explosive growth of cross-layer designs proposed for wireless networks. These designs break the layered structure to actively exploit the dependence between protocol layers in wireless networks. However, the large number of cross-layer designs creates serious coexistence issues. The violation of layered structure may not comply with restrictions that constrain the coexistence among many cross-layer designs and other network systems, causing significant issues, such as degraded performance, inconsistent distributed decision making, network partition, and instability. The objective of this project is to systematically and rigorously categorize and analyze coexistence restrictions of cross-layer designs in wireless networks. In this project, coexistence restrictions of various cross-layer designs are theoretically modeled and analyzed. Different kinds of coexistence restrictions are defined, the conditions for their occurrences and their impact on network operations are revealed, and methods to check coexistence issues are developed. The project also seeks restriction-compliant protocol design techniques. This project serves as a major effort in the understandings of cross-layer designs in wireless networks and is the pioneer in providing systematic analysis of coexistence restrictions of cross-layer designs. The result of this project can be used to evaluate cross-layer design limitations and potential problems. This will promote the acceptance of good cross-layer designs in real systems and prevent architecture failures in design integration. In addition, this project provides practical techniques for designing more compatible cross-layer systems. Ultimately, this will greatly enhance the flexibility and robustness of current and future wireless network systems.


  1. Yaling Yang (faculty)
  2. Jeffery Reed (faculty)
  3. Chao Wang (faculty)
  4. Gao Bo (Ph.D.)
  5. Yanzhi Dou(Ph.D.)
  6. Hassan Eldib (Ph.D.)
  7. Wu Meng(Ph.D.)
  8. Kexiong Zeng(Ph.D.)
  9. Miao Yao (Ph.D.)

Related Publications

    1. Vireshwar Kumar, He Li, Jung-Min (Jerry) Park, Kaigui Bian, Yaling Yang (2015). Group Signatures with Probabilistic Revocation: A Computationally-Scalable Approach for Providing Privacy-Preserving Authentication. ACM Conference on Computer and Communications Security (CCS). Denver, Colorado. 2015
    2. Hassan Eldib, Chao Wang, Mostafa Taha, and Patrick Schaumont. Quantitative masking strength: Quantifying the power side-channel resistance of software code IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2015.
    3. Roderick Bloem, Bettina Konighofer, Robert Konighofer, and Chao Wang. Shield synthesis: Runtime enforcement for reactive systems, International Conference on Tools and Algorithms for Construction and Analysis of Systems (TACAS), London, UK. April 2015.
    4. Yanzi Dou, Kexiong Zeng, Yaling Yang, Danfeng Yao, MadeCR: Correlation-based Malware Detection for Cognitive Radio, Infocom 2015.
    5. Kexiong (Curtis) Zeng, Sreeraksha Kondaji Ramesh and Yaling Yang, "Location Spoofing Attack and Its Countermeasures in Database-Driven Cognitive Radio Networks", 2014 IEEE Conference on Communications and Network Security (CNS), October 2014.
    6. Bo Gao, Jung-Min Park, Yaling Yang, "Supporting Mobile Users in Database-Driven Opportunistic Spectrum Access", ACM Mobihoc 2014
    7. Kexiong (Curtis) Zeng, Sreeraksha Kondaji Ramesh and Yaling Yang. "Location Robustness in Database-Driven White Spaces Network", Proceedings of the 2014 IEEE Symposium on Dynamic Spectrum Access Networks (Dyspan) , April 2014. (4-page poster paper)
    8. Hassan Eldib, Chao Wang, and Patrick Schaumont, Formal verification of software countermeasures against side-channel attacks . ACM Transactions on Software Engineering and Methodology, 24(2), 2014.
    9. Hassan Eldib and Chao Wang, An SMT based method for optimizing arithmetic computations in embedded software code,IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 33(11):1611, 2014
    10. Hassan Eldib, Chao Wang, Mostafa Taha, and Patrick Schaumont.QMS: Evaluating the side-channel resistance of masked software from source code,". ACM/IEEE Design Automation Conference (DAC'14).. San Francisco, CA, 2014
    11. Hassan Eldib and Chao Wang . "Synthesis of masking countermeasures against side-channel attacks," .. International Conference on Computer Aided Verification (CAV'14). Vienna, Austria. 2014
    12. Kexiong Zeng, Kondaji Ramesh, Yaling Yang. Location Robustness in Database-Driven White Spaces Network. IEEE Symposium on New Frontiers in Dynamic Spectrum Access Networks (DySPAN ). 2014
    13. Hassan Eldib and Chao Wang. "An SMT based method for optimizing arithmetic computations in embedded software code," International Conference on Formal Methods in Computer-Aided Design (FMCAD'13).. Portland, OR. 2013

    Education and Outreach Activity

    1. NSF REU summer camp 2014.

      Participants: Hannah Bowers and Laci Sears.

      Project focus: using deviation of component action correlation to detect malware in cognitive radio devices

    2. CESCA Outstanding Student Award Winner 2014: Bo Gao

    Broader Impact

    The SDR security system developed in this project not only can improve the security of SDR systems, it will also significantly enhance the security of all wireless networks. The correlation-based malware detection, side-channel-based integrity checking and automatic synthesis techniques for regulation circuit may also be applied to the security issues of other systems, such as embedded systems and sensor platforms. Beyond publishing in journals and conferences, the PIsí research center Wireless @ Virginia Tech has an active industry outreach program. The PIs will leverage this program to disseminate the research results to industry. The prototype of our security system can also serve as a valuable education platform for course projects that are related to hardwar/software security, pattern analysis, hardware synthesis and wireless network security. Students can gain valuable hands-on experiences on solving real-world problems with the use of this experiment platform.