Abstract

While modern wireless systems rely on strong encryption, this alone does not secure the entire attack surface, including exposed signal attributes, pre-authentication exchanges, and protocol metadata. This dissertation challenges the assumption that existing cryptographic protections are sufficient to protect these vulnerabilities. Signal attributes, including phase and amplitude variations due to modulation, are physical-layer characteristics of encrypted data communication that remain observable and exploitable for attacks like traffic analysis. The pre-authentication phase—during which session keys are negotiated and installed—is vulnerable to spoofing and denial-of-service attacks. Protocol metadata, such as operating channel, sender’s address and location, and timestamps, is unencrypted and can reveal behavioral or device-specific patterns. Adversaries exploit this information to fingerprint devices, disrupt connectivity, and impersonate infrastructure, even in networks with the latest security standards. Existing research often focuses on patching specific attacks rather than addressing the root cause: exposed surfaces that serve as advanced attack entry points. In this dissertation, we demonstrate how these surfaces enable sophisticated attacks and propose comprehensive, dynamic defenses to mitigate these threats. The first part of this dissertation focuses on modulation-level attacks. We demonstrate, for the first time, that existing obfuscation techniques designed to prevent classification can be defeated by persistent, adaptive sniffers due to the static nature of attack surfaces. In response, we introduce a dynamic camouflage approach combining moving target defense and cyber deception to obscure modulation schemes and detect evasion attempts in AI-based receivers. Specifically, the modulated symbols are first masked using small perturbations to make them appear to an adversary as if they originate from another modulation scheme, creating ambiguity about the modulation scheme. By deploying a pool of deep learning models and perturbation-generating techniques, our defense strategy keeps moving them as needed, making it difficult for adversaries to keep up with the evolving defense system over time. In parallel, we introduce a signal morphing strategy that produces high-entropy, statistically indistinguishable waveforms, rendering intercepted signals unclassifiable. This technique maintains bit error rates, requires no bandwidth overhead, and is compatible with both AI-based and conventional receivers across different wireless protocols with minimal computational cost. We evaluate both techniques using extensive simulations across multiple open-source datasets, as well as over-the-air experiments using a software-defined radio (SDR) testbed, demonstrating their robustness under real-world wireless conditions. The second part of the dissertation exposes and addresses vulnerabilities in the pre-authentication phase and protocol metadata in Wi-Fi systems. Specifically, we develop a formal symbolic model of the Wi-Fi pre-authentication phase, discovering new variants of man-in-the-middle and new denial-of-service attacks. Our findings were acknowledged by the Wi-Fi Alliance. To defend against these threats, we develop a cross-layer scheme that embeds signatures into preambles, at the physical layer, with a time-bound mechanism to authenticate access points (APs) and verify frame elements that expose important protocol metadata, protecting against spoofing and relaying. We evaluate our approach on an AP-SDR testbed, across different commercial devices, demonstrating its practical deployment. Finally, we verify its correctness and integrity using a model checker and a cryptographic protocol verifier. Taken together, our techniques pave the way for resilient, proactive defenses against adaptive, intelligent threats in wireless ecosystem.

Library of Congress Subject Headings

Wireless communication systems--Security measures; Wireless communication systems--Mathematical models; Software radio; Deep learning (Machine learning); Cryptography

Publication Date

7-2025

Document Type

Dissertation

Student Type

Graduate

Degree Name

Computing and Information Sciences (Ph.D.)

Department, Program, or Center

Computing and Information Sciences Ph.D, Department of

College

Golisano College of Computing and Information Sciences

Advisor

Hanif Rahbari

Advisor/Committee Member

Matthew Wright

Advisor/Committee Member

Andres Kwasinski

Campus

RIT – Main Campus

Plan Codes

COMPIS-PHD

Download

Share

COinS