Investigating the Feasibility of the First Man-in-the-Middle Attack for mmWave MIMO

Abstract

Millimeter wave (mmWave) networks offer high data rates (multi-Gbps) and increased network capacity. To account for its high signal attenuation during propagation, mmWave technology directionally beamforms data streams to users. The high directionality of mmWave data streams may suggest a more secure network. Unfortunately, the sector sweep protocol that is used to establish communication links between the base station and users offers an opportunity for attackers to gain information about the channel. In this paper, we present the first investigation into a man-in-the-middle security attack on mmWave networks involving multiple users. We investigate the negative impact of the sector sweep protocol on the security of the mmWave MIMO network. By leveraging the beam sweep process, the attacker can estimate the location of the victims in a multi-user network and potentially decode the symbols of all victims. The proposed attack demonstrates how a brute-force matching algorithm can decode the symbols of victims in the MIMO network. This thesis aims to provide an analysis of how feasible a man-in-the-middle security attack is on mmWave MIMO.