A.K. Bhattacharjee
info
Please Note
<p>This page displays the records of the person named above and is not linked to a unique person identifier. This record may need to be merged to a profile.</p>
5 records found
1
Breaking the Latency Barrier
Practical Haptic Bilateral Teleoperation over 5G
Conference paper
(2025)
-
Herman Kroep, Stijn Coppens, Koen Wösten, Anup Bhattacharjee, R. R. Venkatesha Prasad
Haptic bilateral teleoperation holds promise for applications such as telemaintenance, remote manipulation, and disaster response, yet delivering precise, low-latency force and video feedback remains challenging. This study advances haptic bilateral teleoperation by combining live video with Model Mediated Teleoperation (MMT) to enable predictive force feedback. While this method has benefits, several non-trivial challenges, such as synchronizing the model with user's and remote robot's actions, arise. A novel algorithm is developed that allows the robotic device to replicate interactions predictively experienced by the operator. We validated this approach in a fully functional system that performs reliably despite significant network delays. The latency performance of the system is extensively characterized, achieving a motion-to-pixel latency of 58 ms. A user study revealed that operators did not perceive network latency of at least 75 ms, resulting in a 133 ms motion-to-pixel delay requirement. Additionally, a 5G latency analysis demonstrated that effective haptic teleoperation is achievable with both operator and remote ends connected via 5G. This provides a path away from strict latency requirements toward practical teleoperation solutions using currently available technology.
...
Haptic bilateral teleoperation holds promise for applications such as telemaintenance, remote manipulation, and disaster response, yet delivering precise, low-latency force and video feedback remains challenging. This study advances haptic bilateral teleoperation by combining live video with Model Mediated Teleoperation (MMT) to enable predictive force feedback. While this method has benefits, several non-trivial challenges, such as synchronizing the model with user's and remote robot's actions, arise. A novel algorithm is developed that allows the robotic device to replicate interactions predictively experienced by the operator. We validated this approach in a fully functional system that performs reliably despite significant network delays. The latency performance of the system is extensively characterized, achieving a motion-to-pixel latency of 58 ms. A user study revealed that operators did not perceive network latency of at least 75 ms, resulting in a 133 ms motion-to-pixel delay requirement. Additionally, a 5G latency analysis demonstrated that effective haptic teleoperation is achievable with both operator and remote ends connected via 5G. This provides a path away from strict latency requirements toward practical teleoperation solutions using currently available technology.
Endless Subscriptions
Open RAN is Open to RIC E2 Subscription Denial of Service Attacks
Conference paper
(2025)
-
F. Klement, A. Brighente, A. K. Bhattacharjee, S. Cecconello, F. Kuipers, G. Smaragdakis, M. Conti, S. Katzenbeisser
Telecommunication services are essential in ensuring the operation of numerous critical infrastructures. While mobile network security increased with the advancement of generations, emerging concepts such as the Open Radio Access Network (O-RAN) are transforming the traditional operation of Radio Access Networks (RANs). Novel concepts and technologies are finding their way into RANs with a focus on softwareization and virtualization. This increases the overall attack surface and introduces new attack vectors not necessarily found in traditional RANs. This paper shows that Denial of Service (DoS) attacks leveraging subscription mechanisms can compromise O-RAN implementations. We present a novel DoS attack targeting the Near Real-Time (Near-RT) RAN Intelligent Controller (RIC). By deploying a malicious xApp, we demonstrate how an adversary can flood the Near-RT RIC with excessive subscription requests, leading to service disruption. This attack exploits the lack of rate-limiting mechanisms within the Service Model (SM), a critical component of the Near-RT RIC responsible for handling E2 subscription requests. We systematically evaluate various attack scenarios and investigate the underlying vulnerabilities exposed. Furthermore, we propose and assess countermeasures to safeguard publicly accessible O-RAN systems from such threats.
...
Telecommunication services are essential in ensuring the operation of numerous critical infrastructures. While mobile network security increased with the advancement of generations, emerging concepts such as the Open Radio Access Network (O-RAN) are transforming the traditional operation of Radio Access Networks (RANs). Novel concepts and technologies are finding their way into RANs with a focus on softwareization and virtualization. This increases the overall attack surface and introduces new attack vectors not necessarily found in traditional RANs. This paper shows that Denial of Service (DoS) attacks leveraging subscription mechanisms can compromise O-RAN implementations. We present a novel DoS attack targeting the Near Real-Time (Near-RT) RAN Intelligent Controller (RIC). By deploying a malicious xApp, we demonstrate how an adversary can flood the Near-RT RIC with excessive subscription requests, leading to service disruption. This attack exploits the lack of rate-limiting mechanisms within the Service Model (SM), a critical component of the Near-RT RIC responsible for handling E2 subscription requests. We systematically evaluate various attack scenarios and investigate the underlying vulnerabilities exposed. Furthermore, we propose and assess countermeasures to safeguard publicly accessible O-RAN systems from such threats.
Through the Telco Lens
A Countrywide Empirical Study of Cellular Handovers
Conference paper
(2024)
-
Michail Kalntis, José Suárez-Varela, Jesús Omaña Iglesias, Anup Kiran Bhattacharjee, George Iosifidis, Fernando A. Kuipers, Andra Lutu
Cellular networks rely on handovers (HOs) as a fundamental element to enable seamless connectivity for mobile users. A comprehensive analysis of HOs can be achieved through data from Mobile Network Operators (MNOs); however, the vast majority of studies employ data from measurement campaigns within confined areas and with limited end-user devices, thereby providing only a partial view of HOs. This paper presents the first countrywide analysis of HO performance, from the perspective of a top-tier MNO in a European country. We collect traffic from approximately 40M users for 4 weeks and study the impact of the radio access technologies (RATs), device types, and manufacturers on HOs across the country. We characterize the geo-temporal dynamics of horizontal (intra-RAT) and vertical (inter-RATs) HOs, at the district level and at millisecond granularity, and leverage open datasets from the country's official census office to associate our findings with the population. We further delve into the frequency, duration, and causes of HO failures, and model them using statistical tools. Our study offers unique insights into mobility management, highlighting the heterogeneity of the network and devices, and their effect on HOs.
...
Cellular networks rely on handovers (HOs) as a fundamental element to enable seamless connectivity for mobile users. A comprehensive analysis of HOs can be achieved through data from Mobile Network Operators (MNOs); however, the vast majority of studies employ data from measurement campaigns within confined areas and with limited end-user devices, thereby providing only a partial view of HOs. This paper presents the first countrywide analysis of HO performance, from the perspective of a top-tier MNO in a European country. We collect traffic from approximately 40M users for 4 weeks and study the impact of the radio access technologies (RATs), device types, and manufacturers on HOs across the country. We characterize the geo-temporal dynamics of horizontal (intra-RAT) and vertical (inter-RATs) HOs, at the district level and at millisecond granularity, and leverage open datasets from the country's official census office to associate our findings with the population. We further delve into the frequency, duration, and causes of HO failures, and model them using statistical tools. Our study offers unique insights into mobility management, highlighting the heterogeneity of the network and devices, and their effect on HOs.
Conference paper
(2024)
-
Anup Kiran Bhattacharjee, Stefano Cecconello, Fernando Kuipers, Georgios Smaragdakis
To avoid exploitation of known vulnerabilities, it is standard security practice to not disclose any model information regarding the antennas used in cellular infrastructure. However, in this work, we show that end-user devices receive enough information to infer, with high accuracy, the model-family of antennas. We demonstrate how low-cost hardware and software setups can fingerprint the cellular infrastructure of whole regions within a few minutes by only listening to cellular broadcast messages. To show the effectiveness and hence risk of such fingerprinting, we collected an extensive dataset of broadcast messages from three different countries. We then trained a machine-learning model to classify broadcast messages based on the model-family they belong to. Our results reveal a worryingly high average accuracy of 97% for model-family classification. We further discuss how inferring the model-family with such high accuracy can lead to a class of identification attacks on cellular infrastructure and we subsequently suggest countermeasures to mitigate the fingerprint effectiveness.
...
To avoid exploitation of known vulnerabilities, it is standard security practice to not disclose any model information regarding the antennas used in cellular infrastructure. However, in this work, we show that end-user devices receive enough information to infer, with high accuracy, the model-family of antennas. We demonstrate how low-cost hardware and software setups can fingerprint the cellular infrastructure of whole regions within a few minutes by only listening to cellular broadcast messages. To show the effectiveness and hence risk of such fingerprinting, we collected an extensive dataset of broadcast messages from three different countries. We then trained a machine-learning model to classify broadcast messages based on the model-family they belong to. Our results reveal a worryingly high average accuracy of 97% for model-family classification. We further discuss how inferring the model-family with such high accuracy can lead to a class of identification attacks on cellular infrastructure and we subsequently suggest countermeasures to mitigate the fingerprint effectiveness.
Conference paper
(2023)
-
Weizheng Wang, Girish Vaidya, Anup Bhattacharjee, Francesco Fioranelli, Marco Zuniga
Sensing people with mmWave radars is gaining significant attention. This growing interest is due to two factors: radar monitoring provides more privacy than camera-based alternatives, and radio waves are not as easily blocked as light waves. Most mmWave studies, however, have three common characteristics. They are done indoors, without protecting the sensor (no casing), and the evaluation is performed for short periods of time. To assess the suitability of mmWave sensing in realistic outdoor scenarios, we deploy two nodes to track the flow of pedestrians over a period of three months. This longterm deployment provides three main contributions. First, we follow a detailed process to design a casing that can protect the sensors from harsh environmental conditions. Second, we install our nodes close to a set of cameras that were already deployed in the area. To compare the performance of both types of sensors, we propose a framework that considers the different coverage patterns of cameras and radars. Third, the time frame of our evaluation considers various types of weather, from sunny days to rainy and windy. Our results indicate that mmWave sensors need to be explored further outside the comfort zone of indoor spaces. To the best of our knowledge, this is the first long-term study assessing the reliability of radar sensors in the 60 GHz ISM band.
...
Sensing people with mmWave radars is gaining significant attention. This growing interest is due to two factors: radar monitoring provides more privacy than camera-based alternatives, and radio waves are not as easily blocked as light waves. Most mmWave studies, however, have three common characteristics. They are done indoors, without protecting the sensor (no casing), and the evaluation is performed for short periods of time. To assess the suitability of mmWave sensing in realistic outdoor scenarios, we deploy two nodes to track the flow of pedestrians over a period of three months. This longterm deployment provides three main contributions. First, we follow a detailed process to design a casing that can protect the sensors from harsh environmental conditions. Second, we install our nodes close to a set of cameras that were already deployed in the area. To compare the performance of both types of sensors, we propose a framework that considers the different coverage patterns of cameras and radars. Third, the time frame of our evaluation considers various types of weather, from sunny days to rainy and windy. Our results indicate that mmWave sensors need to be explored further outside the comfort zone of indoor spaces. To the best of our knowledge, this is the first long-term study assessing the reliability of radar sensors in the 60 GHz ISM band.