620 research outputs found
Algorithm Selection Framework for Cyber Attack Detection
The number of cyber threats against both wired and wireless computer systems
and other components of the Internet of Things continues to increase annually.
In this work, an algorithm selection framework is employed on the NSL-KDD data
set and a novel paradigm of machine learning taxonomy is presented. The
framework uses a combination of user input and meta-features to select the best
algorithm to detect cyber attacks on a network. Performance is compared between
a rule-of-thumb strategy and a meta-learning strategy. The framework removes
the conjecture of the common trial-and-error algorithm selection method. The
framework recommends five algorithms from the taxonomy. Both strategies
recommend a high-performing algorithm, though not the best performing. The work
demonstrates the close connectedness between algorithm selection and the
taxonomy for which it is premised.Comment: 6 pages, 7 figures, 1 table, accepted to WiseML '2
Improving lifecycle query in integrated toolchains using linked data and MQTT-based data warehousing
The development of increasingly complex IoT systems requires large
engineering environments. These environments generally consist of tools from
different vendors and are not necessarily integrated well with each other. In
order to automate various analyses, queries across resources from multiple
tools have to be executed in parallel to the engineering activities. In this
paper, we identify the necessary requirements on such a query capability and
evaluate different architectures according to these requirements. We propose an
improved lifecycle query architecture, which builds upon the existing Tracked
Resource Set (TRS) protocol, and complements it with the MQTT messaging
protocol in order to allow the data in the warehouse to be kept updated in
real-time. As part of the case study focusing on the development of an IoT
automated warehouse, this architecture was implemented for a toolchain
integrated using RESTful microservices and linked data.Comment: 12 pages, worksho
Lost and Found: Stopping Bluetooth Finders from Leaking Private Information
A Bluetooth finder is a small battery-powered device that can be attached to
important items such as bags, keychains, or bikes. The finder maintains a
Bluetooth connection with the user's phone, and the user is notified
immediately on connection loss. We provide the first comprehensive security and
privacy analysis of current commercial Bluetooth finders. Our analysis reveals
several significant security vulnerabilities in those products concerning
mobile applications and the corresponding backend services in the cloud. We
also show that all analyzed cloud-based products leak more private data than
required for their respective cloud services.
Overall, there is a big market for Bluetooth finders, but none of the
existing products is privacy-friendly. We close this gap by designing and
implementing PrivateFind, which ensures locations of the user are never leaked
to third parties. It is designed to run on similar hardware as existing
finders, allowing vendors to update their systems using PrivateFind.Comment: WiSec '2
ChirpOTLE: A Framework for Practical LoRaWAN Security Evaluation
Low-power wide-area networks (LPWANs) are becoming an integral part of the
Internet of Things. As a consequence, businesses, administration, and,
subsequently, society itself depend on the reliability and availability of
these communication networks. Released in 2015, LoRaWAN gained popularity and
attracted the focus of security research, revealing a number of
vulnerabilities. This lead to the revised LoRaWAN 1.1 specification in late
2017. Most of previous work focused on simulation and theoretical approaches.
Interoperability and the variety of implementations complicate the risk
assessment for a specific LoRaWAN network. In this paper, we address these
issues by introducing ChirpOTLE, a LoRa and LoRaWAN security evaluation
framework suitable for rapid iteration and testing of attacks in testbeds and
assessing the security of real-world networks.We demonstrate the potential of
our framework by verifying the applicability of a novel denial-of-service
attack targeting the adaptive data rate mechanism in a testbed using common
off-the-shelf hardware. Furthermore, we show the feasibility of the Class B
beacon spoofing attack, which has not been demonstrated in practice before.Comment: 11 pages, 14 figures, accepted at ACM WiSec 2020 (13th ACM Conference
on Security and Privacy in Wireless and Mobile Networks
GNSS Spoofing Detection via Opportunistic IRIDIUM Signals
In this paper, we study the privately-own IRIDIUM satellite constellation, to
provide a location service that is independent of the GNSS. In particular, we
apply our findings to propose a new GNSS spoofing detection solution,
exploiting unencrypted IRIDIUM Ring Alert (IRA) messages that are broadcast by
IRIDIUM satellites. We firstly reverse-engineer many parameters of the IRIDIUM
satellite constellation, such as the satellites speed, packet interarrival
times, maximum satellite coverage, satellite pass duration, and the satellite
beam constellation, to name a few. Later, we adopt the aforementioned
statistics to create a detailed model of the satellite network. Subsequently,
we propose a solution to detect unintended deviations of a target user from his
path, due to GNSS spoofing attacks. We show that our solution can be used
efficiently and effectively to verify the position estimated from standard GNSS
satellite constellation, and we provide constraints and parameters to fit
several application scenarios. All the results reported in this paper, while
showing the quality and viability of our proposal, are supported by real data.
In particular, we have collected and analyzed hundreds of thousands of IRA
messages, thanks to a measurement campaign lasting several days. All the
collected data ( hours) have been made available to the research
community. Our solution is particularly suitable for unattended scenarios such
as deserts, rural areas, or open seas, where standard spoofing detection
techniques resorting to crowd-sourcing cannot be used due to deployment
limitations. Moreover, contrary to competing solutions, our approach does not
resort to physical-layer information, dedicated hardware, or multiple receiving
stations, while exploiting only a single receiving antenna and
publicly-available IRIDIUM transmissions. Finally, novel research directions
are also highlighted.Comment: Accepted for the 13th Conference on Security and Privacy in Wireless
and Mobile Networks (WISEC), 202
Towards an Accountable Web of Personal Information: the Web-of-Receipts
Consent is a corner stone in any Privacy practice or public policy. Much beyond a simple "accept" button, we show in this paper that obtaining and demonstrating valid Consent can be a complex matter since it is a multifaceted problem. This is important for both Organisations and Users. As shown in recent cases, not only cannot an individual prove what they accepted at any point in time, but also organisations are struggling with proving such consent was obtained leading to inefficiencies and non-compliance. To a large extent, this problem has not obtained sufficient visibility and research effort. In this paper, we review the current state of Consent and tie it to a problem of Accountability. We argue for a different approach to how the Web of Personal Information operates: the need of an accountable Web in the form of Personal Data Receipts which are able to protect both individuals and organisation. We call this evolution the Web-of-Receipts: online actions, from registration to real-time usage, is preceded by valid consent and is auditable (for Users) and demonstrable (for Organisations) at any moment by using secure protocols and locally stored artefacts such as Receipts. The key contribution of this paper is to elaborate on this unique perspective, present proof-of-concept results and lay out a research agenda
Diffractive Interfaces: diffraction as an artistic research methodology
L'abundància de mètodes d'experimentació artística és una realitat que requereix metodologies alternatives per al seu estudi i la seva avaluació. Diffractive Interfícies és una proposta d'investigació que se centra en la relació art-pedagogia i possibilita una interacció dinàmica entre agències mitjançant l'experimentació amb diferents patrons i possibilitats relacionals facilitant la recerca d'altres formes de (re)presentació i gestualitats en el context de les interfícies culturals.Tant els processos de treball com els resultats de Diffractive Interfícies es caracteritzen per un procediment interdisciplinari d'apropiació i d'interacció entre recerca científica i investigació artística per mitjà de l'ús de la tecnologia, la biologia, la sociologia, la crítica, la música, l'art i la filosofia.La abundancia de métodos de experimentación artística es algo que requiere de metodologías alternativas para su estudio y su evaluación. «Diffractive Interfaces» es una propuesta de investigación que se centra en la relación arte-pedagogía y posibilita una interacción dinámica entre agencias mediante la experimentación con diferentes patrones y posibilidades relacionales facilitando la búsqueda de otras formas de (re)presentación y gestualidades en el contexto de las interfaces culturales.Tanto los procesos de trabajo como los resultados de «Diffractive Interfaces» se caracterizan por un procedimiento interdisciplinario de apropiación y de interacción entre investigación científica e investigación artística por medio del uso de la tecnología, la biología, la sociología, la crítica, la música, el arte y la filosofía.The abundance of methods of artistic experimentation is a reality that requires alternative methodologies for their study and evaluation. ‘Diffractive Interfaces’ is a research approach that focuses on the relationship between art and teaching, enabling dynamic interaction between agencies through experimentation through different relational patterns and possibilities, facilitating the search for other ways of (re)presentation and gestural movement within the context of cultural interfaces.Both the work processes and the results of ‘Diffractive Interfaces’ are characterized by an interdisciplinary procedure of appropriation and interaction between scientific and artistic research through the use of technology, biology, sociology, critique, music, art and philosophy
ivPair: context-based fast intra-vehicle device pairing for secure wireless connectivity
The emergence of advanced in-vehicle infotainment (IVI) systems, such as Apple CarPlay and Android Auto, calls for fast and intuitive device pairing mechanisms to discover newly introduced devices and make or break a secure, high-bandwidth wireless connection. Current pairing schemes are tedious and lengthy as they typically require users to go through pairing and verification procedures by manually entering a predetermined or randomly generated pin on both devices. This inconvenience usually results in prolonged usage of old pins, significantly degrading the security of network connections.
To address this challenge, we propose ivPair, a secure and usable device pairing protocol that extracts an identical pairing pin or fingerprint from vehicle\u27s vibration response caused by various factors such as driver\u27s driving pattern, vehicle type, and road conditions. Using ivPair, users can pair a mobile device equipped with an accelerometer with the vehicle\u27s IVI system or other mobile devices by simply holding it against the vehicle\u27s interior frame. Under realistic driving experiments with various types of vehicles and road conditions, we demonstrate that all passenger-owned devices can expect a high pairing success rate with a short pairing time, while effectively rejecting proximate adversaries attempting to pair with the target vehicle
- …