2,328 research outputs found
xLED: Covert Data Exfiltration from Air-Gapped Networks via Router LEDs
In this paper we show how attackers can covertly leak data (e.g., encryption
keys, passwords and files) from highly secure or air-gapped networks via the
row of status LEDs that exists in networking equipment such as LAN switches and
routers. Although it is known that some network equipment emanates optical
signals correlated with the information being processed by the device
('side-channel'), intentionally controlling the status LEDs to carry any type
of data ('covert-channel') has never studied before. A malicious code is
executed on the LAN switch or router, allowing full control of the status LEDs.
Sensitive data can be encoded and modulated over the blinking of the LEDs. The
generated signals can then be recorded by various types of remote cameras and
optical sensors. We provide the technical background on the internal
architecture of switches and routers (at both the hardware and software level)
which enables this type of attack. We also present amplitude and frequency
based modulation and encoding schemas, along with a simple transmission
protocol. We implement a prototype of an exfiltration malware and discuss its
design and implementation. We evaluate this method with a few routers and
different types of LEDs. In addition, we tested various receivers including
remote cameras, security cameras, smartphone cameras, and optical sensors, and
also discuss different detection and prevention countermeasures. Our experiment
shows that sensitive data can be covertly leaked via the status LEDs of
switches and routers at a bit rates of 10 bit/sec to more than 1Kbit/sec per
LED
Limiting DNS covert channels and network validated DNS
Despite the variety and number of network security devices and policies available, sensitive data, such as intellectual property and business data, can still be surreptitiously sent via the Internet to unscrupulous receivers. Furthermore, few security mechanisms address securing or limiting covert channels. This study defines a framework for determining a rule set to minimize covert channel capacity on the DNS protocol specifically. The information and techniques used in this study may be useful in aiding security professionals and developers with enforcing security policies on DNS and other Internet protocols.;This research resulted in the development of a rudimentary tool, referred to as NV-DNS, capable of detecting and effectively limiting the capability of covert channels in DNS communication packets
Recommended from our members
Secure digital documents using Steganography and QR Code
This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University LondonWith the increasing use of the Internet several problems have arisen regarding the processing of electronic documents. These include content filtering, content retrieval/search. Moreover, document security has taken a centre stage including copyright protection, broadcast monitoring etc. There is an acute need of an effective tool which can find the identity, location and the time when the document was created so that it can be determined whether or not the contents of the document were tampered with after creation. Owing the sensitivity of the large amounts of data which is processed on a daily basis, verifying the authenticity and integrity of a document is more important now than it ever was. Unsurprisingly document authenticity verification has become the centre of attention in the world of research. Consequently, this research is concerned with creating a tool which deals with the above problem. This research proposes the use of a Quick Response Code as a message carrier for Text Key-print. The Text Key-print is a novel method which employs the basic element of the language (i.e. Characters of the alphabet) in order to achieve authenticity of electronic documents through the transformation of its physical structure into a logical structured relationship. The resultant dimensional matrix is then converted into a binary stream and encapsulated with a serial number or URL inside a Quick response Code (QR code) to form a digital fingerprint mark. For hiding a QR code, two image steganography techniques were developed based upon the spatial and the transform domains. In the spatial domain, three methods were proposed and implemented based on the least significant bit insertion technique and the use of pseudorandom number generator to scatter the message into a set of arbitrary pixels. These methods utilise the three colour channels in the images based on the RGB model based in order to embed one, two or three bits per the eight bit channel which results in three different hiding capacities. The second technique is an adaptive approach in transforming domain where a threshold value is calculated under a predefined location for embedding in order to identify the embedding strength of the embedding technique. The quality of the generated stego images was evaluated using both objective (PSNR) and Subjective (DSCQS) methods to ensure the reliability of our proposed methods. The experimental results revealed that PSNR is not a strong indicator of the perceived stego image quality, but not a bad interpreter also of the actual quality of stego images. Since the visual difference between the cover and the stego image must be absolutely imperceptible to the human visual system, it was logically convenient to ask human observers with different qualifications and experience in the field of image processing to evaluate the perceived quality of the cover and the stego image. Thus, the subjective responses were analysed using statistical measurements to describe the distribution of the scores given by the assessors. Thus, the proposed scheme presents an alternative approach to protect digital documents rather than the traditional techniques of digital signature and watermarking
Smart Street Lights and Mobile Citizen Apps for Resilient Communication in a Digital City
Currently, nearly four billion people live in urban areas. Since this trend
is increasing, natural disasters or terrorist attacks in such areas affect an
increasing number of people. While information and communication technology is
crucial for the operation of urban infrastructures and the well-being of its
inhabitants, current technology is quite vulnerable to disruptions of various
kinds. In future smart cities, a more resilient urban infrastructure is
imperative to handle the increasing number of hazardous situations. We present
a novel resilient communication approach based on smart street lights as part
of the public infrastructure. It supports people in their everyday life and
adapts its functionality to the challenges of emergency situations. Our
approach relies on various environmental sensors and in-situ processing for
automatic situation assessment, and a range of communication mechanisms (e.g.,
public WiFi hotspot functionality and mesh networking) for maintaining a
communication network. Furthermore, resilience is not only achieved based on
infrastructure deployed by a digital city's municipality, but also based on
integrating citizens through software that runs on their mobile devices (e.g.,
smartphones and tablets). Web-based zero-installation and platform-agnostic
apps can switch to device-to-device communication to continue benefiting people
even during a disaster situation. Our approach, featuring a covert channel for
professional responders and the zero-installation app, is evaluated through a
prototype implementation based on a commercially available street light.Comment: 2019 IEEE Global Humanitarian Technology Conference (GHTC
Using Deception to Enhance Security: A Taxonomy, Model, and Novel Uses
As the convergence between our physical and digital worlds continue at a rapid pace, securing our digital information is vital to our prosperity. Most current typical computer systems are unwittingly helpful to attackers through their predictable responses. In everyday security, deception plays a prominent role in our lives and digital security is no different. The use of deception has been a cornerstone technique in many successful computer breaches. Phishing, social engineering, and drive-by-downloads are some prime examples. The work in this dissertation is structured to enhance the security of computer systems by using means of deception and deceit
Anti-Counterfeiting Warnings: Do they Influence Consumer Behavior and Perception of Overt Indicators?
This study examined if overt anti-counterfeiting indicators on product packages and warning labels added to the product, informing that the product might be a counterfeit, influenced participants to spend more time examining the product package for genuineness. The overt indicators used were a QR code, and a holographic security tag that were added to packages as a sticker. There was little research regarding what consumers were looking for when examining a product package to determine if the product was genuine or counterfeit. Arguments for both involving the consumers in the counterfeit identification process, and not involving the consumers in this process were found in previous literature. In this study, the participants wore a set of eye tracking glasses and were given 13 different products to examine, some with no added indicators, some with added QR code indicator, and some with holographic security tag added indicator. Half of the subjects saw the added warning label sticker, and the other half saw the same products with no added warning label. After the participants finished viewing each of the products, they filled out a survey that asked them if they thought the product was genuine or counterfeit, how likely they would be to purchase the product, how much they trusted that the product, and what it was about the product that made them rate it this way. The total amount of time that the participants spent examining the product package, as well as the total amount of time the participants spent examining the added overt anti-counterfeiting indicators on the product package were measured as well. The results revealed that the warning label did have an overall effect on the total amount of time that the participants spent examining the product package, and there was no difference on total time between the two types of indicators. Participants did not pay more attention to one indicator over the other. Further research will be needed to examine true counterfeit products when compared to genuine products, after the addition of the warning labels and the overt anti-counterfeiting indicators to the product package
Black-hearted Sellers in the Skincare Industry: Their Activities and Prevention Strategies
While online purchases have increased substantially since the pandemic, the cases of âblack-heartedâ sellers taking advantage of their buyers using unethical activities or marketing tactics are increasing as well, especially in the skincare industry. If this continues, it will subsequently result in the online platform to become âuntrustableâ among the skincare buyers. Hence, this paper aims to examine the activities of black-hearted sellers and suggest solutions that could prevent them from conducting their businesses. Using semi-structured interviews conducted with 20 experienced official skin care sellers, this paper found that the activities generated by the black-hearted sellers are counterfeiting, parallel imports, misleading information, reselling without authorisation, and identity theft. Also, several strategies that can prevent these activities are quality strategy, adjusting price strategies, technology strategies, enforcement strategies, supply chain structure, and marketing communication strategies
- âŠ