LS-AODV: A ROUTING PROTOCOL BASED ON LIGHTWEIGHT CRYPTOGRAPHIC TECHNIQUES FOR A FANET OF NANO DRONES

With the battlespace rapidly shifting to the cyber domain, it is vital to have secure, robust routing protocols for unmanned systems. Furthermore, the development of nano drones is gaining traction, providing new covert capabilities for operators at sea or on land. Deploying a flying ad hoc network (FANET) of nano drones on the battlefield comes with specific performance and security issues. This thesis provides a novel approach to address the performance and security concerns faced by FANET routing protocols, and, in our case, is specifically tailored to improve the Ad Hoc On-Demand Distance Vector (AODV) routing protocol. The proposed routing protocol, Lightweight Secure Ad Hoc On-Demand Distance Vector (LS-AODV), uses a lightweight stream cipher, Trivium, to encrypt routing control packets, providing confidentiality. The scheme also uses Chaskey-12-based message authentication codes (MACs) to guarantee the authenticity and integrity of control packets. We use a network simulator, NS-3, to compare LS-AODV against two benchmark routing protocols, AODV and the Optimized Link State Routing (OLSR) protocol, in order to gauge network performance and security benefits. The simulation results indicate that when the FANET is not under attack from black-hole nodes, LS-AODV generally outperforms OLSR but performs slightly worse than AODV. On the other hand, LS-AODV emerges as the protocol of choice when a FANET is subject to a black-hole attack.ONROutstanding ThesisLieutenant, United States NavyApproved for public release. Distribution is unlimited

Efficient Non-Linear Covert Channel Detection in TCP Data Streams

Cyber-attacks are causing losses amounted to billions of dollars every year due to data breaches and vulnerabilities. The existing tools for data leakage prevention and detection are often bypassed by using various different types of sophisticated techniques such as network steganography for stealing the data. This is due to several weaknesses which can be exploited by a threat actor in existing detection systems. The weaknesses are high time and memory training complexities as well as large training datasets. These challenges become worse when the amount of generated data increases in every second in many realms. In addition, the number of false positives is high which makes them inaccurate. Finally, there is a lack of a framework catering for the needs such as raising alerts as well as data monitoring and updating/adapting of a threshold value used for checking the data packets for covert data. In order to overcome these weaknesses, this paper proposes a novel framework that includes elements such as continuous data monitoring, threshold maintenance, and alert notification. This paper also proposes a model based on statistical measures to detect covert data leakages, especially for non-linear chaotic data. The main advantage of the proposed model is its capability to provide results with tolerance/threshold values much more efficiently. Our experiments indicate that the proposed framework has low false positives and outperforms various existing techniques in terms of accuracy and efficiency

A review of cyber threats and defence approaches in emergency management

Emergency planners, first responders and relief workers increasingly rely on computational and communication systems that support all aspects of emergency management, from mitigation and preparedness to response and recovery. Failure of these systems, whether accidental or because of malicious action, can have severe implications for emergency management. Accidental failures have been extensively documented in the past and significant effort has been put into the development and introduction of more resilient technologies. At the same time researchers have been raising concerns about the potential of cyber attacks to cause physical disasters or to maximise the impact of one by intentionally impeding the work of the emergency services. Here, we provide a review of current research on the cyber threats to communication, sensing, information management and vehicular technologies used in emergency management. We emphasise on open issues for research, which are the cyber threats that have the potential to affect emergency management severely and for which solutions have not yet been proposed in the literature

SInCom 2015

2nd Baden-Württemberg Center of Applied Research Symposium on Information and Communication Systems, SInCom 2015, 13. November 2015 in Konstan

A comprehensive survey of V2X cybersecurity mechanisms and future research paths

Recent advancements in vehicle-to-everything (V2X) communication have notably improved existing transport systems by enabling increased connectivity and driving autonomy levels. The remarkable benefits of V2X connectivity come inadvertently with challenges which involve security vulnerabilities and breaches. Addressing security concerns is essential for seamless and safe operation of mission-critical V2X use cases. This paper surveys current literature on V2X security and provides a systematic and comprehensive review of the most relevant security enhancements to date. An in-depth classification of V2X attacks is first performed according to key security and privacy requirements. Our methodology resumes with a taxonomy of security mechanisms based on their proactive/reactive defensive approach, which helps identify strengths and limitations of state-of-the-art countermeasures for V2X attacks. In addition, this paper delves into the potential of emerging security approaches leveraging artificial intelligence tools to meet security objectives. Promising data-driven solutions tailored to tackle security, privacy and trust issues are thoroughly discussed along with new threat vectors introduced inevitably by these enablers. The lessons learned from the detailed review of existing works are also compiled and highlighted. We conclude this survey with a structured synthesis of open challenges and future research directions to foster contributions in this prominent field.This work is supported by the H2020-INSPIRE-5Gplus project (under Grant agreement No. 871808), the ”Ministerio de Asuntos Económicos y Transformacion Digital” and the European Union-NextGenerationEU in the frameworks of the ”Plan de Recuperación, Transformación y Resiliencia” and of the ”Mecanismo de Recuperación y Resiliencia” under references TSI-063000-2021-39/40/41, and the CHIST-ERA-17-BDSI-003 FIREMAN project funded by the Spanish National Foundation (Grant PCI2019-103780).Peer ReviewedPostprint (published version

Infrastructure-less D2D Communications through Opportunistic Networks

Mención Internacional en el título de doctorIn recent years, we have experienced several social media blackouts, which have shown how much our daily experiences depend on high-quality communication services. Blackouts have occurred because of technical problems, natural disasters, hacker attacks or even due to deliberate censorship actions undertaken by governments. In all cases, the spontaneous reaction of people consisted in finding alternative channels and media so as to reach out to their contacts and partake their experiences. Thus, it has clearly emerged that infrastructured networks—and cellular networks in particular—are well engineered and have been extremely successful so far, although other paradigms should be explored to connect people. The most promising of today’s alternative paradigms is Device-to-Device (D2D) because it allows for building networks almost freely, and because 5G standards are (for the first time) seriously addressing the possibility of using D2D communications. In this dissertation I look at opportunistic D2D networking, possibly operating in an infrastructure-less environment, and I investigate several schemes through modeling and simulation, deriving metrics that characterize their performance. In particular, I consider variations of the Floating Content (FC) paradigm, that was previously proposed in the technical literature. Using FC, it is possible to probabilistically store information over a given restricted local area of interest, by opportunistically spreading it to mobile users while in the area. In more detail, a piece of information which is injected in the area by delivering it to one or more of the mobile users, is opportunistically exchanged among mobile users whenever they come in proximity of one another, progressively reaching most (ideally all) users in the area and thus making the information dwell in the area of interest, like in a sort of distributed storage. While previous works on FC almost exclusively concentrated on the communication component, in this dissertation I look at the storage and computing components of FC, as well as its capability of transferring information from one area of interest to another. I first present background work, including a brief review of my Master Thesis activity, devoted to the design, implementation and validation of a smartphone opportunistic information sharing application. The goal of the app was to collect experimental data that permitted a detailed analysis of the occurring events, and a careful assessment of the performance of opportunistic information sharing services. Through experiments, I showed that many key assumptions commonly adopted in analytical and simulation works do not hold with current technologies. I also showed that the high density of devices and the enforcement of long transmission ranges for links at the edge might counter-intuitively impair performance. The insight obtained during my Master Thesis work was extremely useful to devise smart operating procedures for the opportunistic D2D communications considered in this dissertation. In the core of this dissertation, initially I propose and study a set of schemes to explore and combine different information dissemination paradigms along with real users mobility and predictions focused on the smart diffusion of content over disjoint areas of interest. To analyze the viability of such schemes, I have implemented a Python simulator to evaluate the average availability and lifetime of a piece of information, as well as storage usage and network utilization metrics. Comparing the performance of these predictive schemes with state-of-the-art approaches, results demonstrate the need for smart usage of communication opportunities and storage. The proposed algorithms allow for an important reduction in network activity by decreasing the number of data exchanges by up to 92%, requiring the use of up to 50% less of on-device storage, while guaranteeing the dissemination of information with performance similar to legacy epidemic dissemination protocols. In a second step, I have worked on the analysis of the storage capacity of probabilistic distributed storage systems, developing a simple yet powerful information theoretical analysis based on a mean field model of opportunistic information exchange. I have also extended the previous simulator to compare the numerical results generated by the analytical model to the predictions of realistic simulations under different setups, showing in this way the accuracy of the analytical approach, and characterizing the properties of the system storage capacity. I conclude from analysis and simulated results that when the density of contents seeded in a floating system is larger than the maximum amount which can be sustained by the system in steady state, the mean content availability decreases, and the stored information saturates due to the effects of resource contention. With the presence of static nodes, in a system with infinite host memory and at the mean field limit, there is no upper bound to the amount of injected contents which a floating system can sustain. However, as with no static nodes, by increasing the injected information, the amount of stored information eventually reaches a saturation value which corresponds to the injected information at which the mean amount of time spent exchanging content during a contact is equal to the mean duration of a contact. As a final step of my dissertation, I have also explored by simulation the computing and learning capabilities of an infrastructure-less opportunistic communication, storage and computing system, considering an environment that hosts a distributed Machine Learning (ML) paradigm that uses observations collected in the area over which the FC system operates to infer properties of the area. Results show that the ML system can operate in two regimes, depending on the load of the FC scheme. At low FC load, the ML system in each node operates on observations collected by all users and opportunistically shared among nodes. At high FC load, especially when the data to be opportunistically exchanged becomes too large to be transmitted during the average contact time between nodes, the ML system can only exploit the observations endogenous to each user, which are much less numerous. As a result, I conclude that such setups are adequate to support general instances of distributed ML algorithms with continuous learning, only under the condition of low to medium loads of the FC system. While the load of the FC system induces a sort of phase transition on the ML system performance, the effect of computing load is more progressive. When the computing capacity is not sufficient to train all observations, some will be skipped, and performance progressively declines. In summary, with respect to traditional studies of the FC opportunistic information diffusion paradigm, which only look at the communication component over one area of interest, I have considered three types of extensions by looking at the performance of FC: over several disjoint areas of interest; in terms of information storage capacity; in terms of computing capacity that supports distributed learning. The three topics are treated respectively in Chapters 3 to 5.This work has been supported by IMDEA Networks InstitutePrograma de Doctorado en Ingeniería Telemática por la Universidad Carlos III de MadridPresidente: Claudio Ettori Casetti.- Secretario: Antonio de la Oliva Delgado.- Vocal: Christoph Somme

Improvements on the enforcement process based on intelligent transportation techniques: model and mechanisms for electronic reporting, offence notification and evidence generation

Enforcement activities in the road traffi c context have shown to be one of the key factors for reducing fatalities. However, despite their evolution (both in their underlying legislation and their technical means), there are several aspects that may be subject to improvement. Three of them are on the focus of this thesis. First, victims of offenders are usually not able to report them, as there are not enough data to support their claims. Second, there is a significant delay between the offence and its notification, which negatively affects to its educational purpose. Third, the offender does not have the practical chance to defend herself (i.e. claim her innocence or, at least, that it was a less serious offence) as there are no suitable attesting elements. In order to contribute on these issues, recent advances on data processing, communication and sensing capabilities of vehicles conform an interesting technological context. These new capabilities are the basis over which a new family of services, called Intelligent Transportation Systems (ITS) are being developed. Despite the new opportunities provided by ITSs, it does not exist an adequate framework to guide the introduction of these new techniques in the surveillance of the adherence to the road traffi c rules. Thus, there is a lack of a clear view on how these techniques may help on the aforementioned problems. The general goal of this thesis is to provide the technical basis for the realization of an ITS-enhanced electronic road traffi c administrative enforcement process. Particularly, four contributions are developed in this thesis. First, an enforcement process model is proposed, based on the results of the European VERA2 project. The model describes the entities, the stakeholders, the data at stake and the underlying security considerations. It conforms the aforementioned framework that enables identifying where to introduce the required ITS enhancements. Based on the previous model, the remaining contributions focus on the development of specific mechanisms where the enforcement actors (the offender, the offence witnesses, the victims and the Authority) participate actively through ITS-related technologies. Thus, the second contribution is a mechanism that enables victims to report their offenders. In order to prevent this action to be noticeable by the reported driver, the report information is embedded into innocuous-looking messages by means of steganography. As the educational purpose of the punishment grows with its immediacy, the third contribution is a protocol to send an offence notification to the offending vehicle. Thanks to the human-machine interface of the vehicle, the offender is able to realize about the fine even during the same trip in which the offence was committed. Finally, in order to ensure that the driver has adequate means to defend herself against unfair punishments, a protocol to create evidences on its recent driving behavior has been proposed. Such evidences are based on the sensorial perceptions by surrounding vehicles, which are contacted using ITS communication technologies. At the light of these contributions, this thesis opens the door to upcoming developments that may end into a fully automated enforcement process. ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------Uno de los factores m as críticos para la reducción de la siniestralidad en las carreteras es la vigilancia del cumplimiento de las normas de circulación. A pesar de la evolución de los procedimientos y técnicas para efectuar dicha vigilancia (tanto en el ámbito normativo como en el técnico), existen algunos factores que son susceptibles de mejora. Tres de ellos constituyen el foco principal de esta tesis. En primer lugar, las víctimas de los infractores no disponen de medios prácticos para denunciarles, pues habitualmente no existen datos que permitan acreditar la descripción de los hechos manifestada. En segundo lugar, existe un intervalo significativo de tiempo entre la comisión de la infracción y la recepción de la notificación de la correspondiente denuncia, lo que afecta negativamente a la capacidad educativa de las sanciones. En tercer lugar, el supuesto infractor no dispone de medios prácticos para defenderse, pues habitualmente no se cuenta con elementos que soporten su argumento. Con el fin de contribuir a estas cuestiones, los avances recientes en materia de procesamiento de información, transmisión de información y percepción sensorial en los vehículos constituyen un contexto tecnológico interesante. Estas nuevas capacidades son la base sobre la que se construyen los Sistemas Inteligentes de Transporte (habitualmente referidos mediante sus siglas en ingl es, ITS). A pesar del desarrollo constante de dichos sistemas, no existe un marco adecuado para la utilización de dichas capacidades en el ámbito de la vigilancia del cumplimiento de las normas de circulación. Así, se detecta una carencia de una visión clara de cómo estas nuevas técnicas pueden contribuir a resolver los aspectos problemáticos identificados anteriormente. El objetivo general de esta tesis es proporcionar la base técnica para el desarrollo de un procedimiento administrativo sancionador en el ámbito del tr áfico que aproveche las oportunidades que plantean los ITS. En particular, en esta tesis se desarrollan cuatro contribuciones. En primer lugar, se propone un modelo de procedimiento administrativo sancionador, extendiendo los resultados del proyecto de investigación europeo VERA2. Este modelo describe las entidades participantes, los interesados, la información en juego y las consideraciones de seguridad subyacentes. Este modelo constituye el antedicho marco y permite identificar la forma de introducir las tecnologías ITS en dicho proceso. Basándose en este modelo, las contribuciones restantes se centran en el desarrollo de mecanismos espec íficos en los que los actores del proceso (el infractor, los testigos, las víctimas y la Autoridad) participan activamente empleando tecnologías relacionadas con los ITS. Así, la segunda contribuci ó es un mecanismo que permite a las víctimas denunciar a los infractores. Con el objetivo de impedir que dicha denuncia sea conocida por el infractor, el mensaje es introducido mediante técnicas esteganográficas en otro mensaje aparentemente inofensivo. La tercera contribución es el envío de la notificaci on de forma directa al vehí culo infractor, lo cual pretende incrementar la inmediatez del proceso (ya que se le puede presentar al infractor durante la conducción) y, con ello, su eficacia educativa. Finalmente, para promover que el conductor disponga de los medios adecuados para defenderse de sanciones supuestamente injustas, se propone un protocolo para la creaci on de evidencias que describan su comportamiento reciente en lo que respecta a la conducción. Dichas evidencias se basan en las percepciones sensoriales de los vehículos cercanos, los cuales son contactados empleando tecnologías de comunicaci on relacionadas con los ITS. A la vista de estas contribuciones, esta tesis abre la puerta al futuro desarrollo de un proceso sancionador completamente automatizado