Detecting Impersonation Attacks in a Static WSN

The current state of security found in the IoT domain is highly flawed, a major problem being that the cryptographic keys used for authentication can be easily extracted and thus enable a myriad of impersonation attacks. In this MSc thesis a study is done of an authentication mechanism called device fingerprinting. It is a mechanism which can derive the identity of a device without relying on device identity credentials and thus detect credential-based impersonation attacks. A proof of concept has been produced to showcase how a fingerprinting system can be designed to function in a resource constrained IoT environment. A novel approach has been taken where several fingerprinting techniques have been combined through machine learning to improve the system’s ability to deduce the identity of a device. The proof of concept yields high performant results, indicating that fingerprinting techniques are a viable approach to achieve security in an IoT system

Device fingerprinting identification and authentication: A two-fold use in multi-factor access control schemes

Network security has always had an issue with secure authentication and identification. In the current mixed device network of today, the number of nodes on a network has expanded but these nodes are often unmanaged from a network security perspective. The solution proposed requires a paradigm shift, a recognition of what has already happened, identity is for sale across the internet. That identity is the users’ network ID, their behavior, and even their behavior in using the networks. Secondly a majority of the devices on the Internet have been fingerprinted. Use of device fingerprinting can help secure a network if properly understood and properly executed. The research into this area suggests a solution. Which is the use of device fingerprints including clock skews to identify the devices and a dual- authentication process targeted at authenticating the device and the user. Not only authenticating the identity presented but also combining them into a unified entity so failure to authenticate part of the entity means the whole is denied access to the network and its resources

Coexisting Parallelogram Method to Handle Jump Point on Hough Transform-based Clock Skew Measurement

In this paper, we improve the robustness of the Hough transform-based clock skew measurement on the occurrence of a jump point. The current Hough transform-based skew method uses angle (θ), thickness (ω), and region (β), to create a parallelogram that covers the densest part of an offset-set. However, the assumption that all offsets are considered to line up roughly in only one direction restricts the ability of the current method when handling an offset-set in which its densest part is located separately, the jump point condition. By acquiring the parallelogram from coexisting angle-region tuples at the beginning and the ending parts of the offset-set, we completed the ability of the Hough transform-based method to handle the jump point. When handling the jump point problem, the proposed coexisting parallelogram method could reach 0.35 ppm accuracy compared with tens ppm by the current methods

MediaSync: Handbook on Multimedia Synchronization

This book provides an approachable overview of the most recent advances in the fascinating field of media synchronization (mediasync), gathering contributions from the most representative and influential experts. Understanding the challenges of this field in the current multi-sensory, multi-device, and multi-protocol world is not an easy task. The book revisits the foundations of mediasync, including theoretical frameworks and models, highlights ongoing research efforts, like hybrid broadband broadcast (HBB) delivery and users' perception modeling (i.e., Quality of Experience or QoE), and paves the way for the future (e.g., towards the deployment of multi-sensory and ultra-realistic experiences). Although many advances around mediasync have been devised and deployed, this area of research is getting renewed attention to overcome remaining challenges in the next-generation (heterogeneous and ubiquitous) media ecosystem. Given the significant advances in this research area, its current relevance and the multiple disciplines it involves, the availability of a reference book on mediasync becomes necessary. This book fills the gap in this context. In particular, it addresses key aspects and reviews the most relevant contributions within the mediasync research space, from different perspectives. Mediasync: Handbook on Multimedia Synchronization is the perfect companion for scholars and practitioners that want to acquire strong knowledge about this research area, and also approach the challenges behind ensuring the best mediated experiences, by providing the adequate synchronization between the media elements that constitute these experiences

Complications for Computational Experiments from Modern Processors

In this paper, we revisit the approach to empirical experiments for combinatorial solvers. We provide a brief survey on tools that can help to make empirical work easier. We illustrate origins of uncertainty in modern hardware and show how strong the influence of certain aspects of modern hardware and its experimental setup can be in an actual experimental evaluation. More specifically, there can be situations where (i) two different researchers run a reasonable-looking experiment comparing the same solvers and come to different conclusions and (ii) one researcher runs the same experiment twice on the same hardware and reaches different conclusions based upon how the hardware is configured and used. We investigate these situations from a hardware perspective. Furthermore, we provide an overview on standard measures, detailed explanations on effects, potential errors, and biased suggestions for useful tools. Alongside the tools, we discuss their feasibility as experiments often run on clusters to which the experimentalist has only limited access. Our work sheds light on a number of benchmarking-related issues which could be considered to be folklore or even myths

Hardware and software fingerprinting of mobile devices

This dissertation presents novel and practical algorithms to identify the software and hardware components on mobile devices. In particular, we make significant contributions in two challenging areas: library fingerprinting, to identify third-party software libraries, and device fingerprinting, to identify individual hardware components. Our work has significant implications for the privacy and security of mobile platforms. Software-based library fingerprinting can be used to detect vulnerable libraries and uncover large-scale data collection activities. We develop a novel Android library finger-printing tool, LibID, to reliably identify specific versions of in-app third-party libraries. LibID is more effective against code obfuscation than prior art. When comparing LibID with other tools in identifying the correct library version using obfuscated F-Droid apps, LibID achieves an F1 score of more than 0.5 in all cases while prior work is below 0.25. We also demonstrate the utility of LibID by detecting the use of a vulnerable version of the OkHttp library in nearly 10% of the 3 958 popular apps on the Google Play Store. Hardware-based device fingerprinting allows apps and websites to invade user privacy by tracking user activity online as the user moves between apps or websites. In particular, we present a new type of device fingerprinting attack, the factory calibration fingerprinting attack, that recovers embedded per-device factory calibration data from motion sensors in a smartphone. We investigate the calibration behaviour of each sensor and show that the calibration fingerprint is fast to generate, does not change over time or after a factory reset, and can be obtained without any special user permissions. We estimate the entropy of the calibration fingerprint and find the fingerprint is very likely to be globally unique for iOS devices (~67 bits of entropy for iPhone 6S) and recent Google Pixel devices (~57 bits of entropy for Pixel 4/4 XL). By comparison, the fingerprint generated by previous work has at most 13 bits of entropy. Following our disclosures, Apple deployed a fix in iOS 12.2 and Google in Android 11. Both code obfuscation and factory calibration help to hide software and hardware idiosyncrasies from third-parties, but this dissertation demonstrates that reliable software and hardware fingerprints can still be generated given sufficient knowledge and a suitable approach. Our work has significant practical implications and can be used to improve platform security and protect user privacy.China Scholarship Council The Boeing Company Microsoft Researc

Cell Phone Ethnography: Mixed Methods and the Brand Consumer Relationship

Overall, the goal of this study is to identify and differentiate the various motivations and cultural influences that can be used to explain consumer behavior. In doing so, this study hopes to facilitate the development of new and innovative marketing strategies, providing a new research design for the ethnographer’s toolkit. More importantly, this model can give shape to new constructs and new variables for further empirical testing in the field through quantitative and qualitative methods. By blending the two approaches, using qualitative interpretive anthropological analysis by field study with quantitative sentiment analysis adapted from market researcher Jeffery Breen’s (2012) methodology, this paper seeks to accurately interpret the complex human element of what creates brand-loyalty and sentiment while uncovering factors that influence the biggest decision of all—the actual purchase

Avoin alustakehitys IEEE 802.15.4 -standardin mukaisessa langattomassa automaatiossa

This doctoral dissertation focuses on open source platform development in wireless automation under IEEE 802.15.4 standard. Research method is empirical. A platform based approach, which targets to the design of a generic open source sensor platform, was selected as a design method. The design targets were further focused by interviewing the experts from the academia and industry. Generic and modular sensor platform, the UWASA Node, was developed as an outcome of this process. Based on the implementation results, a wireless sensor and actuator network based on the UWASA Node was a feasible solution for many types of wireless automation applications. It was also possible to interface it with the other parts of the system. The targeted level of sensor platform genericity was achieved. However, it was also observed that the achieved level of genericity increased the software complexity. The development of commercial sensor platforms, which support IEEE 802.15.4 sensor networking, has narrowed down the role of open source sensor platforms, but they are not disappearing. Commercial software is usually closed and connected to a specified platform, which makes it unsuitable for research and development work. Even though there exits many commercial WSN solutions and the market expectations in this area are high, there is still a lot of work to do before the visions about Internet of Things (IoT) are fulfilled, especially in the context of distributed and locally centralized operations in the network. In terms of control engineering, one of the main research issues is to figure out how the well-known control techniques may be applied in wireless automation where WSN is part of the automation system. Open source platforms offer an important tool in this research and development work.Tämä väitöskirja käsittelee avointa alustakehitystä IEEE 802.15.4 -standardin mukaisessa langattomassa automaatiossa. Tutkimusmenetelmä on empiirinen. Työssä sovelletaan alustaperustaista suunnittelutapaa, joka tähtää yleiskäyttöisen avoimen anturialustan kehittämiseen. Suunnittelun tavoitteita tarkennettiin haastattelemalla alan asiantuntijoita teollisuudesta ja yliopistomaailmasta. Tuloksena suunniteltiin ja toteutettiin anturialusta, the UWASA Node. Implementointituloksista voidaan vetää johtopäätös, että anturialustan tavoiteltu yleiskäyttöisyystaso saavutettiin. Toisaalta saavutettu yleiskäyttöisyystaso lisäsi alustan ohjelmistoarkkitehtuurin monimutkaisuutta. Kaupallisten IEEE 802.15.4 -standardia tukevien anturialustojen tulo markkinoille vähentää avointen anturialustojen käyttöä, mutta ne eivät ole katoamassa. Kaupalliset ohjelmistot ovat tyypillisesti suljettuja ja sidoksissa tiettyyn alustaan, mikä tekee niistä sopimattomia tutkimus- ja tuotekehityskäyttöön. Vaikka nykyään on saatavilla useita kaupallisia langattomia anturi- ja toimilaiteverkkoja, vaaditaan vielä paljon työtä ennen kun kaikki esineiden Internetiin (Internet of Things) liittyvät visiot voidaan toteuttaa. Tämä koskee erityisesti langattomassa anturi- ja toimilaiteverkossa hajautetusti tai paikallisesti toteutettavia toimintoja. Säätötekniikan näkökulmasta keskeinen kysymys on, miten tunnettuja säätömenetelmiä tulee soveltaa langattomassa automaatiossa, jossa langaton anturi- ja toimilaiteverkko on osa automaatiojärjestelmää. Avoimet anturialustat ovat tärkeä työkalu sen selvittämisessä.fi=vertaisarvioitu|en=peerReviewed

Cross-Layer Pathfinding for Off-Chip Interconnects

Off-chip interconnects for integrated circuits (ICs) today induce a diverse design space, spanning many different applications that require transmission of data at various bandwidths, latencies and link lengths. Off-chip interconnect design solutions are also variously sensitive to system performance, power and cost metrics, while also having a strong impact on these metrics. The costs associated with off-chip interconnects include die area, package (PKG) and printed circuit board (PCB) area, technology and bill of materials (BOM). Choices made regarding off-chip interconnects are fundamental to product definition, architecture, design implementation and technology enablement. Given their cross-layer impact, it is imperative that a cross-layer approach be employed to architect and analyze off-chip interconnects up front, so that a top-down design flow can comprehend the cross-layer impacts and correctly assess the system performance, power and cost tradeoffs for off-chip interconnects. Chip architects are not exposed to all the tradeoffs at the physical and circuit implementation or technology layers, and often lack the tools to accurately assess off-chip interconnects. Furthermore, the collaterals needed for a detailed analysis are often lacking when the chip is architected; these include circuit design and layout, PKG and PCB layout, and physical floorplan and implementation. To address the need for a framework that enables architects to assess the system-level impact of off-chip interconnects, this thesis presents power-area-timing (PAT) models for off-chip interconnects, optimization and planning tools with the appropriate abstraction using these PAT models, and die/PKG/PCB co-design methods that help expose the off-chip interconnect cross-layer metrics to the die/PKG/PCB design flows. Together, these models, tools and methods enable cross-layer optimization that allows for a top-down definition and exploration of the design space and helps converge on the correct off-chip interconnect implementation and technology choice. The tools presented cover off-chip memory interfaces for mobile and server products, silicon photonic interfaces, 2.5D silicon interposers and 3D through-silicon vias (TSVs). The goal of the cross-layer framework is to assess the key metrics of the interconnect (such as timing, latency, active/idle/sleep power, and area/cost) at an appropriate level of abstraction by being able to do this across layers of the design flow. In additional to signal interconnect, this thesis also explores the need for such cross-layer pathfinding for power distribution networks (PDN), where the system-on-chip (SoC) floorplan and pinmap must be optimized before the collateral layouts for PDN analysis are ready. Altogether, the developed cross-layer pathfinding methodology for off-chip interconnects enables more rapid and thorough exploration of a vast design space of off-chip parallel and serial links, inter-die and inter-chiplet links and silicon photonics. Such exploration will pave the way for off-chip interconnect technology enablement that is optimized for system needs. The basis of the framework can be extended to cover other interconnect technology as well, since it fundamentally relates to system-level metrics that are common to all off-chip interconnects