The THREAT-ARREST Cyber-Security Training Platform

Cyber security is always a main concern for critical infrastructures and nation-wide safety and sustainability. Thus, advanced cyber ranges and security training is becoming imperative for the involved organizations. This paper presets a cyber security training platform, called THREAT-ARREST. The various platform modules can analyze an organization’s system, identify the most critical threats, and tailor a training program to its personnel needs. Then, different training programmes are created based on the trainee types (i.e. administrator, simple operator, etc.), providing several teaching procedures and accomplishing diverse learning goals. One of the main novelties of THREAT-ARREST is the modelling of these programmes along with the runtime monitoring, management, and evaluation operations. The platform is generic. Nevertheless, its applicability in a smart energy case study is detailed

Poseidon: Mitigating Interest Flooding DDoS Attacks in Named Data Networking

Content-Centric Networking (CCN) is an emerging networking paradigm being considered as a possible replacement for the current IP-based host-centric Internet infrastructure. In CCN, named content becomes a first-class entity. CCN focuses on content distribution, which dominates current Internet traffic and is arguably not well served by IP. Named-Data Networking (NDN) is an example of CCN. NDN is also an active research project under the NSF Future Internet Architectures (FIA) program. FIA emphasizes security and privacy from the outset and by design. To be a viable Internet architecture, NDN must be resilient against current and emerging threats. This paper focuses on distributed denial-of-service (DDoS) attacks; in particular we address interest flooding, an attack that exploits key architectural features of NDN. We show that an adversary with limited resources can implement such attack, having a significant impact on network performance. We then introduce Poseidon: a framework for detecting and mitigating interest flooding attacks. Finally, we report on results of extensive simulations assessing proposed countermeasure.Comment: The IEEE Conference on Local Computer Networks (LCN 2013

Context-based Pseudonym Changing Scheme for Vehicular Adhoc Networks

Vehicular adhoc networks allow vehicles to share their information for safety and traffic efficiency. However, sharing information may threaten the driver privacy because it includes spatiotemporal information and is broadcast publicly and periodically. In this paper, we propose a context-adaptive pseudonym changing scheme which lets a vehicle decide autonomously when to change its pseudonym and how long it should remain silent to ensure unlinkability. This scheme adapts dynamically based on the density of the surrounding traffic and the user privacy preferences. We employ a multi-target tracking algorithm to measure privacy in terms of traceability in realistic vehicle traces. We use Monte Carlo analysis to estimate the quality of service (QoS) of a forward collision warning application when vehicles apply this scheme. According to the experimental results, the proposed scheme provides a better compromise between traceability and QoS than a random silent period scheme.Comment: Extended version of a previous paper "K. Emara, W. Woerndl, and J. Schlichter, "Poster: Context-Adaptive User-Centric Privacy Scheme for VANET," in Proceedings of the 11th EAI International Conference on Security and Privacy in Communication Networks, SecureComm'15. Dallas, TX, USA: Springer, June 2015.

Intrusion Detection System for Platooning Connected Autonomous Vehicles

The deployment of Connected Autonomous Vehicles (CAVs) in Vehicular Ad Hoc Networks (VANETs) requires secure wireless communication in order to ensure reliable connectivity and safety. However, this wireless communication is vulnerable to a variety of cyber atacks such as spoofing or jamming attacks. In this paper, we describe an Intrusion Detection System (IDS) based on Machine Learning (ML) techniques designed to detect both spoofing and jamming attacks in a CAV environment. The IDS would reduce the risk of traffic disruption and accident caused as a result of cyber-attacks. The detection engine of the presented IDS is based on the ML algorithms Random Forest (RF), k-Nearest Neighbour (k-NN) and One-Class Support Vector Machine (OCSVM), as well as data fusion techniques in a cross-layer approach. To the best of the authors’ knowledge, the proposed IDS is the first in literature that uses a cross-layer approach to detect both spoofing and jamming attacks against the communication of connected vehicles platooning. The evaluation results of the implemented IDS present a high accuracy of over 90% using training datasets containing both known and unknown attacks

Acoustic Integrity Codes: Secure Device Pairing Using Short-Range Acoustic Communication

Secure Device Pairing (SDP) relies on an out-of-band channel to authenticate devices. This requires a common hardware interface, which limits the use of existing SDP systems. We propose to use short-range acoustic communication for the initial pairing. Audio hardware is commonly available on existing off-the-shelf devices and can be accessed from user space without requiring firmware or hardware modifications. We improve upon previous approaches by designing Acoustic Integrity Codes (AICs): a modulation scheme that provides message authentication on the acoustic physical layer. We analyze their security and demonstrate that we can defend against signal cancellation attacks by designing signals with low autocorrelation. Our system can detect overshadowing attacks using a ternary decision function with a threshold. In our evaluation of this SDP scheme's security and robustness, we achieve a bit error ratio below 0.1% for a net bit rate of 100 bps with a signal-to-noise ratio (SNR) of 14 dB. Using our open-source proof-of-concept implementation on Android smartphones, we demonstrate pairing between different smartphone models.Comment: 11 pages, 11 figures. Published at ACM WiSec 2020 (13th ACM Conference on Security and Privacy in Wireless and Mobile Networks). Updated reference