2,175 research outputs found
A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends
This paper examines the security vulnerabilities and threats imposed by the
inherent open nature of wireless communications and to devise efficient defense
mechanisms for improving the wireless network security. We first summarize the
security requirements of wireless networks, including their authenticity,
confidentiality, integrity and availability issues. Next, a comprehensive
overview of security attacks encountered in wireless networks is presented in
view of the network protocol architecture, where the potential security threats
are discussed at each protocol layer. We also provide a survey of the existing
security protocols and algorithms that are adopted in the existing wireless
network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term
evolution (LTE) systems. Then, we discuss the state-of-the-art in
physical-layer security, which is an emerging technique of securing the open
communications environment against eavesdropping attacks at the physical layer.
We also introduce the family of various jamming attacks and their
counter-measures, including the constant jammer, intermittent jammer, reactive
jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the
integration of physical-layer security into existing authentication and
cryptography mechanisms for further securing wireless networks. Finally, some
technical challenges which remain unresolved at the time of writing are
summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201
Acoustic Integrity Codes: Secure Device Pairing Using Short-Range Acoustic Communication
Secure Device Pairing (SDP) relies on an out-of-band channel to authenticate
devices. This requires a common hardware interface, which limits the use of
existing SDP systems. We propose to use short-range acoustic communication for
the initial pairing. Audio hardware is commonly available on existing
off-the-shelf devices and can be accessed from user space without requiring
firmware or hardware modifications. We improve upon previous approaches by
designing Acoustic Integrity Codes (AICs): a modulation scheme that provides
message authentication on the acoustic physical layer. We analyze their
security and demonstrate that we can defend against signal cancellation attacks
by designing signals with low autocorrelation. Our system can detect
overshadowing attacks using a ternary decision function with a threshold. In
our evaluation of this SDP scheme's security and robustness, we achieve a bit
error ratio below 0.1% for a net bit rate of 100 bps with a signal-to-noise
ratio (SNR) of 14 dB. Using our open-source proof-of-concept implementation on
Android smartphones, we demonstrate pairing between different smartphone
models.Comment: 11 pages, 11 figures. Published at ACM WiSec 2020 (13th ACM
Conference on Security and Privacy in Wireless and Mobile Networks). Updated
reference
Game Theory Meets Network Security: A Tutorial at ACM CCS
The increasingly pervasive connectivity of today's information systems brings
up new challenges to security. Traditional security has accomplished a long way
toward protecting well-defined goals such as confidentiality, integrity,
availability, and authenticity. However, with the growing sophistication of the
attacks and the complexity of the system, the protection using traditional
methods could be cost-prohibitive. A new perspective and a new theoretical
foundation are needed to understand security from a strategic and
decision-making perspective. Game theory provides a natural framework to
capture the adversarial and defensive interactions between an attacker and a
defender. It provides a quantitative assessment of security, prediction of
security outcomes, and a mechanism design tool that can enable
security-by-design and reverse the attacker's advantage. This tutorial provides
an overview of diverse methodologies from game theory that includes games of
incomplete information, dynamic games, mechanism design theory to offer a
modern theoretic underpinning of a science of cybersecurity. The tutorial will
also discuss open problems and research challenges that the CCS community can
address and contribute with an objective to build a multidisciplinary bridge
between cybersecurity, economics, game and decision theory
A review of cyber threats and defence approaches in emergency management
Emergency planners, first responders and relief workers increasingly rely on computational and communication systems that support all aspects of emergency management, from mitigation and preparedness to response and recovery. Failure of these systems, whether accidental or because of malicious action, can have severe implications for emergency management. Accidental failures have been extensively documented in the past and significant effort has been put into the development and introduction of more resilient technologies. At the same time researchers have been raising concerns about the potential of cyber attacks to cause physical disasters or to maximise the impact of one by intentionally impeding the work of the emergency services. Here, we provide a review of current research on the cyber threats to communication, sensing, information management and vehicular technologies used in emergency management. We emphasise on open issues for research, which are the cyber threats that have the potential to affect emergency management severely and for which solutions have not yet been proposed in the literature
BAN-GZKP: Optimal Zero Knowledge Proof based Scheme for Wireless Body Area Networks
BANZKP is the best to date Zero Knowledge Proof (ZKP) based secure
lightweight and energy efficient authentication scheme designed for Wireless
Area Network (WBAN). It is vulnerable to several security attacks such as the
replay attack, Distributed Denial-of-Service (DDoS) attacks at sink and
redundancy information crack. However, BANZKP needs an end-to-end
authentication which is not compliant with the human body postural mobility. We
propose a new scheme BAN-GZKP. Our scheme improves both the security and
postural mobility resilience of BANZKP. Moreover, BAN-GZKP uses only a
three-phase authentication which is optimal in the class of ZKP protocols. To
fix the security vulnerabilities of BANZKP, BAN-GZKP uses a novel random key
allocation and a Hop-by-Hop authentication definition. We further prove the
reliability of our scheme to various attacks including those to which BANZKP is
vulnerable. Furthermore, via extensive simulations we prove that our scheme,
BAN-GZKP, outperforms BANZKP in terms of reliability to human body postural
mobility for various network parameters (end-to-end delay, number of packets
exchanged in the network, number of transmissions). We compared both schemes
using representative convergecast strategies with various transmission rates
and human postural mobility. Finally, it is important to mention that BAN-GZKP
has no additional cost compared to BANZKP in terms memory, computational
complexity or energy consumption
Cyber security of the smart grid: Attack exposure analysis, detection algorithms, and testbed evaluation
While smart grid technologies are deployed to help achieve improved grid resiliency
and efficiency, they also present an increased dependency on cyber resources which may
be vulnerable to attack. This dissertation introduces three components that provide new
methods to enhancing the cyber security of the smart grid.
First, a quantitative exposure analysis model is presented to assess risks inherited
from the communication and computation of critical information. An attack exposure
metric is then presented to provide a quantitative means to analyze the model. The
metric\u27s utility is then demonstrated by analyzing smart grid environments to contrast
the effectiveness of various protection mechanisms and to evaluate the impact of new
cyber vulnerabilities.
Second, a model-based intrusion detection system is introduced to identify attacks
against electric grid substations. The system expands previous research to incorporate
temporal and spatial analysis of substation control events in order to differentiate attacks
from normal communications. This method also incorporates a hierarchical detection
approach to improve correlation of physical system events and identify sophisticated
coordinated attacks.
Finally, the PowerCyber testbed is introduced as an accurate cyber-physical envi-
ronment to help facilitate future smart grid cyber security research needs. The testbed
implements a layered approach of control, communication, and power system layers while
incorporating both industry standard components along with simulation and emulation
techniques. The testbed\u27s efficacy is then evaluated by performing various cyber attacks
and exploring their impact on physical grid simulations
A Security Analysis of Cyber-Physical Systems Architecture for Healthcare
This paper surveys the available system architectures for cyber-physical systems. Several candidate architectures are examined using a series of essential qualities for cyber-physical systems for healthcare. Next, diagrams detailing the expected functionality of infusion pumps in two of the architectures are analyzed. The STRIDE Threat Model is then used to decompose each to determine possible security issues and how they can be addressed. Finally, a comparison of the major security issues in each architecture is presented to help determine which is most adaptable to meet the security needs of cyber-physical systems in healthcare
A survey on wireless body area networks: architecture, security challenges and research opportunities.
In the era of communication technologies, wireless healthcare networks enable innovative applications to enhance the quality of patients’ lives, provide useful monitoring tools for caregivers, and allows timely intervention. However, due to the sensitive information within the Wireless Body Area Networks (WBANs), insecure data violates the patients’ privacy and may consequently lead to improper medical diagnosis and/or treatment. Achieving a high level of security and privacy in WBAN involves various challenges due to its resource limitations and critical applications. In this paper, a comprehensive survey of the WBAN technology is provided, with a particular focus on the security and privacy concerns along with their countermeasures, followed by proposed research directions and open issues
A Capability-Centric Approach to Cyber Risk Assessment and Mitigation
Cyber-enabled systems are increasingly ubiquitous and interconnected, showing up in traditional enterprise settings as well as increasingly diverse contexts, including critical infrastructure, avionics, cars, smartphones, home automation, and medical devices. Meanwhile, the impact of cyber attacks against these systems on our missions, business objectives, and personal lives has never been greater. Despite these stakes, the analysis of cyber risk and mitigations to that risk tends to be a subjective, labor-intensive, and costly endeavor, with results that can be as suspect as they are perishable. We identified the following gaps in those risk results: concerns for (1) their repeatability/reproducibility, (2) the time required to obtain them, and (3) the completeness of the analysis per the degree of attack surface coverage.
In this dissertation, we consider whether it is possible to make progress in addressing these gaps with the introduction of a new artifact called “BluGen.” BluGen is an automated platform for cyber risk assessment that employs a set of new risk analytics together with a highly-structured underlying cyber knowledge management repository.
To help evaluate the hypotheses tied to the gaps identified, we conducted a study comparing BluGen to a cyber risk assessment methodology called EVRA. EVRA is representative of current practice and has been applied extensively over the past eight years to both fielded systems and systems under design. We used Design Science principles in the construction and investigation of BluGen, during which we considered each of the three gaps.
The results of our investigation found support for the hypotheses tied to the gaps that BluGen is designed to address. Specifically, BluGen helps address the first gap by virtue of its methods/analytics executing as deterministic, automated processes. In the same way, BluGen helps address the second gap by producing its results at machine speeds in no worse than quadratic time complexity, seconds in this case. This result compares to the 25 hours that the EVRA team required to perform the same analysis. BluGen helps to address the third gap via its use of an underlying knowledge repository of cyber-related threats, mappings of those threats to cyber assets, and mappings of mitigations to the threats. The results show that manual analysis using EVRA covered about 12% of the attack surface considered by BluGen
Understanding IoT Security Through the Data Crystal Ball: Where We Are Now and Where We Are Going To Be
Inspired by the boom of the consumer IoT market, many device manufacturers, new start-up companies and technology behemoths have jumped into the space. Indeed, in a span of less than 5 years, we have experienced the manifestation of an array of solutions for the smart home, smart cities and even smart cars. Unfortunately, the exciting utility and rapid marketization of IoTs, come at the expense of privacy and security. Online and industry reports, and academic work have revealed a number of attacks on IoT systems, resulting in privacy leakage, property loss and even large-scale availability problems on some of the most influential Internet services (e.g. Netflix, Twitter). To mitigate such threats, a few new solutions have been proposed. However, it is still less clear what are the impacts they can have on the IoT ecosystem. In this work, we aim to perform a comprehensive study on reported attacks and defenses in the realm of IoTs aiming to find out what we know, where the current studies fall short and how to move forward. To this end, we first build a toolkit that searches through massive amount of online data using semantic analysis to identify over 3000 IoT-related articles (papers, reports and news). Further, by clustering such collected data using machine learning technologies, we are able to compare academic views with the findings from industry and other sources, in an attempt to understand the gaps between them, the trend of the IoT security risks and new problems that need further attention. We systemize this process, by proposing a taxonomy for the IoT ecosystem and organizing IoT security into five problem areas. We use this taxonomy as a beacon to assess each IoT work across a number of properties we define. Our assessment reveals that despite the acknowledged and growing concerns on IoT from both industry and academia, relevant security and privacy problems are far from solved. We discuss how each proposed solution can be applied to a problem area and highlight their strengths, assumptions and constraints. We stress the need for a security framework for IoT vendors and discuss the trend of shifting security liability to external or centralized entities. We also identify open research problems and provide suggestions towards a secure IoT ecosystem
- …