xLED: Covert Data Exfiltration from Air-Gapped Networks via Router LEDs

In this paper we show how attackers can covertly leak data (e.g., encryption keys, passwords and files) from highly secure or air-gapped networks via the row of status LEDs that exists in networking equipment such as LAN switches and routers. Although it is known that some network equipment emanates optical signals correlated with the information being processed by the device ('side-channel'), intentionally controlling the status LEDs to carry any type of data ('covert-channel') has never studied before. A malicious code is executed on the LAN switch or router, allowing full control of the status LEDs. Sensitive data can be encoded and modulated over the blinking of the LEDs. The generated signals can then be recorded by various types of remote cameras and optical sensors. We provide the technical background on the internal architecture of switches and routers (at both the hardware and software level) which enables this type of attack. We also present amplitude and frequency based modulation and encoding schemas, along with a simple transmission protocol. We implement a prototype of an exfiltration malware and discuss its design and implementation. We evaluate this method with a few routers and different types of LEDs. In addition, we tested various receivers including remote cameras, security cameras, smartphone cameras, and optical sensors, and also discuss different detection and prevention countermeasures. Our experiment shows that sensitive data can be covertly leaked via the status LEDs of switches and routers at a bit rates of 10 bit/sec to more than 1Kbit/sec per LED

A Simple and Robust Dissemination Protocol for VANETs

Several promising applications for Vehicular Ad-hoc Networks (VANETs) exist. For most of these applications, the communication among vehicles is envisioned to be based on the broadcasting of messages. This is due to the inherent highly mobile environment and importance of these messages to vehicles nearby. To deal with broadcast communication, dissemination protocols must be defined in such a way as to (i) prevent the so-called broadcast storm problem in dense networks and (ii) deal with disconnected networks in sparse topologies. In this paper, we present a Simple and Robust Dissemination (SRD) protocol that deals with these requirements in both sparse and dense networks. Its novelty lies in its simplicity and robustness. Simplicity is achieved by considering only two states (cluster tail and non- tail) for a vehicle. Robustness is achieved by assigning message delivery responsibility to multiple vehicles in sparse networks. Our simulation results show that SRD achieves high delivery ratio and low end-to-end delay under diverse traffic conditions

Models and Performance of VANET based Emergency Braking

The network research community is working in the field of automotive to provide VANET based safety applications to reduce the number of accidents, deaths, injuries and loss of money. Several approaches are proposed and investigated in VANET literature, but in a completely network-oriented fashion. Most of them do not take into account application requirements and no one considers the dynamics of the vehicles. Moreover, message repropagation schemes are widely proposed without investigating their benefits and using very complicated approaches. This technical report, which is derived from the Master Thesis of Michele Segata, focuses on the Emergency Electronic Brake Lights (EEBL) safety application, meant to send warning messages in the case of an emergency brake, in particular performing a joint analysis of network requirements and provided application level benefits. The EEBL application is integrated within a Collaborative Adaptive Cruise Control (CACC) which uses network-provided information to automatically brake the car if the driver does not react to the warning. Moreover, an information aggregation scheme is proposed to analyze the benefits of repropagation together with the consequent increase of network load. This protocol is compared to a protocol without repropagation and to a rebroadcast protocol found in the literature (namely the weighted p-persistent rebroadcast). The scenario is a highway stretch in which a platoon of vehicles brake down to a complete stop. Simulations are performed using the NS_3 network simulation in which two mobility models have been embedded. The first one, which is called Intelligent Driver Model (IDM) emulates the behavior of a driver trying to reach a desired speed and braking when approaching vehicles in front. The second one (Minimizing Overall Braking Induced by Lane change (MOBIL)), instead, decides when a vehicle has to change lane in order to perform an overtake or optimize its path. The original simulator has been modified by - introducing real physical limits to naturally reproduce real crashes; - implementing a CACC; - implementing the driver reaction when a warning is received; - implementing different network protocols. The tests are performed in different situations, such as different number of lanes (one to five), different average speeds, different network protocols and different market penetration rates and they show that: - the adoption of this technology considerably decreases car accidents since the overall average maximum deceleration is reduced; - network load depends on application-level details, such as the implementation of the CACC; - VANET safety application can improve safety even with a partial market penetration rate; - message repropagation is important to reduce the risk of accidents when not all vehicles are equipped; - benefits are gained not only by equipped vehicles but also by unequipped ones

Cross-layer design of multi-hop wireless networks

MULTI -hop wireless networks are usually defined as a collection of nodes equipped with radio transmitters, which not only have the capability to communicate each other in a multi-hop fashion, but also to route each others’ data packets. The distributed nature of such networks makes them suitable for a variety of applications where there are no assumed reliable central entities, or controllers, and may significantly improve the scalability issues of conventional single-hop wireless networks. This Ph.D. dissertation mainly investigates two aspects of the research issues related to the efficient multi-hop wireless networks design, namely: (a) network protocols and (b) network management, both in cross-layer design paradigms to ensure the notion of service quality, such as quality of service (QoS) in wireless mesh networks (WMNs) for backhaul applications and quality of information (QoI) in wireless sensor networks (WSNs) for sensing tasks. Throughout the presentation of this Ph.D. dissertation, different network settings are used as illustrative examples, however the proposed algorithms, methodologies, protocols, and models are not restricted in the considered networks, but rather have wide applicability. First, this dissertation proposes a cross-layer design framework integrating a distributed proportional-fair scheduler and a QoS routing algorithm, while using WMNs as an illustrative example. The proposed approach has significant performance gain compared with other network protocols. Second, this dissertation proposes a generic admission control methodology for any packet network, wired and wireless, by modeling the network as a black box, and using a generic mathematical 0. Abstract 3 function and Taylor expansion to capture the admission impact. Third, this dissertation further enhances the previous designs by proposing a negotiation process, to bridge the applications’ service quality demands and the resource management, while using WSNs as an illustrative example. This approach allows the negotiation among different service classes and WSN resource allocations to reach the optimal operational status. Finally, the guarantees of the service quality are extended to the environment of multiple, disconnected, mobile subnetworks, where the question of how to maintain communications using dynamically controlled, unmanned data ferries is investigated

Teaching telecommunication standards: bridging the gap between theory and practice

©2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.Telecommunication standards have become a reliable mechanism to strengthen collaboration between industry and research institutions to accelerate the evolution of communications systems. Standards are needed to enable cooperation while promoting competition. Within the framework of a standard, the companies involved in the standardization process contribute and agree on appropriate technical specifications to ensure diversity and compatibility, and facilitate worldwide commercial deployment and evolution. Those parts of the system that can create competitive advantages are intentionally left open in the specifications. Such specifications are extensive, complex, and minimalistic. This makes telecommunication standards education a difficult endeavor, but it is much demanded by industry and governments to spur economic growth. This article describes a methodology for teaching wireless communications standards. We define our methodology around six learning stages that assimilate the standardization process and identify key learning objectives for each. Enabled by software-defined radio technology, we describe a practical learning environment that facilitates developing many of the needed technical and soft skills without the inherent difficulty and cost associated with radio frequency components and regulation. Using only open source software and commercial of-the-shelf computers, this environment is portable and can easily be recreated at other educational institutions and adapted to their educational needs and constraints. We discuss our and our students' experiences when employing the proposed methodology to 4G LTE standard education at Barcelona Tech.Peer ReviewedPostprint (author's final draft