On the Security of the Automatic Dependent Surveillance-Broadcast Protocol

Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next generation air transportation systems. As the heart of modern air traffic control, it will play an essential role in the protection of two billion passengers per year, besides being crucial to many other interest groups in aviation. The inherent lack of security measures in the ADS-B protocol has long been a topic in both the aviation circles and in the academic community. Due to recently published proof-of-concept attacks, the topic is becoming ever more pressing, especially with the deadline for mandatory implementation in most airspaces fast approaching. This survey first summarizes the attacks and problems that have been reported in relation to ADS-B security. Thereafter, it surveys both the theoretical and practical efforts which have been previously conducted concerning these issues, including possible countermeasures. In addition, the survey seeks to go beyond the current state of the art and gives a detailed assessment of security measures which have been developed more generally for related wireless networks such as sensor networks and vehicular ad hoc networks, including a taxonomy of all considered approaches.Comment: Survey, 22 Pages, 21 Figure

Security protocols suite for machine-to-machine systems

Nowadays, the great diffusion of advanced devices, such as smart-phones, has shown that there is a growing trend to rely on new technologies to generate and/or support progress; the society is clearly ready to trust on next-generation communication systems to face today’s concerns on economic and social fields. The reason for this sociological change is represented by the fact that the technologies have been open to all users, even if the latter do not necessarily have a specific knowledge in this field, and therefore the introduction of new user-friendly applications has now appeared as a business opportunity and a key factor to increase the general cohesion among all citizens. Within the actors of this technological evolution, wireless machine-to-machine (M2M) networks are becoming of great importance. These wireless networks are made up of interconnected low-power devices that are able to provide a great variety of services with little or even no user intervention. Examples of these services can be fleet management, fire detection, utilities consumption (water and energy distribution, etc.) or patients monitoring. However, since any arising technology goes together with its security threats, which have to be faced, further studies are necessary to secure wireless M2M technology. In this context, main threats are those related to attacks to the services availability and to the privacy of both the subscribers’ and the services providers’ data. Taking into account the often limited resources of the M2M devices at the hardware level, ensuring the availability and privacy requirements in the range of M2M applications while minimizing the waste of valuable resources is even more challenging. Based on the above facts, this Ph. D. thesis is aimed at providing efficient security solutions for wireless M2M networks that effectively reduce energy consumption of the network while not affecting the overall security services of the system. With this goal, we first propose a coherent taxonomy of M2M network that allows us to identify which security topics deserve special attention and which entities or specific services are particularly threatened. Second, we define an efficient, secure-data aggregation scheme that is able to increase the network lifetime by optimizing the energy consumption of the devices. Third, we propose a novel physical authenticator or frame checker that minimizes the communication costs in wireless channels and that successfully faces exhaustion attacks. Fourth, we study specific aspects of typical key management schemes to provide a novel protocol which ensures the distribution of secret keys for all the cryptographic methods used in this system. Fifth, we describe the collaboration with the WAVE2M community in order to define a proper frame format actually able to support the necessary security services, including the ones that we have already proposed; WAVE2M was funded to promote the global use of an emerging wireless communication technology for ultra-low and long-range services. And finally sixth, we provide with an accurate analysis of privacy solutions that actually fit M2M-networks services’ requirements. All the analyses along this thesis are corroborated by simulations that confirm significant improvements in terms of efficiency while supporting the necessary security requirements for M2M networks

Survival in the e-conomy: 2nd Australian information warfare & security conference 2001

This is an international conference for academics and industry specialists in information warfare, security, and other related fields. The conference has drawn participants from national and international organisations

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

A survey on vehicular communication for cooperative truck platooning application

Platooning is an application where a group of vehicles move one after each other in close proximity, acting jointly as a single physical system. The scope of platooning is to improve safety, reduce fuel consumption, and increase road use efficiency. Even if conceived several decades ago as a concept, based on the new progress in automation and vehicular networking platooning has attracted particular attention in the latest years and is expected to become of common implementation in the next future, at least for trucks.The platoon system is the result of a combination of multiple disciplines, from transportation, to automation, to electronics, to telecommunications. In this survey, we consider the platooning, and more specifically the platooning of trucks, from the point of view of wireless communications. Wireless communications are indeed a key element, since they allow the information to propagate within the convoy with an almost negligible delay and really making all vehicles acting as one. Scope of this paper is to present a comprehensive survey on connected vehicles for the platooning application, starting with an overview of the projects that are driving the development of this technology, followed by a brief overview of the current and upcoming vehicular networking architecture and standards, by a review of the main open issues related to wireless communications applied to platooning, and a discussion of security threats and privacy concerns. The survey will conclude with a discussion of the main areas that we consider still open and that can drive future research directions.(c) 2022 The Author(s). Published by Elsevier Inc. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/)

Reputation-Based Internet Protocol Security: A Multilayer Security Framework for Mobil Ad Hoc Networks

This research effort examines the theory, application, and results for a Reputation-based Internet Protocol Security (RIPSec) framework that provides security for an ad-hoc network operating in a hostile environment. In RIPSec, protection from external threats is provided in the form of encrypted communication links and encryption-wrapped nodes while internal threats are mitigated by behavior grading that assigns reputations to nodes based on their demonstrated participation in the routing process. Network availability is provided by behavior grading and round-robin multipath routing. If a node behaves faithfully, it earns a positive reputation over time. If a node misbehaves (for any number of reasons, not necessarily intentional), it earns a negative reputation. Each member of the MANET has its own unique and subjective set of Reputation Indexes (RI) that enumerates the perceived reputation of the other MANET nodes. Nodes that desire to send data will eliminate relay nodes they perceive to have a negative reputation during the formulation of a route. A 50-node MANET is simulated with streaming multimedia and varying levels of misbehavior to determine the impact of the framework on network performance. Results of this research were very favorable. Analysis of the simulation data shows the number of routing errors sent in a MANET is reduced by an average of 52% when using RIPSec. The network load is also reduced, decreasing the overall traffic introduced into the MANET and permitting individual nodes to perform more work without overtaxing their limited resources. Finally, throughput is decreased due to larger packet sizes and longer round trips for packets to traverse the MANET, but is still sufficient to pass traffic with high bandwidth requirements (i.e., video and imagery) that is of interest in military networks

A dynamic trust and mutual authentication scheme for MANET security

MANETs are attractive technology in providing communication in the absence of a fixed infrastructure for applications such as, first responders at a disaster site or soldiers in a battlefield (Kumar, and Mishra, 2012). The rapid growth MANET has experienced in recent years is due to its Ad Hoc capabilities that have also made it prime target of cybercrimes (Jhaveri, 2012). This has raised the question of how could we embrace the benefits of MANET without the increased security risks. MANETs have several vulnerabilities such as lack of a central point, mobility, wireless links, limited energy resources, a lack of clear line of defence, cooperative nature and non-secure communication to mention a few. This research proposes a two-phase scheme. In phase-one a novel approach is suggested by using concept of exiting trust schemes and adopting the use of Dynamic Trust Threshold Scheme (DTTS) for the selection of trusted nodes in the network and using mutual trust acknowledgement scheme of neighbour nodes to authenticate two communicating nodes. The notion of trust is used for authenticating peer nodes. The trust scheme algorithm is based on real time network dynamics, relevant to MANET conditions, as opposed to pre-determined static values. The phase-one is implemented in AODV and tested in a simulated environment using NS2. The reason for using AODV is that it’s reactive and has comparatively low routing overhead, low energy consumption and relatively better performance (Morshed, et al 2010). In order to ensure data confidentiality and end-to-end security, in phase-two, the source and destination generates a shared secret key to communicate with each other using a highly efficient Diffie Hellman Elliptic Curve scheme (Wang, Ramamurthy and Zou, 2006). The shared key is used to encrypt data between the peer nodes

An architecture framework for enhanced wireless sensor network security

This thesis develops an architectural framework to enhance the security of Wireless Sensor Networks (WSNs) and provides the implementation proof through different security countermeasures, which can be used to establish secure WSNs, in a distributed and self-healing manner. Wireless Sensors are used to monitor and control environmental properties such as sound, acceleration, vibration, air pollutants, and temperature. Due to their limited resources in computation capability, memory and energy, their security schemes are susceptible to many kinds of security vulnerabilities. This thesis investigated all possible network attacks on WSNs and at the time of writing, 19 different types of attacks were identified, all of which are discussed including exposures to the attacks, and the impact of those attacks. The author then utilises this work to examine the ZigBee series, which are the new generation of wireless sensor network products with built-in layered security achieved by secure messaging using symmetric cryptography. However, the author was able to uniquely identify several security weaknesses in ZigBee by examining its protocol and launching the possible attacks. It was found that ZigBee is vulnerable to the following attacks, namely: eavesdropping, replay attack, physical tampering and Denial of Services (DoS). The author then provides solutions to improve the ZigBee security through its security schema, including an end-to-end WSN security framework, architecture design and sensor configuration, that can withstand all types of attacks on the WSN and mitigate ZigBee’s WSN security vulnerabilities

Real-Time Sensor Networks and Systems for the Industrial IoT

The Industrial Internet of Things (Industrial IoT—IIoT) has emerged as the core construct behind the various cyber-physical systems constituting a principal dimension of the fourth Industrial Revolution. While initially born as the concept behind specific industrial applications of generic IoT technologies, for the optimization of operational efficiency in automation and control, it quickly enabled the achievement of the total convergence of Operational (OT) and Information Technologies (IT). The IIoT has now surpassed the traditional borders of automation and control functions in the process and manufacturing industry, shifting towards a wider domain of functions and industries, embraced under the dominant global initiatives and architectural frameworks of Industry 4.0 (or Industrie 4.0) in Germany, Industrial Internet in the US, Society 5.0 in Japan, and Made-in-China 2025 in China. As real-time embedded systems are quickly achieving ubiquity in everyday life and in industrial environments, and many processes already depend on real-time cyber-physical systems and embedded sensors, the integration of IoT with cognitive computing and real-time data exchange is essential for real-time analytics and realization of digital twins in smart environments and services under the various frameworks’ provisions. In this context, real-time sensor networks and systems for the Industrial IoT encompass multiple technologies and raise significant design, optimization, integration and exploitation challenges. The ten articles in this Special Issue describe advances in real-time sensor networks and systems that are significant enablers of the Industrial IoT paradigm. In the relevant landscape, the domain of wireless networking technologies is centrally positioned, as expected