787 research outputs found
Security of GPS/INS based On-road Location Tracking Systems
Location information is critical to a wide-variety of navigation and tracking
applications. Today, GPS is the de-facto outdoor localization system but has
been shown to be vulnerable to signal spoofing attacks. Inertial Navigation
Systems (INS) are emerging as a popular complementary system, especially in
road transportation systems as they enable improved navigation and tracking as
well as offer resilience to wireless signals spoofing, and jamming attacks. In
this paper, we evaluate the security guarantees of INS-aided GPS tracking and
navigation for road transportation systems. We consider an adversary required
to travel from a source location to a destination, and monitored by a INS-aided
GPS system. The goal of the adversary is to travel to alternate locations
without being detected. We developed and evaluated algorithms that achieve such
goal, providing the adversary significant latitude. Our algorithms build a
graph model for a given road network and enable us to derive potential
destinations an attacker can reach without raising alarms even with the
INS-aided GPS tracking and navigation system. The algorithms render the
gyroscope and accelerometer sensors useless as they generate road trajectories
indistinguishable from plausible paths (both in terms of turn angles and roads
curvature). We also designed, built, and demonstrated that the magnetometer can
be actively spoofed using a combination of carefully controlled coils. We
implemented and evaluated the impact of the attack using both real-world and
simulated driving traces in more than 10 cities located around the world. Our
evaluations show that it is possible for an attacker to reach destinations that
are as far as 30 km away from the true destination without being detected. We
also show that it is possible for the adversary to reach almost 60-80% of
possible points within the target region in some cities
Defeating jamming with the power of silence: a game-theoretic analysis
The timing channel is a logical communication channel in which information is
encoded in the timing between events. Recently, the use of the timing channel
has been proposed as a countermeasure to reactive jamming attacks performed by
an energy-constrained malicious node. In fact, whilst a jammer is able to
disrupt the information contained in the attacked packets, timing information
cannot be jammed and, therefore, timing channels can be exploited to deliver
information to the receiver even on a jammed channel.
Since the nodes under attack and the jammer have conflicting interests, their
interactions can be modeled by means of game theory. Accordingly, in this paper
a game-theoretic model of the interactions between nodes exploiting the timing
channel to achieve resilience to jamming attacks and a jammer is derived and
analyzed. More specifically, the Nash equilibrium is studied in the terms of
existence, uniqueness, and convergence under best response dynamics.
Furthermore, the case in which the communication nodes set their strategy and
the jammer reacts accordingly is modeled and analyzed as a Stackelberg game, by
considering both perfect and imperfect knowledge of the jammer's utility
function. Extensive numerical results are presented, showing the impact of
network parameters on the system performance.Comment: Anti-jamming, Timing Channel, Game-Theoretic Models, Nash Equilibriu
Security in Wireless Sensor Networks
Wireless Sensor Networks (WSNs) pose a new challenge to network designers in the area of developing better and secure routing protocols. Many sensor networks have mission-critical tasks, so it is clear that security needs to be taken into account at design time. However, sensor networks are not traditional computing devices, and as a result, existing security models and methods are ill suited. The security issues posed by sensor networks represent a rich field of research problems. Improving network hardware and software may address many of the issues, but others will require new supporting technologies. With the recent surge in the use of sensor networks, for example, in ubiquitous computing and body sensor networks (BSNs) the need for security mechanisms has a more important role. Recently proposed solutions address but a small subset of current sensor network attacks. Also because of the special battery requirements for such networks, normal cryptographic network solutions are irrelevant. New mechanisms need to be developed to address this type of network
ZigBee/ZigBee PRO security assessment based on compromised cryptographic keys
Sensor networks have many applications in monitoring and controlling of environmental properties such as sound, acceleration, vibration and temperature. Due to limited
resources in computation capability, memory and energy, they are vulnerable to many kinds of attacks. The ZigBee specification based on the 802.15.4 standard, defines a set of layers specifically suited to sensor networks. These layers support secure messaging using symmetric cryptographic. This paper presents two different ways for grabbing the cryptographic key in ZigBee: remote attack and physical attack. It also surveys and categorizes some additional attacks which can be performed on ZigBee networks: eavesdropping, spoofing, replay and DoS attacks at different layers. From this analysis, it is shown that some vulnerabilities still in the existing security schema in ZigBee technology.Les xarxes de sensors tenen moltes aplicacions en el control i la monitorització de les propietats del medi ambient, com ara el so, l¿acceleració, la vibració i la temperatura. A causa dels limitats recursos en la capacitat de càlcul, la memòria i l'energia són vulnerables a molts tipus d'atacs. L'especificació ZigBee basada en l'estàndard 802.15.4, defineix un conjunt de capes, adaptada específicament per a xarxes de sensors. Aquestes capes suporten missatgeria segura mitjançant criptografia simètrica. Aquest article presenta dues formes diferents per agafar la clau de xifrat en ZigBee: atac a distància i atacs físics. També les enquesta i classifica alguns atacs addicionals que es poden realitzar en les xarxes ZigBee: espionatge, falsificació, reproducció i atacs DoS en les diferents capes. A partir d'aquesta anàlisi, es demostren algunes vulnerabilitats existents en l'esquema de seguretat en tecnologia ZigBee.Las redes de sensores tienen muchas aplicaciones en el control y la monitorización de las propiedades del medio ambiente, como el sonido, la aceleración, la vibración y la temperatura. Debido a los limitados recursos en la capacidad de cálculo, la memoria y la energía son vulnerables a muchos tipos de ataques. La especificación ZigBee basada en el estándar 802.15.4, define un conjunto de capas, adaptada específicamente para redes de sensores. Estas capas soportan mensajería segura mediante criptografía simétrica. Este artículo presenta dos formas diferentes para coger la clave de cifrado en ZigBee: ataque a distancia y ataques físicos. También las encuesta y clasifica algunos ataques adicionales que se pueden realizar en las redes ZigBee: espionaje, falsificación, reproducción y ataques DoS en las diferentes capas. A partir de este análisis, se demuestran algunas vulnerabilidades existentes en el esquema de seguridad en tecnología ZigBee
Resilient networking in wireless sensor networks
This report deals with security in wireless sensor networks (WSNs),
especially in network layer. Multiple secure routing protocols have been
proposed in the literature. However, they often use the cryptography to secure
routing functionalities. The cryptography alone is not enough to defend against
multiple attacks due to the node compromise. Therefore, we need more
algorithmic solutions. In this report, we focus on the behavior of routing
protocols to determine which properties make them more resilient to attacks.
Our aim is to find some answers to the following questions. Are there any
existing protocols, not designed initially for security, but which already
contain some inherently resilient properties against attacks under which some
portion of the network nodes is compromised? If yes, which specific behaviors
are making these protocols more resilient? We propose in this report an
overview of security strategies for WSNs in general, including existing attacks
and defensive measures. In this report we focus at the network layer in
particular, and an analysis of the behavior of four particular routing
protocols is provided to determine their inherent resiliency to insider
attacks. The protocols considered are: Dynamic Source Routing (DSR),
Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing
(RWR)
On the Security of the Automatic Dependent Surveillance-Broadcast Protocol
Automatic dependent surveillance-broadcast (ADS-B) is the communications
protocol currently being rolled out as part of next generation air
transportation systems. As the heart of modern air traffic control, it will
play an essential role in the protection of two billion passengers per year,
besides being crucial to many other interest groups in aviation. The inherent
lack of security measures in the ADS-B protocol has long been a topic in both
the aviation circles and in the academic community. Due to recently published
proof-of-concept attacks, the topic is becoming ever more pressing, especially
with the deadline for mandatory implementation in most airspaces fast
approaching.
This survey first summarizes the attacks and problems that have been reported
in relation to ADS-B security. Thereafter, it surveys both the theoretical and
practical efforts which have been previously conducted concerning these issues,
including possible countermeasures. In addition, the survey seeks to go beyond
the current state of the art and gives a detailed assessment of security
measures which have been developed more generally for related wireless networks
such as sensor networks and vehicular ad hoc networks, including a taxonomy of
all considered approaches.Comment: Survey, 22 Pages, 21 Figure
- …