Analysis of cyber risk and associated concentration of research (ACR)² in the security of vehicular edge clouds

Intelligent Transportation Systems (ITS) is a rapidly growing research space with many issues and challenges. One of the major concerns is to successfully integrate connected technologies, such as cloud infrastructure and edge cloud, into ITS. Security has been identified as one of the greatest challenges for the ITS, and security measures require consideration from design to implementation. This work focuses on providing an analysis of cyber risk and associated concentration of research (ACR2). The introduction of ACR2 approach can be used to consider research challenges in VEC and open up further investigation into those threats that are important but under-researched. That is, the approach can identify very high or high risk areas that have a low research concentration. In this way, this research can lay the foundations for the development of further work in securing the future of ITS

Protected or Porous: A Comparative Analysis of Threat Detection Capability of IoT Safeguards

Consumer Internet of Things (IoT) devices are increasingly common, from smart speakers to security cameras, in homes. Along with their benefits come potential privacy and security threats. To limit these threats a number of commercial services have become available (IoT safeguards). The safeguards claim to provide protection against IoT privacy risks and security threats. However, the effectiveness and the associated privacy risks of these safeguards remains a key open question. In this paper, we investigate the threat detection capabilities of IoT safeguards for the first time. We develop and release an approach for automated safeguards experimentation to reveal their response to common security threats and privacy risks. We perform thousands of automated experiments using popular commercial IoT safeguards when deployed in a large IoT testbed. Our results indicate not only that these devices may be ineffective in preventing risks, but also their cloud interactions and data collection operations may introduce privacy risks for the households that adopt them

Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences

In this survey, we first briefly review the current state of cyber attacks, highlighting significant recent changes in how and why such attacks are performed. We then investigate the mechanics of malware command and control (C2) establishment: we provide a comprehensive review of the techniques used by attackers to set up such a channel and to hide its presence from the attacked parties and the security tools they use. We then switch to the defensive side of the problem, and review approaches that have been proposed for the detection and disruption of C2 channels. We also map such techniques to widely-adopted security controls, emphasizing gaps or limitations (and success stories) in current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages. Listing abstract compressed from version appearing in repor

Analysis of security at the Near-real-time RIC xApps based on O-RAN-defined use cases

The Open Radio Access Network Alliance (O-RAN Alliance) is a group of industry and academic organizations that strive to realize the vision of next-generation cellular networks. Using standardized interfaces, telecommunications operators can operate multi-vendor infrastructure and deliver high-speed services to their mobile users. Additionally, the O-RAN Alliance has standardized an Open Radio Access Network (RAN) architecture based on the Third Generation Partnership Project (3GPP) and other standards. User planes and control planes are currently separate in RAN architecture. The separation makes it easier to accommodate network function virtualization methods required for 5G, enabling it to be more flexible. To help in the management of resources, the O-RAN standard proposes the use of xApps, i.e., dedicated applications that can be customly installed by the network operatior and that can be purchased from different vendors. For this reason, securely managing xApps represents a significant challenge for the security of the overall network.\\ In this thesis, we analyze the security of xApps and their proposed use cases. Based on the applications porposed by the O-RAN alliance, we provide an in depth analysis of the vulnerabilities and their impact on the network. We also discuss different features of attacks, such as reproducibility, stealthiness, exposure, and impact. Based on our analysis, we conclude that significant work is still to be made to guarantee the security of O-RAN and in particular of its xApps. This thesis hence provides a baseline for future research in the domain of security and privacy for next generation communication network

A Survey of Prevent and Detect Access Control Vulnerabilities

Broken access control is one of the most common security vulnerabilities in web applications. These vulnerabilities are the major cause of many data breach incidents, which result in privacy concern and revenue loss. However, preventing and detecting access control vulnerabilities proactively in web applications could be difficult. Currently, these vulnerabilities are actively detected by bug bounty hunters post-deployment, which creates attack windows for malicious access. To solve this problem proactively requires security awareness and expertise from developers, which calls for systematic solutions. This survey targets to provide a structured overview of approaches that tackle access control vulnerabilities. It firstly discusses the unique feature of access control vulnerabilities, then studies the existing works proposed to tackle access control vulnerabilities in web applications, which span the spectrum of software development from software design and implementation, software analysis and testing, and runtime monitoring. At last we discuss the open problem in this field

Remotely Exploiting AT Command Attacks on ZigBee Networks

Internet of Things networks represent an emerging phenomenon bringing connectivity to common sensors. Due to the limited capabilities and to the sensitive nature of the devices, security assumes a crucial and primary role. In this paper, we report an innovative and extremely dangerous threat targeting IoT networks. The attack is based on Remote AT Commands exploitation, providing a malicious user with the possibility of reconfiguring or disconnecting IoT sensors from the network. We present the proposed attack and evaluate its efficiency by executing tests on a real IoT network. Results demonstrate how the threat can be successfully executed and how it is able to focus on the targeted nodes, without affecting other nodes of the network