4,670 research outputs found
Detection and control of small civilian UAVs
With the increasing proliferation of small civilian Unmanned Aerial Vehicles (UAVs), the threat to critical infrastructure (CI) security and privacy is now widely recognised and must be addressed. These devices are easily available at a low cost, with their usage largely unrestricted allowing users to have no accountability. Further, current implementations of UAVs have little to no security measures applied to their control interfaces. To combat the threat raised by small UAVs, being aware of their presence is required, a task that can be challenging and often requires customised hardware.
This thesis aimed to address the threats posed by the Parrot AR Drone v2, by presenting a data link signature detection method which provides the characteristics needed to implement a mitigation method, capable of stopping a UAVs movement and video stream. These methods were developed using an experimental procedure and are packaged as a group of Python scripts.
A suitable detection method was developed, capable of detecting and identifying a Parrot AR Drone v2 within WiFi operational range. A successful method of disabling the controls and video of a Parrot AR Drone in the air was implemented, with collection of video and control commands also achieved, for after-the-event reconstruction of the video stream.
Real-time video monitoring is achievable, however it is deemed detrimental to the flight stability of the Parrot, reducing the effectiveness of monitoring the behaviour of an unidentified Parrot AR Drone v2. Additionally, implementing a range of mitigations for continued monitoring of Parrot AR Drones proved ineffectual, given that the mitigations applied were found to be non-persistent, with the mitigations reverting after control is returned to the controller. While the ability to actively monitor and manipulate Parrot AR Drones was successful, it was not to the degree believed possible during initial research
Detecting Impersonation Attacks in a Static WSN
The current state of security found in the IoT domain is highly ïŹawed, a major problem being that the cryptographic keys used for authentication can be easily extracted and thus enable a myriad of impersonation attacks. In this MSc thesis a study is done of an authentication mechanism called device ïŹngerprinting. It is a mechanism which can derive the identity of a device without relying on device identity credentials and thus detect credential-based impersonation attacks. A proof of concept has been produced to showcase how a ïŹngerprinting system can be designed to function in a resource constrained IoT environment. A novel approach has been taken where several ïŹngerprinting techniques have been combined through machine learning to improve the systemâs ability to deduce the identity of a device. The proof of concept yields high performant results, indicating that ïŹngerprinting techniques are a viable approach to achieve security in an IoT system
FUZZY BASED SECURITY ALGORITHM FOR WIRELESS SENSOR NETWORKS IN THE INTERNET OF THINGS PARADIGM
Published ThesisThe world is embracing the idea of Internet of Things and Industrial Revolution 4.0. However, this acceptance of computerised evolution is met with a myriad of challenges, where consumers of this technology are also growing ever so anxious about the security of their personal data as well as reliability of data collected by the millions and even billions of sensors surrounding them.
Wireless sensor networks are the main baseline technology driving Internet of things; by their very inherent nature, these networks are too vulnerable to attacks and yet the network security tools designed for conventional computer networks are not effective in countering these attacks. Wireless sensors have low computational resources, may be highly mobile and in most cases, these networks do not have a central point which can be marked as an authentication point for the sensors, any node can join or leave whenever they want. This leaves the sensors and the internet of things applications depending on them highly susceptible to attacks, which may compromise consumer information and leave security breaches in situation that need absolute security such as homes or even the cars they drive. There are many possibilities of things that could go wrong when hackers gain control of sensors in a car or a house.
There have been many solutions offered to address security of Wireless Sensor Networks; however, most of those solutions are often not customised for African context. Given that most African countries have not kept pace with the development of these underlying technologies, blanket adoption of the solutions developed for consumption in the developed world has not yielded optimal results. The focus of this research was the development of an Intrusion Detection System that works in a hierarchical network structured Wireless Sensor Network, where cluster heads oversee groups of nodes and relay their data packets all the way to the sink node. This is a reactive Intrusion Detection System (IDS) that makes use of a fuzzy logic based algorithm for verification of intrusion detections. This system borrows characteristics of traditional Wireless Sensor Networks in that it is hosted external to the nodes; that is, on a computer or server connected to the sink node. The rational for this is the premise that developing the system in this manner optimises the power and processing resource of nodes because no part of the IDS is found in the nodes and they are left to focus purely on sensing.
The Intrusion Detection System makes use of remote Over The Air programming to communicate with compromised nodes, to either shut down or reboot and is designed with the ZigBee protocol in mind. Additionally, this Intrusion Detection System is intended to being part of a larger Internet of Things integration framework being proposed at the Central University of Technology. This framework is aimed at developing an Internet of Things adoption strategy customised for African needs and regionally local consumers.
To evaluate the effectiveness of the solution, the rate of false detections being picked out by the security algorithm were reduced through the use of fuzzy logic systems; this resulted in an accuracies of above 90 %. The algorithm is also very light when asymptotic notation is applied, making it ideal for Wireless Sensors. Lastly, we also put forward the Xbee version of the Triple Modular Redundancy architecture, customised for Wireless sensor networks in order to beef-up on the security solution presented in this dissertation
Department of Computer Science Activity 1998-2004
This report summarizes much of the research and teaching activity of the Department of Computer Science at Dartmouth College between late 1998 and late 2004. The material for this report was collected as part of the final report for NSF Institutional Infrastructure award EIA-9802068, which funded equipment and technical staff during that six-year period. This equipment and staff supported essentially all of the department\u27s research activity during that period
The Future of Cybercrime: AI and Emerging Technologies Are Creating a Cybercrime Tsunami
This paper reviews the impact of AI and emerging technologies on the future of cybercrime and the necessary strategies to combat it effectively. Society faces a pressing challenge as cybercrime proliferates through AI and emerging technologies. At the same time, law enforcement and regulators struggle to keep it up. Our primary challenge is raising awareness as cybercrime operates within a distinct criminal ecosystem. We explore the hijacking of emerging technologies by criminals (CrimeTech) and their use in illicit activities, along with the tools and processes (InfoSec) to protect against future cybercrime. We also explore the role of AI and emerging technologies (DeepTech) in supporting law enforcement, regulation, and legal services (LawTech)
Recommended from our members
Enterprise platform systems management security threats and mitigation techniques
Developers and technologists of enterprise systems such as servers, storage and networking products must constantly anticipate new cybersecurity threats and evolving security requirements. These requirements are typically sourced from marketing, customer expectations, manufacturing and evolving government standards. Much ongoing major research focus has been on securing the main enterprise system purpose functionality, operating system, network and storage. There appears, however, to be far less research and a growing number of reports of vulnerabilities in the area of enterprise systems management hardware and software subsystems. Many recent examples are within types of subsystems such as baseboard management controllers (BMCs), which are intricate embedded subsystems, independent of the host server system functionality. A BMC is typically comprised of a specialized system-on-a-chip, RAM, non-volatile storage, and sensors, and runs an embedded LINUX Operating System. The BMCâs primary roles are always increasing in scope including managing system inventory, system operational health, thermal and power control, event logging, remote console access, provisioning, performance monitoring, software updates and failure prediction and remediation. To compromise or create a denial of service of such subsystems has an increasing impact on equipment manufacturers and large and small enterprises. This reportâs primary objective is to research real-world and theoretical hardware and software cyber-attack vectors on enterprise product platforms, inclusive of BMCs, BIOS and other embedded systems within such products. For each presented attack vector, best practices and suggestions for effective avoidance and mitigation are explored. Domains of particular interest are physical access security, hardware manipulation and secure boot protections against software image manipulation, BIOS recovery and secure field debug techniques.Electrical and Computer Engineerin
BROSMAP: A Novel Broadcast Based Secure Mobile Agent Protocol for Distributed Service Applications
Mobile agents are smart programs that migrate from one platform to another to perform the user task. Mobile agents offer flexibility and performance enhancements to systems and service real-time applications. However, security in mobile agent systems is a great concern. In this paper, we propose a novel Broadcast based Secure Mobile Agent Protocol (BROSMAP) for distributed service applications that provides mutual authentication, authorization, accountability, nonrepudiation, integrity, and confidentiality. The proposed system also provides protection from man in the middle, replay, repudiation, and modification attacks. We proved the efficiency of the proposed protocol through formal verification with Scyther verification tool
Amoeba: Circumventing ML-supported Network Censorship via Adversarial Reinforcement Learning
Embedding covert streams into a cover channel is a common approach to
circumventing Internet censorship, due to censors' inability to examine
encrypted information in otherwise permitted protocols (Skype, HTTPS, etc.).
However, recent advances in machine learning (ML) enable detecting a range of
anti-censorship systems by learning distinct statistical patterns hidden in
traffic flows. Therefore, designing obfuscation solutions able to generate
traffic that is statistically similar to innocuous network activity, in order
to deceive ML-based classifiers at line speed, is difficult.
In this paper, we formulate a practical adversarial attack strategy against
flow classifiers as a method for circumventing censorship. Specifically, we
cast the problem of finding adversarial flows that will be misclassified as a
sequence generation task, which we solve with Amoeba, a novel reinforcement
learning algorithm that we design. Amoeba works by interacting with censoring
classifiers without any knowledge of their model structure, but by crafting
packets and observing the classifiers' decisions, in order to guide the
sequence generation process. Our experiments using data collected from two
popular anti-censorship systems demonstrate that Amoeba can effectively shape
adversarial flows that have on average 94% attack success rate against a range
of ML algorithms. In addition, we show that these adversarial flows are robust
in different network environments and possess transferability across various ML
models, meaning that once trained against one, our agent can subvert other
censoring classifiers without retraining
- âŠ