27,998 research outputs found
Security of GPS/INS based On-road Location Tracking Systems
Location information is critical to a wide-variety of navigation and tracking
applications. Today, GPS is the de-facto outdoor localization system but has
been shown to be vulnerable to signal spoofing attacks. Inertial Navigation
Systems (INS) are emerging as a popular complementary system, especially in
road transportation systems as they enable improved navigation and tracking as
well as offer resilience to wireless signals spoofing, and jamming attacks. In
this paper, we evaluate the security guarantees of INS-aided GPS tracking and
navigation for road transportation systems. We consider an adversary required
to travel from a source location to a destination, and monitored by a INS-aided
GPS system. The goal of the adversary is to travel to alternate locations
without being detected. We developed and evaluated algorithms that achieve such
goal, providing the adversary significant latitude. Our algorithms build a
graph model for a given road network and enable us to derive potential
destinations an attacker can reach without raising alarms even with the
INS-aided GPS tracking and navigation system. The algorithms render the
gyroscope and accelerometer sensors useless as they generate road trajectories
indistinguishable from plausible paths (both in terms of turn angles and roads
curvature). We also designed, built, and demonstrated that the magnetometer can
be actively spoofed using a combination of carefully controlled coils. We
implemented and evaluated the impact of the attack using both real-world and
simulated driving traces in more than 10 cities located around the world. Our
evaluations show that it is possible for an attacker to reach destinations that
are as far as 30 km away from the true destination without being detected. We
also show that it is possible for the adversary to reach almost 60-80% of
possible points within the target region in some cities
KASR: A Reliable and Practical Approach to Attack Surface Reduction of Commodity OS Kernels
Commodity OS kernels have broad attack surfaces due to the large code base
and the numerous features such as device drivers. For a real-world use case
(e.g., an Apache Server), many kernel services are unused and only a small
amount of kernel code is used. Within the used code, a certain part is invoked
only at runtime while the rest are executed at startup and/or shutdown phases
in the kernel's lifetime run. In this paper, we propose a reliable and
practical system, named KASR, which transparently reduces attack surfaces of
commodity OS kernels at runtime without requiring their source code. The KASR
system, residing in a trusted hypervisor, achieves the attack surface reduction
through a two-step approach: (1) reliably depriving unused code of executable
permissions, and (2) transparently segmenting used code and selectively
activating them. We implement a prototype of KASR on Xen-4.8.2 hypervisor and
evaluate its security effectiveness on Linux kernel-4.4.0-87-generic. Our
evaluation shows that KASR reduces the kernel attack surface by 64% and trims
off 40% of CVE vulnerabilities. Besides, KASR successfully detects and blocks
all 6 real-world kernel rootkits. We measure its performance overhead with
three benchmark tools (i.e., SPECINT, httperf and bonnie++). The experimental
results indicate that KASR imposes less than 1% performance overhead (compared
to an unmodified Xen hypervisor) on all the benchmarks.Comment: The work has been accepted at the 21st International Symposium on
Research in Attacks, Intrusions, and Defenses 201
- …