IoT Sentinel: Automated Device-Type Identification for Security Enforcement in IoT

With the rapid growth of the Internet-of-Things (IoT), concerns about the security of IoT devices have become prominent. Several vendors are producing IP-connected devices for home and small office networks that often suffer from flawed security designs and implementations. They also tend to lack mechanisms for firmware updates or patches that can help eliminate security vulnerabilities. Securing networks where the presence of such vulnerable devices is given, requires a brownfield approach: applying necessary protection measures within the network so that potentially vulnerable devices can coexist without endangering the security of other devices in the same network. In this paper, we present IOT SENTINEL, a system capable of automatically identifying the types of devices being connected to an IoT network and enabling enforcement of rules for constraining the communications of vulnerable devices so as to minimize damage resulting from their compromise. We show that IOT SENTINEL is effective in identifying device types and has minimal performance overhead

BitTorrent Sync: Network Investigation Methodology

The volume of personal information and data most Internet users find themselves amassing is ever increasing and the fast pace of the modern world results in most requiring instant access to their files. Millions of these users turn to cloud based file synchronisation services, such as Dropbox, Microsoft Skydrive, Apple iCloud and Google Drive, to enable "always-on" access to their most up-to-date data from any computer or mobile device with an Internet connection. The prevalence of recent articles covering various invasion of privacy issues and data protection breaches in the media has caused many to review their online security practices with their personal information. To provide an alternative to cloud based file backup and synchronisation, BitTorrent Inc. released an alternative cloudless file backup and synchronisation service, named BitTorrent Sync to alpha testers in April 2013. BitTorrent Sync's popularity rose dramatically throughout 2013, reaching over two million active users by the end of the year. This paper outlines a number of scenarios where the network investigation of the service may prove invaluable as part of a digital forensic investigation. An investigation methodology is proposed outlining the required steps involved in retrieving digital evidence from the network and the results from a proof of concept investigation are presented.Comment: 9th International Conference on Availability, Reliability and Security (ARES 2014

The Critical Challenges from International High-Tech and Computer-Related Crime at the Millennium

The automotive industry stands in front of a great challenge, to decrease its impact on the environment. One important part in succeeding with this is to decrease the structural weight of the body structure and by that the fuel consumption or the required battery power. Carbon fibre composites are by many seen as the only real option when traditional engineering materials are running out of potential for further weight reduction. However, the automotive industry lacks experience working with structural composites and the methods for high volume composite manufacturing are immature. The development of a composite automotive body structure, therefore, needs methods to support and guide the conceptual work to improve the financial and technical results. In this thesis a framework is presented which will provide guidelines for the conceptual phase of the development of an automotive body structure. The framework follows two main paths, one to strive for the ideal material diversity, which also defines an initial partition of the body structure based on the process and material selection. Secondly, a further analysis of the structures are made to evaluate if a more cost and weight efficient solution can be found by a more differential design and by that define the ideal part size. In the case and parameter studies performed, different carbon fibre composite material systems and processes are compared and evaluated. The results show that high performance material system with continuous fibres becomes both more cost and performance effective compared to industrialised discontinuous fibre composites. But also that cycle times, sometimes, are less important than a competitive feedstock cost for a manufacturing process. When further analysing the manufacturing design of the structures it is seen that further partition(s) can become cost effective if the size and complexity is large enough.      QC 20140527</p

I Know Why You Went to the Clinic: Risks and Realization of HTTPS Traffic Analysis

Revelations of large scale electronic surveillance and data mining by governments and corporations have fueled increased adoption of HTTPS. We present a traffic analysis attack against over 6000 webpages spanning the HTTPS deployments of 10 widely used, industry-leading websites in areas such as healthcare, finance, legal services and streaming video. Our attack identifies individual pages in the same website with 89% accuracy, exposing personal details including medical conditions, financial and legal affairs and sexual orientation. We examine evaluation methodology and reveal accuracy variations as large as 18% caused by assumptions affecting caching and cookies. We present a novel defense reducing attack accuracy to 27% with a 9% traffic increase, and demonstrate significantly increased effectiveness of prior defenses in our evaluation context, inclusive of enabled caching, user-specific cookies and pages within the same website