Evaluating the impact of malicious spoofing attacks on Bluetooth low energy based occupancy detection systems

Occupancy detection of a building has a wide range of applications. Areas such as emergency management, home automation and building energy management can benefit from the knowledge of occupants' locations to provide better results and improve their efficiency. Bluetooth Low Energy (BLE) beacons installed inside a building are able to provide information on an occupant's location. Since, however, their operation is based on broadcasting advertisements, they are vulnerable to network security breaches. In this work, we evaluate the effect of two types of spoofing attacks on a BLE based occupancy detection system. The system is composed of BLE beacons installed inside the building, a mobile application installed on occupants’ mobile phones and a remote control server. Occupancy detection is performed by a classifier installed on the remote server. We use our real-world experimental results to evaluate the impact of these attacks on the system's operation, particularly in terms of the accuracy with which it can provide location information

A Context-Aware System to Secure Enterprise Content: Incorporating Reliability Specifiers

The sensors of a context-aware system extract contextual information from the environment and relay that information to higher-level processes of the system so to influence the system\u2019s control decisions. However, an adversary can maliciously influence such controls indirectly by manipulating the environment in which the sensors are monitoring, thereby granting privileges the adversary would otherwise not normally have. To address such context monitoring issues, we extend CASSEC by incorporating sentience-like constructs, which enable the emulation of \u201dconfidence\u201d, into our proximity-based access control model to grant the system the ability to make more inferable decisions based on the degree of reliability of extracted contextual information. In CASSEC 2.0, we evaluate our confidence constructs by implementing two new authentication mechanisms. Co-proximity authentication employs our time-based challenge-response protocol, which leverages Bluetooth Low Energy beacons as its underlying occupancy detection technology. Biometric authentication relies on the accelerometer and fingerprint sensors to measure behavioral and physiological user features to prevent unauthorized users from using an authorized user\u2019s device. We provide a feasibility study demonstrating how confidence constructs can improve the decision engine of context-aware access control systems

Cyber security of smart building ecosystems

Abstract. Building automation systems are used to create energy-efficient and customisable commercial and residential buildings. During the last two decades, these systems have become more and more interconnected to reduce expenses and expand their capabilities by allowing vendors to perform maintenance and by letting building users to control the machines remotely. This interconnectivity has brought new opportunities on how building data can be collected and put to use, but it has also increased the attack surface of smart buildings by introducing security challenges that need to be addressed. Traditional building automation systems with their proprietary communication protocols and interfaces are giving way to interoperable systems utilising open technologies. This interoperability is an important aspect in streamlining the data collection process by ensuring that different components of the environment are able to exchange information and operate in a coordinated manner. Turning these opportunities into actual products and platforms requires multi-sector collaboration and joint research projects, so that the buildings of tomorrow can become reality with as few compromises as possible. This work examines one of these experimental project platforms, KEKO ecosystem, with the focus on assessing the cyber security challenges faced by the platform by using the well-recognised MITRE ATT&CK knowledge base of adversary tactics and techniques. The assessment provides a detailed categorisation of identified challenges and recommendations on how they should be addressed. This work also presents one possible solution for improving the detection of offensive techniques targeting building automation by implementing a monitoring pipeline within the experimental platform, and a security event API that can be integrated to a remote SIEM system to increase visibility on the platform’s data processing operations

How Physicality Enables Trust: A New Era of Trust-Centered Cyberphysical Systems

Multi-agent cyberphysical systems enable new capabilities in efficiency, resilience, and security. The unique characteristics of these systems prompt a reevaluation of their security concepts, including their vulnerabilities, and mechanisms to mitigate these vulnerabilities. This survey paper examines how advancement in wireless networking, coupled with the sensing and computing in cyberphysical systems, can foster novel security capabilities. This study delves into three main themes related to securing multi-agent cyberphysical systems. First, we discuss the threats that are particularly relevant to multi-agent cyberphysical systems given the potential lack of trust between agents. Second, we present prospects for sensing, contextual awareness, and authentication, enabling the inference and measurement of ``inter-agent trust" for these systems. Third, we elaborate on the application of quantifiable trust notions to enable ``resilient coordination," where ``resilient" signifies sustained functionality amid attacks on multiagent cyberphysical systems. We refer to the capability of cyberphysical systems to self-organize, and coordinate to achieve a task as autonomy. This survey unveils the cyberphysical character of future interconnected systems as a pivotal catalyst for realizing robust, trust-centered autonomy in tomorrow's world

CPS Attacks Mitigation Approaches on Power Electronic Systems with Security Challenges for Smart Grid Applications: A Review

This paper presents an inclusive review of the cyber-physical (CP) attacks, vulnerabilities, mitigation approaches on the power electronics and the security challenges for the smart grid applications. With the rapid evolution of the physical systems in the power electronics applications for interfacing renewable energy sources that incorporate with cyber frameworks, the cyber threats have a critical impact on the smart grid performance. Due to the existence of electronic devices in the smart grid applications, which are interconnected through communication networks, these networks may be subjected to severe cyber-attacks by hackers. If this occurs, the digital controllers can be physically isolated from the control loop. Therefore, the cyber-physical systems (CPSs) in the power electronic systems employed in the smart grid need special treatment and security. In this paper, an overview of the power electronics systems security on the networked smart grid from the CP perception, as well as then emphases on prominent CP attack patterns with substantial influence on the power electronics components operation along with analogous defense solutions. Furthermore, appraisal of the CPS threats attacks mitigation approaches, and encounters along the smart grid applications are discussed. Finally, the paper concludes with upcoming trends and challenges in CP security in the smart grid applications

MitM Attack Detection in BLE Networks using Reconstruction and Classification Machine Learning Techniques

International audienceInternet of Things (IoT) devices, including smartphones and tablets, are widely deployed in various application domains ranging from smart homes to industrial environments. Many of these devices rely on Bluetooth Low Energy (BLE) as a communication protocol for their control or the transfer of data. Trivial attacks can easily target these devices to compromise them due to their low security features and inherent vul-nerabilities in their software and communication components. In this paper , we firstly demonstrate a Man-in-the-Middle (MitM) attack against BLE devices while collecting datasets of network traffic data exchange with and without the attack. Secondly, we study the use of machine learning to detect this attack by combining unsupervised and supervised techniques. We applied and compared two unsupervised techniques to reconstruct the model of BLE communications and detect suspicious data batches. We then applied a classification method based on Text-CNN technique to classify packets as normal or attack inside each suspicious batch. Our model reconstruction results show that we are able to discriminate normal and attack models with high precision and our classification method achieves high accuracy (≈ 0.99) and low false positive rate (≈ 0.03)

Internet of Things and Intelligent Technologies for Efficient Energy Management in a Smart Building Environment

Internet of Things (IoT) is attempting to transform modern buildings into energy efficient, smart, and connected buildings, by imparting capabilities such as real-time monitoring, situational awareness and intelligence, and intelligent control. Digitizing the modern day building environment using IoT improves asset visibility and generates energy savings. This dissertation provides a survey of the role, impact, and challenges and recommended solutions of IoT for smart buildings. It also presents an IoT-based solution to overcome the challenge of inefficient energy management in a smart building environment. The proposed solution consists of developing an Intelligent Computational Engine (ICE), composed of various IoT devices and technologies for efficient energy management in an IoT driven building environment. ICE’s capabilities viz. energy consumption prediction and optimized control of electric loads have been developed, deployed, and dispatched in the Real-Time Power and Intelligent Systems (RTPIS) laboratory, which serves as the IoT-driven building case study environment. Two energy consumption prediction models viz. exponential model and Elman recurrent neural network (RNN) model were developed and compared to determine the most accurate model for use in the development of ICE’s energy consumption prediction capability. ICE’s prediction model was developed in MATLAB using cellular computational network (CCN) technique, whereas the optimized control model was developed jointly in MATLAB and Metasys Building Automation System (BAS) using particle swarm optimization (PSO) algorithm and logic connector tool (LCT), respectively. It was demonstrated that the developed CCN-based energy consumption prediction model was highly accurate with low error % by comparing the predicted and the measured energy consumption data over a period of one week. The predicted energy consumption values generated from the CCN model served as a reference for the PSO algorithm to generate control parameters for the optimized control of the electric loads. The LCT model used these control parameters to regulate the electric loads to save energy (increase energy efficiency) without violating any operational constraints. Having ICE’s energy consumption prediction and optimized control of electric loads capabilities is extremely useful for efficient energy management as they ensure that sufficient energy is generated to meet the demands of the electric loads optimally at any time thereby reducing wasted energy due to excess generation. This, in turn, reduces carbon emissions and generates energy and cost savings. While the ICE was tested in a small case-study environment, it could be scaled to any smart building environment

Novel Attacks and Defenses for Enterprise Internet-of-Things (E-IoT) Systems

This doctoral dissertation expands upon the field of Enterprise Internet-of-Things (E-IoT) systems, one of the most ubiquitous and under-researched fields of smart systems. E-IoT systems are specialty smart systems designed for sophisticated automation applications (e.g., multimedia control, security, lighting control). E-IoT systems are often closed source, costly, require certified installers, and are more robust for their specific applications. This dissertation begins with an analysis of the current E-IoT threat landscape and introduces three novel attacks and defenses under-studied software and protocols heavily linked to E-IoT systems. For each layer, we review the literature for the threats, attacks, and countermeasures. Based on the systematic knowledge we obtain from the literature review, we propose three novel attacks and countermeasures to protect E-IoT systems. In the first attack, we present PoisonIvy, several attacks developed to show that malicious E-IoT drivers can be used to compromise E-IoT. In response to PoisonIvy threats, we describe Ivycide, a machine-learning network-based solution designed to defend E-IoT systems against E-IoT driver threats. As multimedia control is a significant application of E-IoT, we introduce is HDMI-Walk, a novel attack vector designed to demonstrate that HDMI\u27s Consumer Electronics Control (CEC) protocol can be used to compromise multiple devices through a single connection. To defend devices from this threat, we introduce HDMI-Watch, a standalone intrusion detection system (IDS) designed to defend HDMI-enabled devices from HDMI-Walk-style attacks. Finally, this dissertation evaluates the security of E-IoT proprietary protocols with LightingStrike, a series of attacks used to demonstrate that popular E-IoT proprietary communication protocols are insecure. To address LightningStrike threats, we introduce LGuard, a complete defense framework designed to defend E-IoT systems from LightingStrike-style attacks using computer vision, traffic obfuscation, and traffic analysis techniques. For each contribution, all of the defense mechanisms proposed are implemented without any modification to the underlying hardware or software. All attacks and defenses in this dissertation were performed with implementations on widely-used E-IoT devices and systems. We believe that the research presented in this dissertation has notable implications on the security of E-IoT systems by exposing novel threat vectors, raising awareness, and motivating future E-IoT system security research

Secure Integration of Wireless Sensor Networks into Applications

Wireless sensors are small devices that are able to gather, process and deliver information from a physical environment to an external system. By doing so, they open new applications in different domains, such as healthcare, traffc control, defense and agriculture. The integration of Wireless Sensor Networks (WSN) with Business Applications (BA) raises technical and security related challenges. Existing approaches target technical issues such as interoperability between WSN and BAs or heterogeneity of acquired sensor data. In this work, we start by performing an analysis of the risks that such an integration of WSNs with BAs may present using the NIST SP 800-30 recommendations. We then introduce and analyze an effcient security scheme that does not use complex operations and guarantees end-to-end confidentiality of sensor data. Finally, we provide an in silico proof-of-concept and validate it using a real WSN co-developed with Cisco Systems France