Men-in-the-Middle Attack Simulation on Low Energy Wireless Devices using Software Define Radio

The article presents a method which organizes men-in-the-middle attack and penetration test on Bluetooth Low Energy devices and ZigBee packets by using software define radio with sniffing and spoofing packets, capture and analysis techniques on wireless waves with the focus on BLE. The paper contains the analysis of the latest scientific works in this area, provides a comparative analysis of SDRs with the rationale for the choice of hardware, gives the sequence order of actions for collecting wireless data packets and data collection from ZigBee and BLE devices, and analyzes ways which can improve captured wireless packet analysis techniques. The results of the experimental setup, collected for the study, were analyzed in real time and the collected wireless data packets were compared with the one, which have sent the origin. The result of the experiment shows the weaknesses of local wireless networks

The Secure and Energy Efficient Data Routing in the IoT based Network

The business applications such as weather forecasting, traffic management, weather forecasting, traffic management, etc., are enormously adopting Internet of Things(IoT). While scaling of these applications are fast, the device/sensor capabilities, particularly in terms of battery life and energy efficiency is limited. Despite of intensive research conducted to address these shortcomings, Wireless IoT Sensor Network(WIoTSN) still cannot assure 100\% efficient network life. Therefore, the core objective of the thesis is to provide an overview of energy efficiency of proactive(OLSR) and reactive(DSR and AODV) data routing protocols by scaling the size of network, i.e. number of sensor nodes, data packet size, data transmission rate and speed of mobile sink node. It also reviews the importance of security in WIoTSN. The two approaches, such as literature review and simulation testing, are used to achieve the objective of the thesis. The literature review provides information about reactive and proactive protocols and their mechanism for route discovery. Similarly, the network simulator tool NS3 is used for running simulation to evaluate the performance of selected routing protocols for energy efficiency. The thesis results showed the effect of scaling the parameters selected for experimental purpose on the energy efficiency of proactive and reactive data routing protocols. The simulation results prove that the reactive protocol DSR outperforms another reactive protocol AODV and proactive protocol OLSR in energy efficiency. From the security perspective, the thesis also emphasizes its need in IoT and suggest to minimize wasteful resources in WIoTSN and use them by restructuring the network for secure energy-efficient data routing protocols

Doctor of Philosophy

dissertationThe wireless radio channel is typically thought of as a means to move information from transmitter to receiver, but the radio channel can also be used to detect changes in the environment of the radio link. This dissertation is focused on the measurements we can make at the physical layer of wireless networks, and how we can use those measurements to obtain information about the locations of transceivers and people. The first contribution of this work is the development and testing of an open source, 802.11b sounder and receiver, which is capable of decoding packets and using them to estimate the channel impulse response (CIR) of a radio link at a fraction of the cost of traditional channel sounders. This receiver improves on previous implementations by performing optimized matched filtering on the field-programmable gate array (FPGA) of the Universal Software Radio Peripheral (USRP), allowing it to operate at full bandwidth. The second contribution of this work is an extensive experimental evaluation of a technology called location distinction, i.e., the ability to identify changes in radio transceiver position, via CIR measurements. Previous location distinction work has focused on single-input single-output (SISO) radio links. We extend this work to the context of multiple-input multiple-output (MIMO) radio links, and study system design trade-offs which affect the performance of MIMO location distinction. The third contribution of this work introduces the "exploiting radio windows" (ERW) attack, in which an attacker outside of a building surreptitiously uses the transmissions of an otherwise secure wireless network inside of the building to infer location information about people inside the building. This is possible because of the relative transparency of external walls to radio transmissions. The final contribution of this dissertation is a feasibility study for building a rapidly deployable radio tomographic (RTI) imaging system for special operations forces (SOF). We show that it is possible to obtain valuable tracking information using as few as 10 radios over a single floor of a typical suburban home, even without precise radio location measurements

Smart Wireless Sensor Networks

The recent development of communication and sensor technology results in the growth of a new attractive and challenging area - wireless sensor networks (WSNs). A wireless sensor network which consists of a large number of sensor nodes is deployed in environmental fields to serve various applications. Facilitated with the ability of wireless communication and intelligent computation, these nodes become smart sensors which do not only perceive ambient physical parameters but also be able to process information, cooperate with each other and self-organize into the network. These new features assist the sensor nodes as well as the network to operate more efficiently in terms of both data acquisition and energy consumption. Special purposes of the applications require design and operation of WSNs different from conventional networks such as the internet. The network design must take into account of the objectives of specific applications. The nature of deployed environment must be considered. The limited of sensor nodes� resources such as memory, computational ability, communication bandwidth and energy source are the challenges in network design. A smart wireless sensor network must be able to deal with these constraints as well as to guarantee the connectivity, coverage, reliability and security of network's operation for a maximized lifetime. This book discusses various aspects of designing such smart wireless sensor networks. Main topics includes: design methodologies, network protocols and algorithms, quality of service management, coverage optimization, time synchronization and security techniques for sensor networks

Middleware architectures for the smart grid: A survey on the state-of-the-art, taxonomy and main open issues

The integration of small-scale renewable energy sources in the smart grid depends on several challenges that must be overcome. One of them is the presence of devices with very different characteristics present in the grid or how they can interact among them in terms of interoperability and data sharing. While this issue is usually solved by implementing a middleware layer among the available pieces of equipment in order to hide any hardware heterogeneity and offer the application layer a collection of homogenous resources to access lower levels, the variety and differences among them make the definition of what is needed in each particular case challenging. This paper offers a description of the most prominent middleware architectures for the smart grid and assesses the functionalities they have, considering the performance and features expected from them in the context of this application domain

On Statistical QoS Provisioning for Smart Grid

Current power system is in the transition from traditional power grid to Smart Grid. A key advantage of Smart Grid is its integration of advanced communication technologies, which can provide real-time system-wide two-way information links. Since the communication system and power system are deeply coupled within the Smart Grid system, it makes Quality of Service (QoS) performance analysis much more complex than that in either system alone. In order to address this challenge, the effective rate theory is studied and extended in this thesis, where a new H transform based framework is proposed. Various scenarios are investigated using the new proposed effective rate framework, including both independent and correlated fading channels. With the effective rate as a connection between the communication system and the power system, an analysis of the power grid observability under communication constraints is performed. Case studies show that the effective rate provides a cross layer analytical framework within the communication system, while its statistical characterisation of the communication delay has the potential to be applied as a general coupling point between the communication system and the power system, especially when real-time applications are considered. Besides the theoretical QoS performance analysis within Smart Grid, a new Software Defined Smart Grid testbed is proposed in this thesis. This testbed provides a versatile evaluation and development environment for Smart Grid QoS performance studies. It exploits the Real Time Digital Simulator (RTDS) to emulate different power grid configurations and the Software Defined Radio (SDR) environment to implement the communication system. A data acquisition and actuator module is developed, which provides an emulation of various Intelligent Electronic Devices (IEDs). The implemented prototype demonstrates that the proposed testbed has the potential to evaluate real time Smart Grid applications such as real time voltage stability control

Middleware Technologies for Cloud of Things - a survey

The next wave of communication and applications rely on the new services provided by Internet of Things which is becoming an important aspect in human and machines future. The IoT services are a key solution for providing smart environments in homes, buildings and cities. In the era of a massive number of connected things and objects with a high grow rate, several challenges have been raised such as management, aggregation and storage for big produced data. In order to tackle some of these issues, cloud computing emerged to IoT as Cloud of Things (CoT) which provides virtually unlimited cloud services to enhance the large scale IoT platforms. There are several factors to be considered in design and implementation of a CoT platform. One of the most important and challenging problems is the heterogeneity of different objects. This problem can be addressed by deploying suitable "Middleware". Middleware sits between things and applications that make a reliable platform for communication among things with different interfaces, operating systems, and architectures. The main aim of this paper is to study the middleware technologies for CoT. Toward this end, we first present the main features and characteristics of middlewares. Next we study different architecture styles and service domains. Then we presents several middlewares that are suitable for CoT based platforms and lastly a list of current challenges and issues in design of CoT based middlewares is discussed.Comment: http://www.sciencedirect.com/science/article/pii/S2352864817301268, Digital Communications and Networks, Elsevier (2017

Middleware Technologies for Cloud of Things - a survey

The next wave of communication and applications rely on the new services provided by Internet of Things which is becoming an important aspect in human and machines future. The IoT services are a key solution for providing smart environments in homes, buildings and cities. In the era of a massive number of connected things and objects with a high grow rate, several challenges have been raised such as management, aggregation and storage for big produced data. In order to tackle some of these issues, cloud computing emerged to IoT as Cloud of Things (CoT) which provides virtually unlimited cloud services to enhance the large scale IoT platforms. There are several factors to be considered in design and implementation of a CoT platform. One of the most important and challenging problems is the heterogeneity of different objects. This problem can be addressed by deploying suitable "Middleware". Middleware sits between things and applications that make a reliable platform for communication among things with different interfaces, operating systems, and architectures. The main aim of this paper is to study the middleware technologies for CoT. Toward this end, we first present the main features and characteristics of middlewares. Next we study different architecture styles and service domains. Then we presents several middlewares that are suitable for CoT based platforms and lastly a list of current challenges and issues in design of CoT based middlewares is discussed.Comment: http://www.sciencedirect.com/science/article/pii/S2352864817301268, Digital Communications and Networks, Elsevier (2017

ПІДХОДИ ДО ФОРМУВАННЯ НАУКОВОГО МИСЛЕННЯ У ЗДОБУВАЧІВ ВИЩОЇ ОСВІТИ З КІБЕРБЕЗПЕКИ

The need for specialists in the development of information systems is growing, therefore the cost and demand for educational programs and courses for “quick” entry into the specialty is increasing. Training of information security specialists is impossible without current and clear standards and training programs. Currently, there is no clear standard for a Cybersecurity major for Ph.D. The public discourse on the development and processing of passports of specialties should actualize the problems and challenges of the modern world market of information technologies. The application of best practices in state institutions and services will strengthen the security of the Ukrainian state. This article uses the experience of working with students of higher education at different levels. The corpus of the author’s publications over the past six years is used as the object of the research. The main research methods are a critical analysis of approaches to the activation of creative approaches in acquirers; comparative analysis of difficulties in preparing for the experiment and classification of publications by research areas. The work presents an overview of the information security labor market, its structure and features of interaction between employers and job applicants. The peculiarities of the development of information security specialists, as well as their phases of formation, are considered separately. Consolidation of university curricula and comparison of passports of scientific specialties (05.13.21 information protection systems, 21.05.01 information security, 05.13.06 information technologies, 13.00.10 information and communication technologies in education) of doctors of philosophy made it possible to single out the main directions, which a graduate of the “Cybersecurity” specialty should know and be able to do. Methods of involving students and graduate students in active learning are considered in a separate block. Statistics of cooperation with acquirers are analyzed, and it is shown that covering all aspects of cybersecurity is not always possibleПотреба в спеціалістах з розробки інформаційних систем зростає, тому збільшується вартість і попит на навчальні програми та курси «швидкого» входу в спеціальність. Підготовка спеціалістів з інформаційної безпеки неможлива без актуальних і чітких стандартів і програм навчання. На даний момент не існує чіткого стандарту для спеціальності «Кібербезпека» для докторів філософії. Публічний дискурс з приводу розробки та переробки паспортів спеціальностей має актуалізувати проблематику та виклики сучасного світового ринку інформаційних технологій. Застосування кращих практик у державних установах та службах дозволить укріпити безпеку української держави. В даній статті використовується досвід роботи зі здобувачами вищої освіти на різних рівнях. В якості об’єкту дослідження використовується корпус публікацій автора статті за останні шість років. Основними методами дослідження є критичний аналіз підходів до активізації творчих підходів у здобувачів; порівняльний аналіз складностей при підготовці до експерименту і класифікація публікацій за напрямками досліджень. В роботі представлений огляд ринку праці з інформаційної безпеки, його структура та особливості взаємодії роботодавців та претендентів на посаду. Окремо розглянуто особливості розвитку спеціалістів з інформаційної безпеки, а також їх фази формування. Консолідація університетських навчальних програм та порівняння паспортів наукових спеціальностей (05.13.21 — системи захисту інформації, 21.05.01 — інформаційна безпека, 05.13.06 — інформаційні технології, 13.00.10 — інформаційно-комунікаційні технології в освіті) докторів філософії дало можливість виокремити основні напрямки, які має знати та вміти випускник спеціальності «Кібербезпека». Окремим блоком розглянуті методики залучення до активного навчання студентів та аспірантів. Проаналізована статистика співпраці із здобувачами та показано, що покриття всіх аспектів кібербезпеки не завжди є можливим