Preliminary Recommendations for the Collection, Storage, and Analysis of UAS Safety Data

Although the use of UASs in military and public service operations is proliferating, civilian use of UASs remains limited in the United States today. With efforts underway to accommodate and integrate UASs into the NAS, a proactive understanding of safety issues, i.e., the unique hazards and the corresponding risks that UASs pose not only through their operations for commercial purposes, but also to existing operations in the NAS, is especially important so as to (a) support the development of a sound regulatory basis, (b) regulate, design and properly equip UASs, and (c) effectively mitigate the risks posed. Data, especially about system and component failures, incidents, and accidents, provides valuable insight into how performance and operational capabilities/limitations contribute to hazards. Since the majority of UAS operations today take place in a context that is significantly different from the norm in civil aviation, i.e., with different operational goals and standards, identifying that which constitutes useful and sufficient data on UASs and their operations is a substantial research challenge

Study of Peer-to-Peer Network Based Cybercrime Investigation: Application on Botnet Technologies

The scalable, low overhead attributes of Peer-to-Peer (P2P) Internet protocols and networks lend themselves well to being exploited by criminals to execute a large range of cybercrimes. The types of crimes aided by P2P technology include copyright infringement, sharing of illicit images of children, fraud, hacking/cracking, denial of service attacks and virus/malware propagation through the use of a variety of worms, botnets, malware, viruses and P2P file sharing. This project is focused on study of active P2P nodes along with the analysis of the undocumented communication methods employed in many of these large unstructured networks. This is achieved through the design and implementation of an efficient P2P monitoring and crawling toolset. The requirement for investigating P2P based systems is not limited to the more obvious cybercrimes listed above, as many legitimate P2P based applications may also be pertinent to a digital forensic investigation, e.g, voice over IP, instant messaging, etc. Investigating these networks has become increasingly difficult due to the broad range of network topologies and the ever increasing and evolving range of P2P based applications. In this work we introduce the Universal P2P Network Investigation Framework (UP2PNIF), a framework which enables significantly faster and less labour intensive investigation of newly discovered P2P networks through the exploitation of the commonalities in P2P network functionality. In combination with a reference database of known network characteristics, it is envisioned that any known P2P network can be instantly investigated using the framework, which can intelligently determine the best investigation methodology and greatly expedite the evidence gathering process. A proof of concept tool was developed for conducting investigations on the BitTorrent network.Comment: This is a thesis submitted in fulfilment of a PhD in Digital Forensics and Cybercrime Investigation in the School of Computer Science, University College Dublin in October 201

Assessing the Competing Characteristics of Privacy and Safety within Vehicular Ad Hoc Networks

The introduction of Vehicle-to-Vehicle (V2V) communication has the promise of decreasing vehicle collisions, congestion, and emissions. However, this technology places safety and privacy at odds; an increase of safety applications will likely result in the decrease of consumer privacy. The National Highway Traffic Safety Administration (NHTSA) has proposed the Security Credential Management System (SCMS) as the back end infrastructure for maintaining, distributing, and revoking vehicle certificates attached to every Basic Safety Message (BSM). This Public Key Infrastructure (PKI) scheme is designed around the philosophy of maintaining user privacy through the separation of functions to prevent any one subcomponent from identifying users. However, because of the high precision of the data elements within each message this design cannot prevent large scale third-party BSM collection and pseudonym linking resulting in privacy loss. In addition, this philosophy creates an extraordinarily complex and heavily distributed system. In response to this difficulty, this thesis proposes a data ambiguity method to bridge privacy and safety within the context of interconnected vehicles. The objective in doing so is to preserve both Vehicle-to-Vehicle (V2V) safety applications and consumer privacy. A Vehicular Ad-Hoc Network (VANET) metric classification is introduced that explores five fundamental pillars of VANETs. These pillars (Safety, Privacy, Cost, Efficiency, Stability) are applied to four different systems: Non-V2V environment, the aforementioned SCMS, the group-pseudonym based Vehicle Based Security System (VBSS), and VBSS with Dithering (VBSS-D) which includes the data ambiguity method of dithering. By using these evaluation criteria, the advantages and disadvantages of bringing each system to fruition is showcased

Mitigating interference coexistence issues in wireless sensor networks

Wireless Sensor Networks (WSNs) comprise a collection of portable, wireless, interconnected sensors deployed over an area to monitor and report a variable of interest; example applications include wildlife monitoring and home automation systems. In order to cater for long network lifetimes without the need for regular maintenance, energy efficiency is paramount, alongside link reliability. To minimise energy consumption, WSN MAC protocols employ Clear Channel Assessment (CCA), to transmit and receive packets. For transmitting, CCA is used beforehand to determine if the channel is clear. For receiving, CCA is used to decide if the radio should wake up to receive an incoming transmission, or be left in a power efficient sleep state. Current CCA implementations cannot determine the device type occupying the media, leaving nodes unable to differentiate between WSN traffic and arbitrary interference from other devices, such as WiFi. This affects link performance as packet loss increases, and energy efficiency as the radio is idly kept in receive mode. To permit WSN deployments in these environments, it is necessary to be able to gauge the effect of interference. While tools exist to model and predict packet loss in these conditions, it is currently not possible to do the same for energy consumption. This would be beneficial, as parameters of the network could be tuned to meet lifetime and energy requirements. In this thesis, methods to predict energy consumption of WSN MAC protocols are presented. These are shown to accurately estimate the idle listening from environmental interference measurements. Further, in order to mitigate the effects of interference, it would be beneficial for a CCA check to determine the device type occupying the media. For example, transmitters may select back-off strategies depending on the observed channel occupier. Receivers could be made more efficient by ignoring all non-WSN traffic, staying awake only after detecting an incoming WSN transmission. P-DCCA is a novel method presented in this thesis to achieve this. Transmitters vary the output power of the radio while the packet is being sent. Receivers are able to identify signals with this characteristic power variation, enabling a P-DCCA check to reveal if the medium is currently occupied by WSN traffic or other interference. P-DCCA is implemented in a common WSN MAC protocol, and is shown to achieve high detection accuracy, and to improve energy efficiency and packet delivery in interference environments

Blacklight: Defending Black-Box Adversarial Attacks on Deep Neural Networks

The vulnerability of deep neural networks (DNNs) to adversarial examples is well documented. Under the strong white-box threat model, where attackers have full access to DNN internals, recent work has produced continual advancements in defenses, often followed by more powerful attacks that break them. Meanwhile, research on the more realistic black-box threat model has focused almost entirely on reducing the query-cost of attacks, making them increasingly practical for ML models already deployed today. This paper proposes and evaluates Blacklight, a new defense against black-box adversarial attacks. Blacklight targets a key property of black-box attacks: to compute adversarial examples, they produce sequences of highly similar images while trying to minimize the distance from some initial benign input. To detect an attack, Blacklight computes for each query image a compact set of one-way hash values that form a probabilistic fingerprint. Variants of an image produce nearly identical fingerprints, and fingerprint generation is robust against manipulation. We evaluate Blacklight on 5 state-of-the-art black-box attacks, across a variety of models and classification tasks. While the most efficient attacks take thousands or tens of thousands of queries to complete, Blacklight identifies them all, often after only a handful of queries. Blacklight is also robust against several powerful countermeasures, including an optimal black-box attack that approximates white-box attacks in efficiency. Finally, Blacklight significantly outperforms the only known alternative in both detection coverage of attack queries and resistance against persistent attackers

Intelligent Lower-Layer Denial-of-Service Attacks Against Cellular Vehicle-to-Everything

Vehicle-to-everything (V2X) communication promises a wide range of benefits for society. Within future V2X-enabled intelligent transportation systems, vehicle-to-vehicle (V2V) communication will allow vehicles to directly exchange messages, improving their situational awareness and allowing drivers or (semi-)autonomous vehicles to avoid collisions, particularly in non-line-of-sight scenarios. Thus, V2V has the potential to reduce annual vehicular crashes and fatalities by hundreds of thousands. Cellular Vehicle-to-Everything (C-V2X) is rapidly supplanting older V2V protocols and will play a critical role in achieving these outcomes. As extremely low latency is required to facilitate split-second collision avoidance maneuvers, ensuring the availability of C-V2X is imperative for safe and secure intelligent transportation systems. However, little work has analyzed the physical- (PHY) and MAC-layer resilience of C-V2X against intelligent, protocol-aware denial-of-service (DoS) attacks by stealthy adversaries. In this thesis, we expose fundamental security vulnerabilities in the PHY- and MAC-layer designs of C-V2X and demonstrate how they can be exploited to devastating effect by devising two novel, intelligent DoS attacks against C-V2X: targeted sidelink jamming and sidelink resource exhaustion. Our attacks demonstrate different ways an intelligent adversary can dramatically degrade the availability of C-V2X for one or many vehicles, increasing the likelihood of fatal vehicle collisions. Through hardware experiments with software-defined radios (SDRs) and state-of-the-art C-V2X devices in combination with extensive MATLAB simulation, we demonstrate the viability and effectiveness of our attacks. We show that targeted sidelink jamming can reduce a targeted vehicle\u27s packet delivery ratio by 90% in a matter of seconds, while sidelink resource exhaustion can reduce C-V2X channel throughput by up to 50% in similarly short order. We further provide and validate detection techniques for each attack based on cluster and regression analysis techniques and propose promising, preliminary approaches to mitigate the underlying vulnerabilities that we expose in the PHY/MAC layers of C-V2X