The Opportunistic Transmission of Wireless Worms between Mobile Devices

The ubiquity of portable wireless-enabled computing and communications devices has stimulated the emergence of malicious codes (wireless worms) that are capable of spreading between spatially proximal devices. The potential exists for worms to be opportunistically transmitted between devices as they move around, so human mobility patterns will have an impact on epidemic spread. The scenario we address in this paper is proximity attacks from fleetingly in-contact wireless devices with short-range communication range, such as Bluetooth-enabled smart phones. An individual-based model of mobile devices is introduced and the effect of population characteristics and device behaviour on the outbreak dynamics is investigated. We show through extensive simulations that in the above scenario the resulting mass-action epidemic models remain applicable provided the contact rate is derived consistently from the underlying mobility model. The model gives useful analytical expressions against which more refined simulations of worm spread can be developed and tested.Comment: Submitted for publicatio

Experimental demonstration of Gaussian protocols for one-sided device-independent quantum key distribution

Nonlocal correlations, a longstanding foundational topic in quantum information, have recently found application as a resource for cryptographic tasks where not all devices are trusted, for example in settings with a highly secure central hub, such as a bank or government department, and less secure satellite stations which are inherently more vulnerable to hardware "hacking" attacks. The asymmetric phenomena of Einstein-Podolsky-Rosen steering plays a key role in one-sided device-independent quantum key distribution (1sDI-QKD) protocols. In the context of continuous-variable (CV) QKD schemes utilizing Gaussian states and measurements, we identify all protocols that can be 1sDI and their maximum loss tolerance. Surprisingly, this includes a protocol that uses only coherent states. We also establish a direct link between the relevant EPR steering inequality and the secret key rate, further strengthening the relationship between these asymmetric notions of nonlocality and device independence. We experimentally implement both entanglement-based and coherent-state protocols, and measure the correlations necessary for 1sDI key distribution up to an applied loss equivalent to 7.5 km and 3.5 km of optical fiber transmission respectively. We also engage in detailed modelling to understand the limits of our current experiment and the potential for further improvements. The new protocols we uncover apply the cheap and efficient hardware of CVQKD systems in a significantly more secure setting.Comment: Addition of experimental results and (several) new author

A generic communication architecture for end to end mobility management in the Internet

The proliferation of laptops, cellular phones, and other mobile computing platforms connected to the Internet has triggered numerous research works into mobile networking. The increasingly dense set of wireless access networks that can be potentially accessed by mobile users open the door to an era of pervasive computing. However, the puzzle of wireless access networks that tends to become the natural access networks to the Internet pushes legacy“wireoriented” communication architectures to their limit. Indeed, there is a critical gap between the increasingly used stream centric multimedia applications and the incapacity of legacy communication stacks to insure the continuity of these multimedia sessions for mobile users. This paper proposes a generic communication architecture (i.e. not dedicated to a specific protocol or technology) that aims to fill the gap between the application layer continuity needs and the discontinuity of the communication service inherent to the physical layer of wireless mobile networks. This paper introduces an end to end communication architecture that preserves efficiently session continuity in the context of mobile and wireless networks. This architecture is mainly based on end to end mechanisms that could be integrated into a new generation reconfigurable transport protocol. The proposed contribution efficiently satisfies mobility requirements such as efficient location management, fast handover, and continuous connection support

Discovering, quantifying, and displaying attacks

In the design of software and cyber-physical systems, security is often perceived as a qualitative need, but can only be attained quantitatively. Especially when distributed components are involved, it is hard to predict and confront all possible attacks. A main challenge in the development of complex systems is therefore to discover attacks, quantify them to comprehend their likelihood, and communicate them to non-experts for facilitating the decision process. To address this three-sided challenge we propose a protection analysis over the Quality Calculus that (i) computes all the sets of data required by an attacker to reach a given location in a system, (ii) determines the cheapest set of such attacks for a given notion of cost, and (iii) derives an attack tree that displays the attacks graphically. The protection analysis is first developed in a qualitative setting, and then extended to quantitative settings following an approach applicable to a great many contexts. The quantitative formulation is implemented as an optimisation problem encoded into Satisfiability Modulo Theories, allowing us to deal with complex cost structures. The usefulness of the framework is demonstrated on a national-scale authentication system, studied through a Java implementation of the framework.Comment: LMCS SPECIAL ISSUE FORTE 201

An Energy Aware and Secure MAC Protocol for Tackling Denial of Sleep Attacks in Wireless Sensor Networks

Wireless sensor networks which form part of the core for the Internet of Things consist of resource constrained sensors that are usually powered by batteries. Therefore, careful energy awareness is essential when working with these devices. Indeed,the introduction of security techniques such as authentication and encryption, to ensure confidentiality and integrity of data, can place higher energy load on the sensors. However, the absence of security protection c ould give room for energy drain attacks such as denial of sleep attacks which have a higher negative impact on the life span ( of the sensors than the presence of security features. This thesis, therefore, focuses on tackling denial of sleep attacks from two perspectives A security perspective and an energy efficiency perspective. The security perspective involves evaluating and ranking a number of security based techniques to curbing denial of sleep attacks. The energy efficiency perspective, on the other hand, involves exploring duty cycling and simulating three Media Access Control ( protocols Sensor MAC, Timeout MAC andTunableMAC under different network sizes and measuring different parameters such as the Received Signal Strength RSSI) and Link Quality Indicator ( Transmit power, throughput and energy efficiency Duty cycling happens to be one of the major techniques for conserving energy in wireless sensor networks and this research aims to answer questions with regards to the effect of duty cycles on the energy efficiency as well as the throughput of three duty cycle protocols Sensor MAC ( Timeout MAC ( and TunableMAC in addition to creating a novel MAC protocol that is also more resilient to denial of sleep a ttacks than existing protocols. The main contributions to knowledge from this thesis are the developed framework used for evaluation of existing denial of sleep attack solutions and the algorithms which fuel the other contribution to knowledge a newly developed protocol tested on the Castalia Simulator on the OMNET++ platform. The new protocol has been compared with existing protocols and has been found to have significant improvement in energy efficiency and also better resilience to denial of sleep at tacks Part of this research has been published Two conference publications in IEEE Explore and one workshop paper