222 research outputs found
A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends
This paper examines the security vulnerabilities and threats imposed by the
inherent open nature of wireless communications and to devise efficient defense
mechanisms for improving the wireless network security. We first summarize the
security requirements of wireless networks, including their authenticity,
confidentiality, integrity and availability issues. Next, a comprehensive
overview of security attacks encountered in wireless networks is presented in
view of the network protocol architecture, where the potential security threats
are discussed at each protocol layer. We also provide a survey of the existing
security protocols and algorithms that are adopted in the existing wireless
network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term
evolution (LTE) systems. Then, we discuss the state-of-the-art in
physical-layer security, which is an emerging technique of securing the open
communications environment against eavesdropping attacks at the physical layer.
We also introduce the family of various jamming attacks and their
counter-measures, including the constant jammer, intermittent jammer, reactive
jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the
integration of physical-layer security into existing authentication and
cryptography mechanisms for further securing wireless networks. Finally, some
technical challenges which remain unresolved at the time of writing are
summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201
Ein analytisches Framework zur Bewertung der ZuverlÀssigkeit und Security von fortschrittlichen Netzwerk Systemen
Today, anonymous networks such as The Onion Routing (Tor) have been designed to ensure anonymity, privacy and censorship prevention, which have become major concerns in modern society. Although the Tor network provides layered encryption and traffic tunneling against eavesdropping attacks, the jamming attacks and their impact on the network and network services can not be efficiently handled today. Moreover, to defy modern censorship, it is not enough just to use the Tor network to hide the client's identity and the message content as the censorship has become a type of jamming attack, which prevents users from connecting to the censored network nodes by blocking or jamming (Tor) traffic. In network security, the main tools to protect privacy and anonymity as well as integrity and service reliability against eavesdropping and jamming, respectively, are diversity, randomness, coding or encryption and over-provisioning, all less exploit in traditional networks. This thesis provides radical new network concepts to address the needs of traditional networks for privacy, anonymity, integrity, and reliability; and designs \emph{advanced network systems} based on parallel transmission, random routing, erasure coding and redundant configurations as tools to offer diversity, randomness, coding and over-provisioning. Since the network systems designed in this thesis can not be evaluated with existing analytical models due to their rather complex configurations, the main focus of this work is a development of novel analytical approaches for evaluation of network performance, reliability and security of these systems and to show their practicality. The provided analysis is based on combinatorics, probability and information theory. In contrast to current reliability models, the analysis in this thesis takes into account the sharing of network components, heterogeneity of software and hardware, and interdependence between failed components. The significant property of the new security analysis proposed is the ability to assess the level of privacy, anonymity, integrity and censorship success when multiple jamming and eavesdropping adversaries reside in the network.Derzeit werden anonyme Internet Kommunikationssysteme, wie The Onion Routing (Tor), verwendet, um die AnonymitĂ€t, die PrivatsphĂ€re und die Zensurfreiheit der Internetnutzer zu schĂŒtzen. Obwohl das Tor-Netzwerk einen Schutz vor Lauschangriffe (Eavesdropping) bietet, kann ein beabsichtigtes Stören (Jamming) der Ăbertragung und den daraus resultierenden Auswirkungen auf die Netzwerkfunktionen derzeit nicht effektiv abgewehrt werden. Auch das moderne Zensurverfahren im Internet stellt eine Art des Jammings dar. Deswegen kann das Tor Netzwerk zwar die IdentitĂ€t der Tor-Nutzer und die Inhalte ihrer Nachrichten geheim halten, die Internetzensur kann dadurch nicht verhindert werden. Um die Netzwerksicherheit und insbesondere AnonymitĂ€t, PrivatsphĂ€re und IntegritĂ€t zusammen mit der VerfĂŒgbar.- und ZuverlĂ€ssigkeit von Netzwerkservices zu gewĂ€hrleisten, sind DiversitĂ€t, Zufallsprinzip, Codierung (auch VerschlĂŒsselung) und eine Ăberversorgung, die in den konventionellen Netzwerksystemen eher sparsam angewendet werden, die wichtigsten Mittel gegen Security-Angriffe. Diese Arbeit befasst sich mit grundlegend neuen Konzepten fĂŒr Kommunikationsnetze, die einen Schutz der AnonymitĂ€t und der PrivatsphĂ€re im Internet bei gleichzeitiger Sicherstellung von IntegritĂ€t, VerfĂŒgbarkeit und ZuverlĂ€ssigkeit ermöglichen. Die dabei verwendeten Konzepte sind die parallele DatenĂŒbertragung, das Random Routing, das Erasure Coding und redundante Systemkonfigurationen. Damit sollen DiversitĂ€t, Zufallsprinzip, Codierung und eine Ăberversorgung gewĂ€hrleistet werden. Da die entwickelten Ăbertragungssysteme komplexe Strukturen und Konfigurationen aufweisen, können existierende analytische Modelle nicht fĂŒr eine fundierte Bewertung angewendet werden. Daher ist der Schwerpunkt dieser Arbeit neue analytische Verfahren fĂŒr eine Bewertung von unterschiedlichen Netzwerkleistungsparametern, ZuverlĂ€ssigkeit und Security zu entwickeln und die Praxistauglichkeit der in der Arbeit aufgefĂŒhrten neuen Ăbertragungskonzepte zu beurteilen. Im Gegensatz zu existierenden ZuverlĂ€ssigkeitsmodellen berĂŒcksichtigt der analytische Ansatz dieser Arbeit die Vielfalt von beteiligten Netzwerkkomponenten, deren komplexe ZusammenhĂ€nge und AbhĂ€ngigkeiten im Fall eines Ausfalls
NEMESYS: Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem
As a consequence of the growing popularity of smart mobile devices, mobile
malware is clearly on the rise, with attackers targeting valuable user
information and exploiting vulnerabilities of the mobile ecosystems. With the
emergence of large-scale mobile botnets, smartphones can also be used to launch
attacks on mobile networks. The NEMESYS project will develop novel security
technologies for seamless service provisioning in the smart mobile ecosystem,
and improve mobile network security through better understanding of the threat
landscape. NEMESYS will gather and analyze information about the nature of
cyber-attacks targeting mobile users and the mobile network so that appropriate
counter-measures can be taken. We will develop a data collection infrastructure
that incorporates virtualized mobile honeypots and a honeyclient, to gather,
detect and provide early warning of mobile attacks and better understand the
modus operandi of cyber-criminals that target mobile devices. By correlating
the extracted information with the known patterns of attacks from wireline
networks, we will reveal and identify trends in the way that cyber-criminals
launch attacks against mobile devices.Comment: Accepted for publication in Proceedings of the 28th International
Symposium on Computer and Information Sciences (ISCIS'13); 9 pages; 1 figur
Lawful Hacking: Using Existing Vulnerabilities for Wiretapping on the Internet
For years, legal wiretapping was straightforward: the officer doing the intercept connected a tape recorder or the like to a single pair of wires. By the 1990s, however, the changing structure of telecommunicationsâthere was no longer just âMa Bellâ to talk toâand new technologies such as ISDN and cellular telephony made executing a wiretap more complicated for law enforcement. Simple technologies would no longer suffice. In response, Congress passed the Communications Assistance for Law Enforcement Act (CALEA) which mandated a standardized lawful intercept interface on all local phone switches. Since its passage, technology has continued to progress, and in the face of new forms of communicationâSkype, voice chat during multiplayer online games, instant messaging, etc.âlaw enforcement is again experiencing problems. The FBI has called this âGoing Darkâ: their loss of access to suspectsâ communication. According to news reports, law enforcement wants changes to the wiretap laws to require a CALEA-like interface in Internet software.
CALEA, though, has its own issues: it is complex software specifically intended to create a security holeâeavesdropping capabilityâin the already-complex environment of a phone switch. It has unfortunately made wiretapping easier for everyone, not just law enforcement. Congress failed to heed expertsâ warnings of the danger posed by this mandated vulnerability, and time has proven the experts right. The so-called âAthens Affair,â where someone used the built-in lawful intercept mechanism to listen to the cell phone calls of high Greek officials, including the Prime Minister, is but one example. In an earlier work, we showed why extending CALEA to the Internet would create very serious problems, including the security problems it has visited on the phone system.
In this paper, we explore the viability and implications of an alternative method for addressing law enforcements need to access communications: legalized hacking of target devices through existing vulnerabilities in end-user software and platforms. The FBI already uses this approach on a small scale; we expect that its use will increase, especially as centralized wiretapping capabilities become less viable.
Relying on vulnerabilities and hacking poses a large set of legal and policy questions, some practical and some normative. Among these are:
(1) Will it create disincentives to patching?
(2) Will there be a negative effect on innovation? (Lessons from the so-called âCrypto Warsâ of the 1990s, and in particular the debate over export controls on cryptography, are instructive here.)
(3) Will law enforcementâs participation in vulnerabilities purchasing skew the market?
(4) Do local and even state law enforcement agencies have the technical sophistication to develop and use exploits? If not, how should this be handled? A larger FBI role?
(5) Should law enforcement even be participating in a market where many of the sellers and other buyers are themselves criminals?
(6) What happens if these tools are captured and repurposed by miscreants?
(7) Should we sanction otherwise illegal network activity to aid law enforcement?
(8) Is the probability of success from such an approach too low for it to be useful?
As we will show, these issues are indeed challenging. We regard the issues raised by using vulnerabilities as, on balance, preferable to adding more complexity and insecurity to online systems
Security performance and protocol consideration in optical communication system with optical layer security enabled by optical coding techniques
With the fast development of communication systems, network security issues have more and more impact on daily life. It is essential to construct a high degree of optical layer security to resolve the security problem once and for all.
Three different techniques which can provide optical layer security are introduced and compared. Optical chaos can be used for fast random number generation. Quantum cryptography is the most promising technique for key distribution. And the optical coding techniques can be deployed to encrypt the modulated signal in the optical layer.
A mathematical equation has been derived from information theory to evaluate the information-theoretic security level of the wiretap channel in optical coding schemes. And the merits and limitation of two coherent optical coding schemes, temporal phase coding and spectral phase coding, have been analysed.
The security scheme based on a reconfigurable optical coding device has been introduced, and the corresponding security protocol has been developed. By moving the encryption operation from the electronic layer to the optical layer, the modulated signals become opaque to the unauthorised users.
Optical code distribution and authentication is the one of the major challenges for our proposed scheme. In our proposed protocol, both of the operations are covered and defined in detail. As a preliminary draft of the optical code security protocol, it could be a useful guidance for further research
The Eavesdropper\u27s Dilemma
This paper examines the problem of surreptitious Internet interception from the eavesdropper\u27s point of view. We introduce the notion of fidelity in digital eavesdropping. In particular, we formalize several kinds of network noise that might degrade fidelity, most notably confusion, and show that reliable network interception may not be as simple as previously thought or even always possible. Finally, we suggest requirements for high fidelity network interception, and show how systems that do not meet these requirements can be vulnerable to countermeasures, which in some cases can be performed entirely by a third party without the cooperation or even knowledge of the communicating parties
Privacy and Security in the Cloud: Some Realism About Technical Solutions to Transnational Surveillance in the Post-Snowden Era
Since June 2013, the leak of thousands of classified documents regarding highly sensitive U.S. surveillance activities by former National Security Agency (NSA) contractor Edward Snowden has greatly intensified discussions of privacy, trust, and freedom in relation to the use of global computing and communication services. This is happening during a period of ongoing transition to cloud computing services by organizations, businesses, and individuals. There has always been a question of inherent in this transition: are cloud services sufficiently able to guarantee the security of their customersâ data as well s the proper restrictions on access by third parties, including governments? While worries over government access to data in the cloud is a predominate part of the ongoing debate over the use of cloud serives, the Snowden revelations highlight that intelligence agency operations pose a unique threat to the ability of services to keep their customersâ data out of the hands of domestic as well as foreign governments. The search for a proper response is ongoing, from the perspective of market players, governments, and civil society. At the technical and organizational level, industry players are responding with the wider and more sophisticated deployment of encryption as well as a new emphasis on the use of privacy enhancing technologies and innovative architectures for securing their services. These responses are the focus of this Article, which contributes to the discussion of transnational surveillance by looking at the interaction between the relevant legal frameworks on the one hand, and the possible technical and organizational responses of cloud service providers to such surveillance on the other. While the Articleâs aim is to contribute to the debate about government surveillance with respect to cloud services in particular, much of the discussion is relevant for Internet services more broadly
Practical Traffic Analysis Attacks on Secure Messaging Applications
Instant Messaging (IM) applications like Telegram, Signal, and WhatsApp have
become extremely popular in recent years. Unfortunately, such IM services have
been targets of continuous governmental surveillance and censorship, as these
services are home to public and private communication channels on socially and
politically sensitive topics. To protect their clients, popular IM services
deploy state-of-the-art encryption mechanisms. In this paper, we show that
despite the use of advanced encryption, popular IM applications leak sensitive
information about their clients to adversaries who merely monitor their
encrypted IM traffic, with no need for leveraging any software vulnerabilities
of IM applications. Specifically, we devise traffic analysis attacks that
enable an adversary to identify administrators as well as members of target IM
channels (e.g., forums) with high accuracies. We believe that our study
demonstrates a significant, real-world threat to the users of such services
given the increasing attempts by oppressive governments at cracking down
controversial IM channels.
We demonstrate the practicality of our traffic analysis attacks through
extensive experiments on real-world IM communications. We show that standard
countermeasure techniques such as adding cover traffic can degrade the
effectiveness of the attacks we introduce in this paper. We hope that our study
will encourage IM providers to integrate effective traffic obfuscation
countermeasures into their software. In the meantime, we have designed and
deployed an open-source, publicly available countermeasure system, called
IMProxy, that can be used by IM clients with no need for any support from IM
providers. We have demonstrated the effectiveness of IMProxy through
experiments
Will Wi-Fi Make Your Private Network Public? Wardriving, Criminal and Civil Liability, and the Security Risks of Wireless Networks
Wireless networking is growing in popularity because it is often cheaper and more convenient than other computer networking systems. Wireless networks, however, are also very hard to secure. Locating insecure wireless networks and advertising their locations is an activity known as âwardriving.â Exploiting the vulnerability of a wireless network to hack into the computer system or to monitor the wireless transmissions can give rise to liability under federal felony and misdemeanor statutes, as well as federal civil liability and liability under state law private causes of action. When introducing wireless networking into business information systems, system administrators should use all possible care to secure the network, and IT policies and practices should be updated to make sure that wireless networking risks that cannot be eliminated through technology are managed prudently
Security for correlated sources across wiretap network
A thesis submitted in ful llment of the requirements
for the degree of Doctor of Philosophy
in the
School of Electrical and Information Engineering
Faculty of Engineering
University of the Witwatersrand
July 2015This thesis presents research conducted for the security aspects of correlated sources
across a wiretap network. Correlated sources are present in communication systems
where protocols ensure that there is some predetermined information for sources to
transmit. Systems that contain correlated sources are for example broadcast channels,
smart grid systems, wireless sensor networks and social media networks. In these systems
there exist common information between the nodes in a network, which gives rise to
security risks as common information can be determined about more than one source.
In this work the security aspects of correlated sources are investigated. Correlated source
coding in terms of the Slepian-Wolf theorem is investigated to determine the amount of
information leakage for various correlated source models. The perfect secrecy approach
developed by Shannon has also been incorporated as a security approach. In order to
explore these security aspects the techniques employed range from typical sequences used
to prove Slepian-Wolf's theorem to coding methods incorporating matrix partitions for
correlated sources.
A generalized correlated source model is presented and the procedure to determine the
information leakage is initially illustrated using this model. A novel scenario for two
correlated sources across a channel with eavesdroppers is also investigated. It is a basic
model catering for the correlated source applications that have been detailed. The
information leakage quanti cation is provided, where bounds specify the quantity of information
leaked for various cases of eavesdropped channel information. The required
transmission rates for perfect secrecy when some channel information has been wiretapped
is further determined, followed by a method to reduce the key length required
for perfect secrecy. The implementation thereafter provided shows how the information
leakage is determined practically. In the same way using the information leakage
quanti cation, Shannon's cipher system approach and practical implementation a novel
two correlated source model where channel information and some source data symbols
(predetermined information) are wiretapped is investigated. The adversary in this situation
has access to more information than if a link is wiretapped only and can thus
determine more about a particular source. This scenario caters for an application where
the eavesdropper has access to some predetermined information. The security aspects
and coding implementation have further been developed for a novel correlated source
model with a heterogeneous encoding method. The model caters for situations where a
wiretapper is able to easily access a particular source.
iii
The interesting link between information theory and coding theory is explored for the
novel models presented in this research. A matrix partition method is utilized and the
information leakage for various cases of wiretapped syndromes are presented.
The research explores the security for correlated sources in the presence of wiretappers.
Both the information leakage and Shannon's cipher system approach are used to achieve
these security aspects. The implementation shows the practicality of using these security
aspects in communications systems. The research contained herein is signi cant as
evident from the various applications it may be used for and to the author's knowledge
is novel
- âŠ