4,731 research outputs found
Securing Real-Time Internet-of-Things
Modern embedded and cyber-physical systems are ubiquitous. A large number of
critical cyber-physical systems have real-time requirements (e.g., avionics,
automobiles, power grids, manufacturing systems, industrial control systems,
etc.). Recent developments and new functionality requires real-time embedded
devices to be connected to the Internet. This gives rise to the real-time
Internet-of-things (RT-IoT) that promises a better user experience through
stronger connectivity and efficient use of next-generation embedded devices.
However RT- IoT are also increasingly becoming targets for cyber-attacks which
is exacerbated by this increased connectivity. This paper gives an introduction
to RT-IoT systems, an outlook of current approaches and possible research
challenges towards secure RT- IoT frameworks
Application of information theory and statistical learning to anomaly detection
In today\u27s highly networked world, computer intrusions and other attacks area constant threat. The detection of such attacks, especially attacks that are new or previously unknown, is important to secure networks and computers. A major focus of current research efforts in this area is on anomaly detection.;In this dissertation, we explore applications of information theory and statistical learning to anomaly detection. Specifically, we look at two difficult detection problems in network and system security, (1) detecting covert channels, and (2) determining if a user is a human or bot. We link both of these problems to entropy, a measure of randomness information content, or complexity, a concept that is central to information theory. The behavior of bots is low in entropy when tasks are rigidly repeated or high in entropy when behavior is pseudo-random. In contrast, human behavior is complex and medium in entropy. Similarly, covert channels either create regularity, resulting in low entropy, or encode extra information, resulting in high entropy. Meanwhile, legitimate traffic is characterized by complex interdependencies and moderate entropy. In addition, we utilize statistical learning algorithms, Bayesian learning, neural networks, and maximum likelihood estimation, in both modeling and detecting of covert channels and bots.;Our results using entropy and statistical learning techniques are excellent. By using entropy to detect covert channels, we detected three different covert timing channels that were not detected by previous detection methods. Then, using entropy and Bayesian learning to detect chat bots, we detected 100% of chat bots with a false positive rate of only 0.05% in over 1400 hours of chat traces. Lastly, using neural networks and the idea of human observational proofs to detect game bots, we detected 99.8% of game bots with no false positives in 95 hours of traces. Our work shows that a combination of entropy measures and statistical learning algorithms is a powerful and highly effective tool for anomaly detection
Distributed Differential Privacy and Applications
Recent growth in the size and scope of databases has resulted in more
research into making productive use of this data. Unfortunately, a
significant stumbling block which remains is protecting the privacy of
the individuals that populate these datasets. As people spend more
time connected to the Internet, and conduct more of their daily lives
online, privacy becomes a more important consideration, just as the
data becomes more useful for researchers, companies, and
individuals. As a result, plenty of important information remains
locked down and unavailable to honest researchers today, due to fears
that data leakages will harm individuals.
Recent research in differential privacy opens a promising pathway to
guarantee individual privacy while simultaneously making use of the
data to answer useful queries. Differential privacy is a theory that
provides provable information theoretic guarantees on what any answer
may reveal about any single individual in the database. This approach
has resulted in a flurry of recent research, presenting novel
algorithms that can compute a rich class of computations in this
setting.
In this dissertation, we focus on some real world challenges that
arise when trying to provide differential privacy guarantees in the
real world. We design and build runtimes that achieve the mathematical
differential privacy guarantee in the face of three real world
challenges: securing the runtimes against adversaries, enabling
readers to verify that the answers are accurate, and dealing with data
distributed across multiple domains
Finding Safety in Numbers with Secure Allegation Escrows
For fear of retribution, the victim of a crime may be willing to report it
only if other victims of the same perpetrator also step forward. Common
examples include 1) identifying oneself as the victim of sexual harassment,
especially by a person in a position of authority or 2) accusing an influential
politician, an authoritarian government, or ones own employer of corruption. To
handle such situations, legal literature has proposed the concept of an
allegation escrow: a neutral third-party that collects allegations anonymously,
matches them against each other, and de-anonymizes allegers only after
de-anonymity thresholds (in terms of number of co-allegers), pre-specified by
the allegers, are reached.
An allegation escrow can be realized as a single trusted third party;
however, this party must be trusted to keep the identity of the alleger and
content of the allegation private. To address this problem, this paper
introduces Secure Allegation Escrows (SAE, pronounced "say"). A SAE is a group
of parties with independent interests and motives, acting jointly as an escrow
for collecting allegations from individuals, matching the allegations, and
de-anonymizing the allegations when designated thresholds are reached. By
design, SAEs provide a very strong property: No less than a majority of parties
constituting a SAE can de-anonymize or disclose the content of an allegation
without a sufficient number of matching allegations (even in collusion with any
number of other allegers). Once a sufficient number of matching allegations
exist, the join escrow discloses the allegation with the allegers' identities.
We describe how SAEs can be constructed using a novel authentication protocol
and a novel allegation matching and bucketing algorithm, provide formal proofs
of the security of our constructions, and evaluate a prototype implementation,
demonstrating feasibility in practice.Comment: To appear in NDSS 2020. New version includes improvements to writing
and proof. The protocol is unchange
Cooperative Radar and Communications Signaling: The Estimation and Information Theory Odd Couple
We investigate cooperative radar and communications signaling. While each
system typically considers the other system a source of interference, by
considering the radar and communications operations to be a single joint
system, the performance of both systems can, under certain conditions, be
improved by the existence of the other. As an initial demonstration, we focus
on the radar as relay scenario and present an approach denoted multiuser
detection radar (MUDR). A novel joint estimation and information theoretic
bound formulation is constructed for a receiver that observes communications
and radar return in the same frequency allocation. The joint performance bound
is presented in terms of the communication rate and the estimation rate of the
system.Comment: 6 pages, 2 figures, to be presented at 2014 IEEE Radar Conferenc
Secure covert communications over streaming media using dynamic steganography
Streaming technologies such as VoIP are widely embedded into commercial and industrial applications, so it is imperative to address data security issues before the problems get really serious. This thesis describes a theoretical and experimental investigation of secure covert communications over streaming media using dynamic steganography. A covert VoIP communications system was developed in C++ to enable the implementation of the work being carried out.
A new information theoretical model of secure covert communications over streaming media was constructed to depict the security scenarios in streaming media-based steganographic systems with passive attacks. The model involves a stochastic process that models an information source for covert VoIP communications and the theory of hypothesis testing that analyses the adversary‘s detection performance.
The potential of hardware-based true random key generation and chaotic interval selection for innovative applications in covert VoIP communications was explored. Using the read time stamp counter of CPU as an entropy source was designed to generate true random numbers as secret keys for streaming media steganography. A novel interval selection algorithm was devised to choose randomly data embedding locations in VoIP streams using random sequences generated from achaotic process.
A dynamic key updating and transmission based steganographic algorithm that includes a one-way cryptographical accumulator integrated into dynamic key exchange for covert VoIP communications, was devised to provide secure key exchange for covert communications over streaming media. The discrete logarithm problem in mathematics and steganalysis using t-test revealed the algorithm has the advantage of being the most solid method of key distribution over a public channel.
The effectiveness of the new steganographic algorithm for covert communications over streaming media was examined by means of security analysis, steganalysis using non parameter Mann-Whitney-Wilcoxon statistical testing, and performance and robustness measurements. The algorithm achieved the average data embedding rate of 800 bps, comparable to other related algorithms. The results indicated that the algorithm has no or little impact on real-time VoIP communications in terms of speech quality (< 5% change in PESQ with hidden data), signal distortion (6% change in SNR after steganography) and imperceptibility, and it is more secure and effective in addressing the security problems than other related algorithms
I Know Where You are and What You are Sharing: Exploiting P2P Communications to Invade Users' Privacy
In this paper, we show how to exploit real-time communication applications to
determine the IP address of a targeted user. We focus our study on Skype,
although other real-time communication applications may have similar privacy
issues. We first design a scheme that calls an identified targeted user
inconspicuously to find his IP address, which can be done even if he is behind
a NAT. By calling the user periodically, we can then observe the mobility of
the user. We show how to scale the scheme to observe the mobility patterns of
tens of thousands of users. We also consider the linkability threat, in which
the identified user is linked to his Internet usage. We illustrate this threat
by combining Skype and BitTorrent to show that it is possible to determine the
file-sharing usage of identified users. We devise a scheme based on the
identification field of the IP datagrams to verify with high accuracy whether
the identified user is participating in specific torrents. We conclude that any
Internet user can leverage Skype, and potentially other real-time communication
systems, to observe the mobility and file-sharing usage of tens of millions of
identified users.Comment: This is the authors' version of the ACM/USENIX Internet Measurement
Conference (IMC) 2011 pape
- …