A Survey on Spoofing and Selective Forwarding Attacks on Zigbee based WSN

The main focus of WSN is to gather data from the physical world. It is often deployed for sensing, processing as well as disseminating information of the targeted physical environments. The main objective of the WSN is to collect data from the target environment using sensors as well as transmit those data to the desired place of choice. In order to achieve an efficient performance, WSN should have efficient as well as reliable networking protocols. The most popular technology behind WSN is Zigbee. In this paper a pilot study is done on important security issues on spoofing and selective forwarding attack on Zigbee based WSN. This paper identifies the security vulnerabilities of Zigbee network and gaps in the existing methodologies to address the security issues and will help the future researchers to narrow down their research in WSN.Keywords: Zigbee, WSN, Protocol Stack, Spoofing and Selective Forwarding

GNSS Spoofing Detection via Opportunistic IRIDIUM Signals

In this paper, we study the privately-own IRIDIUM satellite constellation, to provide a location service that is independent of the GNSS. In particular, we apply our findings to propose a new GNSS spoofing detection solution, exploiting unencrypted IRIDIUM Ring Alert (IRA) messages that are broadcast by IRIDIUM satellites. We firstly reverse-engineer many parameters of the IRIDIUM satellite constellation, such as the satellites speed, packet interarrival times, maximum satellite coverage, satellite pass duration, and the satellite beam constellation, to name a few. Later, we adopt the aforementioned statistics to create a detailed model of the satellite network. Subsequently, we propose a solution to detect unintended deviations of a target user from his path, due to GNSS spoofing attacks. We show that our solution can be used efficiently and effectively to verify the position estimated from standard GNSS satellite constellation, and we provide constraints and parameters to fit several application scenarios. All the results reported in this paper, while showing the quality and viability of our proposal, are supported by real data. In particular, we have collected and analyzed hundreds of thousands of IRA messages, thanks to a measurement campaign lasting several days. All the collected data ($1000+$ hours) have been made available to the research community. Our solution is particularly suitable for unattended scenarios such as deserts, rural areas, or open seas, where standard spoofing detection techniques resorting to crowd-sourcing cannot be used due to deployment limitations. Moreover, contrary to competing solutions, our approach does not resort to physical-layer information, dedicated hardware, or multiple receiving stations, while exploiting only a single receiving antenna and publicly-available IRIDIUM transmissions. Finally, novel research directions are also highlighted.Comment: Accepted for the 13th Conference on Security and Privacy in Wireless and Mobile Networks (WISEC), 202

Autonomisen ajoneuvon tietokonenäkö ja tietoturvahyökkäyksiltä puolustautuminen

Itseohjautuvat ajoneuvot tekevät tuloaan kuluttajamarkkinoille, ja mukana autojen suunnittelussa ovat sekä maailman suurimmat ajoneuvovalmistajat että teknologiayhtiöt. Valmistajat kaavailevat ajoneuvojensa julkaisua vuosien 2017 ja 2022 välille, joten pian alkanee tapahtumaan mielenkiintoisia asioita autonomisten ajoneuvojen jakaessa ihmisten kanssa saman liikennejärjestelmän. Autonomisen auton toimintaan liittyy keskeisesti erilaisten uusien ja hieman vanhempienkin teknologioiden mahdollistama tietokonenäkö, joka käytännössä sulauttaa yhteen erilaisten apulaitteiden, kuten tutkien ja videokameroiden, ympäristöstä keräämän datan. Tietokonenäkö tuo mukanaan paitsi paljon ihmissilmää tarkemman kuvan ympäristöstä, myös lukuisia tietoturvauhkia jotka ajoneuvovalmistajien on suunnittelussa otettava huomioon. Kirjallisuuskatsauksessa käydään läpi autonomisen ajoneuvon historiaa ja lähitulevaisuuden näkymiä sekä perehdytään siihen, millaisia teknologioita ajoneuvojen tietokonenäkö käyttää hyödykseen. Tämän jälkeen esitellään tietokonenäköön liittyviä tietoturvauhkia. Tutkimuksessa havaittiin kaksi menetelmää, häiriöiden havainnointi sekä edistynyt tietokonenäön sensorifuusio, joiden avulla esiteltyihin tietoturvariskeihin voidaan varautua

A Hierarchical Architectural Framework for Securing Unmanned Aerial Systems

Unmanned Aerial Systems (UAS) are becoming more widely used in the new era of evolving technology; increasing performance while decreasing size, weight, and cost. A UAS equipped with a Flight Control System (FCS) that can be used to fly semi- or fully-autonomous is a prime example of a Cyber Physical and Safety Critical system. Current Cyber-Physical defenses against malicious attacks are structured around security standards for best practices involving the development of protocols and the digital software implementation. Thus far, few attempts have been made to embed security into the architecture of the system considering security as a holistic problem. Therefore, a Hierarchical, Embedded, Cyber Attack Detection (HECAD) framework is developed to provide security in a holistic manor, providing resiliency against cyber-attacks as well as introducing strategies for mitigating and dealing with component failures. Traversing the hardware/software barrier, HECAD provides detection of malicious faults at the hardware and software level; verified through the development of an FPGA implementation and tested using a UAS FCS

Quickest detection of GPS spoofing attack

GPS is being increasingly used in critical infrastructures in modern society. Therefore, the reliability of GPS is extremely important. Recently, the vulnerability of GPS to a spoofing attack has been discussed in the literature. A malicious attacker may spoof a GPS receiver, causing it to provide incorrect navigation and timing information, which may lead to serious damage. Therefore, it is extremely important to detect spoofing attacks as quickly as possible. In this paper, we propose a quickest spoofing detection algorithm to combat GPS spoofing attacks. The experimental results demonstrate that the proposed algorithm can effectively detect the spoofing attack quickly after it occurs.Zhenghao Zhang, Matthew Trinkle, Lijun Qian and Husheng L

Authentication and Integrity Protection at Data and Physical layer for Critical Infrastructures

This thesis examines the authentication and the data integrity services in two prominent emerging contexts such as Global Navigation Satellite Systems (GNSS) and the Internet of Things (IoT), analyzing various techniques proposed in the literature and proposing novel methods. GNSS, among which Global Positioning System (GPS) is the most widely used, provide affordable access to accurate positioning and timing with global coverage. There are several motivations to attack GNSS: from personal privacy reasons, to disrupting critical infrastructures for terrorist purposes. The generation and transmission of spoofing signals either for research purpose or for actually mounting attacks has become easier in recent years with the increase of the computational power and with the availability on the market of Software Defined Radios (SDRs), general purpose radio devices that can be programmed to both receive and transmit RF signals. In this thesis a security analysis of the main currently proposed data and signal level authentication mechanisms for GNSS is performed. A novel GNSS data level authentication scheme, SigAm, that combines the security of asymmetric cryptographic primitives with the performance of hash functions or symmetric key cryptographic primitives is proposed. Moreover, a generalization of GNSS signal layer security code estimation attacks and defenses is provided, improving their performance, and an autonomous anti-spoofing technique that exploits semi-codeless tracking techniques is introduced. Finally, physical layer authentication techniques for IoT are discussed, providing a trade-off between the performance of the authentication protocol and energy expenditure of the authentication process