Building Covert Timing Channel of the IoT-'Enabled MTS Based on Multi-Stage Verification

Although the global shipping industry is experiencing a productivity revolution due to the adoption of IoTs (Internet of Things), the dependence on complex data transmission and interactive centers is also increasing, which makes the IoT-enabled Maritime Transportation Systems (MTS) one of the most valuable but vulnerable industries against network security attacks. To guarantee the transmission security of confidential data, an important alternative in an untrustworthy IoT-enabled MTS is to apply the covert timing channels. This paper mainly introduces the construction of covert timing channel with low bit shifting rate and high reliability by multi-stage verification and error correction. For the covert timing channel schemes realized by active packet loss, the packet loss noise interferes with the channel's reliability. However, due to the constraints of stealthiness, the active packet loss ratio during covert communication is low, so more effective reliable strategies are needed to reduce noise interference. In the excellent scenario, when the bit error rate is lower than 0.08%, the transmission performance is kept at 0.49 bps. In the good scenario with strong network noise, although this method loses some performance, it can still maintain the transmission performance of 0.2 bps under the condition of bit error rate less than 1%, which effectively proves the effectiveness of multi-stage verification and error correction

A survey of timing channels and countermeasures

A timing channel is a communication channel that can transfer information to a receiver/decoder by modulating the timing behavior of an entity. Examples of this entity include the interpacket delays of a packet stream, the reordering packets in a packet stream, or the resource access time of a cryptographic module. Advances in the information and coding theory and the availability of high-performance computing systems interconnected by high-speed networks have spurred interest in and development of various types of timing channels. With the emergence of complex timing channels, novel detection and prevention techniques are also being developed to counter them. In this article, we provide a detailed survey of timing channels broadly categorized into network timing channel, in which communicating entities are connected by a network, and in-system timing channel, in which the communicating entities are within a computing system. This survey builds on the last comprehensive survey by Zander et al. [2007] and considers all three canonical applications of timing channels, namely, covert communication, timing side channel, and network flow watermarking. We survey the theoretical foundations, the implementation, and the various detection and prevention techniques that have been reported in literature. Based on the analysis of the current literature, we discuss potential future research directions both in the design and application of timing channels and their detection and prevention techniques

Security and Privacy in Dynamic Spectrum Access: Challenges and Solutions

abstract: Dynamic spectrum access (DSA) has great potential to address worldwide spectrum shortage by enhancing spectrum efficiency. It allows unlicensed secondary users to access the under-utilized spectrum when the primary users are not transmitting. On the other hand, the open wireless medium subjects DSA systems to various security and privacy issues, which might hinder the practical deployment. This dissertation consists of two parts to discuss the potential challenges and solutions. The first part consists of three chapters, with a focus on secondary-user authentication. Chapter One gives an overview of the challenges and existing solutions in spectrum-misuse detection. Chapter Two presents SpecGuard, the first crowdsourced spectrum-misuse detection framework for DSA systems. In SpecGuard, three novel schemes are proposed for embedding and detecting a spectrum permit at the physical layer. Chapter Three proposes SafeDSA, a novel PHY-based scheme utilizing temporal features for authenticating secondary users. In SafeDSA, the secondary user embeds his spectrum authorization into the cyclic prefix of each physical-layer symbol, which can be detected and authenticated by a verifier. The second part also consists of three chapters, with a focus on crowdsourced spectrum sensing (CSS) with privacy consideration. CSS allows a spectrum sensing provider (SSP) to outsource the spectrum sensing to distributed mobile users. Without strong incentives and location-privacy protection in place, however, mobile users are reluctant to act as crowdsourcing workers for spectrum-sensing tasks. Chapter Four gives an overview of the challenges and existing solutions. Chapter Five presents PriCSS, where the SSP selects participants based on the exponential mechanism such that the participants' sensing cost, associated with their locations, are privacy-preserved. Chapter Six further proposes DPSense, a framework that allows the honest-but-curious SSP to select mobile users for executing spatiotemporal spectrum-sensing tasks without violating the location privacy of mobile users. By collecting perturbed location traces with differential privacy guarantee from participants, the SSP assigns spectrum-sensing tasks to participants with the consideration of both spatial and temporal factors. Through theoretical analysis and simulations, the efficacy and effectiveness of the proposed schemes are validated.Dissertation/ThesisDoctoral Dissertation Electrical Engineering 201

Journal of Telecommunications and Information Technology, 2008, nr 2

kwartalni

Sviluppo di modelli decisionali per la supply chain di prodotti deperibili mediante l’applicazione di tecnologie innovative

The supply chain of perishable products, as fruits and vegetables is affected by environmental abuses from harvest to the final destination which are responsible the uncontrolled deterioration of food. In order to reduce such phenomena the supply chain members should control and monitor the conditions of goods in order to ensure their quality for consumers and to comply with all legal requirements (Garcia Ruiz, 2008). The most important factor influencing the food quality is the temperature able to prolonging the shelf life of the products. Since the temperature can inhibit or promote the maturation and deterioration process, this parameter is involved both in the growing process of fruits and vegetables and in the transport and storage stages. Given this the aim of the present thesis is to show that the monitoring of such parameter during the pre and post harvest stages allows to improve the decision making process. In the context of temperature monitoring the introduction of emerging information technologies such as the Wireless Sensors Networks and the Radio Frequency Identification can now provide real-time status knowing of product managed. The real time monitoring can be of great help in the definition of the actual maturation level of products both in the field and during the cold chain. The suitability of such an approach is evaluated by means of case studies. The first case study concerns the monitoring of grapes growth directly in the vineyard. The suitability of Wireless Sensors Networks in the monitoring of the grapes growth process is evaluated in terms of the possibility to determine the date of starting or ending of phenological phases. This information allows to make faster decisions about the vineyard operations which must be performed during the grape growth and finally allows to predict the maturation date in order to optimize the harvest operations. In the next case study the possibility to apply the Radio Frequency Identification technology to the monitoring of the fresh fruits along the cold chain has been faced and the quality of the products at any stage of the supply chain has been determined through a mathematical model. The knowing of the current quality level allows to make decisions about the destination of products. In this case those products having a shorter shelf life can be distributed to a local market while those with longer shelf life can be distributed to more distant location. In the next case study the information about the current deterioration state of perishable products has been translated into a warehouse management system in order to determine the operational parameters able to optimize the quality of products stored. Even in this case the goal of the study was to provide a decision making tool for the proper management of the perishable products stored. However besides the advantages achievable by the real time evaluation of environmental conditions the costs involved with the implementation of innovative technologies must be determined in order to establish the suitability of the investment in such innovative technologies. The present thesis also faces this question by determining the optimal number of devices to apply to the stock keeping unit in order to minimize the total cost associated to the transferring batch from the producer to the distributor. In this case the methodology employed is that of a mathematical model including all costs associated to the product management. Finally the study conducted through the present thesis shows that in all of the cases treated the use of the innovative technologies allows to support the decision making process in the pre and post harvest phases thus improving the perishables management

Security and Privacy Threats on Mobile Devices through Side-Channels Analysis

In recent years, mobile devices (such as smartphones and tablets) have become essential tools in everyday life for billions of people all around the world. Users continuously carry such devices with them and use them for daily communication activities and social network interactions. Hence, such devices contain a huge amount of private and sensitive information. For this reason, mobile devices become popular targets of attacks. In most attack settings, the adversary aims to take local or remote control of a device to access user sensitive information. However, such violations are not easy to carry out since they need to leverage a vulnerability of the system or a careless user (i.e., install a malware app from an unreliable source). A different approach that does not have these shortcomings is the side-channels analysis. In fact, side-channels are physical phenomenon that can be measured from both inside or outside a device. They are mostly due to the user interaction with a mobile device, but also to the context in which the device is used, hence they can reveal sensitive user information such as identity and habits, environment, and operating system itself. Hence, this approach consists of inferring private information that is leaked by a mobile device through a side-channel. Besides, side-channel information is also extremely valuable to enforce security mechanisms such as user authentication, intrusion and information leaks detection. This dissertation investigates novel security and privacy challenges on the analysis of side-channels of mobile devices. This thesis is composed of three parts, each focused on a different side-channel: (i) the usage of network traffic analysis to infer user private information; (ii) the energy consumption of mobile devices during battery recharge as a way to identify a user and as a covert channel to exfiltrate data; and (iii) the possible security application of data collected from built-in sensors in mobile devices to authenticate the user and to evade sandbox detection by malware. In the first part of this dissertation, we consider an adversary who is able to eavesdrop the network traffic of the device on the network side (e.g., controlling a WiFi access point). The fact that the network traffic is often encrypted makes the attack even more challenging. Our work proves that it is possible to leverage machine learning techniques to identify user activity and apps installed on mobile devices analyzing the encrypted network traffic they produce. Such insights are becoming a very attractive data gathering technique for adversaries, network administrators, investigators and marketing agencies. In the second part of this thesis, we investigate the analysis of electric energy consumption. In this case, an adversary is able to measure with a power monitor the amount of energy supplied to a mobile device. In fact, we observed that the usage of mobile device resources (e.g., CPU, network capabilities) directly impacts the amount of energy retrieved from the supplier, i.e., USB port for smartphones, wall-socket for laptops. Leveraging energy traces, we are able to recognize a specific laptop user among a group and detect intruders (i.e., user not belonging to the group). Moreover, we show the feasibility of a covert channel to exfiltrate user data which relies on temporized energy consumption bursts. In the last part of this dissertation, we present a side-channel that can be measured within the mobile device itself. Such channel consists of data collected from the sensors a mobile device is equipped with (e.g., accelerometer, gyroscope). First, we present DELTA, a novel tool that collects data from such sensors, and logs user and operating system events. Then, we develop MIRAGE, a framework that relies on sensors data to enhance sandboxes against malware analysis evasion

Demystifying Internet of Things Security

Break down the misconceptions of the Internet of Things by examining the different security building blocks available in Intel Architecture (IA) based IoT platforms. This open access book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth. The IoT presents unique challenges in implementing security and Intel has both CPU and Isolated Security Engine capabilities to simplify it. This book explores the challenges to secure these devices to make them immune to different threats originating from within and outside the network. The requirements and robustness rules to protect the assets vary greatly and there is no single blanket solution approach to implement security. Demystifying Internet of Things Security provides clarity to industry professionals and provides and overview of different security solutions What You'll Learn Secure devices, immunizing them against different threats originating from inside and outside the network Gather an overview of the different security building blocks available in Intel Architecture (IA) based IoT platforms Understand the threat pyramid, secure boot, chain of trust, and the software stack leading up to defense-in-depth Who This Book Is For Strategists, developers, architects, and managers in the embedded and Internet of Things (IoT) space trying to understand and implement the security in the IoT devices/platforms

Near Field Communication: From theory to practice

This book provides the technical essentials, state-of-the-art knowledge, business ecosystem and standards of Near Field Communication (NFC)by NFC Lab - Istanbul research centre which conducts intense research on NFC technology. In this book, the authors present the contemporary research on all aspects of NFC, addressing related security aspects as well as information on various business models. In addition, the book provides comprehensive information a designer needs to design an NFC project, an analyzer needs to analyze requirements of a new NFC based system, and a programmer needs to implement an application. Furthermore, the authors introduce the technical and administrative issues related to NFC technology, standards, and global stakeholders. It also offers comprehensive information as well as use case studies for each NFC operating mode to give the usage idea behind each operating mode thoroughly. Examples of NFC application development are provided using Java technology, and security considerations are discussed in detail. Key Features: Offers a complete understanding of the NFC technology, including standards, technical essentials, operating modes, application development with Java, security and privacy, business ecosystem analysis Provides analysis, design as well as development guidance for professionals from administrative and technical perspectives Discusses methods, techniques and modelling support including UML are demonstrated with real cases Contains case studies such as payment, ticketing, social networking and remote shopping This book will be an invaluable guide for business and ecosystem analysts, project managers, mobile commerce consultants, system and application developers, mobile developers and practitioners. It will also be of interest to researchers, software engineers, computer scientists, information technology specialists including students and graduates.Publisher's Versio

Management of intermediated channels for high technology firms : achieving success in a dynamic and rapidly changing marketplace

Thesis (S.M.)--Massachusetts Institute of Technology, Sloan School of Management, 2005.Includes bibliographical references.One of the most challenging problems for high technology firms in an increasingly global marketplace is the effective utilization of intermediated sales channels. As product development cycles shorten, there can be a scenario where the rate of product and solutions development and introduction to the market out-pace the manufacturer's ability to sell, service, and support the new products and solutions. There are many challenges to be overcome in providing a third party organization with the knowledge, skills and tools necessary to successfully propose, implement, operate and support high technology products and solutions designed, manufactured and marketed by another company. As firms both large and small look to indirect channels to expand their coverage in existing markets and or to penetrate new markets, significant investments in channel support infrastructure and best-in-class channel management techniques are increasingly a necessity to achieve success in a global channel network.(cont.) The objective of this thesis will be to closely examine the enterprise data communications equipment market segment to develop an understanding of how successful firms effectively utilized intermediated channels to attain remarkable market share at the expense of competitors who were not able to do so. From this understanding generalizations will be drawn that will provide a number of management practices that guide other high technology firms in design and implementation of their intermediated channel programs.by John-Paul Gorsky.S.M