2,500 research outputs found
On the Security of the Automatic Dependent Surveillance-Broadcast Protocol
Automatic dependent surveillance-broadcast (ADS-B) is the communications
protocol currently being rolled out as part of next generation air
transportation systems. As the heart of modern air traffic control, it will
play an essential role in the protection of two billion passengers per year,
besides being crucial to many other interest groups in aviation. The inherent
lack of security measures in the ADS-B protocol has long been a topic in both
the aviation circles and in the academic community. Due to recently published
proof-of-concept attacks, the topic is becoming ever more pressing, especially
with the deadline for mandatory implementation in most airspaces fast
approaching.
This survey first summarizes the attacks and problems that have been reported
in relation to ADS-B security. Thereafter, it surveys both the theoretical and
practical efforts which have been previously conducted concerning these issues,
including possible countermeasures. In addition, the survey seeks to go beyond
the current state of the art and gives a detailed assessment of security
measures which have been developed more generally for related wireless networks
such as sensor networks and vehicular ad hoc networks, including a taxonomy of
all considered approaches.Comment: Survey, 22 Pages, 21 Figure
Survey and Systematization of Secure Device Pairing
Secure Device Pairing (SDP) schemes have been developed to facilitate secure
communications among smart devices, both personal mobile devices and Internet
of Things (IoT) devices. Comparison and assessment of SDP schemes is
troublesome, because each scheme makes different assumptions about out-of-band
channels and adversary models, and are driven by their particular use-cases. A
conceptual model that facilitates meaningful comparison among SDP schemes is
missing. We provide such a model. In this article, we survey and analyze a wide
range of SDP schemes that are described in the literature, including a number
that have been adopted as standards. A system model and consistent terminology
for SDP schemes are built on the foundation of this survey, which are then used
to classify existing SDP schemes into a taxonomy that, for the first time,
enables their meaningful comparison and analysis.The existing SDP schemes are
analyzed using this model, revealing common systemic security weaknesses among
the surveyed SDP schemes that should become priority areas for future SDP
research, such as improving the integration of privacy requirements into the
design of SDP schemes. Our results allow SDP scheme designers to create schemes
that are more easily comparable with one another, and to assist the prevention
of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications
Surveys & Tutorials 2017 (Volume: PP, Issue: 99
Key Generation in Wireless Sensor Networks Based on Frequency-selective Channels - Design, Implementation, and Analysis
Key management in wireless sensor networks faces several new challenges. The
scale, resource limitations, and new threats such as node capture necessitate
the use of an on-line key generation by the nodes themselves. However, the cost
of such schemes is high since their secrecy is based on computational
complexity. Recently, several research contributions justified that the
wireless channel itself can be used to generate information-theoretic secure
keys. By exchanging sampling messages during movement, a bit string can be
derived that is only known to the involved entities. Yet, movement is not the
only possibility to generate randomness. The channel response is also strongly
dependent on the frequency of the transmitted signal. In our work, we introduce
a protocol for key generation based on the frequency-selectivity of channel
fading. The practical advantage of this approach is that we do not require node
movement. Thus, the frequent case of a sensor network with static motes is
supported. Furthermore, the error correction property of the protocol mitigates
the effects of measurement errors and other temporal effects, giving rise to an
agreement rate of over 97%. We show the applicability of our protocol by
implementing it on MICAz motes, and evaluate its robustness and secrecy through
experiments and analysis.Comment: Submitted to IEEE Transactions on Dependable and Secure Computin
Optimal Information-Theoretic Wireless Location Verification
We develop a new Location Verification System (LVS) focussed on network-based
Intelligent Transport Systems and vehicular ad hoc networks. The algorithm we
develop is based on an information-theoretic framework which uses the received
signal strength (RSS) from a network of base-stations and the claimed position.
Based on this information we derive the optimal decision regarding the
verification of the user's location. Our algorithm is optimal in the sense of
maximizing the mutual information between its input and output data. Our
approach is based on the practical scenario in which a non-colluding malicious
user some distance from a highway optimally boosts his transmit power in an
attempt to fool the LVS that he is on the highway. We develop a practical
threat model for this attack scenario, and investigate in detail the
performance of the LVS in terms of its input/output mutual information. We show
how our LVS decision rule can be implemented straightforwardly with a
performance that delivers near-optimality under realistic threat conditions,
with information-theoretic optimality approached as the malicious user moves
further from the highway. The practical advantages our new
information-theoretic scheme delivers relative to more traditional Bayesian
verification frameworks are discussed.Comment: Corrected typos and introduced new threat model
Principles of Physical Layer Security in Multiuser Wireless Networks: A Survey
This paper provides a comprehensive review of the domain of physical layer
security in multiuser wireless networks. The essential premise of
physical-layer security is to enable the exchange of confidential messages over
a wireless medium in the presence of unauthorized eavesdroppers without relying
on higher-layer encryption. This can be achieved primarily in two ways: without
the need for a secret key by intelligently designing transmit coding
strategies, or by exploiting the wireless communication medium to develop
secret keys over public channels. The survey begins with an overview of the
foundations dating back to the pioneering work of Shannon and Wyner on
information-theoretic security. We then describe the evolution of secure
transmission strategies from point-to-point channels to multiple-antenna
systems, followed by generalizations to multiuser broadcast, multiple-access,
interference, and relay networks. Secret-key generation and establishment
protocols based on physical layer mechanisms are subsequently covered.
Approaches for secrecy based on channel coding design are then examined, along
with a description of inter-disciplinary approaches based on game theory and
stochastic geometry. The associated problem of physical-layer message
authentication is also introduced briefly. The survey concludes with
observations on potential research directions in this area.Comment: 23 pages, 10 figures, 303 refs. arXiv admin note: text overlap with
arXiv:1303.1609 by other authors. IEEE Communications Surveys and Tutorials,
201
Challenges of Implementing Automatic Dependent Surveillance Broadcast in the Nextgen Air Traffic Management System
The Federal Aviation Administration is in the process of replacing the current Air Traffic Management (ATM) system with a new system known as NextGen. Automatic Dependent Surveillance-Broadcast (ADS-B) is the aircraft surveillance protocol currently being introduced as a part of the NextGen system deployment. The evolution of ADS-B spans more than two decades, with development focused primarily on increasing the capacity of the Air Traffic Control (ATC) system and reducing operational costs. Security of the ADS-B communications network has not been a high priority, and the inherent lack of security measures in the ADS-B protocol has come under increasing scrutiny as the NextGen ADS-B implementation deadline draws near.
The research conducted in this thesis summarizes the ADS-B security vulnerabilities that have been under recent study. Thereafter, we survey both the theoretical and practical efforts which have been conducted concerning these issues, and review possible security solutions. We create a classification of the ADS-B security solutions considered and provide a ranking of the potential solutions. Finally, we discuss the most compatible approaches available, given the constraints of the current ADS-B communications system and protocol
- …