2,825 research outputs found
The Role of Physical Layer Security in IoT: A Novel Perspective
This paper deals with the problem of securing the configuration phase of an Internet of Things (IoT) system. The main drawbacks of current approaches are the focus on specific techniques and methods, and the lack of a cross layer vision of the problem. In a smart environment, each IoT device has limited resources and is often battery operated with limited capabilities (e.g., no keyboard). As a consequence, network security must be carefully analyzed in order to prevent security and privacy issues. In this paper, we will analyze the IoT threats, we will propose a security framework for the device initialization and we will show how physical layer security can effectively boost the security of IoT systems
Trustworthy Wireless Personal Area Networks
In the Internet of Things (IoT), everyday objects are equipped with the ability to compute and communicate. These smart things have invaded the lives of everyday people, being constantly carried or worn on our bodies, and entering into our homes, our healthcare, and beyond. This has given rise to wireless networks of smart, connected, always-on, personal things that are constantly around us, and have unfettered access to our most personal data as well as all of the other devices that we own and encounter throughout our day. It should, therefore, come as no surprise that our personal devices and data are frequent targets of ever-present threats. Securing these devices and networks, however, is challenging. In this dissertation, we outline three critical problems in the context of Wireless Personal Area Networks (WPANs) and present our solutions to these problems.
First, I present our Trusted I/O solution (BASTION-SGX) for protecting sensitive user data transferred between wirelessly connected (Bluetooth) devices. This work shows how in-transit data can be protected from privileged threats, such as a compromised OS, on commodity systems. I present insights into the Bluetooth architecture, Intel’s Software Guard Extensions (SGX), and how a Trusted I/O solution can be engineered on commodity devices equipped with SGX.
Second, I present our work on AMULET and how we successfully built a wearable health hub that can run multiple health applications, provide strong security properties, and operate on a single charge for weeks or even months at a time. I present the design and evaluation of our highly efficient event-driven programming model, the design of our low-power operating system, and developer tools for profiling ultra-low-power applications at compile time.
Third, I present a new approach (VIA) that helps devices at the center of WPANs (e.g., smartphones) to verify the authenticity of interactions with other devices. This work builds on past work in anomaly detection techniques and shows how these techniques can be applied to Bluetooth network traffic. Specifically, we show how to create normality models based on fine- and course-grained insights from network traffic, which can be used to verify the authenticity of future interactions
A critical review of cyber-physical security for building automation systems
Modern Building Automation Systems (BASs), as the brain that enables the
smartness of a smart building, often require increased connectivity both among
system components as well as with outside entities, such as optimized
automation via outsourced cloud analytics and increased building-grid
integrations. However, increased connectivity and accessibility come with
increased cyber security threats. BASs were historically developed as closed
environments with limited cyber-security considerations. As a result, BASs in
many buildings are vulnerable to cyber-attacks that may cause adverse
consequences, such as occupant discomfort, excessive energy usage, and
unexpected equipment downtime. Therefore, there is a strong need to advance the
state-of-the-art in cyber-physical security for BASs and provide practical
solutions for attack mitigation in buildings. However, an inclusive and
systematic review of BAS vulnerabilities, potential cyber-attacks with impact
assessment, detection & defense approaches, and cyber-secure resilient control
strategies is currently lacking in the literature. This review paper fills the
gap by providing a comprehensive up-to-date review of cyber-physical security
for BASs at three levels in commercial buildings: management level, automation
level, and field level. The general BASs vulnerabilities and protocol-specific
vulnerabilities for the four dominant BAS protocols are reviewed, followed by a
discussion on four attack targets and seven potential attack scenarios. The
impact of cyber-attacks on BASs is summarized as signal corruption, signal
delaying, and signal blocking. The typical cyber-attack detection and defense
approaches are identified at the three levels. Cyber-secure resilient control
strategies for BASs under attack are categorized into passive and active
resilient control schemes. Open challenges and future opportunities are finally
discussed.Comment: 38 pages, 7 figures, 6 tables, submitted to Annual Reviews in Contro
Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques
Cloud Computing holds the potential to eliminate the requirements for setting
up of high-cost computing infrastructure for IT-based solutions and services
that the industry uses. It promises to provide a flexible IT architecture,
accessible through internet for lightweight portable devices. This would allow
multi-fold increase in the capacity or capabilities of the existing and new
software. In a cloud computing environment, the entire data reside over a set
of networked resources, enabling the data to be accessed through virtual
machines. Since these data-centers may lie in any corner of the world beyond
the reach and control of users, there are multifarious security and privacy
challenges that need to be understood and taken care of. Also, one can never
deny the possibility of a server breakdown that has been witnessed, rather
quite often in the recent times. There are various issues that need to be dealt
with respect to security and privacy in a cloud computing scenario. This
extensive survey paper aims to elaborate and analyze the numerous unresolved
issues threatening the cloud computing adoption and diffusion affecting the
various stake-holders linked to it.Comment: 20 pages, 2 Figures, 1 Table. arXiv admin note: substantial text
overlap with arXiv:1109.538
- …