Threats from Botnets

At present, various cyberattacks based on Botnet are the most serious security threats to the Internet. As Botnet continue to evolve and behavioral research on Botnet is inadequate, the question of how to apply some behavioral problems to Botnet research and combine the psychology of the operator to analyze the future trend of Botnet is still a continuous and challenging issue. Botnet is a common computing platform that can be controlled remotely by attackers by invading several noncooperative user terminals in the network space. It is an attacking platform consisting of multiple Bots controlled by a hacker. The classification of Botnet and the working mechanism of Botnet are introduced in this chapter. The threats and the threat evaluation of Botnet are summarized

A Survey of multimedia streaming in wireless sensor networks: progress, issues and design challenges

Advancements in Complementary Metal Oxide Semiconductor (CMOS) technology have enabled Wireless Sensor Networks (WSN) to gather, process and transport multimedia (MM) data as well and not just limited to handling ordinary scalar data anymore. This new generation of WSN type is called Wireless Multimedia Sensor Networks (WMSNs). Better and yet relatively cheaper sensors that are able to sense both scalar data and multimedia data with more advanced functionalities such as being able to handle rather intense computations easily have sprung up. In this paper, the applications, architectures, challenges and issues faced in the design of WMSNs are explored. Security and privacy issues, over all requirements, proposed and implemented solutions so far, some of the successful achievements and other related works in the field are also highlighted. Open research areas are pointed out and a few solution suggestions to the still persistent problems are made, which, to the best of my knowledge, so far have not been explored yet

PROBLEMS OF VERIFYING THE AUTHENTICITY OF ASYLUM SEEKERS' DOCUMENTS AND IMPROVING THE IDENTIFICATION OF THESE PERSONS

The Republic of Latvia must be ready to implement the asylum procedure quickly and efficiently, improving the identification process, as the influx of asylum seekers into the EU may recur. The aim of the research is to study the asylum seekers identification procedure, the factors affecting it, and the possibilities for improving this procedure, to determine nature of the authentication process of documents presented by asylum seekers, to identify authentication problems and to find possible solutions. As a result of the research, the authors have evaluated the process of asylum seekers identification and developed proposals for its improvement, described the factors affecting the authentication of asylum seekers' documents and evaluated the possibilities to exclude these factors. The method of scientific induction, graphical method, document analysis, monographic or descriptive method are used in the research

The Zenith attack: vulnerabilities and countermeasures

In this paper we identify and define Zenith attacks, a new class of attacks on content-distribution systems, which seek to expose the popularity (i.e. access frequency) of individual items of content. As the access pattern to most real-world content exhibits Zipf-like characteristics, there is a small set of dominating items which account for the majority of accesses. Identifying such items enables an adversary to perform follow up adversarial actions targeting these items, including mounting denial of service attacks, deploying censorship mechanisms, and eavesdropping on or prosecution of the host or recipient. We instantiate a Zenith attack on the Kademlia and Chord structured overlay networks and quantify the cost of such an attack. As a countermeasure to these attacks we propose Crypsis, a system to conceal the lookup frequency of individual keys through aggregation over ranges of the keyspace. Crypsis provides provable security guarantees for concealment of lookup frequency while maintaining logarithmic routing and state bounds.National Science Foundation (0735974, 0820138, 0952145, 1012798

No Need to Know Physics: Resilience of Process-based Model-free Anomaly Detection for Industrial Control Systems

In recent years, a number of process-based anomaly detection schemes for Industrial Control Systems were proposed. In this work, we provide the first systematic analysis of such schemes, and introduce a taxonomy of properties that are verified by those detection systems. We then present a novel general framework to generate adversarial spoofing signals that violate physical properties of the system, and use the framework to analyze four anomaly detectors published at top security conferences. We find that three of those detectors are susceptible to a number of adversarial manipulations (e.g., spoofing with precomputed patterns), which we call Synthetic Sensor Spoofing and one is resilient against our attacks. We investigate the root of its resilience and demonstrate that it comes from the properties that we introduced. Our attacks reduce the Recall (True Positive Rate) of the attacked schemes making them not able to correctly detect anomalies. Thus, the vulnerabilities we discovered in the anomaly detectors show that (despite an original good detection performance), those detectors are not able to reliably learn physical properties of the system. Even attacks that prior work was expected to be resilient against (based on verified properties) were found to be successful. We argue that our findings demonstrate the need for both more complete attacks in datasets, and more critical analysis of process-based anomaly detectors. We plan to release our implementation as open-source, together with an extension of two public datasets with a set of Synthetic Sensor Spoofing attacks as generated by our framework

Supporting Protocols for Structuring and Intelligent Information Dissemination in Vehicular Ad Hoc Networks

The goal of this dissertation is the presentation of supporting protocols for structuring and intelligent data dissemination in vehicular ad hoc networks (VANETs). The protocols are intended to first introduce a structure in VANETs, and thus promote the spatial reuse of network resources. Segmenting a flat VANET in multiple cluster structures allows for more efficient use of the available bandwidth, which can effectively increase the capacity of the network. The cluster structures can also improve the scalability of the underlying communication protocols. The structuring and maintenance of the network introduces additional overhead. The aim is to provide a mechanism for creating stable cluster structures in VANETs, and to minimize this associated overhead. Further a hybrid overlay-based geocast protocol for VANETs is presented. The protocol utilizes a backbone overlay virtual infrastructure on top of the physical network to provide geocast support, which is crucial for intervehicle communications since many applications provide group-oriented and location-oriented services. The final contribution is a structureless information dissemination scheme which creates a layered view of road conditions with a diminishing resolution as the viewing distance increases. Namely, the scheme first provides a high-detail local view of a given vehicle\u27s neighbors and its immediate neighbors, which is further extended when information dissemination is employed. Each vehicle gets aggregated information for road conditions beyond this extended local view. The scheme allows for the preservation of unique reports within aggregated frames, such that safety critical notifications are kept in high detail, all for the benefit of the driver\u27s improved decision making during emergency scenarios