1,235 research outputs found
Primary User Emulation Attacks: A Detection Technique Based on Kalman Filter
Cognitive radio technology addresses the problem of spectrum scarcity by
allowing secondary users to use the vacant spectrum bands without causing
interference to the primary users. However, several attacks could disturb the
normal functioning of the cognitive radio network. Primary user emulation
attacks are one of the most severe attacks in which a malicious user emulates
the primary user signal characteristics to either prevent other legitimate
secondary users from accessing the idle channels or causing harmful
interference to the primary users. There are several proposed approaches to
detect the primary user emulation attackers. However, most of these techniques
assume that the primary user location is fixed, which does not make them valid
when the primary user is mobile. In this paper, we propose a new approach based
on the Kalman filter framework for detecting the primary user emulation attacks
with a non-stationary primary user. Several experiments have been conducted and
the advantages of the proposed approach are demonstrated through the simulation
results.Comment: 14 pages, 9 figure
Harnessing the power of BitTorrent for distributed denial-of-service attacks
BitTorrent is a popular peer-to-peer (P2P) file-sharing protocol that utilizes a central server, known as a \u27tracker\u27, to coordinate connections between peers in a \u27swarm\u27, a term used to describe a Bit Torrent ad-hoc file sharing network. The tracker of a swarm is specified by the original file distributor and trusted unconditionally by peers in the swarm. This central point of control provides an opportunity for a file distributor to deploy a modified tracker to provide peers in a swarm with malicious coordination data, directing peer connection traffic toward an arbitrary target machine on an arbitrary service port. Although such an attack does not generate huge amount of attack traffic, it would set up many connections with the victim server successfully, which could cause serious denial-of-service by exhausting the victim server\u27s connection resource. In this paper, we present and demonstrate such an attack that is entirely tracker-based, requiring no modifications to Bit Torrent client software and could be deployed by an attacker right now. The results from both emulation and real-world experiments show the applicability of this attack. Due to the skyrocketing popularity of Bit Torrent and numerous large-scale swarms existed in the Internet, Bit Torrent swarms provide an intriguing platform for launching distributed denial-of-service (DDoS) attacks based on connection exhaustion. Copyright (C) 2010 John Wiley & Sons, Ltd
APTs way: evading Your EBNIDS
APTs and government-supported attackers use a broad arsenal of techniques to avoid having their exploits detected by IDSes. Signature Based IDSes are not efficient against nation-state-sponsored attackers which use custom shellcode encoders in an exploit. Emulation Based NIDSes (EBNIDS) have been proposed as a solution to mitigate such attacks. EBNISes detect a suspicious network stream (pre-processing) and after converting them to emulate-able byte sequences run it in an instrumented environment (Emulation), finally matching the behavior with certain heuristics (Heuristics Detection). In this talk, we will present novel ways that an APT might use to circumvente the Pre-Processing, Emulation and Heuristic Detection steps of EBNIDSes by employing a wide range of evasion techniques
An Efficient Hardware Implementation of Target Recognition Algorithms and Investigation of Secure Wireless Communication for a Modified Manet
This paper presents a scheme for effective wireless security of a open broadcast mobile ad-hoc network, MANET, network without significant loss of bandwidth and data integrity through a double tiered encryption scheme, and the feasibility of reducing the target tracking algorithm in [1] into a compact and efficient hardware package. Due to the open nature of MANET, modifications are necessary to secure wireless data in a potential hostile environment. Furthermore, due to power and processing limitations of small unmanned aerial vehicles (UAVs) and the processing intensive calculations of image processing, a sample hardware implementation of key functions of the target tracking algorithm is described. Using hardware simulation and modeling to implement key elements, results are compared against identical function blocks in a software environment. The results of this research allow for further work in open broadcast MANET security and target tracking hardware implementation to be confidently pursued; it also suggests the tools, methodology, and overall architecture for a larger project
Recommended from our members
Secure Remote Attestation for Safety-Critical Embedded and IoT Devices
In recent years, embedded and cyber-physical systems (CPS), under the guise of Internet-of-Things (IoT), have entered many aspects of daily life. Despite many benefits, this develop-ment also greatly expands the so-called attack surface and turns these newly computerizedgadgets into attractive attack targets. One key component in securing IoT devices is malwaredetection, which is typically attained with (secure) remote attestation. Remote attestationis a distinct security service that allows a trusted verifier to verify the internal state of aremote untrusted device. Remote attestation is especially relevant for low/medium-end em-bedded devices that are incapable of protecting themselves against malware infection. Assafety-critical IoT devices become commonplace, it is crucial for remote attestation not tointerfere with the device’s normal operations. In this dissertation, we identify major issues inreconciling remote attestation and safety-critical application needs. We show that existingattestation techniques require devices to perform uninterruptible (atomic) operations duringattestation. Such operations can be time-consuming and thus may be harmful to the device’ssafety-critical functionality. On the other hand, simply relaxing security requirements of re-mote attestation can lead to other vulnerabilities. To resolve this conflict, this dissertationpresents the design, implementation, and evaluation of several mitigation techniques. In par-ticular, we propose two light-weight techniques capable of providing interruptible attestationmodality. In contrast to traditional techniques, our proposed techniques allow interrupts tooccur during attestation while ensuring malware detection via shuffled memory traversals ormemory locking mechanisms. Another type of techniques pursued in this dissertation aimsto minimize the real-time computation overhead during attestation. We propose using peri-odic self-measurements to measure and record the device’s state, resulting in more flexiblescheduling of the attestation process and also in no real-time burden as part of its interactionwith verifier. This technique is particularly suitable for swarm settings with a potentiallylarge number of safety-critical devices. Finally, we develop a remote attestation HYDRAarchitecture, based on a formally verified component, and use it as a building block in ourproposed mitigation techniques. We believe that this architecture may be of independentinterest
Estudo do IPFS como protocolo de distribuição de conteúdos em redes veiculares
Over the last few years, vehicular ad-hoc networks (VANETs) have been the
focus of great progress due to the interest in autonomous vehicles and in
distributing content not only between vehicles, but also to the Cloud. Performing
a download/upload to/from a vehicle typically requires the existence
of a cellular connection, but the costs associated with mobile data transfers
in hundreds or thousands of vehicles quickly become prohibitive. A VANET
allows the costs to be several orders of magnitude lower - while keeping the
same large volumes of data - because it is strongly based in the communication
between vehicles (nodes of the network) and the infrastructure.
The InterPlanetary File System (IPFS) is a protocol for storing and distributing
content, where information is addressed by its content, instead of
its location. It was created in 2014 and it seeks to connect all computing
devices with the same system of files, comparable to a BitTorrent swarm
exchanging Git objects. It has been tested and deployed in wired networks,
but never in an environment where nodes have intermittent connectivity,
such as a VANET. This work focuses on understanding IPFS, how/if it can
be applied to the vehicular network context, and comparing it with other
content distribution protocols.
In this dissertation, IPFS has been tested in a small and controlled network
to understand its working applicability to VANETs. Issues such as neighbor
discoverability times and poor hashing performance have been addressed.
To compare IPFS with other protocols (such as Veniam’s proprietary solution
or BitTorrent) in a relevant way and in a large scale, an emulation platform
was created. The tests in this emulator were performed in different times of
the day, with a variable number of files and file sizes. Emulated results show
that IPFS is on par with Veniam’s custom V2V protocol built specifically for
V2V, and greatly outperforms BitTorrent regarding neighbor discoverability
and data transfers.
An analysis of IPFS’ performance in a real scenario was also conducted, using
a subset of STCP’s vehicular network in Oporto, with the support of
Veniam. Results from these tests show that IPFS can be used as a content
dissemination protocol, showing it is up to the challenge provided by a
constantly changing network topology, and achieving throughputs up to 2.8
MB/s, values similar or in some cases even better than Veniam’s proprietary
solution.Nos últimos anos, as redes veiculares (VANETs) têm sido o foco de grandes
avanços devido ao interesse em veÃculos autónomos e em distribuir conteúdos,
não só entre veÃculos mas também para a "nuvem" (Cloud). Tipicamente,
fazer um download/upload de/para um veÃculo exige a utilização
de uma ligação celular (SIM), mas os custos associados a fazer transferências
com dados móveis em centenas ou milhares de veÃculos rapidamente se
tornam proibitivos. Uma VANET permite que estes custos sejam consideravelmente
inferiores - mantendo o mesmo volume de dados - pois é fortemente
baseada na comunicação entre veÃculos (nós da rede) e a infraestrutura.
O InterPlanetary File System (IPFS - "sistema de ficheiros interplanetário")
é um protocolo de armazenamento e distribuição de conteúdos, onde a informação
é endereçada pelo conteúdo, em vez da sua localização. Foi criado
em 2014 e tem como objetivo ligar todos os dispositivos de computação num
só sistema de ficheiros, comparável a um swarm BitTorrent a trocar objetos
Git. Já foi testado e usado em redes com fios, mas nunca num ambiente
onde os nós têm conetividade intermitente, tal como numa VANET. Este
trabalho tem como foco perceber o IPFS, como/se pode ser aplicado ao
contexto de rede veicular e compará-lo a outros protocolos de distribuição
de conteúdos.
Numa primeira fase o IPFS foi testado numa pequena rede controlada, de
forma a perceber a sua aplicabilidade às VANETs, e resolver os seus primeiros
problemas como os tempos elevados de descoberta de vizinhos e o fraco desempenho
de hashing.
De modo a poder comparar o IPFS com outros protocolos (tais como a
solução proprietária da Veniam ou o BitTorrent) de forma relevante e em
grande escala, foi criada uma plataforma de emulação. Os testes neste emulador
foram efetuados usando registos de mobilidade e conetividade veicular
de alturas diferentes de um dia, com um número variável de ficheiros e
tamanhos de ficheiros. Os resultados destes testes mostram que o IPFS está
a par do protocolo V2V da Veniam (desenvolvido especificamente para V2V
e VANETs), e que o IPFS é significativamente melhor que o BitTorrent no
que toca ao tempo de descoberta de vizinhos e transferência de informação.
Uma análise do desempenho do IPFS em cenário real também foi efetuada,
usando um pequeno conjunto de nós da rede veicular da STCP no Porto,
com o apoio da Veniam. Os resultados destes testes demonstram que o
IPFS pode ser usado como protocolo de disseminação de conteúdos numa
VANET, mostrando-se adequado a uma topologia constantemente sob alteração,
e alcançando débitos até 2.8 MB/s, valores parecidos ou nalguns
casos superiores aos do protocolo proprietário da Veniam.Mestrado em Engenharia de Computadores e Telemátic
A Survey on the Communication Protocols and Security in Cognitive Radio Networks
A cognitive radio (CR) is a radio that can change its transmission parameters based on the perceived availability of the spectrum bands in its operating environment. CRs support dynamic spectrum access and can facilitate a secondary unlicensed user to efficiently utilize the available underutilized spectrum allocated to the primary licensed users. A cognitive radio network (CRN) is composed of both the secondary users with CR-enabled radios and the primary users whose radios need not be CR-enabled. Most of the active research conducted in the area of CRNs has been so far focused on spectrum sensing, allocation and sharing. There is no comprehensive review paper available on the strategies for medium access control (MAC), routing and transport layer protocols, and the appropriate representative solutions for CRNs. In this paper, we provide an exhaustive analysis of the various techniques/mechanisms that have been proposed in the literature for communication protocols (at the MAC, routing and transport layers), in the context of a CRN, as well as discuss in detail several security attacks that could be launched on CRNs and the countermeasure solutions that have been proposed to avoid or mitigate them. This paper would serve as a good comprehensive review and analysis of the strategies for MAC, routing and transport protocols and security issues for CRNs as well as would lay a strong foundation for someone to further delve onto any particular aspect in greater depth
- …