Exploiting wireless received signal strength indicators to detect evil-twin attacks in smart homes

Evil-twin is becoming a common attack in Smart Home environments where an attacker can set up a fake AP to compromise the security of the connected devices. To identify the fake APs, The current approaches of detecting Evil-twin attacks all rely on information such as SSIDs, the MAC address of the genuine AP or network traffic patterns. However, such information can be faked by the attacker, often leading to low detection rates and weak protection. This paper presents a novel evil-twin attack detection method based on the received signal strength indicator (RSSI). Our key insight is that the location of the genuine AP rarely moves in a home environment and as a result the RSSI of the genuine AP is relatively stable. Our approach considers the RSSI as a fingerprint of APs and uses the fingerprint of the genuine AP to identify fake ones. We provide two schemes to detect a fake AP in two different scenarios where the genuine AP can be located at either a single or multiple locations in the property, by exploiting the multipath effect of the WIFI signal. As a departure from prior work, our approach does not rely on any professional measurement devices. Experimental results show that our approach can successfully detect 90% of the fake APs, at the cost of an one-off, modest connection delay

Resilient Wireless Sensor Networks Using Topology Control: A Review

Wireless sensor networks (WSNs) may be deployed in failure-prone environments, and WSNs nodes easily fail due to unreliable wireless connections, malicious attacks and resource-constrained features. Nevertheless, if WSNs can tolerate at most losing k − 1 nodes while the rest of nodes remain connected, the network is called k − connected. k is one of the most important indicators for WSNs’ self-healing capability. Following a WSN design flow, this paper surveys resilience issues from the topology control and multi-path routing point of view. This paper provides a discussion on transmission and failure models, which have an important impact on research results. Afterwards, this paper reviews theoretical results and representative topology control approaches to guarantee WSNs to be k − connected at three different network deployment stages: pre-deployment, post-deployment and re-deployment. Multi-path routing protocols are discussed, and many NP-complete or NP-hard problems regarding topology control are identified. The challenging open issues are discussed at the end. This paper can serve as a guideline to design resilient WSNs

Educational Technology and Related Education Conferences for June to December 2011

This potpourri of educational technology conferences includes gems such as “Saving Your Organisation from Boring eLearning” and “Lessons and Insights from Ten eLearning Masters”. And, if you wish, you can “Be an Open Learning Hero”. You will also find that the number of mobile learning conferences (and conferences that have a mobile learning component) have increased significantly. Countries such as China, Indonesia, Japan, and Thailand have shown a keen interest in mobile learning. It would be impossible for you to be present at all the conferences that you would like to attend. But, you could go to the conference website/url during and after the conference. Many conference organizers post abstracts, full papers, and/or videos of conference presentations. Thus, you can visit the conference virtually and may encounter information and contacts that would be useful in your work. The list below covers selected events focused primarily on the use of technology in educational settings and on teaching, learning, and educational administration. Only listings until December 2011 are complete as dates, locations, or URLs are not available for a number of events held after December 2011. But, take a look at the conference organizers who planned ahead in 2012. A Word 2003 format is used to enable people who do not have access to Word 2007 or higher version and those with limited or high-cost Internet access to find a conference that is congruent with their interests or obtain conference proceedings. (If you are seeking a more interactive listing, refer to online conference sites.) Consider using the “Find” tool under Microsoft Word’s “Edit” tab or similar tab in OpenOffice to locate the name of a particular conference, association, city, or country. If you enter the country “Australia” or “Singapore” in the “Find” tool, all conferences that occur in Australia or Singapore will be highlighted. Or, enter the word “research”. Then, “cut and paste” a list of suitable events for yourself and your colleagues. Please note that events, dates, titles, and locations may change; thus, CHECK the specific conference website. Note also that some events will be cancelled at a later date. All Internet addresses were verified at the time of publication. No liability is assumed for any errors that may have been introduced inadvertently during the assembly of this conference list. If possible, do not remove the contact information when you re-distribute the list as that is how I receive updates and corrections. If you mount the list on the web, please note its source

Educational Technology and Education Conferences, June to December 2012

The conference list contains events such as "Learning and Teaching","Innovation in e-Learning", "Online Teaching", "Distance Learning Administration", "The World Open Educational Resources Congress", "Mobile Health", and "Realizing Dreams"

A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends

This paper examines the security vulnerabilities and threats imposed by the inherent open nature of wireless communications and to devise efficient defense mechanisms for improving the wireless network security. We first summarize the security requirements of wireless networks, including their authenticity, confidentiality, integrity and availability issues. Next, a comprehensive overview of security attacks encountered in wireless networks is presented in view of the network protocol architecture, where the potential security threats are discussed at each protocol layer. We also provide a survey of the existing security protocols and algorithms that are adopted in the existing wireless network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term evolution (LTE) systems. Then, we discuss the state-of-the-art in physical-layer security, which is an emerging technique of securing the open communications environment against eavesdropping attacks at the physical layer. We also introduce the family of various jamming attacks and their counter-measures, including the constant jammer, intermittent jammer, reactive jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the integration of physical-layer security into existing authentication and cryptography mechanisms for further securing wireless networks. Finally, some technical challenges which remain unresolved at the time of writing are summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201

Securing the Wireless Emergency Alerts System

Modern cell phones are required to receive and display alerts via the Wireless Emergency Alert (WEA) program, under the mandate of the Warning, Alert, and Response Act of 2006. These alerts include AMBER alerts, severe weather alerts, and (unblockable) Presidential Alerts, intended to inform the public of imminent threats. Recently, a test Presidential Alert was sent to all capable phones in the U.S., prompting concerns about how the underlying WEA protocol could be misused or attacked. In this paper, we investigate the details of this system and develop and demonstrate the first practical spoofing attack on Presidential Alerts, using commercially available hardware and modified open source software. Our attack can be performed using a commercially available software-defined radio, and our modifications to the open source software libraries. We find that with only four malicious portable base stations of a single Watt of transmit power each, almost all of a 50,000-seat stadium can be attacked with a 90% success rate. The real impact of such an attack would, of course, depend on the density of cellphones in range; fake alerts in crowded cities or stadiums could potentially result in cascades of panic. Fixing this problem will require a large collaborative effort between carriers, government stakeholders, and cellphone manufacturers. To seed this effort, we also propose three mitigation solutions to address this threat

Mobility-Aware Video Streaming in MIMO-Capable Heterogeneous Wireless Networks

Multiple input and multiple output (MIMO) is a well-known technique for the exploitation of the spatial multiplexing (MUX) and spatial diversity (DIV) gains that improve transmission quality and reliability. In this paper, we propose a quality-adaptive scheme for handover and forwarding that supports mobile-video-streaming services in MIMO-capable, heterogeneous wireless-access networks such as those for Wi-Fi and LTE. Unlike previous handover schemes, we propose an appropriate metric for the selection of the wireless technology and the MIMO mode, whereby a new address availability and the wireless-channel quality, both of which are in a new wireless-access network so that the handover and video-playing delays are reduced, are considered. While an MN maintains its original care-of address (oCoA), the video packets destined for the MN are forwarded with the MIMO technique (MUX mode or DIV mode) on top of a specific wireless technology from the previous Access Router (pAR) to the new Access Router (nAR) until they finally reach the MN; however, to guarantee a high video-streaming quality and to limit the video-packet-forwarding hops between the pAR and the nAR, the MN creates a new CoA (nCOA) within the delay threshold of the QoS/quality of experience (QoE) satisfaction result, and then, as much as possible, the video packet is forwarded with the MUX. Through extensive simulations, we show that the proposed scheme is a significant improvement upon the other schemes