734 research outputs found
Detecção de ataques por canais laterais na camada física
Today, with the advent of IoT and the resulting fragmentation of wireless technologies,
they bring not only benefits, but also concerns. Daily, several individuals
communicate with each other using various communication methods. Individuals
use a variety of devices for innocuous day-to-day activities; however, there are
some malicious individuals (dishonest agents) whose aim is to cause harm, with
the exfiltration of information being one of the biggest concerns. Since the security
of Wi-Fi communications is one of the areas of greatest investment and research
regarding Internet security, dishonest agents make use of side channels to exfiltrate
information, namely Bluetooth. Most current solutions for anomaly detection on
networks are based on analyzing frames or packets, which, inadvertently, can reveal
user behavior patterns, which they consider to be private. In addition, solutions
that focus on inspecting physical layer data typically use received signal power
(RSSI) as a distance metric and detect anomalies based on the relative position
of the network nodes, or use the spectrum values directly on models classification
without prior data processing.
This Dissertation proposes mechanisms to detect anomalies, while ensuring the privacy
of its nodes, which are based on the analysis of radio activity in the physical
layer, measuring the behavior of the network through the number of active and
inactive frequencies and the duration of periods of silence and activity. After the
extraction of properties that characterize these metrics,an exploration and study
of the data is carried out, followed by the use of the result to train One-Class
Classification models.
The models are trained with data taken from a series of interactions between a
computer, an AP, and a mobile phone in an environment with reduced noise, in
an attempt to simulate a simplified home automation scenario. Then, the models
were tested with similar data but containing a compromised node, which periodically
sent a file to a local machine via a Bluetooth connection. The data show
that, in both situations, it was possible to achieve detection accuracy rates in the
order of 75 % and 99 %.
This work ends with some ideas of resource work, namely changes in the level
of pre-processing, ideas of new tests and how to reduce the percentage of false
negatives.Hoje, com o advento da IoT e a resultante fragmentação das tecnologias sem fio,
elas trazem não apenas benefícios, mas também preocupações. Diariamente vários
indivíduos se comunicam entre si usando vários métodos de comunicação. Os
indivíduos usam uma variedade de dispositivos para atividades inócuas do dia-adia;
no entanto, existem alguns indivíduos mal-intencionados (agentes desonestos)
cujo objetivo é causar danos, sendo a exfiltração de informação uma das maiores
preocupações. Sendo a segurança das comunicações Wi-Fi uma das áreas de
maior investimento e investigação no que toca a segurança na Internet, os agentes
desonestos fazem uso de canais laterais para exfiltrar informação, nomeadamente
o Bluetooth. A maioria das soluções atuais para deteção de anomalias em redes
baseiam-se em analisar tramas ou pacotes, o que, inadvertidamente, pode revelar
padrões de comportamento dos utilizadores, que estes considerem privados. Além
disso, as soluções que se focam em inspecionar dados da camada física normalmente
usam a potência de sinal recebido (RSSI) como uma métrica de distância
e detetam anomalias baseadas na posição relativa dos nós da rede, ou usam os
valores do espetro diretamente em modelos de classificação sem prévio tratamento
de dados.
Esta Dissertação propõe mecanismos para deteção de anomalias, assegurando simultaneamente
a privacidade dos seus nós, que se baseiam na análise de atividade
rádio na camada física, medindo os comportamentos da rede através do número
de frequências ativas e inativas e a duração de períodos de silêncio e atividade.
Depois da extração de propriedades que caracterizam estas métricas, é realizada
uma exploração dos dados e um estudo das mesmas, sendo depois usadas para
treinar modelos de classificação mono-classe.
Os modelos são treinados com dados retirados de uma série de interações entre
um computador, um AP, e um telemóvel num ambiente com ruído reduzido, numa
tentativa de simular um cenário de automação doméstica simplificado. De seguida,
os modelos foram testados com dados semelhantes mas contendo um nó comprometido,
que periodicamente enviava um ficheiro para uma máquina local através
de uma ligação Bluetooth. Os dados mostram que, em ambas as situações, foi
possível atingir taxas de precisão de deteção na ordem dos 75% e 99%.
Este trabalho finaliza com algumas ideias de trabalho futuro, nomeadamente alterações
ao nível do pré-processamento, ideias de novos testes e como diminuir a
percentagem de falsos negativos.Mestrado em Engenharia de Computadores e Telemátic
IoT Sentinel: Automated Device-Type Identification for Security Enforcement in IoT
With the rapid growth of the Internet-of-Things (IoT), concerns about the
security of IoT devices have become prominent. Several vendors are producing
IP-connected devices for home and small office networks that often suffer from
flawed security designs and implementations. They also tend to lack mechanisms
for firmware updates or patches that can help eliminate security
vulnerabilities. Securing networks where the presence of such vulnerable
devices is given, requires a brownfield approach: applying necessary protection
measures within the network so that potentially vulnerable devices can coexist
without endangering the security of other devices in the same network. In this
paper, we present IOT SENTINEL, a system capable of automatically identifying
the types of devices being connected to an IoT network and enabling enforcement
of rules for constraining the communications of vulnerable devices so as to
minimize damage resulting from their compromise. We show that IOT SENTINEL is
effective in identifying device types and has minimal performance overhead
Exploratory approach for network behavior clustering in LoRaWAN
The interest in the Internet of Things (IoT) is increasing both as for research and market perspectives. Worldwide, we are
witnessing the deployment of several IoT networks for different applications, spanning from home automation to smart cities.
The majority of these IoT deployments were quickly set up with the aim of providing connectivity without deeply engineering
the infrastructure to optimize the network efficiency and scalability. The interest is now moving towards the analysis of the
behavior of such systems in order to characterize and improve their functionality. In these IoT systems, many data related to
device and human interactions are stored in databases, as well as IoT information related to the network level (wireless or
wired) is gathered by the network operators. In this paper, we provide a systematic approach to process network data gathered
from a wide area IoT wireless platform based on LoRaWAN (Long Range Wide Area Network). Our study can be used
for profiling IoT devices, in order to group them according to their characteristics, as well as detecting network anomalies.
Specifically, we use the k-means algorithm to group LoRaWAN packets according to their radio and network behavior. We
tested our approach on a real LoRaWAN network where the entire captured traffic is stored in a proprietary database. Quite
important is the fact that LoRaWAN captures, via the wireless interface, packets of multiple operators. Indeed our analysis
was performed on 997, 183 packets with 2169 devices involved and only a subset of them were known by the considered
operator, meaning that an operator cannot control the whole behavior of the system but on the contrary has to observe it.
We were able to analyze clusters’ contents, revealing results both in line with the current network behavior and alerts on
malfunctioning devices, remarking the reliability of the proposed approach
Exploratory approach for network behavior clustering in LoRaWAN
The interest in the Internet of Things (IoT) is increasing both as for research and market perspectives. Worldwide, we are witnessing the deployment of several IoT networks for different applications, spanning from home automation to smart cities. The majority of these IoT deployments were quickly set up with the aim of providing connectivity without deeply engineering the infrastructure to optimize the network efficiency and scalability. The interest is now moving towards the analysis of the behavior of such systems in order to characterize and improve their functionality. In these IoT systems, many data related to device and human interactions are stored in databases, as well as IoT information related to the network level (wireless or wired) is gathered by the network operators. In this paper, we provide a systematic approach to process network data gathered from a wide area IoT wireless platform based on LoRaWAN (Long Range Wide Area Network). Our study can be used for profiling IoT devices, in order to group them according to their characteristics, as well as detecting network anomalies. Specifically, we use the k-means algorithm to group LoRaWAN packets according to their radio and network behavior. We tested our approach on a real LoRaWAN network where the entire captured traffic is stored in a proprietary database. Quite important is the fact that LoRaWAN captures, via the wireless interface, packets of multiple operators. Indeed our analysis was performed on 997, 183 packets with 2169 devices involved and only a subset of them were known by the considered operator, meaning that an operator cannot control the whole behavior of the system but on the contrary has to observe it. We were able to analyze clusters’ contents, revealing results both in line with the current network behavior and alerts on malfunctioning devices, remarking the reliability of the proposed approach
UAV Based 5G Network: A Practical Survey Study
Unmanned aerial vehicles (UAVs) are anticipated to significantly contribute
to the development of new wireless networks that could handle high-speed
transmissions and enable wireless broadcasts. When compared to communications
that rely on permanent infrastructure, UAVs offer a number of advantages,
including flexible deployment, dependable line-of-sight (LoS) connection links,
and more design degrees of freedom because of controlled mobility. Unmanned
aerial vehicles (UAVs) combined with 5G networks and Internet of Things (IoT)
components have the potential to completely transform a variety of industries.
UAVs may transfer massive volumes of data in real-time by utilizing the low
latency and high-speed abilities of 5G networks, opening up a variety of
applications like remote sensing, precision farming, and disaster response.
This study of UAV communication with regard to 5G/B5G WLANs is presented in
this research. The three UAV-assisted MEC network scenarios also include the
specifics for the allocation of resources and optimization. We also concentrate
on the case where a UAV does task computation in addition to serving as a MEC
server to examine wind farm turbines. This paper covers the key implementation
difficulties of UAV-assisted MEC, such as optimum UAV deployment, wind models,
and coupled trajectory-computation performance optimization, in order to
promote widespread implementations of UAV-assisted MEC in practice. The primary
problem for 5G and beyond 5G (B5G) is delivering broadband access to various
device kinds. Prior to discussing associated research issues faced by the
developing integrated network design, we first provide a brief overview of the
background information as well as the networks that integrate space, aviation,
and land
Security Technologies and Methods for Advanced Cyber Threat Intelligence, Detection and Mitigation
The rapid growth of the Internet interconnectivity and complexity of communication systems has led us to a significant growth of cyberattacks globally often with severe and disastrous consequences. The swift development of more innovative and effective (cyber)security solutions and approaches are vital which can detect, mitigate and prevent from these serious consequences. Cybersecurity is gaining momentum and is scaling up in very many areas. This book builds on the experience of the Cyber-Trust EU project’s methods, use cases, technology development, testing and validation and extends into a broader science, lead IT industry market and applied research with practical cases. It offers new perspectives on advanced (cyber) security innovation (eco) systems covering key different perspectives. The book provides insights on new security technologies and methods for advanced cyber threat intelligence, detection and mitigation. We cover topics such as cyber-security and AI, cyber-threat intelligence, digital forensics, moving target defense, intrusion detection systems, post-quantum security, privacy and data protection, security visualization, smart contracts security, software security, blockchain, security architectures, system and data integrity, trust management systems, distributed systems security, dynamic risk management, privacy and ethics
Trustworthy Wireless Personal Area Networks
In the Internet of Things (IoT), everyday objects are equipped with the ability to compute and communicate. These smart things have invaded the lives of everyday people, being constantly carried or worn on our bodies, and entering into our homes, our healthcare, and beyond. This has given rise to wireless networks of smart, connected, always-on, personal things that are constantly around us, and have unfettered access to our most personal data as well as all of the other devices that we own and encounter throughout our day. It should, therefore, come as no surprise that our personal devices and data are frequent targets of ever-present threats. Securing these devices and networks, however, is challenging. In this dissertation, we outline three critical problems in the context of Wireless Personal Area Networks (WPANs) and present our solutions to these problems.
First, I present our Trusted I/O solution (BASTION-SGX) for protecting sensitive user data transferred between wirelessly connected (Bluetooth) devices. This work shows how in-transit data can be protected from privileged threats, such as a compromised OS, on commodity systems. I present insights into the Bluetooth architecture, Intel’s Software Guard Extensions (SGX), and how a Trusted I/O solution can be engineered on commodity devices equipped with SGX.
Second, I present our work on AMULET and how we successfully built a wearable health hub that can run multiple health applications, provide strong security properties, and operate on a single charge for weeks or even months at a time. I present the design and evaluation of our highly efficient event-driven programming model, the design of our low-power operating system, and developer tools for profiling ultra-low-power applications at compile time.
Third, I present a new approach (VIA) that helps devices at the center of WPANs (e.g., smartphones) to verify the authenticity of interactions with other devices. This work builds on past work in anomaly detection techniques and shows how these techniques can be applied to Bluetooth network traffic. Specifically, we show how to create normality models based on fine- and course-grained insights from network traffic, which can be used to verify the authenticity of future interactions
- …