Location Assurance and Privacy in GNSS Navigation

The growing popularity of location-based services such as GNSS (Global Navigation Satellite System) navigation requires confidence in the reliability of the calculated locations. The exploration of a user’s location also gives rise to severe privacy concerns. Within an ESA (European Space Agency) funded project, we have developed a service that not only verifies the correctness of users’ locations but also enables users to control the accuracy of their revealed locations

A training-resistant anomaly detection system

Modern network intrusion detection systems rely on machine learning techniques to detect traffic anomalies and thus intruders. However, the ability to learn the network behaviour in real-time comes at a cost: malicious software can interfere with the learning process, and teach the intrusion detection system to accept dangerous traffic. This paper presents an intrusion detection system (IDS) that is able to detect common network attacks including but not limited to, denial-of-service, bot nets, intrusions, and network scans. With the help of the proposed example IDS, we show to what extent the training attack (and more sophisticated variants of it) has an impact on machine learning based detection schemes, and how it can be detected. © 2018 Elsevier Lt

Partitioning Cryptanalysis

. Matsui's linear cryptanalysis of iterated block ciphers is extended to an attack called partitioning cryptanalysis which considers a partition of the plaintext space and a partition of the last-round input space. Partitioning cryptanalysis exploits a potential weakness of the cipher, namely that the last-round inputs are non-uniformly distributed over the blocks of the second partition when the plaintexts are taken from a particular block of the first partition. The attack is formalized and requirements for the attack to be successful are stated. A cipher for which partitioning cryptanalysis performs better than linear and differential cryptanalysis is contrived. Finally, the success probability of partitioning cryptanalysis is estimated and a procedure for finding a pair of partitions that yields a successful attack is analyzed. Key words. Partitioning cryptanalysis, linear cryptanalysis, differential cryptanalysis, block ciphers. 1 Introduction In cryptography, frequent use is ma..

Information Security Maturity as an Integral Part of ISMS based Risk Management Tools

Measuring the continuous improvement of Information Security Management Systems (ISMS) is often neglected as most organizations do not know how to extract key-indicators that could be used for this purpose. The underlying work presents a six-level maturity model which can be fully integrated in a risk management tool and helps to define key indicators for measuring the improvement of an ISMS. Furthermore, the proposed model establishes on how far the increase of maturity can help to mitigate information security risks and finally, a cost-benefit equation is presented which can be used to quantitatively justify the increase of maturity of an ISMS and to establish an action plan increasing the maturity

Fast and optimal countermeasure selection for attack defence trees

Risk treatment is an important part of risk management, and deals with the question which security controls shall be implemented in order to mitigate risk. Indeed, most notably when the mitigated risk is low, the costs engendered by the implementation of a security control may exceed its benefits. The question becomes particularly interesting if there are several countermeasures to choose from. A promising candidate for modeling the effect of defensive mechanisms on a risk scenario are attack–defence trees. Such trees allow one to compute the risk of a scenario before and after the implementation of a security control, and thus to weigh its benefits against its costs. A naive approach for finding an optimal set of security controls is to try out all possible combinations. However, such a procedure quickly reaches its limits already for a small number of defences. This paper presents a novel branch-and-bound algorithm, which skips a large part of the combinations that cannot lead to an optimal solution. The performance is thereby increased by several orders of magnitude compared to the pure brute–force version. © 2017, Springer International Publishing AG

Boundary Waters Treaty

The treaty provides the principles and mechanisms to help resolve disputes and to prevent future ones, primarily those concerning water quantity and water quality along the boundary between Canada and the United States

Detecting meaconing attacks by analysing the clock bias of GNSS receivers

Existing Global Navigation Satellite Systems offer no authentication of their satellite signals towards their civilian users. As a consequence, several types of GNSS-related attacks, including meaconing, may be performed and remain undetected. In the scope of the project “Developing a prototype of Localisation Assurance Service Provider”, which is funded by ESA and realised by the company itrust consulting and the University of Luxembourg, a methodology to visualise the beginnings and the ends of meaconing attacks by monitoring the clock bias of an attacked receiver over time was developed. This paper presents an algorithm that is based on this attack visualisation technique and is capable of detecting meaconing attacks automatically. Experiments in a controlled environment confirmed that the chosen methodology works properly. In one of these tests, for example, six meaconing attacks were simulated by using a GNSS signal repeater. The algorithm was able to detect the beginnings and the ends of all six attacks, while resulting in no more than two false positives, even though the average delay introduced by the meaconing stations (repeater) was just 80 nanoseconds

Bridging two worlds: Reconciling practical risk assessment methodologies with theory of attack trees

Security risk treatment often requires a complex cost-benefit analysis to be carried out in order to select countermeasures that optimally reduce risks while having minimal costs. According to ISO/IEC 27001, risk treatment relies on catalogues of countermeasures, and the analysts are expected to estimate the residual risks. At the same time, recent advancements in attack tree theory provide elegant solutions to this optimization problem. In this short paper we propose to bridge the gap between these two worlds by introducing optimal countermeasure selection problem on attack-defense trees into the TRICK security risk assessment methodology