Attacking and securing beacon-enabled 802.15.4 networks

The IEEE 802.15.4 standard has attracted timecritical applications in wireless sensor networks because of its beacon-enabled mode and guaranteed timeslots (GTSs). However, the GTS management scheme’s security mechanisms still leave the 802.15.4 medium access control vulnerable to attacks. Further, the existing techniques in the literature for securing 802.15.4 networks either focus on nonbeacon-enabled 802.15.4 networks or cannot defend against insider attacks for beacon-enabled 802.15.4 networks. In this paper, we illustrate this by demonstrating attacks on the availability and integrity of the beaconenabled 802.15.4 network. To confirm the validity of the attacks, we implement the attacks using Tmote Sky motes for wireless sensor nodes, where the malicious node is deployed as an inside attacker. We show that the malicious node can freely exploit information retrieved from the beacon frames to compromise the integrity and availability of the network. To defend against these attacks, we present BCN-Sec, a protocol that ensures the integrity of data and control frames in beacon-enabled 802.15.4 networks. We implement BCN-Sec, and show its efficacy during various attacks

Emerging Technologies for Connected and Smart Vehicles

[EN] The ten articles in this special section focus on new and emerging technologies for connected and smart vehicles. Due to the rapid growth of connected vehicles, many research constraints need to be addressed, e.g., reliability and latency, practical MAC and routing protocols, performance and adaptability to the changes in the environment (node density and oscillation in network topology), and validation of protocols under the umbrella of coherent assumptions using simulation methodologies. In this Feature Topic, we present 10 papers proposing very interesting solutions and architectures for futuristic and smarter connected vehiclesAhmed, SH.; Ben-Othman, J.; Lloret, J.; Khokhar, A.; Beyah, R.; Sánchez, A.; Guibene, W. (2018). Emerging Technologies for Connected and Smart Vehicles. IEEE Communications Magazine. 56(10):20-21. https://doi.org/10.1109/MCOM.2018.84931122021561

SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices

Trusted Execution Environments (TEEs) embedded in IoT devices provide a deployable solution to secure IoT applications at the hardware level. By design, in TEEs, the Trusted Operating System (Trusted OS) is the primary component. It enables the TEE to use security-based design techniques, such as data encryption and identity authentication. Once a Trusted OS has been exploited, the TEE can no longer ensure security. However, Trusted OSes for IoT devices have received little security analysis, which is challenging from several perspectives: (1) Trusted OSes are closed-source and have an unfavorable environment for sending test cases and collecting feedback. (2) Trusted OSes have complex data structures and require a stateful workflow, which limits existing vulnerability detection tools. To address the challenges, we present SyzTrust, the first state-aware fuzzing framework for vetting the security of resource-limited Trusted OSes. SyzTrust adopts a hardware-assisted framework to enable fuzzing Trusted OSes directly on IoT devices as well as tracking state and code coverage non-invasively. SyzTrust utilizes composite feedback to guide the fuzzer to effectively explore more states as well as to increase the code coverage. We evaluate SyzTrust on Trusted OSes from three major vendors: Samsung, Tsinglink Cloud, and Ali Cloud. These systems run on Cortex M23/33 MCUs, which provide the necessary abstraction for embedded TEEs. We discovered 70 previously unknown vulnerabilities in their Trusted OSes, receiving 10 new CVEs so far. Furthermore, compared to the baseline, SyzTrust has demonstrated significant improvements, including 66% higher code coverage, 651% higher state coverage, and 31% improved vulnerability-finding capability. We report all discovered new vulnerabilities to vendors and open source SyzTrust.Comment: To appear in the IEEE Symposium on Security and Privacy (IEEE S&P) 2024, San Francisco, CA, US