777 research outputs found
MiniCPS: A toolkit for security research on CPS Networks
In recent years, tremendous effort has been spent to modernizing
communication infrastructure in Cyber-Physical Systems (CPS) such as Industrial
Control Systems (ICS) and related Supervisory Control and Data Acquisition
(SCADA) systems. While a great amount of research has been conducted on network
security of office and home networks, recently the security of CPS and related
systems has gained a lot of attention. Unfortunately, real-world CPS are often
not open to security researchers, and as a result very few reference systems
and topologies are available. In this work, we present MiniCPS, a CPS
simulation toolbox intended to alleviate this problem. The goal of MiniCPS is
to create an extensible, reproducible research environment targeted to
communications and physical-layer interactions in CPS. MiniCPS builds on
Mininet to provide lightweight real-time network emulation, and extends Mininet
with tools to simulate typical CPS components such as programmable logic
controllers, which use industrial protocols (Ethernet/IP, Modbus/TCP). In
addition, MiniCPS defines a simple API to enable physical-layer interaction
simulation. In this work, we demonstrate applications of MiniCPS in two example
scenarios, and show how MiniCPS can be used to develop attacks and defenses
that are directly applicable to real systems.Comment: 8 pages, 6 figures, 1 code listin
MagicPairing: Apple's Take on Securing Bluetooth Peripherals
Device pairing in large Internet of Things (IoT) deployments is a challenge
for device manufacturers and users. Bluetooth offers a comparably smooth trust
on first use pairing experience. Bluetooth, though, is well-known for security
flaws in the pairing process. In this paper, we analyze how Apple improves the
security of Bluetooth pairing while still maintaining its usability and
specification compliance. The proprietary protocol that resides on top of
Bluetooth is called MagicPairing. It enables the user to pair a device once
with Apple's ecosystem and then seamlessly use it with all their other Apple
devices. We analyze both, the security properties provided by this protocol, as
well as its implementations. In general, MagicPairing could be adapted by other
IoT vendors to improve Bluetooth security. Even though the overall protocol is
well-designed, we identified multiple vulnerabilities within Apple's
implementations with over-the-air and in-process fuzzing
Nearby Threats: Reversing, Analyzing, and Attacking Google’s 'Nearby Connections' on Android
Google’s Nearby Connections API enables any An-droid (and Android Things) application to provide proximity-based services to its users, regardless of their network connectivity.The API uses Bluetooth BR/EDR, Bluetooth LE and Wi-Fi to let“nearby” clients (discoverers) and servers (advertisers) connectand exchange different types of payloads. The implementation ofthe API is proprietary, closed-source and obfuscated. The updatesof the API are automatically installed by Google across differentversions of Android, without user interaction. Little is knownpublicly about the security guarantees offered by the API, eventhough it presents a significant attack surface.In this work we present the first security analysis of theGoogle’s Nearby Connections API, based on reverse-engineeringof its Android implementation. We discover and implement sev-eral attacks grouped into two families: connection manipulation(CMA) and range extension attacks (REA). CMA-attacks allow anattacker to insert himself as a man-in-the-middle and manipulateconnections (even unrelated to nearby), and to tamper withthe victim’s interface and network configuration. REA-attacksallow an attacker to tunnel any nearby connection to remotelocations, even between two honest devices. Our attacks areenabled by REArby, a toolkit we developed while reversingthe API implementation. REArby includes a dynamic binaryinstrumenter, a packet dissector, and the implementations ofcustom Nearby Connections client and server. We plan to open-source REArby after a responsible disclosure period
Blurtooth: Exploiting cross-transport key derivation in Bluetooth classic and Bluetooth low energy
Bluetooth is a pervasive wireless technology specified in an open
standard. The standard defines Bluetooth Classic (BT) for high-
throughput wireless services and Bluetooth Low Energy (BLE) very
low-power ones. The standard also specifies security mechanisms,
such as pairing, session establishment, and cross-transport key
derivation (CTKD). CTKD enables devices to establish BT and BLE
security keys by pairing just once. CTKD was introduced in 2014
with Bluetooth 4.2 to improve usability. However, the security im-
plications of CTKD were not studied carefully.
This work demonstrates that CTKD is a valuable and novel Blue-
tooth attack surface. It enables, among others, to exploit BT and BLE
just by targeting one of the two (i.e., Bluetooth cross-transport ex-
ploitation). We present the design of the first cross-transport attacks
on Bluetooth. Our attacks exploit issues that we identified in the
specification of CTKD. For example, we find that CTKD enables an
adversary to overwrite pairing keys across transports. We leverage
these vulnerabilities to impersonate, machine-in-the-middle, and
establish unintended sessions with any Bluetooth device support-
ing CTKD. Since the presented attacks blur the security boundary
between BT and BLE, we name them BLUR attacks. We provide a
low-cost implementation of the attacks and test it on a broad set
of devices. In particular, we successfully attack 16 devices with 14
unique Bluetooth chips from popular vendors (e.g., Cypress, Intel,
Qualcomm, CSR, Google, and Samsung), with Bluetooth standard
versions of up to 5.2. We discuss why the countermeasures in the
Bluetooth are not effective against our attacks, and we develop and
evaluate practical and effective alternatives
High Levels of β-Amyloid, Tau, and Phospho-Tau in Red Blood Cells as Biomarkers of Neuropathology in Senescence-Accelerated Mouse
Alzheimer’s Disease (AD) is the most common Neurodegenerative Disease (ND), primarily characterised by neuroinflammation,
neuronal plaques of β-amyloid (Aβ), and neurofibrillary tangles of hyperphosphorylated tau. α-Synuclein (α-syn) and its
heteroaggregates with Aβ and tau have been recently included among the neuropathological elements of NDs. These
pathological traits are not restricted to the brain, but they reach peripheral fluids as well. In this sense, Red Blood Cells (RBCs)
are emerging as a good model to investigate the biochemical alterations of aging and NDs. Herein, the levels of homo- and
heteroaggregates of ND-related proteins were analysed at different stages of disease progression. In particular, a validated animal
model of AD, the SAMP8 (Senescence-Accelerated Mouse-Prone) and its control strain SAMR1 (Senescence-Accelerated
Mouse-Resistant) were used in parallel experiments. The levels of the aforementioned proteins and of the inflammatory marker
interleukin-1β (IL-1β) were examined in both brain and RBCs of SAMP8 and SAMR1 at 6 and 8 months. Brain Aβ, tau, and
phospho-tau (p-tau) were higher in SAMP8 mice than in control mice and increased with AD progression. Similar
accumulation kinetics were found in RBCs, even if slower. By contrast, α-syn and its heterocomplexes (α-syn-Aβ and α-syn-tau)
displayed different accumulation kinetics between brain tissue and RBCs. Both brain and peripheral IL-1β levels were higher in
SAMP8 mice, but increased sooner in RBCs, suggesting that inflammation might initiate at a peripheral level before affecting the
brain. In conclusion, these results confirm RBCs as a valuable model for monitoring neurodegeneration, suggesting peripheral
Aβ, tau, and p-tau as potential early biomarkers of AD
Palmitoylethanolamide Counteracts Enteric Inflammation and Bowel Motor Dysfunctions in a Mouse Model of Alzheimer’s Disease
Palmitoylethanolamide (PEA), an endogenous lipid mediator, is emerging as a promising pharmacological agent in multiple neurodegenerative disorders for its anti-inflammatory and neuroprotective properties. However, its effects on enteric inflammation and colonic dysmotility associated with Alzheimer’s disease (AD) are lacking. This study was designed to investigate the beneficial effect of PEA administration in counteracting the enteric inflammation and relieving the bowel motor dysfunctions in an AD mouse model, SAMP8 mice. In addition, the ability of PEA in modulating the activation of enteric glial cells (EGCs), pivotally involved in the pathophysiology of bowel dysfunctions associated with inflammatory conditions, has also been examined. SAMP8 mice at 4 months of age were treated orally with PEA (5 mg/kg/day) for 2 months. SAMR1 animals were employed as controls. At the end of treatment, parameters dealing with colonic motility, inflammation, barrier integrity and AD protein accumulation were evaluated. The effect of PEA on EGCs was tested in cultured cells treated with lipopolysaccharide (LPS) plus β-amyloid 1–42 (Aβ). SAMP8 treated with PEA displayed: 1) an improvement of in vitro colonic motor activity, citrate synthase activity and intestinal epithelial barrier integrity and 2) a decrease in colonic Aβ and α-synuclein (α-syn) accumulation, S100-β expression as well as enteric IL-1β and circulating LPS levels, as compared with untreated SAMP8 mice. In EGCs, treatment with PEA counteracted the increment of S100-β, TLR-4, NF-κB p65 and IL-1β release induced by LPS and Aβ. These results suggest that PEA, under a condition of cognitive decline, prevents the enteric glial hyperactivation, reduces AD protein accumulation and counteracts the onset and progression of colonic inflammatory condition, as well as relieves intestinal motor dysfunctions and improves the intestinal epithelial barrier integrity. Therefore, PEA represents a viable approach for the management of the enteric inflammation and motor contractile abnormalities associated with AD
Comparison of the diagnostic performance of 64-slice computed tomography coronary angiography in diabetic and non-diabetic patients with suspected coronary artery disease
<p>Abstract</p> <p>Background</p> <p>Diabetics have high prevalence of subclinical coronary artery disease (CAD) with typical characteristics (diffuse disease, large calcifications). Although 64-slice multidetector computed tomography (MDCT) coronary angiography has high diagnostic accuracy to detect CAD, its diagnostic performance in diabetics with suspected CAD is unknown. To compare the diagnostic performance of 64-slice MDCT between diabetics and non-diabetics with suspected CAD scheduled for invasive coronary angiography (ICA).</p> <p>Methods</p> <p>We enrolled one hundred and five diabetic patients (92 men, age 65 +/- 9 years, Group 1) and 105 non-diabetic patients (63 men, age 63+/-5 years, Group 2) with indication to ICA for suspected CAD undergoing coronary 64-slice MDCT before ICA.</p> <p>Results</p> <p>In Group 1, the overall feasibility of coronary artery visualization was 93.8%. The most frequent artifact was blooming due to large coronary calcifications (54 artifacts, 67%). In Group 2, the overall feasibility was significantly higher vs. Group 1 (97%, p < 0.0001). In Group 1, the segment-based analysis showed a MDCT sensibility, specificity, positive predictive value, negative predictive value and accuracy for the detection of ≥50% luminal narrowing of 77%, 90%, 70%, 93% and 87%, respectively. In Group 2, all these parameters were significantly higher vs. Group 1. In the patient-based analysis, specificity, negative predictive value and accuracy were significantly lower in Group 1 vs. Group 2.</p> <p>Conclusions</p> <p>Although MDCT has high sensitivity for early identification of significant CAD in diabetics, its diagnostic performance is significantly reduced in these patients as compared to non-diabetics with similar clinical characteristics.</p
Understanding farm generational renewal and its influencing factors in Europe
Understanding the complex process of generational renewal (GR) in agriculture is essential for supporting the continuation of farming. This paper demonstrates how multiple factors, simultaneously and through their mutual interactions, influence GR and related individual decision-making processes. Results originated from 155 in-depth interviews performed on 85 farms in eleven European regions, and were triangulated with the literature. Our analysis, combining inductive and deductive approaches, revealed three conceptual phases (successor identity formation, farm succession process, and farm development) and fourteen factors important to understand GR. We elaborate how these factors interact, hence exert their impact on (one of) the phases in a complex and variable way. Implications highlight potential pitfalls and opportunities for attracting people into agriculture. Although policy-makers should be aware of their limited ability to affect GR by targeting the first phase, we propose some ideas that would complement current existing measures acting on the third phase
- …