Cell degradation detection based on an inter-cell approach

Fault management is a crucial part of cellular network management systems. The status of the base stations is usually monitored by well-defined key performance indicators (KPIs). The approaches for cell degradation detection are based on either intra-cell or inter-cell analysis of the KPIs. In intra-cell analysis, KPI profiles are built based on their local history data whereas in inter-cell analysis, KPIs of one cell are compared with the corresponding KPIs of the other cells. In this work, we argue in favor of the inter-cell approach and apply a degradation detection method that is able to detect a sleeping cell that could be difficult to observe using traditional intra-cell methods. We demonstrate its use for detecting emulated degradations among performance data recorded from a live LTE network. The method can be integrated in current systems because it can operate using existing KPIs without any major modification to the network infrastructure

Co-Operation as an Asymmetric Form of Human-Computer Creativity. Case: Peace Machine

This theoretical paper identifies a need for a definition of asymmetric co-creativity where creativity is expected from the computational agent but not from the human user. Our co-operative creativity framework takes into account that the computational agent has a message to convey in a co-operative fashion, which introduces a trade-off on how creative the computer can be. The requirements of co-operation are identified from an interdisciplinary point of view. We divide cooperative creativity in message creativity, contextual creativity and communicative creativity. Finally these notions are applied in the context of the Peace Machine system concept.Peer reviewe

Memory Mapped I/O Register Test Case Generator for Large Systems-on-Chip

This paper addresses automated testing of a massive number of Memory Mapped Input/Output (MMIO) registers in a real large-scale Systems-on-Chip (SoC). The golden reference is an IP-XACT hardware description that includes a global memory map. The memory addresses for peripheral registers are required by software developers to access the peripherals from software.However, frequent hardware changes occur during the HW design process, but the changes might not always propagate to the SW developers and an incorrect memory map can cause unexpected behaviour and critical errors. Our goal is to ensure that the memory map corresponds exactly to the HW description.The correctness of the memory map can be verified by writing software test cases that access all MMIO-registers. Writing them manually is time consuming and error prone, for which reason we present a test case generator. We use a Rust-based software stack, where the generator itself is written in Rust while the generator input is in CMSIS-SVD-format that is generated from IP-XACT. We have used the generator extensively in Tampere SoC Hub Ballast and Headsail SoCs and fixed several errors before the chips manufacturing. The test generator can be used with any IP-XACT based SoCs.Peer reviewe

On Application Layer DDoS Attack Detection in High-Speed Encrypted Networks

Application-layer denial-of-service attacks have become a serious threat to modern high-speed computer networks and systems. Unlike network-layer attacks, application-layer attacks can be performed by using legitimate requests from legitimately connected network machines which makes these attacks undetectable for signature-based intrusion detection systems. Moreover, the attacks may utilize protocols that encrypt the data of network connections in the application layer making it even harder to detect attacker’s activity without decrypting users network traffic and violating their privacy. In this paper, we present a method which allows us to timely detect various applicationlayer attacks against a computer network. We focus on detection of the attacks that utilize encrypted protocols by applying an anomaly-detection-based approach to statistics extracted from network packets. Since network traffic decryption can violate ethical norms and regulations on privacy, the detection method proposed analyzes network traffic without decryption. The method involves construction of a model of normal user behavior by analyzing conversations between a server and clients. The algorithm is self-adaptive and allows one to update the model every time when a new portion of network traffic data is available. Once the model has been built, it can be applied to detect various types of application-layer denial-of- service attacks. The proposed technique is evaluated with realistic end user network traffic generated in our virtual network environment. Evaluation results show that these attacks can be properly detected, while the number of false alarms remains very low

Satellite-Assisted Multi-Connectivity in Beyond 5G

Due to the ongoing standardization and deployment activities, satellite networks will be supplementing the 5G and beyond Terrestrial Networks (TNs). For the satellite communications involved to be as efficient as possible, techniques to achieve that should be used. Multi-Connectivity (MC), in which a user can be connected to multiple Next Generation Node Bs simultaneously, is one such technique. However, the technique is not well-researched in the satellite environment. In this paper, an algorithm to activate MC for users in the weakest radio conditions is introduced. The algorithm operates dynamically, considering deactivation of MC to prioritize users in weaker conditions when necessary. The algorithm is evaluated with a packet-level 5G non-terrestrial network system simulator in a scenario that consists of a TN and transparent payload low earth orbit satellite. The algorithm outperforms the benchmark algorithms. The usage of MC with the algorithm increases the mean throughput of the users by 20.3% and the 5th percentile throughput by 83.5% compared to when MC is turned off.Comment: Accepted to be published in: 24th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM), June 12-15 2023, Boston, Massachusett

Towards a Unified Cybersecurity Testing Lab for Satellite, Aerospace, Avionics, Maritime, Drone (SAAMD) technologies and communications

Aviation, maritime, and aerospace traffic control, radar, communication, and software technologies received increasing attention in the research literature over the past decade, as software-defined radios have enabled practical wireless attacks on communication links previously thought to be unreachable by unskilled or low-budget attackers. Moreover, recently it became apparent that both offensive and defensive cybersecurity has become a strategically differentiating factor for such technologies on the war fields (e.g., Ukraine), affecting both civilian and military missions regardless of their involvement. However, attacks and countermeasures are usually studied in simulated settings, thus introducing the lack of realism or non-systematic and highly customized practical setups, thus introducing high costs, overheads, and less reproducibility. Our "Unified Cybersecurity Testing Lab" seeks to close this gap by building a laboratory that can provide a systematic, affordable, highly-flexible, and extensible setup. In this paper, we introduce and motivate our "Unified Cybersecurity Testing Lab for Satellite, Aerospace, Avionics, Maritime, Drone (SAAMD)" technologies and communications, as well as some peer-reviewed results and evaluation of the targeted threat vectors. We show via referenced peer-reviewed works that the current modules of the lab were successfully used to realistically attack and analyze air-traffic control, radar, communication, and software technologies such as ADS-B, AIS, ACARS, EFB, EPIRB and COSPAS-SARSAT. We are currently developing and integrating support for additional technologies (e.g., CCSDS, FLARM), and we plan future extensions on our own as well as in collaboration with research and industry. Our "Unified Cybersecurity Testing Lab" is open for use, experimentation, and collaboration with other researchers, contributors and interested parties

Cybersecurity of COSPAS-SARSAT and EPIRB: threat and attacker models, exploits, future research

COSPAS-SARSAT is an International programme for "Search and Rescue" (SAR) missions based on the "Satellite Aided Tracking" system (SARSAT). It is designed to provide accurate, timely, and reliable distress alert and location data to help SAR authorities of participating countries to assist persons and vessels in distress. Two types of satellite constellations serve COSPAS-SARSAT, low earth orbit search and rescue (LEOSAR) and geostationary orbiting search and rescue (GEOSAR). Despite its nearly-global deployment and critical importance, unfortunately enough, we found that COSPAS-SARSAT protocols and standard 406 MHz transmissions lack essential means of cybersecurity. In this paper, we investigate the cybersecurity aspects of COSPAS-SARSAT space-/satellite-based systems. In particular, we practically and successfully implement and demonstrate the first (to our knowledge) attacks on COSPAS-SARSAT 406 MHz protocols, namely replay, spoofing, and protocol fuzzing on EPIRB protocols. We also identify a set of core research challenges preventing more effective cybersecurity research in the field and outline the main cybersecurity weaknesses and possible mitigations to increase the system's cybersecurity level