Men-in-the-Middle Attack Simulation on Low Energy Wireless Devices using Software Define Radio

The article presents a method which organizes men-in-the-middle attack and penetration test on Bluetooth Low Energy devices and ZigBee packets by using software define radio with sniffing and spoofing packets, capture and analysis techniques on wireless waves with the focus on BLE. The paper contains the analysis of the latest scientific works in this area, provides a comparative analysis of SDRs with the rationale for the choice of hardware, gives the sequence order of actions for collecting wireless data packets and data collection from ZigBee and BLE devices, and analyzes ways which can improve captured wireless packet analysis techniques. The results of the experimental setup, collected for the study, were analyzed in real time and the collected wireless data packets were compared with the one, which have sent the origin. The result of the experiment shows the weaknesses of local wireless networks

Results and Tools for Evaluating the Effectiveness of Focusing Systems to Improve Accessibility in Wireless Networks

Широке поширення безпроводових технологій призводить до постійно зростання кількості користувачів і постійно функціонуючих пристроїв. Але зростання кількості безпроводових користувачів в обмеженому просторі і обмеженому частотному діапазоні призводить до зростання їх взаємного впливу, що в кінцевому підсумку негативно позначається на пропускній спроможності безпроводових каналів і навіть на працездатності системи в цілому. У статті наведено статистику і тенденції поширення безпроводових мереж систем стандарту IEEE 802.11, а також проаналізовано основні проблеми, що виникають в ході розширення їх використання. Обґрунтування і вибір шляхів подолання цих труднощів багато в чому залежить від об’єктивного контролю параметрів випромінювання точок доступу і абонентських коштів в конкретній обстановці. Наведено огляд штатних засобів контролю, передбачених розробниками обладнання, і запропоновані авторські варіанти експериментальних вимірювальних комплексів, що дозволяють контролювати сигнальні та інформаційні параметри систем Wi-Fi. Представлені отримані з використанням зазначених коштів експериментальні результати оцінки підвищення доступності та пропускної здатності на основі застосування прискорюючої металопластинчастої лінзи як додаткового автономного елементу для фокусування поля в тому числі і для систем MIMO, впливу прискорюючої металопластинчастої лінзи на просторовий розподіл поля, на спектральну структуру сигналу. Крім того, досліджувалися поляризаційні ефекти. Обговорюються можливі шляхи подальшого підвищення доступності, цілісності інформації та енергетичної ефективності систем безпроводового доступу. Автори пропонують більш прості і менш витратні варіанти підвищення спрямованості випромінювання на основі прискорюючої металопластинчастої лінзи, що випробувано експериментально, а також використання зонування простору на шляху ЕОМ.The widespread use of wireless technologies leads to an ever-increasing number of users and permanently functioning devices. However, the growth of the number of wireless users in a limited space and a limited frequency range leads to an increase in their mutual influence, which ultimately affects the throughput of wireless channels and even the performance of the system as a whole. The article presents the statistics and tendencies of the distribution of wireless networks of the IEEE 802.11 standard systems, as well as analyzes the main problems that arise during the expansion of their use. Substantiation and choice of ways to overcome these difficulties largely depends on the objective control of radiation parameters of access points and subscriber funds in a particular environment. The review of the state control facilities provided by the developers of the equipment is presented, and author's variants of experimental measuring complexes are offered, allowing to control signal and information parameters of Wi-Fi systems. The experimental results obtained with the use of the indicated means, obtained using the accelerating metal-plate lens as an additional autonomous element for focusing the field, including for MIMO systems, the effect of the accelerating metal-plate lens on the spatial distribution of the field, on the spectral structure of the signal are presented. In addition, polarization effects were investigated. Possible ways to further increase the availability, integrity of information and energy efficiency of wireless access systems are discussed. The authors propose simpler and less costly options for increasing the direction of radiation on the basis of an accelerating metal-plate lens, experimentally tested, as well as the use of zone zoning on the path of the computer

Results and Tools for Evaluating the Effectiveness of Focusing Systems to Improve Accessibility in Wireless Networks

The widespread use of wireless technologies leads to an ever-increasing number of users and permanently functioning devices. However, the growth of the number of wireless users in a limited space and a limited frequency range leads to an increase in their mutual influence, which ultimately affects the throughput of wireless channels and even the performance of the system as a whole. The article presents the statistics and tendencies of the distribution of wireless networks of the IEEE 802.11 standard systems, as well as analyzes the main problems that arise during the expansion of their use. Substantiation and choice of ways to overcome these difficulties largely depends on the objective control of radiation parameters of access points and subscriber funds in a particular environment. The review of the state control facilities provided by the developers of the equipment is presented, and author's variants of experimental measuring complexes are offered, allowing to control signal and information parameters of Wi-Fi systems. The experimental results obtained with the use of the indicated means, obtained using the accelerating metal-plate lens as an additional autonomous element for focusing the field, including for MIMO systems, the effect of the accelerating metal-plate lens on the spatial distribution of the field, on the spectral structure of the signal are presented. In addition, polarization effects were investigated. Possible ways to further increase the availability, integrity of information and energy efficiency of wireless access systems are discussed. The authors propose simpler and less costly options for increasing the direction of radiation on the basis of an accelerating metal-plate lens, experimentally tested, as well as the use of zone zoning on the path of the computer.Comment: in Ukrainia

Performing Sniffing and Spoofing Attack Against ADS-B and Mode S using Software Define Radio

his paper discusses the aviation Automatic Dependent Surveillance-Broadcast Vulnerabilities such as Sniffing and Spoofing over it with the help of Software Defined Radio (SDR) by looking at data frame structure and no encryption on this kind of message, we were able to capture 1090 MHz and 978 MHz signals and decoding them and gather all necessary information from it. Then we tried to have visual information by using VirtualRadar and online aviation databases. So we successfully could regenerate and encode messages with our data input and resend them at the same frequency as we captured 1090 MHz. That led us to a spoofing attack, which we could confirm by receiving our own generated messages. And in the end, we had an idea to use Long Short-Term Memory (LSTM) neural network to detect such spoofing attacks

Authentication System by Human Brainwaves Using Machine Learning and Artificial Intelligence

Authentication and authorization are an indispensable piece of security in computer-based frameworks. As an option for biometrics, electroencephalography (EEG) authentication (authorization) presents focal points contrasted with other biological qualities. Brainwaves are difficult to reproduce, and diverse mental undertakings produce various brainwaves. This examination researches the parts of execution and time-invariance of the EEG-based confirmation. Two arrangements of trials are done to record EEG of various people. We actualize the utilization of artificial intelligence (AI), for example, support vector machine (SVM) and deep neural network (DNN) to characterize EEG of subjects. The correlation between EEG highlights, anodes position, and a mental errand is made. We accomplish more than 90% order exactness utilizing three kinds of highlights from four electrodes. Information from prior meetings is utilized as AI preparing information and information from later meeting are grouped. We discovered that characterization precision diminishes after some time, and inactive undertakings perform in a way that is better than dynamic errands

Brainwave-based authentication using features fusion

This article investigates the use of human brainwaves for user authentication. We used data collected from 50 volunteers and leveraged the Support Vector Machine (SVM) as a classification algorithm for the case study. User recognition patterns are taken from a combination of blinking, attention concentration, and picture recognition emotion sequences. These actions impact alpha, beta, gamma, and theta brain waves, which are measured using several electrodes. Ten different electrode placement patterns are explored, with varied positioning on the head. For each placement position, four features are examined, for a total of 40 extracts in the learning model. Features are: 1) spectral information, 2) coherence, 3) mutual correlation coefficient, and 4) mutual information. Each feature type is trained by the SVM algorithm, and the 40 weak classifier candidates. Adaptive Boosting (AdaBoost), a type of machine learning, is then used to generate a robust classifier, which is subsequently used to create a model, and select features, used to accurately identify individuals for authentication purposes. Upon verifying the proposed method using 32 legitimate users and 18 intruders, we obtained an authentication error rate (ERR) of 0.52%, and a classification rate of 99.06%

Wireless Sensors for Brain Activity — A Survey

Over the last decade, the area of electroencephalography (EEG) witnessed a progressive move from high-end large measurement devices, relying on accurate construction and providing high sensitivity, to miniature hardware, more specifically wireless wearable EEG devices. While accurate, traditional EEG systems need a complex structure and long periods of application time, unwittingly causing discomfort and distress on the users. Given their size and price, aside from their lower sensitivity and narrower spectrum band(s), wearable EEG devices may be used regularly by individuals for continuous collection of user data from non-medical environments. This allows their usage for diverse, nontraditional, non-medical applications, including cognition, BCI, education, and gaming. Given the reduced need for standardization or accuracy, the area remains a rather incipient one, mostly driven by the emergence of new devices that represent the critical link of the innovation chain. In this context, the aim of this study is to provide a holistic assessment of the consumer-grade EEG devices for cognition, BCI, education, and gaming, based on the existing products, the success of their underlying technologies, as benchmarked by the undertaken studies, and their integration with current applications across the four areas. Beyond establishing a reference point, this review also provides the critical and necessary systematic guidance for non-medical EEG research and development efforts at the start of their investigation

Дослідження спуфінгу ідентифікатора абонента при реєстрації: виявлення та протидія

Caller ID parodying produces the valid Caller character, in this manner deciding seem to start from another client. This apparently basic assault strategy has been utilized in the developing communication fake and trick calls, bringing about significant financial trouble. Unfortunately, callerID spoofing is easy to implement but yet it is difficult to have protection against it. In addition, there are not effective and defense solutions available right now. In this research it is suggested the CIVE (Callee Inference & VErification), a compelling and viable guard against Caller ID spoofing. This way it is described how it’s possible to lunch call spoofing and between line describe how CIVE approach method can help to prevent somehow this kind of attacks. Caller ID Spoofing could cause huge financial and political issues special nowadays, when many things even sometimes authentication and verification are available by phone call, like banks approving transactions or two factor authentications and many other things. We believe critical industries specially banks and payment service providers should be protected against such vulnerabilities with their system and make an approach to prevent it, also it is very important to learn people specially who has special social place like politicians or celebrities to know such kind of attack are already exist. For this paper we implemented a call from white house to show there is no limitation and no matter whom you try to spoof, but destination which is the victim receive the call and that make this attack vector dangerous. And even modern communication and even devices like 4G and smart phones are not able to prevent or even detect this kind of attack. This study is a demonstration of the vulnerabilities available. All experiments were conducted on isolated mock-ups.При підробленні ідентифікатора абонента надається дійсний доступ до сервісів від імені іншого абонента. Ця основна стратегія нападу часто застосовується в існуючих телекомунікаційних мережах для підробки и фальсифікації доступу, що спричиняє значні фінансові збитки. Нажаль, підробку ідентифікатора абонента здійснити досить легко, а захиститися від неї вкрай важко. Крім того, зараз не існує ефективних рішень по протидії цій вразливості. У цьому дослідженні пропонується застосування CIVE (Callee Inference & VErification) — можливий захист від підроблення ідентифікатора абонента. В статті представлено, як можна підробляти виклики, а також представлений метод CIVE, за допомогою якого можливо частково протидіяти подібним нападам. Підроблення ідентифікатора абонента може спричинити величезні фінансові та політичні проблеми, особливо сьогодні, коли багато речей, навіть автентифікація та підтвердження, доступні за допомогою телефонного дзвінка, наприклад, при доступі до банківських рахунків, підтвердження транзакцій за допомогою двофакторної автентифікації та багато інших речей. Ми вважаємо, що у критичних галузях, зокрема для банків та постачальників інших платіжних послуг, інформаційні системи повинні бути захищені від таких вразливостей і мати на озброєні методи запобігання. Також важливо навчити персонал, який має особливе соціальне значення — політиків і знаменитостей, що такі види атака вже існують і можуть призвести до іміджевих втрат. Для цього документу ми реалізували дзвінок з Білого дому, щоб показати відсутність обмежень при виборі жертви, а потерпілий отримує дзвінок і робить цей вектор нападу небезпечним. Ані сучасні телекомунікаційні компанії, ані виробники пристроїв на зразок 4G смартфонів не здатні запобігти або навіть виявити подібний напад. Це дослідження є демонстрацією наявних уразливих місць. Усі експерименти проводилися на ізольованих макетах