Visible to the public Biblio

Filters: Author is Hossain, Mahmud  [Clear All Filters]
2023-01-13
Hoque, Mohammad Aminul, Hossain, Mahmud, Hasan, Ragib.  2022.  BenchAV: A Security Benchmarking Framework for Autonomous Driving. 2022 IEEE 19th Annual Consumer Communications & Networking Conference (CCNC). :729—730.

Autonomous vehicles (AVs) are capable of making driving decisions autonomously using multiple sensors and a complex autonomous driving (AD) software. However, AVs introduce numerous unique security challenges that have the potential to create safety consequences on the road. Security mechanisms require a benchmark suite and an evaluation framework to generate comparable results. Unfortunately, AVs lack a proper benchmarking framework to evaluate the attack and defense mechanisms and quantify the safety measures. This paper introduces BenchAV – a security benchmark suite and evaluation framework for AVs to address current limitations and pressing challenges of AD security. The benchmark suite contains 12 security and performance metrics, and an evaluation framework that automates the metric collection process using Carla simulator and Robot Operating System (ROS).

2019-01-16
Hossain, Mahmud, Karim, Yasser, Hasan, Ragib.  2018.  SecuPAN: A Security Scheme to Mitigate Fragmentation-Based Network Attacks in 6LoWPAN. Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy. :307–318.
6LoWPAN is a widely used protocol for communication over IPV6 Low-power Wireless Personal Area Networks. Unfortunately, the 6LoWPAN packet fragmentation mechanism possesses vulnerabilities that adversaries can exploit to perform network attacks. Lack of fragment authentication, payload integrity verification, and sender IP address validation lead to fabrication, duplication, and impersonation attacks. Moreover, adversaries can abuse the poor reassembly buffer management technique of the 6LoWPAN layer to perform buffer exhaustion and selective forwarding attacks. In this paper, we propose SecuPAN - a security scheme for mitigating fragmentation-based network attacks in 6LoWPAN networks and devices. We propose a Message Authentication Code based per-fragment integrity and authenticity verification scheme to defend against fabrication and duplication attacks. We also present a mechanism for computing datagram-tag and IPv6 address cryptographically to mitigate impersonation attacks. Additionally, our reputation-based buffer management scheme protects 6LoWPAN devices from buffer reservation attacks. We provide an extensive security analysis of SecuPAN to demonstrate that SecuPAN is secure against strong adversarial scenarios. We also implemented a prototype of SecuPAN on Contiki enabled IoT devices and provided a performance analysis of our proposed scheme.