Biblio

The availability of number of open-source hacking tools over the internet and many hacking tools in-built with the Kali Linux operating system led to easy understanding and performing hacking by individuals. Even though, hacking the Wi-Fi passwords is considered a tedious task with open-source tools, they can be hacked easily with phishing. Phishing involves tricking the users with malicious emails and obtaining sensitive information from them. This paper describes the different wireless security protocols and tools for hacking wireless networks. A python script is developed which can be sent as phishing to get all the SSID's and passwords to which the system has been connected. The script has been executed and the results are presented.

In this paper, internet is among the basic necessities of life. Internet has changed each and everybody's lives. So confidentiality of messages is very important over the internet. Steganography is the science of sending secret messages between the sender and intended receiver. It is such a technique that makes the exchange of covert messages possible. Each time a carrier is to be used for achieving steganography. The carrier plays a major role in establishing covert communication channel. This survey paper introduces steganography and its carriers. This paper concentrates on network protocols to be used as a carrier of steganograms. There are a number of protocols available to do so in the networks. Network steganography describes various methods used for transmitting data over a network without it being detected. Most of the methods proposed for hiding data in a network do not offer an additional protection to the covert data as it is sent as plain text. This paper presents a framework that offers the protection to the covert data by encrypting it and compresses it for gain in efficiency.

The co-existence between Internet Protocol (IP) and Named-Data Networking (NDN) protocol is inevitable during the transition period. We propose a privacy-preserving translation method between IP and NDN called the dual-channel translation gateway. The gateway provides two different channels dedicated to the interest and the data packet to translate the IP to the NDN protocol and vice versa. Additionally, the name resolution table is provided at the gateway that binds an IP packet securely with a prefix name. Moreover, we compare the dual-channel gateway performance with the encapsulation gateway.

It is important to ensure source location privacy (SLP) protection in safety-critical monitoring applications. Also, to achieve effective long-term monitoring, it is essential to design SLP protocols with high energy efficiency and energy balancing. Therefore, this study proposes a new phantom with angle (PwA) protocol. The PwA protocol employs dynamic routing paths which are designed to achieve SLP protection with energy efficiency and energy balancing. Analysis results reveal that the PwA protocol exhibits superior performance features to outperform existing protocols by achieving high levels of SLP protection for time petime periods. The results confirm that the PwA protocol is practical in long-term monitoring systems.riods. The results confirm that the PwA protocol is practical in long-term monitoring systems.

Wireless Sensor Networks (WSNs) and their implementations have been the subject of numerous studies over the last two decades. WSN gathers, processes, and distributes wireless data to the database storage center. This study aims to explain the four main components of sensor nodes and the mechanism of WSN's. WSNs have 5 available types that will be discussed and explained in this paper. In addition to that, shortest path routing will be thoroughly analyzed. In “The Protocol”. Reconfigurable logic applications have grown in number and complexity. Shortest path routing is a method of finding paths through a network with the least distance or other cost metric. The efficiency of the shortest path protocol mechanism and the reliability of encryption are both present which adds security and accuracy of location privacy and message delivery. There are different forms of key management, such as symmetric and asymmetric encryption, each with its own set of processing techniques. The use of encryption technique to secure sensor nodes is addressed, as well as how we overcame the problem with the aid of advanced techniques. Our major findings are that adding more security doesn't cost much and by cost we mean energy consumption, throughput and latency.

Wireless sensor networks (WSNs) have gained increasing popularity in ubiquitous support of sensing system services. Often, WSNs are energy-constrained and they are deployed in harsh and unattended environments. Consequently, WSNs are vulnerable to energy and environmental factors. To ensure secure and reliable operations in safety-critical monitoring WSNs, it is important to guarantee energy-efficient communications, location privacy protection, and reliability. Fake packet-based source location privacy (SLP) protocols are known to be energy-inefficient. Therefore, in this study, we investigate the impact of energy-inefficient communications on the privacy performance of the fake packet-based SLP protocols. Experiment results show that the protocols achieve short-term and less reliable SLP protection.

In this paper we tackle the open paradoxical challenge of FPGA-accelerated cloud computing: On one hand, clients aim to secure their Intellectual Property (IP) by encrypting their configuration bitstreams prior to uploading them to the cloud. On the other hand, cloud service providers disallow the use of encrypted bitstreams to mitigate rogue configurations from damaging or disabling the FPGA. Instead, cloud providers require a verifiable check on the hardware design that is intended to run on a cloud FPGA at the netlist-level before generating the bitstream and loading it onto the FPGA, therefore, contradicting the IP protection requirement of clients. Currently, there exist no practical solution that can adequately address this challenge.We present the first practical solution that, under reasonable trust assumptions, satisfies the IP protection requirement of the client and provides a bitstream sanity check to the cloud provider. Our proof-of-concept implementation uses existing tools and commodity hardware. It is based on a trusted FPGA shell that utilizes less than 1% of the FPGA resources on a Xilinx VCU118 evaluation board, and an Intel SGX machine running the design checks on the client bitstream.

The paper proposes ways to solve the problem of secure remote access to telecommunications’ equipment. The purpose of the study is to develop a set of procedures to ensure secure interaction while working remotely with Cisco equipment using the SSH protocol. This set of measures is a complete list of measures which ensures security of remote connection to a corporate computer network using modern methods of cryptography and network administration technologies. It has been tested on the GNS3 software emulator and Cisco telecommunications equipment and provides a high level of confidentiality and integrity of remote connection to a corporate computer network. In addition, the study detects vulnerabilities in the IOS operating system while running SSH service and suggests methods for their elimination.

To bring Internet-grade security to billions of IoT devices and make them first-class Internet citizens, IoT devices must move away from pre-shared keys to digital certificates. Public Key Infrastructure, PKI, the digital certificate management solution on the Internet, is inevitable to bring certificate-based security to IoT. Recent research efforts has shown the feasibility of PKI for IoT using Internet security protocols. New and proposed standards enable IoT devices to implement more lightweight solutions for application layer security, offering real end-to-end security also in the presence of proxies.In this paper we present LICE, an application layer enrollment protocol for IoT, an important missing piece before certificate-based security can be used with new IoT standards such as OSCORE and EDHOC. Using LICE, enrollment operations can complete by consuming less than 800 bytes of data, less than a third of the corresponding operations using state-of-art EST-coaps over DTLS. To show the feasibility of our solution, we implement and evaluate the protocol on real IoT hardware in a lossy low-power radio network environment.

Modern IoT infrastructure consists of different sub-systems, devices, applications, platforms, varied connectivity protocols with distinct operating environments scattered across different subsystems within the whole network. Each of these subsystems of the global system has its peculiar computational and security challenges. A security loophole in one subsystem has a directly negative impact on the security of the whole system. The nature and intensity of recent cyber-attacks within IoT networks have increased in recent times. Blockchain technology promises several security benefits including a decentralized authentication mechanism that addresses almost readily the challenges with a centralized authentication mechanism that has the challenges of introducing a single point of failure that affects data and system availability anytime such systems are compromised. The different design specifications and the unique functional requirements for most IoT devices require a strong yet universal authentication mechanism for multimedia data that assures an additional security layer to IoT data. In this paper, the authors propose a decentralized authentication to validate data integrity at the IoT node level. The proposed mechanism guarantees integrity, privacy, and availability of IoT node data.

Federated Identity Management (FIM) is a model of identity management in which different trusted organizations can provide secure online services to their uses. Security Assertion Markup Language (SAML) is one of the widely-used technologies for FIM. However, a SAML-based FIM has two significant issues: the metadata (a crucial component in SAML) has security issues, and federation management is hard to scale. The concept of dynamic identity federation has been introduced, enabling previously unknown entities to join in a new federation facilitating inter-organization service provisioning to address federation management's scalability issue. However, the existing dynamic federation approaches have security issues concerning confidentiality, integrity, authenticity, and transparency. In this paper, we present the idea of facilitating dynamic identity federations utilizing blockchain technology to improve the existing approaches' security issues. We demonstrate its architecture based on a rigorous threat model and requirement analysis. We also discuss its implementation details, current protocol flows and analyze its performance to underline its applicability.

Existing digital identity management systems fail to deliver the desirable properties of control by the users of their own identity data, credibility of disclosed identity data, and network-level anonymity. The recently proposed Self-Sovereign Identity (SSI) approach promises to give users these properties. However, we argue that without addressing privacy at the network level, SSI systems cannot deliver on this promise. In this paper we present the design and analysis of our solution TCID, created in collaboration with the Dutch government. TCID is a system consisting of a set of components that together satisfy seven functional requirements to guarantee the desirable system properties. We show that the latency incurred by network-level anonymization in TCID is significantly larger than that of identity data disclosure protocols but is still low enough for practical situations. We conclude that current research on SSI is too narrowly focused on these data disclosure protocols.

In the industrial control system, in order to solve the problem that the installation of smart devices in a transparent environment are faced with the unknown attack problems, because most of the industrial control equipment to detect unknown risks, Therefore, by studying the security protection of the current industrial control system and the trust mechanism that should be widely used in the Internet of things, this paper presents the abnormal node detection mode based on comprehensive trust applied to the industrial control system scenarios. This model firstly proposes a model, which fuses direct and indirect trust values into current trust values through support algorithm and vector similarity algorithm, and then combines them with historical trust values, and gives the calculation method of each trust value. Finally, a method to determine abnormal nodes based on comprehensive trust degree is given to realize a detection process for all industrial control nodes. By analyzing the real data case provided by Melbourne Water, it is concluded that this model can improve the detection range and detection accuracy of abnormal nodes. It can accurately judge and effectively resist malicious behavior and also have a good resistance to aggression.

Industrial Control System (ICS) communication transmits monitoring and control data between industrial processes and the control station. ICS systems cover various domains of critical infrastructure such as the power plants, water and gas distribution, or aerospace traffic control. Security of ICS systems is usually implemented on the perimeter of the network using ICS enabled firewalls or Intrusion Detection Systems (IDSs). These techniques are helpful against external attacks, however, they are not able to effectively detect internal threats originating from a compromised device with malicious software. In order to mitigate or eliminate internal threats against the ICS system, we need to monitor ICS traffic and detect suspicious data transmissions that differ from common operational communication. In our research, we obtain ICS monitoring data using standardized IPFIX flows extended with meta data extracted from ICS protocol headers. Unlike other anomaly detection approaches, we focus on modelling the semantics of ICS communication obtained from the IPFIX flows that describes typical conversational patterns. This paper presents a technique for modelling ICS conversations using frequency prefix trees and Deterministic Probabilistic Automata (DPA). As demonstrated on the attack scenarios, these models are efficient to detect common cyber attacks like the command injection, packet manipulation, network scanning, or lost connection. An important advantage of our approach is that the proposed technique can be easily integrated into common security information and event management (SIEM) systems with Netflow/IPFIX support. Our experiments are performed on IEC 60870-5-104 (aka IEC 104) control communication that is widely used for the substation control in smart grids.

The critical nature of smart grids (SGs) attracts various network attacks and malicious manipulations. Existent SG solutions are less capable of ensuring secure and trustworthy operation. This is due to the large-scale nature of SGs and reliance on network protocols for trust management. A particular example of such severe attacks is the false data injection (FDI). FDI refers to a network attack, where meters' measurements are manipulated before being reported in such a way that the energy system takes flawed decisions. In this paper, we exploit the secure nature of blockchains to construct a data management framework based on public blockchain. Our framework enables trustworthy data storage, verification, and exchange between SG components and decision-makers. Our proposed system enables miners to invest their computational power to verify blockchain transactions in a fully distributed manner. The mining logic employs machine learning (ML) techniques to identify the locations of compromised meters in the network, which are responsible for generating FDI attacks. In return, miners receive virtual credit, which may be used to pay their electric bills. Our design circumvents single points of failure and intentional FDI attempts. Our numerical results compare the accuracy of three different ML-based mining logic techniques in two scenarios: focused and distributed FDI attacks for different attack levels. Finally, we proposed a majority-decision mining technique for the practical case of an unknown FDI attack level.

Contact tracing is a particularly important part of health care and is often overlooked or forgotten up until right when it is needed the most. With the wave of technological achievements in the last decade, a digital perspective for aid in contact tracing was a natural development from traditional contact tracing. When COVID-19 was categorized as a pandemic, the need for modernized contact tracing solutions became apparent, and highly sought after. Solutions using the Bluetooth protocol and/or Global Positioning System data (GPS) were hastily made available to the public in nations all over the world. These solutions quickly became criticized by privacy experts as being potential tools for tracking.

The fusion of peer-to-peer (P2P) fog network and the traditional three-tier fog computing architecture allows fog devices to conjointly pool their resources together for improved service provisioning and better bandwidth utilization. However, any unauthorized access to the fog network may have calamitous consequences. In this paper, a new lightweight two-party authenticated and key agreement (AKA) protocol is proposed for fog-to-fog collaboration. The security analysis of the protocol reveals that it is resilient to possible attacks. Moreover, the validation of the protocol conducted using the broadly-accepted Automated Verification of internet Security Protocols and Applications (AVISPA) shows that it is safe for practical deployment. The performance evaluation in terms of computation and communication overheads demonstrates its transcendence over the state-of-the-art protocols.

The convergence of Internet of Things (IoT) and cloud computing is due to the practical necessity for providing broader services to extensive user in distinct environments. However, cloud computing has numerous constraints for applications that require high-mobility and high latency, notably in adversarial situations (e.g. battlefields). These limitations can be elevated to some extent, in a fog computing model because it covers the gap between remote data-center and edge device. Since, the fog nodes are usually installed in remote areas, therefore, they impose the design of fool proof safety solution for a fog-based setting. Thus, to ensure the security and privacy of fog-based environment, numerous schemes have been developed by researchers. In the recent past, Jia et al. (Wireless Networks, DOI: 10.1007/s11276-018-1759-3) designed a fog-based three-party scheme for healthcare system using bilinear. They claim that their scheme can withstand common security attacks. However, in this work we investigated their scheme and show that their scheme has different susceptibilities such as revealing of secret parameters, and fog node impersonation attack. Moreover, it lacks the anonymity of user anonymity and has inefficient login phase. Consequently, we have suggestion with some necessary guidelines for attack resilience that are unheeded by Jia et al.

Blockchain is becoming more popular because of its decentralized, secured, and transparent nature. Supply chain and its management is indispensable to improve customer services, reduce operating costs and improve financial position of a firm. Integration of blockchain and supply chain is substantial, but it alone is not enough for the sustainability of supply chain systems. The proposed mechanism speaks about the method of rewarding the supply chain parties with incentives so as to improve the security and make the integration of supply chain with blockchain sustainable. The proposed incentive mechanism employs the co-operative approach of game theory where all the supply chain parties show a cooperative behavior of following the blockchain-based supply chain protocols and also this mechanism makes a fair attempt in rewarding the supply chain parties with incentives.

PCIe (Peripheral Component Interconnect express) protocol is the de facto protocol to bridge CPU and peripheral devices like GPU, NIC, and SSD drive. There is an increasing demand to install more peripheral devices on a single machine, but the PCIe interfaces offered by Intel CPUs are fixed. To resolve such contention, PCIe switch, PCH (Platform Controller Hub), or virtualization cards are installed on the machine to allow multiple devices to share a PCIe interface. Congestion happens when the collective PCIe traffic from the devices overwhelm the PCIe link capacity, and transmission delay is then introduced.In this work, we found the PCIe delay not only harms device performance but also leaks sensitive information about a user who uses the machine. In particular, as user’s activities might trigger data movement over PCIe (e.g., between CPU and GPU), by measuring PCIe congestion, an adversary accessing another device can infer the victim’s secret indirectly. Therefore, the delay resulted from I/O congestion can be exploited as a side-channel. We demonstrate the threat from PCIe congestion through 2 attack scenarios and 4 victim settings. Specifically, an attacker can learn the workload of a GPU in a remote server by probing a RDMA NIC that shares the same PCIe switch and measuring the delays. Based on the measurement, the attacker is able to know the keystroke timings of the victim, what webpage is rendered on the GPU, and what machine-learning model is running on the GPU. Besides, when the victim is using a low-speed device, e.g., an Ethernet NIC, an attacker controlling an NVMe SSD can launch a similar attack when they share a PCH or virtualization card. The evaluation result shows our attack can achieve high accuracy (e.g., 96.31% accuracy in inferring webpage visited by a victim).

The ongoing trend of moving data and computation to the cloud is met with concerns regarding privacy and protection of intellectual property. Cloud Service Providers (CSP) must be fully trusted to not tamper with or disclose processed data, hampering adoption of cloud services for many sensitive or critical applications. As a result, CSPs and CPU manufacturers are rushing to find solutions for secure and trustworthy outsourced computation in the Cloud. While enclaves, like Intel SGX, are strongly limited in terms of throughput and size, AMD’s Secure Encrypted Virtualization (SEV) offers hardware support for transparently protecting code and data of entire VMs, thus removing the performance, memory and software adaption barriers of enclaves. Through attestation of boot code integrity and means for securely transferring secrets into an encrypted VM, CSPs are effectively removed from the list of trusted entities. There have been several attacks on the security of SEV, by abusing I/O channels to encrypt and decrypt data, or by moving encrypted code blocks at runtime. Yet, none of these attacks have targeted the attestation protocol, the core of the secure computing environment created by SEV. We show that the current attestation mechanism of Zen 1 and Zen 2 architectures has a significant flaw, allowing us to manipulate the loaded code without affecting the attestation outcome. An attacker may abuse this weakness to inject arbitrary code at startup–and thus take control over the entire VM execution, without any indication to the VM’s owner. Our attack primitives allow the attacker to do extensive modifications to the bootloader and the operating system, like injecting spy code or extracting secret data. We present a full end-to-end attack, from the initial exploit to leaking the key of the encrypted disk image during boot, giving the attacker unthrottled access to all of the VM’s persistent data.

This work describes a concept for extending the Network Time Security (NTS) protocol to enable implementation- independent communication between the NTS key establishment (NTS-KE) server and the connected time server(s). It Alls a specification gap left by RFC 8915 for securing the Network Time Protocol (NTP) and enables the centralized and public deployment of an NTS key management server that can support both secured NTP and secured PTP.

Auto-magnetizing (AutoMag) liners 1 have demonstrated strong precompressed axial magnetic field production (\textbackslashtextgreater100 T) and remarkable cylindrical implosion uniformity during experiments 2 on the Z accelerator. However, both axial field production and implosion uniformity require further optimization to support use of AutoMag targets in magnetized liner inertial fusion (MagLIF) experiments. Recent experimental study on the Mykonos accelerator has provided data on the initiation and evolution of dielectric flashover in AutoMag targets; these results have directly enabled advancement of magnetohydrodynamic (MHD) modeling protocols used to simulate AutoMag liner implosions. Using these modeling protocols, we executed three-dimensional MHD simulations focused on improving AutoMag target designs, specifically seeking to optimize axial magnetic field production and enhance cylindrical implosion uniformity for MagLIF. By eliminating the previously used driver current prepulse and reducing the helical gap widths in AutoMag liners, simulations indicate that the optimal 30-50 T range of precompressed axial magnetic field for MagLIF can be accomplished concurrently with improved cylindrical implosion uniformity, thereby enabling an optimally premagnetized magneto-inertial fusion implosion with high cylindrical uniformity.

Incast traffic is a many-to-one communication pattern used in many applications, including distributed storage, web-search with partition/aggregation design pattern, and MapReduce, commonly in data centers. It is generally composed of short-lived flows that may be queued behind large flows' packets in congested switches where performance degradation is observed. Smart buffering at the switch level is sensed to mitigate this issue by automatically and dynamically adapting to traffic conditions changes in the highly dynamic data center environment. But for this dynamic and smart buffer management to become effectively beneficial for all the traffic, and especially for incast the most critical one, incast performance models that provide insights on how various factors affect it are needed. The literature lacks these types of models. The existing ones are analytical models, which are either tightly coupled with a particular protocol version or specific to certain empirical data. Motivated by this observation, we propose a machine-learning-based incast performance inference. With this prediction capability, smart buffering scheme or other QoS optimization algorithms could anticipate and efficiently optimize system parameters adjustment to achieve optimal performance. Since applying machine learning to networks managed in a distributed fashion is hard, the prediction mechanism will be deployed on an SDN control plane. We could then take advantage of SDN's centralized global view, its telemetry capabilities, and its management flexibility.

The operation of the modern power grid is becoming increasingly reliant on its underlying communication network, especially within the context of the rapidly growing integration of Distributed Energy Resources (DERs). This tight cyber-physical coupling brings uncertainties and challenges for the power grid operation and control. To help operators manage the complex cyber-physical environment, ensure the integrity, and continuity of reliable grid operation, a two-stage approach is proposed that is compatible with current ICS protocols to improve the deliverability of time critical operations. With the proposed framework, the impact Denial of Service (DoS) attack can have on a Transmission Control Protocol (TCP) session could be effectively prevented and mitigated. This coordinated approach combines the efficiency of congestion window reconfiguration and the applicability of physical-only mitigation approaches. By expanding the state and action space to encompass both the cyber and physical domains. This approach has been proven to outperform the traditional, physical-only method, in multiple network congested scenarios that were emulated in a real-time cyber-physical testbed.