Biblio

The 2021 T-Mobile breach conducted by John Erin Binns resulted in the theft of 54 million customers' personal data. The attacker gained entry into T-Mobile's systems through an unprotected router and used brute force techniques to access the sensitive information stored on the internal servers. The data stolen included names, addresses, Social Security Numbers, birthdays, driver's license numbers, ID information, IMEIs, and IMSIs. We analyze the data breach and how it opens the door to identity theft and many other forms of hacking such as SIM Hijacking. SIM Hijacking is a form of hacking in which bad actors can take control of a victim's phone number allowing them means to bypass additional safety measures currently in place to prevent fraud. This paper thoroughly reviews the attack methodology, impact, and attempts to provide an understanding of important measures and possible defense solutions against future attacks. We also detail other social engineering attacks that can be incurred from releasing the leaked data.

The problems of random numbers application to the information security of data, communication lines, computer units and automated driving systems are considered. The possibilities for making up quantum generators of random numbers and existing solutions for acquiring of sufficiently random sequences are analyzed. The authors found out the method for the creation of quantum generators on the basis of semiconductor electronic components. The electron-quantum generator based on electrons tunneling is experimentally demonstrated. It is shown that it is able to create random sequences of high security level and satisfying known NIST statistical tests (P-Value\textbackslashtextgreater0.9). The generator created can be used for formation of both closed and open cryptographic keys in computer systems and other platforms and has great potential for realization of random walks and probabilistic computing on the basis of neural nets and other IT problems.

A Local Area Network (LAN) consists of wireless mobile nodes that can communicate with each other through electromagnetic radio waves. Mobile Ad hoc Network (MANET) consists of mobile nodes, the network is infrastructure less. It dynamically self organizes in arbitrary and temporary network topologies. Security is extremely vital for MANET. Attacks pave way for security. Among all the potential attacks on MANET, detection of wormhole attack is very difficult.One malicious node receives packets from a particular location, tunnels them to a different contagious nodes situated in another location of the network and distorts the full routing method. All routes are converged to the wormhole established by the attackers. The complete routing system in MANET gets redirected. Many existing ways have been surveyed to notice wormhole attack in MANET. Our proposed methodology is a unique wormhole detection and prevention algorithm that shall effectively notice the wormhole attack in theMANET. Our notion is to extend the detection as well as the quantitative relation relative to the existing ways.

This paper proposes a method to detect two primary means of using the Domain Name System (DNS) for malicious purposes. We develop machine learning models to detect information exfiltration from compromised machines and the establishment of command & control (C&C) servers via tunneling. We validate our approach by experiments where we successfully detect a malware used in several recent Advanced Persistent Threat (APT) attacks [1]. The novelty of our method is its robustness, simplicity, scalability, and ease of deployment in a production environment.

In Mobile Ad hoc Network (MANET) is a self-organizing session of communication between wireless mobile nodes build up dynamically regardless of any established infrastructure or central authority. In MANET each node behaves as a sender, receiver and router which are connected directly with one another if they are within the range of communication or else will depend on intermediate node if nodes are not in the vicinity of each other (hop-to-hop). MANET, by nature are very open, dynamic and distributed which make it more vulnerable to various attacks such as sinkhole, jamming, selective forwarding, wormhole, Sybil attack etc. thus acute security problems are faced more related to rigid network. A Wormhole attack is peculiar breed of attack, which cause a consequential breakdown in communication by impersonating legitimate nodes by malicious nodes across a wireless network. This attack can even collapse entire routing system of MANET by specifically targeting route establishment process. Confidentiality and Authenticity are arbitrated as any cryptographic primitives are not required to launch the attack. Emphasizing on wormhole attack attributes and their defending mechanisms for detection and prevention are discussed in this paper.

This paper describes an approach for detecting the presence of domain name system (DNS) tunnels in network traffic. DNS tunneling is a common technique hackers use to establish command and control nodes and to exfiltrate data from networks. To generate the training data sufficient to build models to detect DNS tunneling activity, a penetration testing effort was employed. We extracted features from this data and trained random forest classifiers to distinguish normal DNS activity from tunneling activity. The classifiers successfully detected the presence of tunnels we trained on, and four other types of tunnels that were not a part of the training set.

In Mobile Ad hoc Network (MANET) is a self-organizing session of communication between wireless mobile nodes build up dynamically regardless of any established infrastructure or central authority. In MANET each node behaves as a sender, receiver and router which are connected directly with one another if they are within the range of communication or else will depend on intermediate node if nodes are not in the vicinity of each other (hop-to-hop). MANET, by nature are very open, dynamic and distributed which make it more vulnerable to various attacks such as sinkhole, jamming, selective forwarding, wormhole, Sybil attack etc. thus acute security problems are faced more related to rigid network. A Wormhole attack is peculiar breed of attack, which cause a consequential breakdown in communication by impersonating legitimate nodes by malicious nodes across a wireless network. This attack can even collapse entire routing system of MANET by specifically targeting route establishment process. Confidentiality and Authenticity are arbitrated as any cryptographic primitives are not required to launch the attack. Emphasizing on wormhole attack attributes and their defending mechanisms for detection and prevention are discussed in this paper.

Security in mobile handsets of telecommunication standards such as GSM, Project 25 and TETRA is very important, especially when governments and military forces use handsets and telecommunication devices. Although telecommunication could be quite secure by using encryption, coding, tunneling and exclusive channel, attackers create new ways to bypass them without the knowledge of the legitimate user. In this paper we introduce a new, simple and economical circuit to warn the user in cases where the message is not encrypted because of manipulation by attackers or accidental damage. This circuit not only consumes very low power but also is created to sustain telecommunication devices in aspect of security and using friendly. Warning to user causes the best practices of telecommunication devices without wasting time and energy for fault detection.