Visible to the public Biblio

Filters: Keyword is Spoofing  [Clear All Filters]
2023-03-31
Fan, Wenjun, Wuthier, Simeon, Hong, Hsiang-Jen, Zhou, Xiaobo, Bai, Yan, Chang, Sang-Yoon.  2022.  The Security Investigation of Ban Score and Misbehavior Tracking in Bitcoin Network. 2022 IEEE 42nd International Conference on Distributed Computing Systems (ICDCS). :191–201.
Bitcoin P2P networking is especially vulnerable to networking threats because it is permissionless and does not have the security protections based on the trust in identities, which enables the attackers to manipulate the identities for Sybil and spoofing attacks. The Bitcoin node keeps track of its peer’s networking misbehaviors through ban scores. In this paper, we investigate the security problems of the ban-score mechanism and discover that the ban score is not only ineffective against the Bitcoin Message-based DoS (BM-DoS) attacks but also vulnerable to the Defamation attack as the network adversary can exploit the ban score to defame innocent peers. To defend against these threats, we design an anomaly detection approach that is effective, lightweight, and tailored to the networking threats exploiting Bitcoin’s ban-score mechanism. We prototype our threat discoveries against a real-world Bitcoin node connected to the Bitcoin Mainnet and conduct experiments based on the prototype implementation. The experimental results show that the attacks have devastating impacts on the targeted victim while being cost-effective on the attacker side. For example, an attacker can ban a peer in two milliseconds and reduce the victim’s mining rate by hundreds of thousands of hash computations per second. Furthermore, to counter the threats, we empirically validate our detection countermeasure’s effectiveness and performances against the BM-DoS and Defamation attacks.
ISSN: 2575-8411
2023-03-17
Colter, Jamison, Kinnison, Matthew, Henderson, Alex, Schlager, Stephen M., Bryan, Samuel, O’Grady, Katherine L., Abballe, Ashlie, Harbour, Steven.  2022.  Testing the Resiliency of Consumer Off-the-Shelf Drones to a Variety of Cyberattack Methods. 2022 IEEE/AIAA 41st Digital Avionics Systems Conference (DASC). :1–5.
An often overlooked but equally important aspect of unmanned aerial system (UAS) design is the security of their networking protocols and how they deal with cyberattacks. In this context, cyberattacks are malicious attempts to monitor or modify incoming and outgoing data from the system. These attacks could target anywhere in the system where a transfer of data occurs but are most common in the transfer of data between the control station and the UAS. A compromise in the networking system of a UAS could result in a variety of issues including increased network latency between the control station and the UAS, temporary loss of control over the UAS, or a complete loss of the UAS. A complete loss of the system could result in the UAS being disabled, crashing, or the attacker overtaking command and control of the platform, all of which would be done with little to no alert to the operator. Fortunately, the majority of higher-end, enterprise, and government UAS platforms are aware of these threats and take actions to mitigate them. However, as the consumer market continues to grow and prices continue to drop, network security may be overlooked or ignored in favor of producing the lowest cost product possible. Additionally, these commercial off-the-shelf UAS often use uniform, standardized frequency bands, autopilots, and security measures, meaning a cyberattack could be developed to affect a wide variety of models with minimal changes. This paper will focus on a low-cost educational-use UAS and test its resilience to a variety of cyberattack methods, including man-in-the-middle attacks, spoofing of data, and distributed denial-of-service attacks. Following this experiment will be a discussion of current cybersecurity practices for counteracting these attacks and how they can be applied onboard a UAS. Although in this case the cyberattacks were tested against a simpler platform, the methods discussed are applicable to any UAS platform attempting to defend against such cyberattack methods.
ISSN: 2155-7209
2023-02-24
Li, Yubing, Yang, Wei, Zhou, Zhou, Liu, Qingyun, Li, Zhao, Li, Shu.  2022.  P4-NSAF: defending IPv6 networks against ICMPv6 DoS and DDoS attacks with P4. ICC 2022 - IEEE International Conference on Communications. :5005—5010.
Internet Protocol Version 6 (IPv6) is expected for widespread deployment worldwide. Such rapid development of IPv6 may lead to safety problems. The main threats in IPv6 networks are denial of service (DoS) attacks and distributed DoS (DDoS) attacks. In addition to the similar threats in Internet Protocol Version 4 (IPv4), IPv6 has introduced new potential vulnerabilities, which are DoS and DDoS attacks based on Internet Control Message Protocol version 6 (ICMPv6). We divide such new attacks into two categories: pure flooding attacks and source address spoofing attacks. We propose P4-NSAF, a scheme to defend against the above two IPv6 DoS and DDoS attacks in the programmable data plane. P4-NSAF uses Count-Min Sketch to defend against flooding attacks and records information about IPv6 agents into match tables to prevent source address spoofing attacks. We implement a prototype of P4-NSAF with P4 and evaluate it in the programmable data plane. The result suggests that P4-NSAF can effectively protect IPv6 networks from DoS and DDoS attacks based on ICMPv6.
2022-06-15
Fan, Wenjun, Hong, Hsiang-Jen, Wuthier, Simeon, Zhou, Xiaobo, Bai, Yan, Chang, Sang-Yoon.  2021.  Security Analyses of Misbehavior Tracking in Bitcoin Network. 2021 IEEE International Conference on Blockchain and Cryptocurrency (ICBC). :1–3.
Because Bitcoin P2P networking is permissionless by the application requirement, it is vulnerable against networking threats based on identity/credential manipulations such as Sybil and spoofing attacks. The current Bitcoin implementation keeps track of its peer's networking misbehaviors through ban score. In this paper, we investigate the security problems of the ban-score mechanism and discover that the ban score is not only ineffective against the Bitcoin Message-based DoS attacks but also vulnerable to a Defamation attack. In the Defamation attack, the network adversary can exploit the ban-score mechanism to defame innocent peers.
2021-11-29
Mizuta, Takanobu.  2020.  How Many Orders Does a Spoofer Need? - Investigation by Agent-Based Model - 2020 7th International Conference on Behavioural and Social Computing (BESC). :1–4.
Most financial markets prohibit unfair trades as they reduce efficiency and diminish the integrity of the market. Spoofers place orders they have no intention of trading in order to manipulate market prices and profit illegally. Most financial markets prohibit such spoofing orders; however, further clarification is still needed regarding how many orders a spoofer needs to place in order to manipulate market prices and profit. In this study I built an artificial market model (an agent-based model for financial markets) to show how unbalanced buy and sell orders affect the expected returns, and I implemented the spoofer agent in the model. I then investigated how many orders the spoofer needs to place in order to manipulate market prices and profit illegally. The results indicate that showing more spoofing orders than waiting orders in the order book enables the spoofer to earn illegally, amplifies price fluctuation, and reduces the efficiency of the market.
2021-05-13
Gomathi, S., Parmar, Nilesh, Devi, Jyoti, Patel, Namrata.  2020.  Detecting Malware Attack on Cloud using Deep Learning Vector Quantization. 2020 12th International Conference on Computational Intelligence and Communication Networks (CICN). :356—361.

In recent times cloud services are used widely and due to which there are so many attacks on the cloud devices. One of the major attacks is DDos (distributed denial-of-service) -attack which mainly targeted the Memcached which is a caching system developed for speeding the websites and the networks through Memcached's database. The DDoS attack tries to destroy the database by creating a flood of internet traffic at the targeted server end. Attackers send the spoofing applications to the vulnerable UDP Memcached server which even manipulate the legitimate identity of the sender. In this work, we have proposed a vector quantization approach based on a supervised deep learning approach to detect the Memcached attack performed by the use of malicious firmware on different types of Cloud attached devices. This vector quantization approach detects the DDoas attack performed by malicious firmware on the different types of cloud devices and this also classifies the applications which are vulnerable to attack based on cloud-The Hackbeased services. The result computed during the testing shows the 98.2 % as legally positive and 0.034% as falsely negative.

2020-09-04
Asish, Madiraju Sairam, Aishwarya, R..  2019.  Cyber Security at a Glance. 2019 Fifth International Conference on Science Technology Engineering and Mathematics (ICONSTEM). 1:240—245.
The privacy of people on internet is getting reduced day by day. Data records of many prestigious organizations are getting corrupted due to computer malwares. Computer viruses are becoming more advanced. Hackers are able penetrate into a network and able to manipulate data. In this paper, describes the types of malwares like Trojans, boot sector virus, polymorphic virus, etc., and some of the hacking techniques which include DOS attack, DDoS attack, brute forcing, man in the middle attack, social engineering, information gathering tools, spoofing, sniffing. Counter measures for cyber attacks include VPN, proxy, tor (browser), firewall, antivirus etc., to understand the need of cyber security.
2017-05-19
Jansen, Kai, Tippenhauer, Nils Ole, Pöpper, Christina.  2016.  Multi-receiver GPS Spoofing Detection: Error Models and Realization. Proceedings of the 32Nd Annual Conference on Computer Security Applications. :237–250.

Spoofing is a serious threat to the widespread use of Global Navigation Satellite Systems (GNSSs) such as GPS and can be expected to play an important role in the security of many future IoT systems that rely on time, location, or navigation information. In this paper, we focus on the technique of multi-receiver GPS spoofing detection, so far only proposed theoretically. This technique promises to detect malicious spoofing signals by making use of the reported positions of several GPS receivers deployed in a fixed constellation. We scrutinize the assumptions of prior work, in particular the error models, and investigate how these models and their results can be improved due to the correlation of errors at co-located receiver positions. We show that by leveraging spatial noise correlations, the false acceptance rate of the countermeasure can be improved while preserving the sensitivity to attacks. As a result, receivers can be placed significantly closer together than previously expected, which broadens the applicability of the countermeasure. Based on theoretical and practical investigations, we build the first realization of a multi-receiver countermeasure and experimentally evaluate its performance both in authentic and in spoofing scenarios.

2017-04-03
Moser, Daniel, Leu, Patrick, Lenders, Vincent, Ranganathan, Aanjhan, Ricciato, Fabio, Capkun, Srdjan.  2016.  Investigation of Multi-device Location Spoofing Attacks on Air Traffic Control and Possible Countermeasures. Proceedings of the 22Nd Annual International Conference on Mobile Computing and Networking. :375–386.

Multilateration techniques have been proposed to verify the integrity of unprotected location claims in wireless localization systems. A common assumption is that the adversary is equipped with only a single device from which it transmits location spoofing signals. In this paper, we consider a more advanced model where the attacker is equipped with multiple devices and performs a geographically distributed coordinated attack on the multilateration system. The feasibility of a distributed multi-device attack is demonstrated experimentally with a self-developed attack implementation based on multiple COTS software-defined radio (SDR) devices. We launch an attack against the OpenSky Network, an air traffic surveillance system that implements a time-difference-of-arrival (TDoA) multi-lateration method for aircraft localization based on ADS-B signals. Our experiments show that the timing errors for distributed spoofed signals are indistinguishable from the multilateration errors of legitimate aircraft signals, indicating that the threat of multi-device spoofing attacks is real in this and other similar systems. In the second part of this work, we investigate physical-layer features that could be used to detect multi-device attacks. We show that the frequency offset and transient phase noise of the attacker's radio devices can be exploited to discriminate between a received signal that has been transmitted by a single (legitimate) transponder or by multiple (malicious) spoofing sources. Based on that, we devise a multi-device spoofing detection system that achieves zero false positives and a false negative rate below 1%.

2015-02-23
Robert Zager, John Zager.  2013.  Combat Identification in Cyberspace.

This article discusses how a system of Identification: Friend or Foe (IFF) can be implemented in email to make users less susceptible to phishing attacks.