Biblio

A rapid rise in cyber-attacks on Cyber Physical Systems (CPS) has been observed in the last decade. It becomes even more concerning that several of these attacks were on critical infrastructures that indeed succeeded and resulted into significant physical and financial damages. Experimental testbeds capable of providing flexible, scalable and interoperable platform for executing various cybersecurity experiments is highly in need by all stakeholders. A container-based SCADA testbed is presented in this work as a potential platform for executing cybersecurity experiments. Through this testbed, a network traffic containing ARP spoofing is generated that represents a Man in the middle (MITM) attack. While doing so, scanning of different systems within the network is performed which represents a reconnaissance attack. The network traffic generated by both ARP spoofing and network scanning are captured and further used for preparing a dataset. The dataset is utilized for training a network classification model through a machine learning algorithm. Performance of the trained model is evaluated through a series of tests where promising results are obtained.

Named Data Networking (NDN) is a content-centric networking, where the publisher of the packet signs and encapsulates the data packet with a name-content-signature encryption to verify the authenticity and integrity of itself. This scheme can solve many of the security issues inherently compared to IP networking. NDN also support mobility since it hides the point-to-point connection details. However, an extreme attack takes place when an NDN consumer newly connects to a network. A Man-in-the-middle (MITM) malicious node can block the consumer and keep intercepting the interest packets sent out so as to fake the corresponding data packets signed with its own private key. Without knowledge and trust to the network, the NDN consumer can by no means perceive the attack and thus exposed to severe security and privacy hazard. In this paper, the Name-Signature Lookup System (NSLS) and corresponding Name-Signature Lookup Protocol (NSLP) is introduced to verify packets with their registered genuine publisher even in an untrusted network with the help of embedded keys inside Network Interface Controller (NIC), by which attacks like MITM is eliminated. A theoretical analysis of comparing NSLS with existing security model is provided. Digest algorithm SHA-256 and signature algorithm RSA are used in the NSLP model without specific preference.

In network communication domain, one of the most widely used protocol for encrypting data and securing communications is the IPSec protocol. The design of this protocol is based on two main phases which are: exchanging keys phase and transferring data phase. In this paper we focus on enhancing the exchanging keys phase which is included in the security association (SA), using a chaotic cryptosystem. Initially IPSec is based on the Internet Key Exchange (IKE) protocol for establishing the SA. Actually IKE protocol is in charge for negotiating the connection and for authenticating both nodes. However; using IKE gives rise to a major problem related to security attack such as the Man in the Middle Attack. In this paper, we propose a chaotic cryptosystem solution to generate SA file for the connected nodes of the network. By solving a 4-Dimension chaotic system, a SA file that includes 128-bit keys will be established. The proposed solution is implemented and tested using FPGA boards.

The ad-hoc network formed by Bluetooth works on radio frequency links. The security aspect of Bluetooth has to be handled more carefully. The radio frequency waves have a characteristic that the waves can pierce the obstructions in the communication path, get rid of the requirement of line of sight between the communicating devices. We propose a software model of man-in-the-middle attack along with unauthorized and authorized transmitter and receiver. Advanced White Gaussian Noise channel is simulated in the designed architecture. The transmitter uses Gaussian Frequency Shift Keying (GFSK) modulation like in Bluetooth. The receiver uses GFSK demodulation. In order to validate the performance of the designed system, bit error rate (BER) measurements are taken with respect to different time intervals. We found that BER drops roughly 18% if hopping duration of 150 seconds is chosen. We propose that a Bluetooth system with hopping rate of 0.006 Hz is used instead of 10Hz.

Cryptographic protocols are the basis for the security of any protected system, including the electronic voting system. One of the most effective ways to analyze protocol security is to use verifiers. In this paper, the formal verifier SPIN was used to analyze the security of the cryptographic protocol for e-voting, which is based on model checking using linear temporal logic (LTL). The cryptographic protocol of electronic voting is described. The main structural units of the Promela language used for simulation in the SPIN verifier are described. The model of the electronic voting protocol in the language Promela is given. The interacting parties, transferred data, the order of the messages transmitted between the parties are described. Security of the cryptographic protocol using the SPIN tool is verified. The simulation of the protocol with active intruder using the man in the middle attack (MITM) to substitute data is made. In the simulation results it is established that the protocol correctly handles the case of an active attack on the parties' authentication.

In network communication domain, one of the most widely used protocol for encrypting data and securing communications is the IPSec protocol. The design of this protocol is based on two main phases which are: exchanging keys phase and transferring data phase. In this paper we focus on enhancing the exchanging keys phase which is included in the security association (SA), using a chaotic cryptosystem. Initially IPSec is based on the Internet Key Exchange (IKE) protocol for establishing the SA. Actually IKE protocol is in charge for negotiating the connection and for authenticating both nodes. However; using IKE gives rise to a major problem related to security attack such as the Man in the Middle Attack. In this paper, we propose a chaotic cryptosystem solution to generate SA file for the connected nodes of the network. By solving a 4-Dimension chaotic system, a SA file that includes 128-bit keys will be established. The proposed solution is implemented and tested using FPGA boards.

The privacy of people on internet is getting reduced day by day. Data records of many prestigious organizations are getting corrupted due to computer malwares. Computer viruses are becoming more advanced. Hackers are able penetrate into a network and able to manipulate data. In this paper, describes the types of malwares like Trojans, boot sector virus, polymorphic virus, etc., and some of the hacking techniques which include DOS attack, DDoS attack, brute forcing, man in the middle attack, social engineering, information gathering tools, spoofing, sniffing. Counter measures for cyber attacks include VPN, proxy, tor (browser), firewall, antivirus etc., to understand the need of cyber security.

In this paper, we address the fundamental problem of securely bootstrapping a group of wireless devices to a hub, when none of the devices share prior associations (secrets) with the hub or between them. This scenario aligns with the secure deployment of body area networks, IoT, medical devices, industrial automation sensors, autonomous vehicles, and others. We develop VERSE, a physical-layer group message integrity verification primitive that effectively detects advanced wireless signal manipulations that can be used to launch man-in-the-middle (MitM) attacks over wireless. Without using shared secrets to establish authenticated channels, such attacks are notoriously difficult to thwart and can undermine the authentication and key establishment processes. VERSE exploits the existence of multiple devices to verify the integrity of the messages exchanged within the group. We then use VERSE to build a bootstrapping protocol, which securely introduces new devices to the network. Compared to the state-of-the-art, VERSE achieves in-band message integrity verification during secure pairing using only the RF modality without relying on out-of-band channels or extensive human involvement. It guarantees security even when the adversary is capable of fully controlling the wireless channel by annihilating and injecting wireless signals. We study the limits of such advanced wireless attacks and prove that the introduction of multiple legitimate devices can be leveraged to increase the security of the pairing process. We validate our claims via theoretical analysis and extensive experimentations on the USRP platform. We further discuss various implementation aspects such as the effect of time synchronization between devices and the effects of multipath and interference. Note that the elimination of shared secrets, default passwords, and public key infrastructures effectively addresses the related key management challenges when these are considered at scale.

Applying security to the transmitted image is very important issues, because the transmission channel is open and can be compromised by attackers. To secure this channel from the eavesdropping attack, man in the middle attack, and so on. A new hybrid encryption image mechanism that utilize triangular scrambling, DNA encoding and chaotic map is implemented. The scheme takes a master key with a length of 320 bit, and produces a group of sub-keys with two length (32 and 128 bit) to encrypt the blocks of images, then a new triangular scrambling method is used to increase the security of the image. Many experiments are implemented using several different images. The analysis results for these experiments show that the security obtained on by using the proposed method is very suitable for securing the transmitted images. The current work has been compared with other works and the result of comparison shows that the current work is very strong against attacks.