Biblio

The Manufacturer Usage Description (MUD) standard aims to reduce the attack surface for IoT devices by locking down their behavior to a formally-specified set of network flows (access control entries). Formal network behaviors can also be systematically and rigorously verified in any operating environment. Enforcing MUD flows and monitoring their activity in real-time can be relatively effective in securing IoT devices; however, its scope is limited to endpoints (domain names and IP addresses) and transport-layer protocols and services. Therefore, misconfigured or compromised IoTs may conform to their MUD-specified behavior but exchange unintended (or even malicious) contents across those flows. This paper develops PicP-MUD with the aim to profile the information content of packet payloads (whether unencrypted, encoded, or encrypted) in each MUD flow of an IoT device. That way, certain tasks like cyber-risk analysis, change detection, or selective deep packet inspection can be performed in a more systematic manner. Our contributions are twofold: (1) We analyze over 123K network flows of 6 transparent (e.g., HTTP), 11 encrypted (e.g., TLS), and 7 encoded (e.g., RTP) protocols, collected in our lab and obtained from public datasets, to identify 17 statistical features of their application payload, helping us distinguish different content types; and (2) We develop and evaluate PicP-MUD using a machine learning model, and show how we achieve an average accuracy of 99% in predicting the content type of a flow.

5G improves previous generations not only in terms of radio access but the whole infrastructure and services paradigm. Automation, dynamism and orchestration are now key features that allow modifying network behaviour, such as Virtual Network Functions (VNFs), and resource allocation reactively and on demand. However, such dynamic ecosystem must pay special attention to security while ensuring that the system actions are trustworthy and reliable. To this aim, this paper introduces the integration of the Manufacturer Usage Description (MUD) standard alongside a Trust and Reputation Manager (TRM) into the INSPIRE-5GPlus framework, enforcing security properties defined by MUD files while the whole infrastructure, virtual and physical, as well as security metrics are continuously audited to compute trust and reputation values. These values are later fed to enhance trustworthiness on the zero-touch decision making such as the ones orchestrating end-to-end security in a closed-loop.

The main information and communication systems (ICS) effectiveness parameters are: reliability, resiliency, network bandwidth, service quality, profitability and cost, malware protection, information security, etc. Most modern ICS refers to multiuser systems, which implement the most promising method of distributing subscribers (users), namely, the code distribution, at which, subscribers are provided with appropriate forms of discrete sequences (signatures). Since in multiuser systems, channels code division is based on signal difference, then the ICS construction and systems performance indicators are determined by the chosen signals properties. Distributed spectrum technology is the promising direction of information security for telecommunication systems. Currently used data generation and processing methods, as well as the broadband signal classes used as a physical data carrier, are not enough for the necessary level of information security (information secrecy, imitation resistance) as well as noise immunity (impedance reception, structural secrecy) of the necessary (for some ICS applications). In this case, discrete sequences (DS) that are based on nonlinear construction rules and have improved correlation, ensemble and structural properties should be used as DS that extend the spectrum (manipulate carrier frequency). In particular, with the use of such signals as the physical carrier of information or synchronization signals, the time expenditures on the disclosure of the signal structure used are increasing and the setting of "optima", in terms of the counteracting station, obstacles becomes problematic. Complex signals obtained on such sequences basis have structural properties, similar to random (pseudorandom) sequences, as well as necessary correlation and ensemble properties. For designing signals for applications applied for measuring delay time, signal detecting, synchronizing stations and etc, side-lobe levels of autocorrelation function (ACF) minimization is essential. In this paper, the problem of optimizing the synthesis of nonlinear discrete sequences, which have improved ensemble, structural and autocorrelation properties, is formulated and solved. The use of nonlinear discrete signals, which are formed on the basis of such sequences, will provide necessary values for impedance protection, structural and information secrecy of ICS operation. Increased requirements for ICS information security, formation and performance data in terms of internal and external threats (influences), determine objectively existing technical and scientific controversy to be solved is goal of this work.The paper presents the results of solving the actual problem of performance indicators improvements for information and communication systems, in particular secrecy, information security and noise immunity with interfering influences, based on the nonlinear discrete cryptographic signals (CS) new classes synthesis with the necessary properties.