The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Security threats such as jamming and route manipulation can have significant consequences on the performance of modern wireless networks. To increase the efficacy and stealthiness of such threats, a number of extremely challenging, next-generation cross-layer attacks have been recently unveiled. Although existing research has thoroughly addressed many single-layer attacks, the problem of detecting...
A major limitation of mobile Crowd Sourcing (CS) applications is the generation of false (or spam) contributions due to selfish and malicious behaviors of users, or wrong perception of an event. Such false contributions induce loss of revenue through disbursement of undue incentives and also negatively affects the application's operational reliability. In this work, we propose a reputation model,...
Precision agriculture relies on real-time data gathering and analysis to maximize yield, minimize environmental impact and reduce cost, which has been envisioned as a new paradigm to revolutionize modern agriculture. However, the collection of farming data, especially geospatial data, raises concerns about potential privacy leakage. In this paper, we propose a novel scalable and private continual...
Information-centric networking (ICN), a strong candidate for future internet architecture, consists of two kinds of packets, interest and data packets, both of which carry the name of data content to be requested (or delivered). The data packet is associated with a public key signature so that the data receiver can verify the data packet's correctness, integrity and provenance. Certificate-based signature...
We show that it is possible to achieve information theoretic location privacy for secondary users (SUs) in database-driven cognitive radio networks (CRNs) with an end-to-end delay less than a second, which is significantly better than that of the existing alternatives offering only a computational privacy. This is achieved based on a keen observation that, by the requirement of Federal Communications...
Passive operating system fingerprinting reveals valuable information to the defenders of heterogeneous private networks; at the same time, attackers can use fingerprinting to reconnoiter networks, so defenders need obfuscation techniques to foil them. We present an effective approach for passive fingerprinting that uses data features from TLS as well as the TCP/IP and HTTP protocols in a multi-session...
The database-driven CRN has emerged as a promising solution for the spectrum scarcity issue. However, it also raises severe privacy concerns. Although there are some existing works on this topic, they are far from practical due to their restrict on particular database structures or extremely heavy computation and communication overhead. To address these issues, in this paper we develop two practical...
Fundamental limits of covert communication have been studied for different models of scalar channels. It was shown that, over n independent channel uses, O(√n) bits can transmitted reliably over a public channel while achieving an arbitrarily low probability of detection (LPD) by other stations. This result is well known as the square-root law and even to achieve this diminishing rate of covert communication,...
Future automated vehicles will rely on V2V communication to exchange information about their motion states and take corresponding control actions, to enhance road safety and efficiency. Evaluating the trustworthiness of such data in a VANET is critical as malicious vehicles may inject false data which will undermine the benefits of V2V communication and lead to severe consequences, such as collisions...
Traditional deception-based cyber defenses often undertake reactive strategies that utilize decoy systems or services for attack detection and information gathering. Unfortunately, the effectiveness of these defense mechanisms has been largely constrained by the low decoy fidelity, the poor scalability of decoy platform, and the static decoy configurations, which allow the attackers to identify and...
Dynamic spectrum access (DSA) has been envisioned to become the key to solving worldwide spectrum shortage. However, the open nature of wireless medium brings severe threats to the DSA system resulting from unauthorized access. Specifically, unauthorized secondary user (SU) utilizes the licensed spectrum by faking/replaying the spectrum permit, which will not only introduce severe interference to...
Accurate Channel State Information (CSI) is a key requirement for massive MIMO to achieve multi-fold increases in throughput and secrecy rate. Consequently, an adversary targeting the channel sounding process has the potential to significantly degrade performance. In this paper, we first present and model the Pilot Distortion Attack, a simple but devastating jamming strategy in which the adversary...
Honeynet is a network architecture that utilizes multiple honeypots to deceive attackers and analyze their malicious behaviors. However, existing honeynet has not evolved much since its latest architecture, Gen-III, which was proposed in 2004. Meanwhile, security threats and techniques used by adversaries have been continuously advanced. As a result, honeypot architecture is suffering from its limited...
Dynamic spectrum access (DSA) enables secondary users (SUs) to access the underutilized licensed spectrum when the primary users (PUs) are absent and is a key solution to address the worldwide spectrum scarcity and improve the spectrum utilization. Database-driven DSA is a popular DSA paradigm and has been approved by FCC. In a database-driven DSA system, a spectrum service provider (SPP) accepts...
LTE is a globally deployed standard. CSFB (Circuit Switched Fallback) is one of the major voice solutions in LTE network. We found one vulnerability in CSFB where the authentication step is missing. This allows an attacker to impersonate a victim. We named this attack as ‘Ghost Telephonist’. The consequence of this attack include: (1) The attacker can impersonate the callee and obtain the content...
Research on gesture passwords suggest they are highly usable and secure, leading them to be proposed as a strong alternative authentication method for touchscreen devices. However, studies demonstrate that user-chosen gesture passwords are biased towards familiar symbols, increasing the risk of guessing. Prior work on gesture elicitation focuses on creating sets with high overlap, but gesture passwords...
In vehicular networks, each message is signed by the generating node to ensure accountability for the contents of that message. For privacy reasons, each vehicle uses a collection of certificates, which for accountability reasons are linked at a central authority. One such design is the Security Credential Management System (SCMS) [1], which is the leading credential management system in the US. The...
The wireless boundaries of networks are becoming increasingly important from a security standpoint as the proliferation of 802.11 WiFi technology increases. Concurrently, the complexity of 802.11 access point implementation is rapidly outpacing the standardization process. The result is that nascent wireless functionality management is left up to the individual provider's implementation, which creates...
Organizations developing cryptographic products face significant challenges, including usability and human factors, that may result in decreased security, increased development time, and missed opportunities to use the technology to its fullest potential. To better identify these challenges, we explored cryptographic development and testing practices by conducting a web-based survey of 121 individuals...
Increasing demand has led to wireless spectrum shortages, with many parts of the existing spectrum being heavily used. Dynamic spectrum access (DSA) has been proposed to allow cognitive radio networks to use existing spectrum more efficiently. It will allow secondary users to transmit on already allocated spectrum on a non-interference basis. Cognitive radios are able to change bandwidth and other...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.