Pub Date : 2019-10-01DOI: 10.1109/CSNet47905.2019.9108923
Anika Anwar, Talal Halabi, Mohammad Zulkernine
Automated and connected vehicle technologies are among the most heavily researched automotive technologies. As a part of an Intelligent Transportation System (ITS), connected vehicles provide useful information to drivers and the infrastructure to help make safer and more informed decisions. However, vehicle connectivity has made the ITS more vulnerable to security attacks that can endanger vehicle’s security as well as driver’s safety. Sybil attack is a very common attack, considered dangerous in a distributed network with no centralized authority. When launched against connected vehicles, it consists of controlling a set of vehicles with forged or fake identities to try to alter the measurements and data collected by the ITS, leading to sub-optimal decisions. In this paper, we provide a cloud-based detection scheme for connected vehicles against such an attack. Contrary to the previous distributed solutions in the literature, this paper presents a cloud-based solution that integrates a cloud-based authorization unit to authenticate legitimate nodes using symmetric cryptography and real-time location tracking. As a centralized authentication system, cloud computing is more reliable and secure in managing the vehicle as a device than any other infrastructure in the vehicular network and can provide real-time visibility. A trust evaluation approach is also integrated into the scheme to drive the decisions of the vehicles concerning potential collaborations. The performed experiment and security analysis show the efficacy of our proposed cloud-based solution in terms of detection rate, complexity and system requirements.
{"title":"Cloud-based Sybil Attack Detection Scheme for Connected Vehicles","authors":"Anika Anwar, Talal Halabi, Mohammad Zulkernine","doi":"10.1109/CSNet47905.2019.9108923","DOIUrl":"https://doi.org/10.1109/CSNet47905.2019.9108923","url":null,"abstract":"Automated and connected vehicle technologies are among the most heavily researched automotive technologies. As a part of an Intelligent Transportation System (ITS), connected vehicles provide useful information to drivers and the infrastructure to help make safer and more informed decisions. However, vehicle connectivity has made the ITS more vulnerable to security attacks that can endanger vehicle’s security as well as driver’s safety. Sybil attack is a very common attack, considered dangerous in a distributed network with no centralized authority. When launched against connected vehicles, it consists of controlling a set of vehicles with forged or fake identities to try to alter the measurements and data collected by the ITS, leading to sub-optimal decisions. In this paper, we provide a cloud-based detection scheme for connected vehicles against such an attack. Contrary to the previous distributed solutions in the literature, this paper presents a cloud-based solution that integrates a cloud-based authorization unit to authenticate legitimate nodes using symmetric cryptography and real-time location tracking. As a centralized authentication system, cloud computing is more reliable and secure in managing the vehicle as a device than any other infrastructure in the vehicular network and can provide real-time visibility. A trust evaluation approach is also integrated into the scheme to drive the decisions of the vehicles concerning potential collaborations. The performed experiment and security analysis show the efficacy of our proposed cloud-based solution in terms of detection rate, complexity and system requirements.","PeriodicalId":350566,"journal":{"name":"2019 3rd Cyber Security in Networking Conference (CSNet)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124363633","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-10-01DOI: 10.1109/CSNet47905.2019.9108966
Nour El Madhoun, Julien Hatin, E. Bertin
Blockchain technology is today proposed as a new technical infrastructure for several types of IT applications. This interest is due to its unique property that allows two entities to perform transactions, in a very secure manner, without going through a TTP. However, a blockchain comes along a number of other intrinsic properties, which may not be suitable or beneficial in all the envisaged application cases. Consequently, we propose in this paper a decision tree to identify when a blockchain may be the appropriate technical infrastructure for a given IT application, and when another system (centralized or distributed peer-to-peer) is more adapted. This tree is based on a comparative study between the blockchain and classical "centralized and distributed peer-to-peer" systems.
{"title":"Going Beyond the Blockchain Hype: In Which Cases are Blockchains Useful for IT Applications?","authors":"Nour El Madhoun, Julien Hatin, E. Bertin","doi":"10.1109/CSNet47905.2019.9108966","DOIUrl":"https://doi.org/10.1109/CSNet47905.2019.9108966","url":null,"abstract":"Blockchain technology is today proposed as a new technical infrastructure for several types of IT applications. This interest is due to its unique property that allows two entities to perform transactions, in a very secure manner, without going through a TTP. However, a blockchain comes along a number of other intrinsic properties, which may not be suitable or beneficial in all the envisaged application cases. Consequently, we propose in this paper a decision tree to identify when a blockchain may be the appropriate technical infrastructure for a given IT application, and when another system (centralized or distributed peer-to-peer) is more adapted. This tree is based on a comparative study between the blockchain and classical \"centralized and distributed peer-to-peer\" systems.","PeriodicalId":350566,"journal":{"name":"2019 3rd Cyber Security in Networking Conference (CSNet)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125684257","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-10-01DOI: 10.1109/CSNet47905.2019.9108973
El-hacen Diallo, Alexandre Laubé, K. A. Agha, Steven Martin
Blockchain is a great tool that provides a scalable data ledger ensuring integrity of the registered data. The validation of the blocks integrated in the blockchain can be fully distributed using a voting mechanism. This article proposes to use the blockchain as a distributed database to store information in different nodes of an ad hoc network. The main issue resides in the volume of resources needed to validate and store the blocks. We propose a distributed blockchain with k resiliency, instead of a full replication, over the nodes to reduce the overall used memory and bandwidth while providing robustness through data duplication.
{"title":"Efficient Block replication to optimize the blockchain resources","authors":"El-hacen Diallo, Alexandre Laubé, K. A. Agha, Steven Martin","doi":"10.1109/CSNet47905.2019.9108973","DOIUrl":"https://doi.org/10.1109/CSNet47905.2019.9108973","url":null,"abstract":"Blockchain is a great tool that provides a scalable data ledger ensuring integrity of the registered data. The validation of the blocks integrated in the blockchain can be fully distributed using a voting mechanism. This article proposes to use the blockchain as a distributed database to store information in different nodes of an ad hoc network. The main issue resides in the volume of resources needed to validate and store the blocks. We propose a distributed blockchain with k resiliency, instead of a full replication, over the nodes to reduce the overall used memory and bandwidth while providing robustness through data duplication.","PeriodicalId":350566,"journal":{"name":"2019 3rd Cyber Security in Networking Conference (CSNet)","volume":"878 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130605901","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-10-01DOI: 10.1109/CSNet47905.2019.9108949
A. Deljoo, R. Koning, T. Engers, L. Gommans, C. D. Laat
To enable effective collaboration, trust in the ability of an alliance member to adequately perform joined tasks is an essential element. Such trust needs to be organized, evaluated and maintained amongst all alliance members. In this paper, we present a social computational trust model (SCTM) to evaluate trust as featured by alliance members. Specifically, we consider three different distinctive trustworthiness elements: competence, benevolence ,and integrity. To evaluate the trust of a particular member, we take into account two sources of evidence as well as the context of interactions between the parties. Based on our SCTM model, we have developed an algorithm that ranks the members based on their capabilities, behavior, and integrity in the context of a task that is expected to be performed. A cybersecurity alliance case study is presented to demonstrate the applicability of the SCTM model. Experimental results from a real-world testbed are used to validate the presented SCTM model in selecting the right partner to defend against cyberattacks.
{"title":"Managing Effective Collaboration in Cybersecurity Alliances Using Social Computational Trust","authors":"A. Deljoo, R. Koning, T. Engers, L. Gommans, C. D. Laat","doi":"10.1109/CSNet47905.2019.9108949","DOIUrl":"https://doi.org/10.1109/CSNet47905.2019.9108949","url":null,"abstract":"To enable effective collaboration, trust in the ability of an alliance member to adequately perform joined tasks is an essential element. Such trust needs to be organized, evaluated and maintained amongst all alliance members. In this paper, we present a social computational trust model (SCTM) to evaluate trust as featured by alliance members. Specifically, we consider three different distinctive trustworthiness elements: competence, benevolence ,and integrity. To evaluate the trust of a particular member, we take into account two sources of evidence as well as the context of interactions between the parties. Based on our SCTM model, we have developed an algorithm that ranks the members based on their capabilities, behavior, and integrity in the context of a task that is expected to be performed. A cybersecurity alliance case study is presented to demonstrate the applicability of the SCTM model. Experimental results from a real-world testbed are used to validate the presented SCTM model in selecting the right partner to defend against cyberattacks.","PeriodicalId":350566,"journal":{"name":"2019 3rd Cyber Security in Networking Conference (CSNet)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133595653","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-10-01DOI: 10.1109/CSNet47905.2019.9108947
Firas Al-Doghman, Z. Chaczko, Wayne Brookes, L. C. Gordon
The current interest about the *nternet of Things (IoT) evokes the establishment of infinite services giving huge, active, and varied information sets. Within it, an enormous mass of heterogeneous data are generated and interchanged by billions of device which can yield to an enormous information traffic jam and affects network efficiency. To get over this issue, there’s a necessity for an effective, smart, distributed, and in-network technique that uses a cooperative effort to aggregate data along the pathway from the network edge to its sink. we tend to propose an information organization blueprint that systematizes data aggregation and transmission within the bounds of the Edge domain from the front-end until the Cloud. A social consensus technique obtained by applying statistical analysis is employed within the blueprint to get and update a policy concerning a way to aggregate and transmit data according to the order of information consumption inside the network. The Propose technique, consensus Aggregation, uses statistical Machine Learning to consolidate the approach and appraise its performance. inside the normal operation of the approach, data aggregation is performed with the utilization of data distribution. A notable information delivery efficiency was obtained with a nominal loss in precision as the blueprint was tested inside a particular environment as a case study. The conclusion of the strategy showed that the consensus approach overcome the individual ones in several directions.
{"title":"Social Consensus-inspired Aggregation Algorithms for Edge Computing","authors":"Firas Al-Doghman, Z. Chaczko, Wayne Brookes, L. C. Gordon","doi":"10.1109/CSNet47905.2019.9108947","DOIUrl":"https://doi.org/10.1109/CSNet47905.2019.9108947","url":null,"abstract":"The current interest about the *nternet of Things (IoT) evokes the establishment of infinite services giving huge, active, and varied information sets. Within it, an enormous mass of heterogeneous data are generated and interchanged by billions of device which can yield to an enormous information traffic jam and affects network efficiency. To get over this issue, there’s a necessity for an effective, smart, distributed, and in-network technique that uses a cooperative effort to aggregate data along the pathway from the network edge to its sink. we tend to propose an information organization blueprint that systematizes data aggregation and transmission within the bounds of the Edge domain from the front-end until the Cloud. A social consensus technique obtained by applying statistical analysis is employed within the blueprint to get and update a policy concerning a way to aggregate and transmit data according to the order of information consumption inside the network. The Propose technique, consensus Aggregation, uses statistical Machine Learning to consolidate the approach and appraise its performance. inside the normal operation of the approach, data aggregation is performed with the utilization of data distribution. A notable information delivery efficiency was obtained with a nominal loss in precision as the blueprint was tested inside a particular environment as a case study. The conclusion of the strategy showed that the consensus approach overcome the individual ones in several directions.","PeriodicalId":350566,"journal":{"name":"2019 3rd Cyber Security in Networking Conference (CSNet)","volume":"876 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134218703","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-10-01DOI: 10.1109/CSNet47905.2019.9108961
Diego Oña, Lenín Zapata, Walter Fuertes, Germán E. Rodríguez, Eduardo Benavides, T. Toulkeridis
The main aim of the current study has been to provide a novel tool for detecting phishing attacks and finding a solution to counteract such types of threats. In this article we describe the process of how to develop a Scrum-based implementation of algorithms for automatic learning, Feature Selection and Neural Networks. This tool has the ability to detect and mitigate a phishing attack registered inside the e-mail server. For the validation of the obtained results, we have used the source of information of blacklist of PhishTank, which is a collaborative clearing house for data and information about phishing on the Internet. The conducted proof of concept demonstrated that the implemented feature selection algorithm discards the irrelevant characteristics of electronic mail and, that the neural network algorithm adopts these characteristics, establishing an optimal level of learning without redundancies. It also reveals the functionality of the proposed solution.
{"title":"Phishing Attacks: Detecting and Preventing Infected E-mails Using Machine Learning Methods","authors":"Diego Oña, Lenín Zapata, Walter Fuertes, Germán E. Rodríguez, Eduardo Benavides, T. Toulkeridis","doi":"10.1109/CSNet47905.2019.9108961","DOIUrl":"https://doi.org/10.1109/CSNet47905.2019.9108961","url":null,"abstract":"The main aim of the current study has been to provide a novel tool for detecting phishing attacks and finding a solution to counteract such types of threats. In this article we describe the process of how to develop a Scrum-based implementation of algorithms for automatic learning, Feature Selection and Neural Networks. This tool has the ability to detect and mitigate a phishing attack registered inside the e-mail server. For the validation of the obtained results, we have used the source of information of blacklist of PhishTank, which is a collaborative clearing house for data and information about phishing on the Internet. The conducted proof of concept demonstrated that the implemented feature selection algorithm discards the irrelevant characteristics of electronic mail and, that the neural network algorithm adopts these characteristics, establishing an optimal level of learning without redundancies. It also reveals the functionality of the proposed solution.","PeriodicalId":350566,"journal":{"name":"2019 3rd Cyber Security in Networking Conference (CSNet)","volume":"93 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128711568","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-10-01DOI: 10.1109/CSNet47905.2019.9108979
M. Malowidzki, Damian Hermanowski, P. Berezinski
Attack graphs are a relatively new – at least, from the point of view of a practical usage – method for modeling multistage cyber-attacks. They allow to understand how seemingly unrelated vulnerabilities may be combined together by an attacker to form a chain of hostile actions that enable to compromise a key resource. An attack graph is also the starting point for providing recommendations for corrective actions that would fix or mask security problems and prevent the attacks. In the paper, we propose TAG, a topological attack graph analysis tool designed to support a user in a security evaluation and countermeasure selection. TAG employs an improved version of MulVAL inference engine, estimates a security level on the basis of attack graph and attack paths scoring, and recommends remedial actions that improve the security of the analyzed system.
{"title":"TAG: Topological Attack Graph Analysis Tool","authors":"M. Malowidzki, Damian Hermanowski, P. Berezinski","doi":"10.1109/CSNet47905.2019.9108979","DOIUrl":"https://doi.org/10.1109/CSNet47905.2019.9108979","url":null,"abstract":"Attack graphs are a relatively new – at least, from the point of view of a practical usage – method for modeling multistage cyber-attacks. They allow to understand how seemingly unrelated vulnerabilities may be combined together by an attacker to form a chain of hostile actions that enable to compromise a key resource. An attack graph is also the starting point for providing recommendations for corrective actions that would fix or mask security problems and prevent the attacks. In the paper, we propose TAG, a topological attack graph analysis tool designed to support a user in a security evaluation and countermeasure selection. TAG employs an improved version of MulVAL inference engine, estimates a security level on the basis of attack graph and attack paths scoring, and recommends remedial actions that improve the security of the analyzed system.","PeriodicalId":350566,"journal":{"name":"2019 3rd Cyber Security in Networking Conference (CSNet)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115439278","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-10-01DOI: 10.1109/CSNet47905.2019.9108955
José David Vega Sánchez, L. Urquiza-Aguiar, M. C. Paredes
Physical-layer security is emerging approach that can benefit conventional encryption methods. The main idea of physical layer security is to take advantage of the features of the wireless channel and its impairments in order to ensure secure communication in the physical layer. This paper provides a comprehensive review of information-theoretic measures of the secrecy performance in physical layer security. In addition, our work survey research about physical layer security over several enabling 5G technologies, such as massive multiple-input multiple-output, millimeter wave communications, heterogeneous networks, and full-duplex, including the key concepts of each of the aforementioned technologies. Finally, future research directions and technical challenges of physical layer security are identified.
{"title":"Physical Layer Security for 5G Wireless Networks: A Comprehensive Survey","authors":"José David Vega Sánchez, L. Urquiza-Aguiar, M. C. Paredes","doi":"10.1109/CSNet47905.2019.9108955","DOIUrl":"https://doi.org/10.1109/CSNet47905.2019.9108955","url":null,"abstract":"Physical-layer security is emerging approach that can benefit conventional encryption methods. The main idea of physical layer security is to take advantage of the features of the wireless channel and its impairments in order to ensure secure communication in the physical layer. This paper provides a comprehensive review of information-theoretic measures of the secrecy performance in physical layer security. In addition, our work survey research about physical layer security over several enabling 5G technologies, such as massive multiple-input multiple-output, millimeter wave communications, heterogeneous networks, and full-duplex, including the key concepts of each of the aforementioned technologies. Finally, future research directions and technical challenges of physical layer security are identified.","PeriodicalId":350566,"journal":{"name":"2019 3rd Cyber Security in Networking Conference (CSNet)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123748749","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-10-01DOI: 10.1109/CSNet47905.2019.9108978
O. Cros, Gabriel Chênevert
The Controller Area Network (CAN) bus is an embedded network infrastructure especially used in automotive and aerospace contexts. It is well-known for its reliability but, due to historical and architectural reasons, authentication solutions were not integrated in the protocol itself. In particular, it does not integrate solutions of protection against external attackers. This can lead to data transitting through the network without any identity control and can quickly lead to backdoors allowing external attackers to take control of a vehicle, even while driving. Authentication solutions exist for CAN, but are often based on additional protocol layers or consume too much resources. The point of this paper is to propose an authentication solution in CAN based on a hashing mechanism that could be integrated in CAN standard protocol.
{"title":"Hashing-based authentication for CAN bus and application to Denial-of-Service protection","authors":"O. Cros, Gabriel Chênevert","doi":"10.1109/CSNet47905.2019.9108978","DOIUrl":"https://doi.org/10.1109/CSNet47905.2019.9108978","url":null,"abstract":"The Controller Area Network (CAN) bus is an embedded network infrastructure especially used in automotive and aerospace contexts. It is well-known for its reliability but, due to historical and architectural reasons, authentication solutions were not integrated in the protocol itself. In particular, it does not integrate solutions of protection against external attackers. This can lead to data transitting through the network without any identity control and can quickly lead to backdoors allowing external attackers to take control of a vehicle, even while driving. Authentication solutions exist for CAN, but are often based on additional protocol layers or consume too much resources. The point of this paper is to propose an authentication solution in CAN based on a hashing mechanism that could be integrated in CAN standard protocol.","PeriodicalId":350566,"journal":{"name":"2019 3rd Cyber Security in Networking Conference (CSNet)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116421782","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: