Physical Sciences and Mathematics Commons^™

Localizing Sensor Networks In Un-Friendly Environments, Sriram Chellappan, Vamsi Paruchuri, Dylan Mcdonald, Arjan Durresi

Computer Science Faculty Research & Creative Works

In this paper, we study the issue of defending against a wireless sensor network (WSN) that has been deployed by a malicious enemy agent in an area of interest to us. While there can be many approaches to defend against maliciously deployed WSNs, we propose the design of a localization centric approach. Specifically, the problem we address is: given an enemy deployed WSN in an area of interest to us, how can we determine locations of the sensors without co-operating with the sensors themselves during localization. In our approach, we employ a physically mobile agent called the localizer (e.g., a …

Streaming Estimation Of Information-Theoretic Metrics For Anomaly Detection (Extended Abstract), Sergey Bratus, Joshua Brody, David Kotz, Anna Shubina

Dartmouth Scholarship

Information-theoretic metrics hold great promise for modeling traffic and detecting anomalies if only they could be computed in an efficient, scalable ways. Recent advances in streaming estimation algorithms give hope that such computations can be made practical. We describe our work in progress that aims to use streaming algorithms on 802.11a/b/g link layer (and above) features and feature pairs to detect anomalies.

A Secure Group Communication Architecture For Autonomous Unmanned Aerial Vehicles, Adrian N. Phillips, Barry E. Mullins, Richard Raines, Rusty O. Baldwin

Faculty Publications

This paper investigates the application of a secure group communication architecture to a swarm of autonomous unmanned aerial vehicles (UAVs). A multicast secure group communication architecture for the low earth orbit (LEO) satellite environment is evaluated to determine if it can be effectively adapted to a swarm of UAVs and provide secure, scalable, and efficient communications. The performance of the proposed security architecture is evaluated with two other commonly used architectures using a discrete event computer simulation developed using MATLAB. Performance is evaluated in terms of the scalability and efficiency of the group key distribution and management scheme when the …

Slides: Threats To Biological Diversity: Global, Continental, Local, J. Michael Scott

Shifting Baselines and New Meridians: Water, Resources, Landscapes, and the Transformation of the American West (Summer Conference, June 4-6)

Presenter: J. Michael Scott, U.S. Geological Survey, Idaho Cooperative Fish and Wildlife Research Unit, University of Idaho

38 slides

Poster Abstract: Reliable People-Centric Sensing With Unreliable Voluntary Carriers, Cory Cornelius, Apu Kapadia, David Kotz, Dan Peebles, Minho Shin, Patrick Tsang

Dartmouth Scholarship

As sensor technology becomes increasingly easy to integrate into personal devices such as mobile phones, clothing, and athletic equipment, there will be new applications involving opportunistic, people-centric sensing. These applications, which gather information about human activities and personal social context, raise many security and privacy challenges. In particular, data integrity is important for many applications, whether using traffic data for city planning or medical data for diagnosis. Although our AnonySense system (presented at MobiSys) addresses privacy in people-centric sensing, protecting data integrity in people-centric sensing still remains a challenge. Some mechanisms to protect privacy provide anonymity, and thus provide limited …

Anonysense: Opportunistic And Privacy-Preserving Context Collection, Apu Kapadia, Nikos Triandopoulos, Cory Cornelius, Dan Peebles, David Kotz

Dartmouth Scholarship

Opportunistic sensing allows applications to “task” mobile devices to measure context in a target region. For example, one could leverage sensor-equipped vehicles to measure traffic or pollution levels on a particular street, or users' mobile phones to locate (Bluetooth-enabled) objects in their neighborhood. In most proposed applications, context reports include the time and location of the event, putting the privacy of users at increased risk—even if a report has been anonymized, the accompanying time and location can reveal sufficient information to deanonymize the user whose device sent the report. \par We propose AnonySense, a general-purpose architecture for leveraging users' mobile …

Detecting 802.11 Mac Layer Spoofing Using Received Signal Strength, Yong Sheng, Keren Tan, Guanling Chen, David Kotz, Andrew T. Campbell

Dartmouth Scholarship

MAC addresses can be easily spoofed in 802.11 wireless LANs. An adversary can exploit this vulnerability to launch a large number of attacks. For example, an attacker may masquerade as a legitimate access point to disrupt network services or to advertise false services, tricking nearby wireless stations. On the other hand, the received signal strength (RSS) is a measurement that is hard to forge arbitrarily and it is highly correlated to the transmitter's location. Assuming the attacker and the victim are separated by a reasonable distance, RSS can be used to differentiate them to detect MAC spoofing, as recently proposed …

Refocusing In 802.11 Wireless Measurement, Udayan Deshpande, Chris Mcdonald, David Kotz

Dartmouth Scholarship

The edge of the Internet is increasingly wireless. To understand the Internet, one must understand the edge, and yet the measurement of wireless networks poses many new challenges. IEEE 802.11 networks support multiple wireless channels and any monitoring technique involves capturing traffic on each of these channels to gather a representative sample of frames from the network. We call this procedure \emphchannel sampling, in which each sniffer visits each channel periodically, resulting in a sample of the traffic on each of the channels. \par This sampling approach may be sufficient, for example, for a system administrator or anomaly detection module …

Issues Common To Australian Critical Infrastructure Providers Scada Networks Discovered Through Computer And Network Vulnerability Analysis, Craig Valli

Australian Digital Forensics Conference

This paper reports on generic issues discovered as a result of conducting computer and network vulnerability assessments (CNVA) on Australian critical infrastructure providers. Generic issues discovered included policy, governance, IT specific such as segregation, patching and updating. Physical security was also lacking in some cases. Another issue was that previous security audits had failed to identify any of these issues. Of major concern is that despite education and awareness programs, and a body of knowledge referring to these issues, they are still occurring. It may be necessary for the federal government to force organisations to undergo computer and network vulnerability …

Virtual Environments Support Insider Security Violations, Iain Swanson, Patricia A.H. Williams

Australian Digital Forensics Conference

This paper describes an investigation into how an employee using a virtual environment can circumvent any or all of the security, policies and procedures within an organization. The paper discusses the fundamental issues that organizations must address to be able to detect such an attack. Attacks of this nature may be malicious with intent to cause disruption by flooding the network or disabling specific equipment, or non-malicious by quietly gathering critical information such as user names and passwords or a colleague’s internet banking details. Identification of potential residual evidence following an attack is presented. Such evidence may be used to …

Active Behavioral Fingerprinting Of Wireless Devices, Sergey Bratus, Cory Cornelius, David Kotz, Dan Peebles

Dartmouth Scholarship

We propose a simple active method for discovering facts about the chipset, the firmware or the driver of an 802.11 wireless device by observing its responses (or lack thereof) to a series of crafted non-standard or malformed 802.11 frames. We demonstrate that such responses can differ significantly enough to distinguish between a number of popular chipsets and drivers. We expect to significantly expand the number of recognized device types through community contributions of signature data for the proposed open fingerprinting framework. Our method complements known fingerprinting approaches, and can be used to interrogate and spot devices that may be spoofing …

Enhanced Security For Preventing Man-In-The-Middle Attacks In Authentication, Dataentry And Transaction Verification, Jason Wells, Damien Hutchinson, Justin Pierce

Australian Information Security Management Conference

There is increasing coverage in the literature highlighting threats to online financial systems. Attacks range from the prevalent reverse social engineering technique known as phishing; where spam emails are sent to customers with links to fake websites, to Trojans that monitor a customer’s account log on process that captures authentication details that are later replayed for financial gain. This ultimately results in loss of monetary funds for affected victims. As technological advances continue to influence the way society makes payment for goods and services, the requirement for more advanced security approaches for transaction verification in the online environment increases. This …

Evaluating The Usability Impacts Of Security Interface Adjustments In Word 2007, M Helala, S M. Furnell, M Papadaki

Australian Information Security Management Conference

Prior research has suggested that integrating security features with user goals and increasing their visibility would improve the usability of the associated functionalities. This paper investigates how these approaches affect the efficiency of use and the level of user satisfaction. The user interface of Word 2007 was modified according to these principles, with usability tests being conducted with both the original and the modified user interfaces. The results suggest that integrating security features with user goals improves the efficiency of use, but the impacts upon user satisfaction cannot be clearly identified based on the collected data. No indications of any …

Mitigating Dos Attacks Against Broadcast Authentication In Wireless Sensor Networks, Peng Ning, An Liu, Wenliang Du

Electrical Engineering and Computer Science - All Scholarship

Broadcast authentication is a critical security service in wireless sensor networks. There are two general approaches for broadcast authentication in wireless sensor networks: digital signatures and µTESLA-based techniques. However, both signature-based and µTESLA-based broadcast authentication are vulnerable to Denial of Services (DoS) attacks: An attacker can inject bogus broadcast packets to force sensor nodes to perform expensive signature verifications (in case of signature-based broadcast authentication) or packet forwarding (in case of µTESLA-based broadcast authentication), thus exhausting their limited battery power. This paper presents an efficient mechanism called message specific puzzle to mitigate such DoS attacks. In addition to signature-based or …

Privacy-Maxent: Integrating Background Knowledge In Privacy Quantification, Wenliang Du, Zhouxuan Teng, Zutao Zhu

Electrical Engineering and Computer Science - All Scholarship

Privacy-Preserving Data Publishing (PPDP) deals with the publication of microdata while preserving people’s private information in the data. To measure how much private information can be preserved, privacy metrics is needed. An essential element for privacy metrics is the measure of how much adversaries can know about an individual’s sensitive attributes (SA) if they know the individual’s quasi-identifiers (QI), i.e., we need to measure P(SA | QI). Such a measure is hard to derive when adversaries’ background knowledge has to be considered. We propose a systematic approach, Privacy-MaxEnt, to integrate background knowledge in privacy quantification. Our approach is based on …

The Social Impact Of National Security Technologies: Epassports, E911 And Mobile Alerts, Holly Tootell

Faculty of Informatics - Papers (Archive)

This paper explores the adoption of emerging technologies for the purposes of national security. The three technologies chosen were ePassports, E911 and mobile alerts. The study uses a content analysis methodology drawing on popular media documentation to extract the major social and technological impacts of the technologies on citizens as they were reported. The find i ngs of the study indicate that reactions to the three technologies differed. ePassports were considered vastly different to E911 and mobile alerting predominantly because they were seen to be a controlling technology, whereas E911 and mobile alerting were viewed to be about safety and …

National Security And The Misology-Misanthropy Paradox Of Technology, George M. Mickhail

Faculty of Informatics - Papers (Archive)

The evolution of computing did not only result in the disengagement of thepopulace from its technological complexity, but also their submission to thedivine ability of 'scientists', who understand the mathematical complexityof information technologies. Socrates argued that both 'misanthropy' and'misology' stem from 'faith' placed in unreliable people and unsoundarguments. Such misplaced faith in surveillance technologies and theirprotractors, for example, often results in disengagement from debate, whichto Socrates was the antithesis to truth and wisdom. This paper explores howsociety is opting out of debate through the machinations of a neoconservativecredo that purports reason. Under the guise of freedom and democracy, suchdogma often …

Anti-Phishing Models: Main Challenges, Edina Hatunic-Webster

Conference papers

Phishing is a form of online identity theft in which the attacker attempts to fraudulently retrieve a legitimate user's account information, logon credentials or identity information in general. The compromised information is then used for withdrawing money online, taking out cash advances, or making purchases of goods and services on the accounts. Various solutions have been proposed and developed in response to phishing. As phishing is a business problem, the solutions target both non-technical and technical areas. This paper investigates the current anti-phishing solutions and critically reviews their usage, security weaknesses and their effectiveness. The analysis of these models points …