Sécurité et protection de la vie privée dans les systèmes embarqués automobiles / Security and privacy in automotive on-board networks

Schweppe, Hendrik

08 November 2012

L'équipement électronique de bord est maintenant devenue partie intégrante de l'architecture réseau des véhicules. Elle s’appuie sur l'interconnexion de microcontroleurs appelés ECUs par des bus divers. On commence maintenant à connecter ces ECUs au monde extérieur, comme le montrent les systèmes de navigation, de divertissement, ou de communication mobile embarqués, et les fonctionnalités Car2X. Des analyses récentes ont montré de graves vulnérabilités des ECUs et protocoles employés qui permettent à un attaquant de prendre le contrôle du véhicule. Comme les systèmes critiques du véhicule ne peuvent plus être complètement isolés, nous proposons une nouvelle approche pour sécuriser l'informatique embarquée combinant des mécanismes à différents niveaux de la pile protocolaire comme des environnements d'exécution. Nous décrivons nos protocoles sécurisés qui s'appuient sur une cryptographie efficace et intégrée au paradigme de communication dominant dans l'automobile et sur des modules de sécurité matériels fournissant un stockage sécurisé et un noyau de confiance. Nous décrivons aussi comment surveiller les flux d'information distribués dans le véhicule pour assurer une exécution conforme à la politique de sécurité des communications. L'instrumentation binaire du code, nécessaire pour l’industrialisation, est utilisée pour réaliser cette surveillance durant l’exécution (par data tainting) et entre ECUs (dans l’intergiciel). Nous évaluons la faisabilité de nos mécanismes pour sécuriser la communication sur le bus CAN aujourd'hui omniprésent dans les véhicules. Une preuve de concept montre aussi la faisabilité d'intégrer des mécanismes de sécurité dans des véhicules réels. / Electronic equipment has become an integral part of a vehicle's network architecture, which consists of multiple buses and microcontrollers called Electronic Control Units (ECUs). These ECUs recently also connect to the outside world. Navigation and entertainment system, consumer devices, and Car2X functions are examples for this. Recent security analyses have shown severe vulnerabilities of exposed ECUs and protocols, which may make it possible for attackers to gain control over a vehicle. Given that car safety-critical systems can no longer be fully isolated from such third party devices and infotainment services, we propose a new approach to securing vehicular on-board systems that combines mechanisms at different layers of the communication stack and of the execution platforms. We describe our secure communication protocols, which are designed to provide strong cryptographic assurances together with an efficient implementation fitting the prevalent vehicular communication paradigms. They rely on hardware security modules providing secure storage and acting as root of trust. A distributed data flow tracking based approach is employed for checking code execution against a security policy describing authorized communication patterns. Binary instrumentation is used to track data flows throughout execution (taint engine) and also between control units (middleware), thus making it applicable to industrial applications. We evaluate the feasibility of our mechanisms to secure communication on the CAN bus, which is ubiquitously implemented in cars today. A proof of concept demonstrator also shows the feasibility of integrating security features into real vehicles.

Sécurité embarquée

On-board security

Blockchain-Based Security Framework for the Internet of Things and Home Networks

Diego Miguel Mendez Mena (10711719)

27 April 2021

During recent years, attacks on Internet of Things (IoT) devices have grown significantly. Cyber criminals have been using compromised IoT machines to attack others, which include critical internet infrastructure systems. Latest attacks increase the urgency for the information security research community to develop new strategies and tools to safeguard vulnerable devices at any level. Millions of intelligent things are now part of home-based networks that are usually disregarded by solutions platforms, but not by malicious entities.<br>Therefore, the following document presents a comprehensive framework that aims to secure home-based networks, but also corporate and service provider ones. The proposed solution utilizes first-hand information from different actors from different levels to create a decentralized privacy-aware Cyber Threat Information (CTI) sharing network, capable of automate network responses by relying on the secure properties of the blockchain powered by the Ethereum algorithms.

Computer System Security

Internet of Things security

blockchain algorithm

network security technologies

network security system

Ethereum blockchain

A Virtual Hydroelectric Power System for Distributable Industrial Control System Security Research

Mudd, David Brian

15 August 2014

Cyber security for industrial control systems (ICS) has been a rapidly growing area of interest and research for the last several years. The lack of an easily distributable platform on which ICS components can be built for use in security testing and result comparison among researchers presents a major issue. This thesis details the use of a virtual testbed environment to build a representative virtual hydroelectric power system (VHPS). The VHPS generates realistic Modbus/TCP network traffic between two separate ICS devices, a Master and a Slave, located on separate VMs. For security testing purposes, a method of session hijacking has been implemented as well as a Function Code Scan attack and a Setpoint Manipulation attack. The virtual environment, the VHPS, and the attacks have been packaged into an LXDE-based Fedora Spin VM for easy distribution.

cyber security

SCADA

Intangible security : choice of law rules for intangible secured financing under the Uniform commercial code

Bartleman, Laurent William.

January 2005

No description available.

Security (Law)

Law -- Philosophy.

Spaces and geographers of the "Smart Border" : technologies and discourses of Canada's post 911 borders

Gordon, Aaron Andrew.

January 2006

No description available.

Border security -- Canada.

Border security -- United States.

National security -- Canada.

National security -- United States.

Discovery and Evaluation of Finite State Machines in Hardware Security

Geist, James

01 January 2023

In the decades since the invention of the integrated circuit (IC), IC's have become ubiquitous, complex, and networked. High transistor density and the low cost of production at scale have made it economically feasible to use complex custom IC's in almost any engineering application. While IC's provide a powerful tool for solving many engineering problems, the low cost comes from outsourcing production and reusing existing design components. Both of these dependencies introduce security risk; unwanted functionality may be inserted either from opaque third party libraries used in a design or by any outside vendor involved in the fabrication process. As it is far easier to verify that specified functionality works as intended than to discover unwanted functionality, verifying that a design has not been tampered with is an important, difficult problem. In stateful designs, Finite State Machines (FSM's) choreograph the operation of the design. With knowledge of the primary inputs and the current state, an FSM instructs other subsystems what to do next. Given this central role, an FSM is an obvious target for malicious exploitation. A bad actor can add states to an FSM that may only be entered via a non-obvious sequence of inputs; these states may then leak information via a side channel, or corrupt operation of the device in a denial of service attack. Such exploitation can be avoided both proactively and reactively. This dissertation introduces methods for discovering, extracting, modifying, and analyzing FSM's in post-compilation netlists. Such netlists may be acquired either in house directly after a design is compiled, or recovered by microscopy techniques post-fabrication. This dissertation introduces several methods applicable to the problem. In order to study FSM's in a netlist, the FSM's must first be located. One method to find FSM's is to search for the control signals which drive it. A proposed algorithm for discovering control signals, RELIC-FUN, provides more accurate results than other algorithms on specific designs. Once an FSM is discovered, state transition enumeration is key to comparing the FSM's behavior to the original design. This dissertation introduces two new tools, RECUT and REFSM-SAT, which provide significantly better performance than existing enumeration algorithms. Noting that FSM's, both structurally and semantically, are graph theoretical constructs, a new graphical environment, NetViz, is introduced. NetViz is an environment for hardware security which allows chaining of analysis algorithms and graphical display of, and interaction with, analysis results. Finally, an existing logic locking algorithm, SANSCrypt, is shown to be insecure due to structural FSM analysis techniques.

Computer Sciences

Information Security

A Semi-Autonomous Credit/Debit Card Transaction Fraud Defense Framework for Online Merchants

Laurens, Roy

01 January 2023

The majority of online credit/debit card fraud research focuses on the defense by back-end entities, such as card issuer or processor (i.e., payment processing company), and overlooks the fraud defense initiated by online merchants. This is problematic because the merchants – especially online merchants – are the ones generally held responsible for covering any loss due to transaction fraud. Thus they have a great incentive to detect and defend against card fraud. But at the same time, compared with card issuers, they also lack access to large samples needed for data mining (such as existing purchase data of a cardholder). This dissertation presents a novel semi-autonomous framework for online merchants to defend against such fraud by utilizing three interrelated components: a supervised classifier based on existing fraud pattern and our newly developed DNS fingerprinting, an unsupervised anomaly detection method using diversity index, and a novel soft descriptor based verification system. The classifier and the anomaly detection work together to allow our framework to detect known fraud patterns and adapt to the previously undetected patterns. Afterward, suspicious transactions can be autonomously verified by requesting the customer to provide a unique identifier that was previously embedded in the soft descriptor during the card transaction processing. This verification process greatly improves fraud detection accuracy without adding a burden on most legitimate customers. Our framework can be readily implemented and we have deployed several aspects of our framework at a real-world e-commerce Merchant website, with the real testing results explained in this dissertation.

Computer Sciences

Information Security

Decentralization and Violence

Norat, Alexander

01 January 2022

How does the political environment that a group operates affect whether they engage in terrorism? My research is concerned with how political opportunities, which I conceptualize in terms of political decentralization, affect how groups engage with the state, and whether they will engage in terrorism. Previous research has indicated that decentralization can reduce violence but can pose stability problems in other countries. I hypothesize that states with higher levels of decentralization will have lower levels of violence. I believe this works by allowing minority groups more access to power. Because they have access to political power, there is less incentive to use violence to achieve their political goals. This project is tested with a large-N study of democratic countries. I also engaged in two case studies focused on Northern Ireland and Spain, looking at the IRA and ETA, respectively. These two case studies trace the effect of changing levels of centralization on the behavior of minority groups. This study finds that political opportunities often lead to less violence in the long-term. Decentralization is one way of achieving this. However, sometimes decentralization may not work because it could take away rights from minorities; while in other cases, even after decentralization begins to take place, it can take a while for changes to take hold. Both the Northern Ireland and Spanish cases show that it is not always so simple as just saying decentralization will take place, or that it has begun.

Defense and Security Studies

Struggling for Security: The Complexity of NATO Burden-Sharing

Schnaufer II, Tad

01 January 2022

Since the founding of the North Atlantic Treaty Organization (NATO), US administrations have criticized their European allies for not meeting security burden-sharing goals. This study aims to gain insight into what factors motivate alliance members to contribute to the burden-sharing objectives they have agreed to achieve. From a US perspective, the need for its European allies to reach these goals will allow the United States to shift resources to more pressing strategic challenges like the rise of China. Informed by Mancur Olson's theory of collective action and Glenn Snyder's concept of the security dilemma in alliances, this project tests the hypothesis that the more a NATO ally's foreign policy interests align with those of the United States, the less that ally will spend on defense as a percentage of Gross Domestic Product (GDP). This study uses a mixed-methods approach. The primary metric measuring an ally's contribution is the percentage of its GDP spent on defense. Furthermore, this study breaks NATO's history into three geopolitical periods: the Cold War (1950 to 1990), the Post-Cold War (1991 to 2006), and the Resurgent period (2007 to 2019). The analysis yields robust support for the theory in periods lacking a major threat (i.e., the Post-Cold War). That means the more aligned an ally's foreign policy preferences are with the United States, the less that ally spends on defense as a percentage of its GDP in such periods. The implications of these findings suggest that with the intensified threat of Russia made apparent with its attack on Ukraine in 2022, burden sharing in the NATO alliance will be less of a problem for the US in the immediate future. However, when this threat recedes, the burden-sharing issue will return, and the United States will have to send credible signals (like withdrawing troops from Europe) to its allies to cause them to question US protection and increase defense spending.

Defense and Security Studies

Towards Secure and Trustworthy IoT Systems

Luo, Lan

01 January 2022

The boom of the Internet of Things (IoT) brings great convenience to the society by connecting the physical world to the cyber world, but it also attracts mischievous hackers for benefits. Therefore, understanding potential attacks aiming at IoT systems and devising new protection mechanisms are of great significance to maintain the security and privacy of the IoT ecosystem. In this dissertation, we first demonstrate potential threats against IoT networks and their severe consequences via analyzing a real-world air quality monitoring system. By exploiting the discovered flaws, we can impersonate any victim sensor device and polluting its data with fabricated data. It is a great challenge to fight against runtime software attacks targeting IoT devices based on microcontrollers (MCUs) due to the heterogeneity and constrained computational resources of MCUs. An emerging hardware-based solution is TrustZone-M, which isolates the trusted execution environment from the vulnerable rich execution environment. Though TrustZone-M provides the platform for implementing various protection mechanisms, programming TrustZone-M may introduce a new attack surface. We explore the feasibility of launching five exploits in the context of TrustZone-M and validate these attacks using SAM L11, a Microchip MCU with TrustZone-M enabled. We then propose a security framework for IoT devices using TrustZone-M enabled MCUs, in which device security is protected in five dimensions. The security framework is implemented and evaluated with a full-fledged secure and trustworthy air quality monitoring device using SAM L11 as its MCU. Based on TrustZone-M, a function-based ASLR (fASLR) scheme is designed for runtime software security of IoT devices. fASLR is capable of trapping and modifying control flow upon a function call and randomizing the callee function before its execution. Evaluation results show that fASLR achieves high entropy with low overheads.

Computer Sciences

Information Security