An Energy-Efficient Medium Access Control Protocol for Wireless Sensor Networks "V-MAC"

Qayoom, Mohamad

16 May 2008

Wireless sensor networks (WSNs) are composed of hundreds of wireless sensors which collaborate to perform a common task. Because of the small size of wireless sensors, they have some serious limitations including very low computation capability and battery reserve. Such resource limitations require that WSN protocols to be extremely efficient. In this thesis, we focus on the Medium Access Control (MAC) layer in WSNs. We propose a MAC scheme, V-MAC, for WSNs that extends that lifetime of the network. We compare V-MAC with other MAC schemes. V-MAC uses a special mechanism to divide sensors in different groups and then all the members of a group go to sleep at the same time. V-MAC protects WSNs against denial of sleep and broadcast attacks. We present the V-MAC scheme in details and evaluate it with simulations. Our simulations show that V-MAC enjoys significantly higher throughput and network lifetime compared to other schemes.

Wireless Sensors

Wireless Senor Networks

MAC Schemes

Denial of Sleep Attack

and V-MAC

Last Known Tomorrow

Wormington, Larry J

20 December 2013

N/A

Marine

M16

baseball

Philippines

boot camp

drill instructor

monkey attack

Fiction

Military History

Définition et évaluation d'un mécanisme de génération de règles de corrélation liées à l'environnement. / Definition and assessment of a mechanism for the generation of environment specific correlation rules

Godefroy, Erwan

30 September 2016

Dans les systèmes d'informations, les outils de détection produisent en continu un grand nombre d'alertes.Des outils de corrélation permettent de réduire le nombre d'alertes et de synthétiser au sein de méta-alertes les informations importantes pour les administrateurs.Cependant, la complexité des règles de corrélation rend difficile leur écriture et leur maintenance.Cette thèse propose par conséquent une méthode pour générer des règles de corrélation de manière semi-automatique à partir d’un scénario d’attaque exprimé dans un langage de niveau d'abstraction élevé.La méthode repose sur la construction et l'utilisation d’une base de connaissances contenant une modélisation des éléments essentiels du système d’information (par exemple les nœuds et le déploiement des outils de détection). Le procédé de génération des règles de corrélation est composé de différentes étapes qui permettent de transformer progressivement un arbre d'attaque en règles de corrélation.Nous avons évalué ce travail en deux temps. D'une part, nous avons déroulé la méthode dans le cadre d'un cas d'utilisation mettant en jeu un réseau représentatif d'un système d'une petite entreprise.D'autre part, nous avons mesuré l'influence de fautes touchant la base de connaissances sur les règles de corrélation générées et sur la qualité de la détection. / Information systems produce continuously a large amount of messages and alerts. In order to manage this amount of data, correlation system are introduced to reduce the alerts number and produce high-level meta-alerts with relevant information for the administrators. However, it is usually difficult to write complete and correct correlation rules and to maintain them. This thesis describes a method to create correlation rules from an attack scenario specified in a high-level language. This method relies on a specific knowledge base that includes relevant information on the system such as nodes or the deployment of sensor. This process is composed of different steps that iteratively transform an attack tree into a correlation rule. The assessment of this work is divided in two aspects. First, we apply the method int the context of a use-case involving a small business system. The second aspect covers the influence of a faulty knowledge base on the generated rules and on the detection.

Corrélation d’alertes

Scénario d’attaque

Règles de corrélation

Détection d’intrusion

Alerts correlation

Attack scenario

Correlation rules

Intrusion detection

Implementing Bayesian Networks for online threat detection

Pappaterra, Mauro José

January 2018

Cybersecurity threats have surged in the past decades. Experts agree that conventional security measures will soon not be enough to stop the propagation of more sophisticated and harmful cyberattacks. Recently, there has been a growing interest in mastering the complexity of cybersecurity by adopting methods borrowed from Artificial Intelligence (AI) in order to support automation. Moreover, entire security frameworks, such as DETECT (Decision Triggering Event Composer and Tracker), are designed aimed to the automatic and early detection of threats against systems, by using model analysis and recognising sequences of events and other tropes, inherent to attack patterns. In this project, I concentrate on cybersecurity threat assessment by the translation of Attack Trees (AT) into probabilistic detection models based on Bayesian Networks (BN). I also show how these models can be integrated and dynamically updated as a detection engine in the existing DETECT framework for automated threat detection, hence enabling both offline and online threat assessment. Integration in DETECT is important to allow real-time model execution and evaluation for quantitative threat assessment. Finally, I apply my methodology to some real-world case studies, evaluate models with sample data, perform data sensitivity analyses, then present and discuss the results.

Cybersecurity

Bayesian Networks

Threat Detection

Attack Trees

DETECT

Risk Evaluation

Threat Assessment

CPS

Computer Systems

Datorsystem

Assisted design and analysis of attack trees / Assistance à la conception et l’analyse d’arbres d’attaque

Audinot, Maxime

17 December 2018

En analyse de risques, les arbres d’attaque sont utilisés pour évaluer les menaces sur un système. Les méthodes formelles permettent leur analyse quantitative et leur synthèse, mais les propriétés exprimant la qualité des arbres d’attaque par rapport au système n’ont pas été formalisées. Dans ce document, nous définissons un nouveau cadre formel pour les arbres d’attaque prenant en compte un modèle opérationnel du système, et dotant les arbres d’une sémantique de chemins. Nous définissons les propriétés de correction des raffinements, et étudions leurs complexités. A partir d’une attaque optimale dans un modèle de système quantitatif, nous guidons la conception d’un arbre d’attaque, en indiquant ses feuilles qui contribuent à l’attaque optimale considérée. / In risk analysis, attack trees are used to assess threats to a system. Formal methods allow for their quantitative analysis and synthesis, but the properties expressing the quality of the attack trees with respect to the system have not been formalized. In this document, we define a new formal framework for attack trees that takes an operational model of the system into account, and provides the trees with a path semantics. We define the correctness properties of refinements, and study their computational complexity. Given an optimal attack in a quantitative system model, we guide the design of a attack tree, indicating its leaves that contribute to considered the optimal attack.

Arbres d’attaque

Vérification de modèles

Méthodes formelles

Évaluation du risque

Attack trees

Formal methods

Model checking

Risk assessment

Análise aerodinâmica de uma aeronave não convencional com asas de enflechamento negativo, Carnard e intake dorsal / Aerodynamic analysis of an aircraft with forward swept wings, Canard and dorsal intake

Boccato, Bruno Ribeiro

12 April 2019

Desde o início da história da aviação, a cada novo projeto de aeronave, modificações são realizadas para se obter melhorias nas características aerodinâmicas como, por exemplo, diminuição do arrasto, aumento de sustentação, melhora na manobrabilidade em elevados ângulos de ataque, entre outras. Essas modificações podem ser feitas em diversas partes de uma aeronave como, por exemplo, no perfil aerodinâmico e enflechamento da asa, nas superfícies de controle e até em novas posições da entrada de ar do motor intake. Embora os conceitos de aeronaves com asas de enflechamento negativo, Canard e intake dorsal não sejam novos, ainda não existe uma aeronave que apresente essas três características juntas. Portanto, o presente trabalho teve como objetivo estudar uma aeronave não convencional com essas características. Para isso, testes foram realizados no túnel de vento do Laboratório de Aerodinâmica (LAE), do Departamento de Engenharia Aeronáutica da Escola de Engenharia de São Carlos, da Universidade de São Paulo. Três estudos foram realizados para diferentes ângulos de ataque da aeronave e diferentes ângulos de incidência de três pares de Canard projetados, que foram colocados em duas posições diferentes em relação à asa. No primeiro estudo, as forças aerodinâmicas atuantes na aeronave foram medidas por meio de uma balança aerodinâmica para se obter relações entre seus coeficientes e a eficiência conforme a troca dos pares de Canard. Posteriormente, o estudo do escoamento na entrada do intake dorsal englobou a relação entre a velocidade local no intake, a velocidade do escoamento livre e a recuperação de pressão total no mesmo. Por fim, um mapeamento da vorticidade no campo da asa foi realizado para se analisar a influência do Canard no escoamento raiz da asa. O modelo estudado obteve uma maior eficiência e menor arrasto em elevados ângulos de ataque para ângulos de incidência negativos de Canard. O Canard que se destacou nos dois primeiros estudos foi utilizado no estudo de mapeamento, porém, não apresentou uma influência no escoamento da raiz da asa como desejado. / Since the beginning of aviation history, in each new aircraft design, modifications are made to obtain improvements in aerodynamic characteristics such as drag reduction, increase of lift, improvement in maneuverability at high angles of attack. These modifications can be made in different parts of an aircraft, such as, aerodynamic profile, on the control surfaces and even in new intake positions. Although the concepts of aircraft with forward swept wing, Canard and dorsal intake are not new, there is still no aircraft that presents these three characteristics together. Therefore, the present work had as objective to study an unconventional aircraft with these characteristics. Wind tunnel tests were carried out in order to analyze the aerodynamic characteristics at the Aerodynamics Laboratory of the Department of Aeronautical Engineering of EESC-USP. Three studies were carried out for different angles of attack of the aircraft and different angles of incidence of three pairs of Canard, which were placed in two different positions in relation to the wing. In the first study, the aerodynamic forces acting on the aircraft were measured by an aerodynamic balance to obtain relations between their coefficients and the efficiency according to the change of the Canard pairs. Subsequently, the study of flow at the entrance of the dorsal intake included the relation between the local velocity at the intake and the velocity of the free flow and the total pressure recovery. Finally, a mapping of vorticity in the wing field was performed to analyze the influence of Canard on the boundary layer at the root of the wing. The model studied obtained higher efficiency and lower drag at high angles of attack at negative Canard angles of incidence. The Canard that stood out in the first two studies was used in the mapping study, however, it did not present an influence on the root of the wing as desired.

Canard

Canard

Elevado ângulo de ataque

Enflechamento negativo

Forward swept wing

High angle of attack

Side Channels in the Frequency Domain / Méthodes d'attaques avancées de systèmes cryptographiques par analyse des émissions EM

Tiran, Sébastien

11 December 2013

De nos jours, l'emploi de la cryptographie est largement répandu et les circuits intègrent des primitives cryptographiques pour répondre à des besoins d'identification, de confidentialité, ... dans de nombreux domaines comme la communication, la PayTV, ...La sécurisation de ces circuits est donc un enjeu majeur. Les attaques par canaux cachés consistent à espionner ces circuits par différents biais comme le temps de calcul, la consommation en courant ou les émanations électromagnétiques pour obtenir des informations sur les calculs effectués et retrouver des secrets comme les clefs de chiffrement. Ces attaques ont l'avantage d'être indétectables, peu couteuses et ont fait l'objet des nombreuses études. Dans le cadre des attaques par analyse de la consommation en courant ou des émanations électromagnétiques l'acquisition de bonnes courbes est un point crucial. Malgré la forte utilisation de techniques de prétraitement dans la littérature, personne n'a tenté d'établir un modèle de fuite dans le domaine fréquentiel. Les travaux effectués durant cette thèse se concentrent donc sur cet aspect avec pour intérêt d'améliorer l'efficacité des attaques. De plus, de nouvelles attaques dans le domaine fréquentiel sont proposées, sujet peu étudié malgré l'intérêt de pouvoir exploiter plus efficacement la fuite éparpillée dans le temps. / Nowadays, the use of cryptography is widely spread, and a lot of devices provide cryptographic functions to satisfy needs such as identification, confidentiality, ... in several fields like communication, PayTV, ...Security of these devices is thus a major issue.Side Channel Attacks consist in spying a circuit through different means like the computation time, power consumption or electromagnetic emissions to get information on the performed calculus and discover secrets such as the cipher keys.These attacks have the advantage to be cheap and undetectable, and have been studied a lot.In the context of attacks analysing the power consumption or the electromagnetic emissions, the acquisition of good traces is a crucial point.Despite the high use of preprocessing techniques in the literature, nobody has attempted to model the leakage in the frequency domain.The works performed during this thesis are focusing on this topic with the motivation of improving the efficiency of attacks.What's more, new frequency domain attacks are proposed, subject poorly studied despite the advantage of better exploiting the leakage spread in time.

Cryptographie

Em

Canaux cachés

Carte à puce

Cryptography

Em

Side channel Attack

Smartcard

Melhorando o ataque de reação contra o QC-MDPC McEliece / Improving the efficiency of the reaction attack on the QC-MDPC McEliece

Paiva, Thales Areco Bandiera

11 December 2017

O QC-MDPC McEliece foi considerado um dos mais promissores esquemas criptográficos de chave pública que oferecem segurança contra ataques por computadores quânticos. O tamanho das chaves públicas do QC-MDPC McEliece é competitivo com o das chaves do RSA, e o esquema tem uma redução de segurança aparentemente forte. Por três anos, o esquema não sofreu ataques críticos, até que na Asiacrypt de 2016 Guo, Johansson, e Stankovski mostraram um ataque de reação contra o QC-MDPC McEliece que explora um aspecto não considerado em sua redução de segurança: a probabilidade de o algoritmo de decriptação falhar é menor quando a chave secreta e o vetor usado para encriptar a mensagem compartilham certas propriedades, chamadas de espectros. Dessa forma, um atacante pode, ao detectar falhas de decriptação, obter informação sobre o espectro, que será usada para reconstruir a chave secreta. Guo et al. apresentaram um algoritmo para a reconstrução da chave a partir do espectro recuperado, para o qual é possível apontar três problemas. O primeiro é que seu algoritmo não é eficiente quando o espectro da chave não foi recuperado quase completamente, o que resulta em o atacante ter que enviar um grande número de testes de decriptação à portadora da chave secreta. O segundo problema é que o desempenho de seu algoritmo não escala bem para níveis de segurança mais altos. O terceiro e último problema é que, por ser baseado numa busca em profundidade, seu algoritmo não pode ser paralelizado trivialmente. Para aumentar a eficiência do ataque, dois novos algoritmos de reconstrução são propostos neste trabalho. Estes algoritmos são mais eficientes, usam menos informação sobre a chave secreta, e podem ser paralelizados trivialmente. O primeiro algoritmo é probabilístico e tem complexidade assintótica ligeiramente melhor do que a do original. Entretanto, o desempenho do algoritmo probabilístico piora rapidamente, embora mais lentamente do que o algoritmo de Guo et al., conforme a quantidade de informação sobre o espectro diminui. O segundo algoritmo explora uma relação linear entre os blocos da chave secreta. Este é mais eficiente, tanto assintoticamente quanto na prática, que os dois outros algoritmos, e é eficiente mesmo com 50% menos informação sobre o espectro do que o necessário para o algoritmo original. Isso permite que o atacante encontre a chave secreta fazendo apenas em torno de 20% do número de testes necessários pelo algoritmo de Guo\'s et al., considerando-se o nível de segurança de 80 bits. O desempenho de ambos os algoritmos são analisados e comparados com o do algoritmo original, e as análises são feitas tanto para a complexidade teórica quanto para o desempenho na prática, considerando a implementação dos algoritmos em linguagem C. / The QC-MDPC McEliece scheme was considered one of the most promising public key encryption schemes for efficient post-quantum secure encryption. As a variant of the McEliece scheme, it is based on the syndrome decoding problem, an NP-hard problem from Coding Theory. The key sizes are competitive with the ones of the widely used RSA cryptosystem, and it came with an apparently strong security reduction. For three years, the scheme has not suffered major threats, until the end of 2016, when Guo, Johansson, and Stankovski presented at Asiacrypt a reaction attack on the QC-MDPC that exploits one aspect that was not considered in the security reduction: the probability of a decoding failure to occur is lower when the secret key and the error used for encryption share certain properties, which they called spectrums. By detecting decoding failures, the attacker can obtain information on the spectrum of the secret key and then use this information to reconstruct the key. Guo et al. presented an algorithm for key reconstruction for which we can point three weaknesses. The first one is that it cannot deal efficiently with partial information on the spectrum of the secret key, resulting in the attacker having to send a great number of decoding trials. The second one is that it does not scale well for higher security levels. The third one is that the algorithm, which is based on a depth-first search, cannot be trivially parallelized. To improve the efficiency of the attack, we propose two different key reconstruction algorithms that are more efficient, use less information on the secret key, and can be trivially parallelized. The first algorithm, which is a simple probabilistic extension of Guo\'s et al. algorithm, is more efficient and runs increasingly faster, for higher security levels, than the original one. However, for security levels higher than 80 bits, the probabilistic algorithm cannot run efficiently without too much information on the spectrum of the secret key, even though it needs less information than the original algorithm. The second algorithm is based on a linear relation between the blocks of the secret key. It can run efficiently with around 50% less information than needed by Guo\'s et al. key reconstruction algorithm. This makes it possible for an attacker to recover the secret key sending approximately 20% of the of the number of decoding trials needed by Guo\'s et al. algorithm, for the security level of 80 bits. The performance of each presented algorithm is analyzed and compared with that of the original one. The analysis are made theoretically, considering a probabilistic analysis of the algorithms, and in practice, considering the corresponding implementations in C language.

Ataque de reação

Criptografia pós-quântica

Post-quantum cryptography

QC-MDPC

QC-MDPC

Reaction attack

Communication Security in Wireless Sensor Networks

Ren, Kui

06 April 2007

A wireless sensor network (WSN) usually consists of a large number of small, low-cost devices that have limited energy supply, computation, memory, and communication capacities. Recently, WSNs have drawn a lot of attention due to their broad applications in both military and civilian domains. Communication security is essential to the success of WSN applications, especially for those mission-critical applications working in unattended and even hostile environments. However, providing satisfactory security protection in WSNs has ever been a challenging task due to various network & resource constraints and malicious attacks. This motivates the research on communication security for WSNs. This dissertation studies communication security in WSNs with respect to three important aspects. The first study addresses broadcast/multicast security in WSNs. We propose a multi-user broadcast authentication technique, which overcomes the security vulnerability of existing solutions. The proposed scheme guarantees immediate broadcast authentication by employing public key cryptography, and achieves the efficiency through integrating various techniques from different domains. We also address multicast encryption to solve data confidentiality concern for secure multicast. We propose an efficient multicast key management scheme supporting a wide range of multicast semantics, which utilizes the fact that sensors are both routers and end-receivers. The second study addresses data report security in WSNs. We propose a location-aware end-to-end security framework for WSNs, in which secret keys are bound to geographic locations so that the impact of sensor compromise are limited only to their vicinity. The proposed scheme effectively defeats not only bogus data injection attacks but also various DoS attacks. In this study, we also address event boundary detection as a specific case of secure data aggregation in WSNs. We propose a secure and fault-tolerant event boundary detection scheme, which securely detects the boundaries of large spatial events in a localized statistic manner. The third study addresses random key pre-distribution in WSNs. We propose a keyed-hash-chain-based key pool generation technique, which leads to a more efficient key pre-distribution scheme with better security resilience in the case of sensor compromise.

Defense

Attack

Wireless Sensor Networks

Communication

Security

Wireless communication systems

Security measures

Computer networks

Security measures

Upplevelser av hjärtinfarkt hos kvinnor i det akuta skedet : En litteraturstudie

Minin, Ingmarie, Mohamed, Hayat Hanan

January 2008

Sjukdomar i hjärtats kranskärl och dess komplikationer förorsakar 23% av alla dödsfall hos kvinnor i Sverige där akut hjärtinfarkt ensam står för 6% av fallen. Atypiska och diffusa symtom är en av orsakerna till att kvinnor med hjärtinfarkt inte alltid kommer till sjukhus i tid. Syftet med denna litteraturstudie är att belysa kvinnors upplevelser av hjärtinfarkt i det akuta skedet. Vi vill även få klarhet i varför kvinnor ofta väntar med att söka vård och dessutom riskerar att inte bli tagna på allvar. Vi har valt metod i form av en litteraturstudie där vi analyserar kvalitativ forskning som bygger på nio vårdvetenskapliga artiklar. I vårt resultat kom vi fram till följande teman och subteman: Kvinnor söker inte vård i tid, Tar inte signalerna på allvar, Relaterar symtomen till andra orsaker, Vill inte var till besvär för andra och hjärtinfarkt drabbar inte mig, Något är fel i min kropp, Sökande av råd och stöd och Upplevelser av symtomen i det akuta skedet, samt Kvinnor blir inte alltid tagna på allvar, Risk för felaktig diagnos – felaktig behandling och Blir inte tagna på allvar. Vi ser det som ett stort problem att många kvinnor underskattar risken att drabbas av akut hjärtkärlsjukdom. Likaså att de vid det akuta insjuknandet relaterar sina hjärtinfarktsymtom till något annat och därför väntar med att söka medicinsk hjälp. Vår förhoppning är att kvinnor blir mer uppmärksamma på kroppens signaler och inte tvekar att söka vård om de känner sig osäkra eller oroliga. / <p>Program: Sjuksköterskeutbildning</p><p>Uppsatsnivå: C</p>

women

experiences

acute myocardial infarction

symptoms

perception

feelings

heart attack

Medical and Health Sciences

Medicin och hälsovetenskap