ARTIFICIAL INTELLIGENCE-BASED GPS SPOOFING DETECTION AND IMPLEMENTATION WITH APPLICATIONS TO UNMANNED AERIAL VEHICLES

Mohammad Nayfeh (15379369)

30 April 2023

<p>In this work, machine learning (ML) modeling is proposed for the detection and classification of global positioning system (GPS) spoofing in unmanned aerial vehicles (UAVs). Three testing scenarios are implemented in an outdoor yet controlled setup to investigate static and dynamic attacks. In these scenarios, authentic sets of GPS signal features are collected, followed by other sets obtained while the UAV is under spoofing attacks launched with a software-defined radio (SDR) transceiver module. All sets are standardized, analyzed for correlation, and reduced according to feature importance prior to their exploitation in training, validating, and testing different multiclass ML classifiers. Two schemes for the dataset are proposed, location-dependent and location-independent datasets. The location-dependent dataset keeps the location specific features which are latitude, longitude, and altitude. On the other hand, the location-independent dataset excludes these features. The resulting performance evaluation of these classifiers shows a detection rate (DR), misdetection rate (MDR), and false alarm rate (FAR) better than 92%, 13%, and 4%, respectively, together with a sub-millisecond detection time. Hence, the proposed modeling facilitates accurate real-time GPS spoofing detection and classification for UAV applications.</p> <p><br></p> <p>Then, a three-class ML model is implemented on a UAV with a Raspberry Pi processor for classifying the two GPS spoofing attacks (i.e., static, dynamic) in real-time. First, several models are developed and tested utilizing the prepared dataset. Models evaluation is carried out using the DR, F-score, FAR, and MDR, which all showed an acceptable performance. Then, the optimum model is loaded to the onboard processor and tested for real-time detection and classification. Location-dependent applications, such as fixed-route public transportation, are expected to benefit from the methodology presented herein as the longitude, latitude, and altitude features are characterized in the implemented model.</p>

Global Positioning System

Machine Learning

Software-Defined Radio

Spoofing attacks

Unmanned Aerial Vehicle

A countermeasure method for video-based face spoofing attacks : Detecção de tentativas de ataque com vídeos digitais em sistemas de biometria de face / Detecção de tentativas de ataque com vídeos digitais em sistemas de biometria de face

Pinto, Allan da Silva, 1984-

23 August 2018

Orientador: Anderson de Rezende Rocha / Dissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação / Made available in DSpace on 2018-08-23T22:22:57Z (GMT). No. of bitstreams: 1 Pinto_AllandaSilva_M.pdf: 47523880 bytes, checksum: 072eb0490c26631b80cdcc47d55a4817 (MD5) Previous issue date: 2013 / Resumo: O resumo poderá ser visualizado no texto completo da tese digital / Abstract: The complete abstract is available with the full electronic document / Mestrado / Ciência da Computação / Mestre em Ciência da Computação

Identificação biométrica

Ataques de falsificação de face

Ritmo visual

Fourier, Análise de

Biometric identification

Face spoofing attacks

Video-based face spoofing

Visual rhythm

Fourier analysis - Data processing

Authentication Techniques Based on Physical Layer Attributes / Autentisering tekniker baserade på fysiska lager attribut

Liang, Xintai

January 2022

Authentication is an indispensable part of information security. It serves to distinguish legitimate users from unauthorized ones. With the rapid growth of Internet of Things (IoT) devices, authentication of wireless communication is gathering more and more attention. Traditional authentication methods using cryptography, such as Hash-based Message Authentication Codes (HMACs) or digital signature, demand significant computational power and hardware resources, especially for low-end platforms. Spoofing attackers take advantage of trust relationships, trying to impersonate legitimate entities the wireless Access Point (AP) trusts. To tackle this issue, physical layer authentication methods are proposed. Using a fast and lightweight implementation, authentication based on physical layer attributes has the chance to improve the security performance of the authentication in the wireless network and protect it from spoofing attacks. It takes advantage of the uniqueness and inimitability of physical layer attributes by using them as identifying information. In this project, one of the physical layer attributes, Channel State Information (CSI), is utilized as the identifying information of devices. CSI samples from different wireless devices are collected by a wireless monitor. Features on amplitude and phase are extracted from raw CSI samples through data processing algorithms. For every device, a corresponding feature profile is pre-built so that authentication can be accomplished by matching the CSI profile. One-Class Support Vector Machine (OCSVM), a machine learning technique, which has a satisfying performance in novel discrimination, is used for profile building and profile matching algorithms so that the physical layer identities from various devices can be distinguished effectively. Our study aims to prove the feasibility of the authentication using CSI identity is conducted and the authentication and spoofer detection accuracy is calculated. With the profile matching algorithm based on OCSVM, the authentication accuracy and the spoofer detection accuracy remains around 98% and 100% respectively. Finally, to address the limitations in related work, such as the phase error fingerprinting which is not effective across all the bands, and the instability of the authentication results, a combined authentication method is designed and implemented successfully. The new method is based on both the traditional cryptographic authentication and CSI-based authentication. The implementation is accomplished by using the data processing methods and discrimination techniques mentioned above. The basic functions, such as detecting CSI variance and switching between CSI and cryptographic authentication, and the CPU computing performance under different authentication modes are observed. The performance of the new method is analyzed and evaluated under different potential attack scenarios. The evaluation shows that the basic functions and defense ability are valid and satisfying under different scenarios. The computing resource saves at least 36.92% and at most 79.73% compared to various traditional cryptographic authentication. / Autentisering är en oumbärlig del av informationssäkerheten, eftersom den särskiljer legitima användare och motståndare i nätverk. Med den snabba tillväxten av trådlösa IoT-enheter får säker autentisering inom trådlös kommunikation mer och mer uppmärksamhet. Traditionell trådlös autentisering metoder har en enorm efterfrågan på beräkningskraft och hårdvaruresurser, samtidigt som de är sårbara för vissa attacker. Spoofing-attack, som drar fördel av pålitliga relationer genom att imitera en person eller organisation som den trådlösa AP litar på, är en av de svåraste säkerheterna problem med trådlös autentisering. För att lösa detta problem föreslås autentiseringsmetoder för fysiska lager. Genom att använda en snabb och lätt implementering har autentiseringen baserad på fysiska lagerattribut möjlighet att förbättra säkerhetsprestandan för autentiseringen i det trådlösa nätverket och skydda den från spoofing attacker. Eftersom det tar fördelen av det unika och oefterhärmlighet av fysiska lagerattribut genom att använda dem som identitetsinformation som ska autentiseras. I detta projekt används ett av attributen för fysiskt lager, CSI som enhetsidentitet för att studera prestandan för trådlös autentisering under det nya överföringsprotokollet 802.11ac.CSI-prov från olika trådlösa enheter samlas in från den trådlösa monitorn. Funktioner på Amplitude och Phase extraheras från råa CSI-prover genom respektive dataförbehandlingsalgoritmer. För varje enhet är en motsvarande funktionsprofil förbyggd så att autentiseringen kan utföras genom att matcha CSI-profilen. Maskininlärningsteknik, OCSVM, som har en tillfredsställande prestanda i den nya diskrimineringen, används i profilbyggande och profilmatchningsalgoritmer så att de fysiska lagrets identiteter från olika enheter effektivt kan särskiljas. En studie syftar till att bevisa genomförbarheten av autentisering med CSI-identitet genomförs och noggrannheten för autentisering och spooferdetektering beräknas. Med profilmatchningsalgoritmen bas ed på OCSVM förblir autentiseringsnoggrannheten och spooferdetekteringsnoggrannheten runt 98% till 99% respektive 100%. Slutligen, med ovanstående metoder och tekniker och övervägandet av begränsningar i relaterat arbete, som fasfelsfingeravtrycksfelet som inte är tillräckligt effektivt över alla band, och instabiliteten i autentiseringsresultaten, ett lättviktigt och flexibelt autentiseringsschema baserat på kombination av traditionell kryptoautentisering och CSI-autentisering designas och implementeras framgångsrikt. Grundfunktionen och datorprestanda observeras och prestandan för den nya metoden analyseras under olika potentiella attackscenarier. Efter experimenten kan datorresurser sparas åtminstone 36,92% och som mest 79,73% jämfört med olika traditionella kryptoautentiseringar. Dessutom är den grundläggande funktionen och försvarsförmågan giltig och tillfredsställande under olika scenarier.

Wireless security

Spoofing attacks

Physical layer authentication

Channel State Information

Machine learning

Trådlös säkerhet

Spoofing attack

Autentisering av fysiska lager

Kanaltill Stånds Information

Maskinin lärning

Elektroteknik och elektronik

thesis.pdf

Jianliang Wu (15926933)

30 May 2023

<p>Bluetooth is the de facto standard for short-range wireless communications. Besides Bluetooth Classic (BC), Bluetooth also consists of Bluetooth Low Energy (BLE) and Bluetooth Mesh (Mesh), two relatively new protocols, paving the way for its domination in the era of IoT and 5G. Meanwhile, attacks against Bluetooth, such as BlueBorne, BleedingBit, KNOB, BIAS, and BThack, have been booming in the past few years, impacting the security and privacy of billions of devices. These attacks exploit both design issues in the Bluetooth specification and vulnerabilities of its implementations, allowing for privilege escalation, remote code execution, breaking cryptography, spoofing, device tracking, etc.</p> <p><br></p> <p>To secure Bluetooth, researchers have proposed different approaches for both Bluetooth specification (e.g., formal analysis) and implementation (e.g., fuzzing). However, existing analyses of the Bluetooth specification and implementations are either done manually, or the automatic approaches only cover a small part of the targets. As a consequence, current research is far from complete in securing Bluetooth.</p> <p><br></p> <p>Therefore, in this dissertation, we propose the following research to provide missing pieces in prior research toward completing Bluetooth security research in terms of both Bluetooth specification and implementations. (i) For Bluetooth security at the specification level, we start from one protocol in Bluetooth, BLE, and focus on the previously unexplored reconnection procedure of two paired BLE devices. We conduct a formal analysis of this procedure defined in the BLE specification to provide security guarantees and identify new vulnerabilities that allow spoofing attacks. (ii) Besides BLE, we then formally verify other security-critical protocols in all Bluetooth protocols (BC, BLE, and Mesh). We provide a comprehensive formal analysis by covering the aspects that prior research fails to include (i.e., all possible combinations of protocols and protocol configurations) and considering a more realistic attacker model (i.e., semi-compromised device). With this model, we are able to rediscover five known vulnerabilities and reveal two new issues that affect BC/BLE dual-stack devices and Mesh devices, respectively. (iii) In addition to the formal analysis of specification security, we propose and build a comprehensive formal model to analyze Bluetooth privacy (i.e., device untraceability) at the specification level. In this model, we convert device untraceability into a reachability problem so that it can be verified using existing tools without introducing false results. We discover four new issues allowed in the specification that can lead to eight device tracking attacks. We also evaluate these attacks on 13 Bluetooth implementations and find that all of them are affected by at least two issues. (iv) At the implementation level, we improve Bluetooth security by debloating (i.e., removing code) Bluetooth stack implementations, which differs from prior automatic approaches, such as fuzzing. We keep only the code of needed functionality by a user and minimize their Bluetooth attack surface by removing unneeded Bluetooth features in both the host stack code and the firmware. Through debloating, we can remove 20 known CVEs and prevent a wide range of attacks again Bluetooth. With the research presented in this thesis, we improve Bluetooth security and privacy at both the specification and implementation levels.</p>

System and network security

Mobile computing

Bluetooth low-energy

Security & privacy factors

Bluetooth Classic

Bluetooth Mesh

Man-in-the-middle (MITM) attacks

Device tracking

Formal Analysis

Program Analysis

Debloating

Spoofing attacks

Reflection attacks