A framework for evaluating countermeasures against sybil attacks in wireless sensor networks

Govender, Servapalan

12 July 2011

Although Wireless Sensor Networks (WSNs) have found a niche in numerous applications, they are constrained by numerous factors. One of these important factors is security in WSNs. There are various types of security attacks that WSNs are susceptible to. The focus of this study is centred on Sybil attacks, a denial of service attack. In this type of attack, rogue nodes impersonate valid nodes by falsely claiming to possess authentic identities, thereby rendering numerous core WSN operations ineffective. The diverse nature of existing solutions poses a difficult problem for system engineers wanting to employ a best fit countermeasure. This problem is the largely unanswered question posed to all system engineers and developers alike whose goal is to design/develop a secure WSN. Resolving this dilemma proves to be quite a fascinating task, since there are numerous factors to consider and more especially one cannot assume that every application is affected by all identified factors. A framework methodology presented in this study addresses the abovementioned challenges by evaluating countermeasure effectiveness based on theoretical and practical security factors. Furthermore, a process is outlined to determine the application’s engineering requirements and the framework also suggests what security components the system engineer ought to incorporate into the application, depending on the application’s risk profile. The framework then numerically aligns these considerations, ensuring an accurate and fairly unbiased best fit countermeasure selection. Although the framework concentrates on Sybil countermeasures, the methodology can be applied to other classes of countermeasures since it answers the question of how to objectively study and compare security mechanisms that are both diverse and intended for different application environments. The report documents the design and development of a comparative framework that can be used to evaluate countermeasures against Sybil attacks in wireless sensor networks based on various criteria that will be discussed in detail. This report looks briefly at the aims and description of the research. Following this, a literature survey on the body of knowledge concerning WSN security and a discussion on the proposed methodology of a specific design approach are given. Assumptions and a short list of factors that were considered are then described. Metrics, the taxonomy for WSN countermeasures, the framework and a formal model are developed. Risk analysis and the best fit methodology are also discussed. Finally, the results and recommendations are shown for the research, after which the document is concluded. / Dissertation (MEng)--University of Pretoria, 2011. / Electrical, Electronic and Computer Engineering / unrestricted

Countermeasure evaluationframework

Risk profiling and analysis

Wsn

Countermeasure taxonomy

Best fit analysis

Security

Sybil attacks

UCTD

Work zone safety intervention: perceptual countermeasure to speeding using synchronized warning lights

Khan, Sameer Ahmad

01 July 2010

A driving simulator study of perceptual countermeasures to speeding is described. Perceptual countermeasures (PC) manipulate the drivers' visual scene to help them moderate their driving speed without a conscious deliberation to do so. The use of synchronized warning lights in work zones as a PC is similar to "aero plane runway lights" flashing towards the diver. Based on the literature survey, this effect was postulated to make drivers think they were driving fast at lower vehicular speeds with lesser speed fluctuations. The effect did not achieve statistical significance in reducing mean speeds within work zones to match with the posted speed limit. A frequency domain analysis of driving speed fluctuation within work zones demonstrated that any form of flashing lights can have a pronounced effect on some individuals compared to static lights. The ramifications of using such perceptual countermeasures that are currently being implemented around the world is disused.

Driving

Percetual countermeasure

Safety

Speed

Work zone

Industrial Engineering

Risk Identification and Prevention in China’s Guarantee Industry

January 2016

abstract: This study seeks to develop a framework that can help firms in China’s guarantee industry to better identify and prevent risk when they offer guarantee services to small and medium-sized enterprises (SME). With the continuously increasing demands of SME financing, the guarantee industry has developed rapidly in China. Meanwhile, the turmoil in global financial markets and the significant slowdown of global economy have started to have a negative impact on China’s economy, increasing the risk exposure of China’s guarantee industry. In this context, risk identification and prevention becomes the core competence of a guarantee company. Based on a review of the existing research, two in-depth case studies, and the author’s personal experiences in this industry, this paper does not only provide a comprehensive list of the risks that guarantee firms face in China but also measures for risk identification and prevention. This thesis is organized as follows. First, I provide a brief description about the emergence and development of China’s guarantee industry, as well as its current status. Next, I explain what kinds of risks faced by guarantee firms in China that influence their performance and survival, and summarize the various external and internal risk factors. I also conduct one in-depth case analysis to illustrate how a guarantee firm can better identify the risks it is exposed to. Next, on the basis of another in-depth case analysis, I develop a framework that can help guarantee firms to systematically develop effective measures of risk identification and prevention. I conclude with a discussion of this study’s implications for guarantee firms and the regulatory governmental agencies in China. / Dissertation/Thesis / Doctoral Dissertation Business Administration 2016

Business administration

Countermeasure

Guarantee

Risk Identification

Risk Prevention

Investigation of a New Method for Drone Dazzling Using Laser / Undersökning av en ny method för bländning av drönare med laser

Grundmark, Jens

January 2021

Drones have become more common, and are commercially available for consumers. Small drones can be used for unauthorized information gathering, or to cause disruptions. This has created a need for safe, effective countermeasures against drones. In this thesis, a method for countermeasures against drone imaging is investigated. The method is based on aiming and focusing a laser beam toward the camera of the drone. The retroreflection from the target is used as a feedback signal. Risley prisms were used to aim the beam, and an electrowetting lens was used to control the focus. Control algorithms based on the method called Stochastic Parallel Gradient Descent (SPGD), line searching and the Kalman filter are presented and evaluated. An experimental setup was used to track a moving target and dazzle a camera, demonstrating the validity of the method. Additionally, a simulation environment was used to estimate the potential performance of the control algorithms in a realistic scenario, under ideal circumstances.

Drone countermeasure

Risley prisms

Camera dazzling

Laser

Control Engineering

Reglerteknik

Examination of Driver Lane Change Behavior and the Potential Effectiveness of Warning Onset Rules for Lane Change or "Side" Crash Avoidance Systems

Hetrick, Shannon

27 March 1997

Lane change or "Side" Crash Avoidance Systems (SCAS) technologies are becoming available to help alleviate the lane change crash problem. They detect lane change crash hazards and warn the driver of the presence of such hazards. This thesis examines driver lane change behavior and evaluates the potential effectiveness of five warning onset rules for lane change or "side" crash avoidance system (SCAS) technologies. The ideal SCAS should warn the driver only when two conditions are met: (1) positive indication of lane change intent and (2) positive detection of a proximal vehicle in the adjacent lane of concern. Together, these two conditions create a crash hazard. The development of SCAS technologies depends largely on an understanding of driver behavior and performance during lane change maneuvers. By quantifying lane change behavior, real world crash hazard scenarios can be simulated. This provides an opportunity to evaluate potential warning onset rules or algorithms of driver intent to change lanes. Five warning onset rules for SCAS were evaluated: turn-signal onset (TSO), minimum separation (MS), line crossing (LC), time-to-line crossing (TLC), and tolerance limit (TL). The effectiveness of each rule was measured by the maximum response time available (tavailable) to avoid a crash for a particular lane change crash scenario, and by the crash outcome, crashed or crash avoided, of a particular lane change crash scenario. / Master of Science

lane change

crash avoidance

countermeasure

warning algorithm

warning onset

SCAS

Implicit Cache Lockdown on ARM: An Accidental Countermeasure to Cache-Timing Attacks

Green, Marc

20 January 2017

As Moore`s law continues to reduce the cost of computation at an exponential rate, embedded computing capabilities spread to ever-expanding application scenarios, such as smartphones, the Internet of Things, and automation, among many others. This trend has naturally caused the underlying technology to evolve and has introduced increasingly complex microarchitectures into embedded processors in attempts to optimize for performance. While other microarchitectures, like those used in personal computers, have been extensively studied, there has been relatively less research done on embedded microarchitectures. This is especially true in terms of their security, which is growing more important as widespread adoption increases. This thesis explores an undocumented cache behavior found in ARM Cortex processors that we call implicit cache lockdown. While it was presumably implemented for performance reasons, it has a large impact on the recently popular class of cybersecurity attacks that utilize cache-timing side-channels. These attacks leverage the underlying hardware, specifically, the small timing differences between algorithm executions due to CPU caches, to glean sensitive information from a victim process. Since the affected processors are found in an overwhelming majority of smart phones, this sensitive information can include cryptographic secrets, credit card information, and passwords. As the name implies, implicit cache lockdown limits the ability for an attacker to evict certain data from a CPU`s cache. Since this is precisely what known cache-timing attacks rely on, they are rendered ineffective in their current form. This thesis analyzes implicit cache lockdown in great detail, including the methodology we used to discover it, its implications on all existing cache-timing attacks, and how it can be circumvented by an attacker.

side-channel

lockdown

arm

cache-timing

security

cache

countermeasure

cross-core

Computer-assisted Design Methodology For Armoring Type Bridge Scour Countermeasures

Yildirim, Mehmet Sinan

01 January 2013

Scour at bridge piers is considered as a significant safety hazard. Hence, scour countermeasure design plays a critical role to hinder the scour potential at bridges. The selection methodology for a scour countermeasure varies with respect to site conditions, economy, availability of material and river characteristics. The aim of this study is to review the literature on this topic to gather universally accepted design guidelines. A user-friendly computer program is developed for decision-making in various sequential steps of countermeasure design against scouring of bridge piers. Therefore, the program is eventually intended to select the feasible solution based on a grading system which deals with comparative evaluation of soil, hydraulic, construction and application aspects. The program enables an engineer to carry out a rapid countermeasure design through consideration of successive alternatives. A case study is performed to illustrate the use of this program.

Scour Countermeasure Design For Sequential Viaducts On Ankara - Pozanti Highway

Cam, Umut Egemen

01 March 2012

Foundations of river bridges need to be protected with respect to excessive scouring. Degree of protection depends on the severity of scouring action around bridge piers and abutments. A case study is carried out to design appropriate protective measures for sequential viaducts located on Ankara-Pozant highway in Turkey. A number of analyses are conducted to obtain water surface profiles throughout the study reach. Local scour depths at piers and abutments of the viaducts are then obtained. The design process for countermeasures is performed concerning hydraulic, hydrologic, constructional, and economical requirements. To this end, riprap, partially grouted riprap, and articulated concrete blocks are studied in these view points. A criterion based on a selection index, which is defined by the National Cooperative Highway Research Program in the USA, is applied in this study. Implementation of partially grouted ripraps at infrastructural elements is found to be an appropriate solution.

TC Hydraulic Engineering 1-978

Analysis of Stochastic Disruptions to Support Design of Capacitated Engineered Networks

Uribe-Sánchez, Andrés Fernando

19 October 2010

This work is a compilation of four manuscripts, three of which are published and one is in the second round of review, all in refereed journals. All four manuscripts focus on analysis of stochastic disruptions to support design of capacitated engineered networks. The work is motivated by limited ability to mitigate elevated risk exposure of large-scale capacitated enterprise networks functioning in lean environments. Such inability to sustain enterprise capacity in the face of disruptions of various origins has been causing multi-billion enterprise forfeitures and hefty insurance premiums. At the same time, decision support methodologies for reliable design of dynamic capacitated networks have been largely unavailable. This work is organized as follows. Paper 1 presents a methodology to analyze ca- pacitated healthcare supply chains using a framework of forward ow-matching networks with multiple points of delivery. Special emphasis is given to developing stochastic models for capturing capacity trajectories at the points of delivery. Paper 2 focuses on assuring capacity availability for a critical vertex exposed to random stepwise capacity disruptions with exponentially distributed interarrival times and uniformly distributed magnitudes. We explore two countermeasure policies for a risk-neutral decision maker who seeks to maxi- mize the long-run average reward. We present an extensive numerical analysis as well as a sensitivity study on the uctuations of some system parameter values. Paper 3 extends the capacity assurance analysis for critical vertices by considering stepwise partial system capacity loss accumulating over time. We examine implementation of a countermeasure policy, aimed at reducing the disruption rate, for a risk-neutral decision maker who seeks to maximize long-run average return. We explore how the policy of maintaining the optimal disruption rate is aected by a number of system parameters. Finally, Paper 4 presents a dynamic predictive methodology for mitigation of cross-regional pandemic outbreaks which can be used to estimate workforce capacity loss for critical vertices due to such societal disasters.

enterprise networks

lean

capacity disruptions

countermeasure policies

pandemic influenza

American Studies

Arts and Humanities

Comparison of security level and current consumption of security implementations for MQTT

Carlsson, Fredrik, Eriksson, Klas-Göran

January 2018

IoT is a rapidly growing area with products in the consumer, commercial and industrial market. Collecting data with multiple small and often battery-powered devices sets new challenges for both security and communication. There has been a distinct lack of a IoT specific communication protocols. The industry has had to use bulky interfaces not suitable for resource-constrained devices. MQTT is a standardised communication protocol made for the IoT industry. MQTT does however not have built-in security and it is up to the developers to implement a suitable security countermeasure. To evaluate how different security countermeasures impact MQTT in complexity, current consumption and security the following research questions are answered. How do you derive a measurement from the SEF that can be compared with a current consumption measurement? Which level of security, according to the SEF, will RSA, AES and TLS provide to MQTT when publishing a message to a broker? What level of complexity is added to MQTT when using chosen security countermeasure? Which of the analysed security countermeasure upholds an adequate security level while also having a low current consumption? To answer the above research questions an experiment approach has been used. Implementations of TLS, RSA and AES have been evaluated to measure how they affect the security level and current consumption of an MQTT publication, compared to no security countermeasures at all.Both RSA and AES had the same security level, but the current consumption for RSA was four times higher. The experiment showed that the security level is significantly higher for TLS, while it also has the highest current consumption. The security countermeasure evaluated differs greatly. TLS provides complete protections, while RSA and AES lacks authentication and does not ensure integrity and non-repudiation.Even if the current consumption for TLS is higher, the security it provides make it unreasonable to recommend any of the other security countermeasure implementations.

AES

Complexity Current Consumption

Internet of Things

IoT

MQTT

RSA

Security

Security Countermeasure

TLS

Computer Systems

Datorsystem