Spelling suggestions: "subject:"proofing""
31 |
Using Motion Fields to Estimate Video Utility and Detect GPS SpoofingCarroll, Brandon T. 08 August 2012 (has links) (PDF)
This work explores two areas of research. The first is the development of a video utility metric for use in aerial surveillance and reconnaissance tasks. To our knowledge, metrics that compute how useful aerial video is to a human in the context of performing tasks like detection, recognition, or identification (DRI) do not exist. However, the Targeting Task Performance (TTP) metric was previously developed to estimate the usefulness of still images for DRI tasks. We modify and extend the TTP metric to create a similar metric for video, called Video Targeting Task Performance (VTTP). The VTTP metric accounts for various things like the amount of lighting, motion blur, human vision, and the size of an object in the image. VTTP can also be predictively calculated to estimate the utility that a proposed flight path will yield. This allows it to be used to help automate path planning so that operators are able to devote more of their attention to DRI. We have used the metric to plan and fly actual paths. We also carried out a small user study that verified that VTTP correlates with subjective human assessment of video. The second area of research explores a new method of detecting GPS spoofing on an unmanned aerial system (UAS) equipped with a camera and a terrain elevation map. Spoofing allows an attacker to remotely tamper with the position, time, and velocity readings output by a GPS receiver. This tampering can throw off the UAS's state estimates, but the optical flow through the camera still depends on the actual movement of the UAS. We develop a method of detecting spoofing by calculating the expected optical flow based on the state estimates and comparing it against the actual optical flow. If the UAS is successfully spoofed to a different location, then the detector can also be triggered by differences in the terrain between where the UAS actually is and where it thinks it is. We tested the spoofing detector in simulation, and found that it works well in some scenarios.
|
32 |
Beware of IPs in Sheep's Clothing: Measurement and Disclosure of IP Spoofing VulnerabilitiesHilton, Alden Douglas 25 October 2021 (has links)
Networks not employing destination-side source address validation (DSAV) expose themselves to a class of pernicious attacks which could be prevented by filtering inbound traffic purporting to originate from within the network. In this work, we survey the pervasiveness of networks vulnerable to infiltration using spoofed addresses internal to the network. We issue recursive Domain Name System (DNS) queries to a large set of known DNS servers world-wide using various spoofed-source addresses. In late 2019, we found that 49% of the autonomous systems we tested lacked DSAV. After a large-scale notification campaign run in late 2020, we repeated our measurements in early 2021 and found that 44% of ASes lacked DSAV--though importantly, as this is an observational study, we cannot conclude causality. As case studies illustrating the dangers of a lack of DSAV, we measure susceptibility of DNS resolvers to cache poisoning attacks and the NXNS attack, two attacks whose attack surface is significantly reduced when DSAV in place. We discover 309K resolvers vulnerable to the NXNS attack and 4K resolvers vulnerable to cache poisoning attacks, 70% and 59% of which would have been protected had DSAV been in place.
|
33 |
Cybersecurity of Maritime Communication Systems : Spoofing attacks against AIS and DSCForsberg, Joakim January 2022 (has links)
For a long time, ships have relied on navigators that could figure out their course andlocation based on seeing objects around them. However, this approach is limited to thenavigators’ ability, and with the increasing number of ships, this job becomes harder andharder. With these aspects in mind, the new system, the Automatic identification system(AIS), was created as a tool to help navigators to navigate and increase safety on the sea.AIS is an automatic identification system and is designed to send out information aboutthe vessel and its location. This thesis looks at the state of the art of Automatic identifica-tion systems and Digital selective calling systems to evaluate the security aspects of thesesystems. The thesis aims to investigate if these two systems are susceptible to spoofingattacks and what resources are required for creating successful attacks. Two experimentswere used to achieve this aim and answer the research questions. The first one was to eval-uate the Automatic identification system and test different spoofing attacks on that system.The second experiment was to test different spoofing attacks on the Digital selective callingsystem. Both of these experiments used two software-defined radios for the experiments.The experiment results show that some of the attacks tested on the systems were success-ful, and the attacks tested were successfully executed against the created system. Theseattacks were created and performed using two software-defined radios to send and receivemessages. To conclude, the two systems are susceptible to spoofing attacks. However, anattacker can gain the necessary information to create spoofing attacks on the systems, withvarying consequences and some limitations.
|
34 |
Securing SDN Data Plane:Investigating the effects of IP SpoofingAttacks on SDN Switches and its Mitigation : Simulation of IP spoofing using MininetJABBU, SHIVAKUMAR YADAV, MADIRAJU, ANIRUDH SAI January 2023 (has links)
Background:Software-Defined Networking (SDN) represents a network architecture that offers a separate control and data layer, facilitating its rapid deployment and utilization for diverse purposes. However, despite its ease of implementation, SDN is susceptible to numerous security attacks, primarily stemming from its centralized nature. Among these threats, Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks pose the most substantial risks. In the event of a successful attack on the SDNcontroller, the entire network may suffer significant disruption. Hence, safe guarding the controller becomes crucial to ensure the integrity and availability of the SDN network. Objectives:This thesis focuses on examining the IP spoofing attack and its impact on the Data Plane, particularly concerning the metrics of an SDN switch. The investigation centers around attacks that manipulate flow-rules to amplify the number of rules and deplete the resources of a switch within the Data Plane of an SDN network. To conduct the study, a software-defined network architecture was constructed using Mininet, with a Ryu controller employed for managing network operations. Various experiments were carried out to observe the response of the SDN system when subjected to an IP spoofing attack, aiming to identify potential mitigation strategies against such threats. Method and Results: To simulate the resource exhaustion scenario on the SDN network’s Data Plane,we deliberately triggered an escalation in the number of flow-rules installed in the switch. This was achieved by sending packets with spoofed IP addresses, there by exploiting the switch’s limited resources. Specifically, we focused on monitoring the impact on CPU utilization, storage memory, latency, and throughput within the switch. Detailed findings were presented in the form of tables, accompanied by graphical representations to visually illustrate the effects of increasing flow rules on the switches. Furthermore, we explored potential mitigation measures by developing an application that actively monitors the flow rules on the Ryu controller, aiming to detect and counteract such resource-exhausting effects.
|
35 |
A Prevention Technique for DDoS Attacks in SDN using Ryu Controller ApplicationAdabala, Yashwanth Venkata Sai Kumar, Devanaboina, Lakshmi Venkata Raghava Sudheer January 2024 (has links)
Software Defined Networking (SDN) modernizes network control, offering streamlined management. However, its centralized structure makes it more vulnerable to distributed Denial of Service (DDoS) attacks, posing serious threats to network stability. This thesis explores the development of a DDoS attack prevention technique in SDN environments using the Ryu controller application. The research aims to address the vulnerabilities in SDN, particularly focusing on flooding and Internet Protocol (IP) spoofing attacks, which are a significant threat to network security. The study employs an experimental approach, utilizing tools like Mininet-VM (VirtualMachine), Oracle VM VirtualBox, and hping3 to simulate a virtual SDN environment and conduct DDoS attack scenarios. Key methodologies include packet sniffing and rule-based detection by integrating Snort IDS (Intrusion Detection System), which is critical for identifying and mitigating such attacks. The experiments demonstrate the effectiveness of the proposed prevention technique, highlighting the importance of proper configuration and integration of network security tools in SDN. This work contributes to enhancing the resilience of SDN architectures against DDoS attacks, offering insights into future developments in network security.
|
36 |
Threat and Application of Frequency-Agile Radio SystemsZeng, Kexiong 16 November 2018 (has links)
As traditional wireless systems that only operate on fixed frequency bands are reaching their capacity limits, advanced frequency-agile radio systems are developed for more efficient spectrum utilization. For example, white space radios dynamically leverage locally unused TV channels to provide high-speed long-distance connectivity. They have already been deployed to connect the unconnected in rural areas and developing countries. However, such application scenarios are still limited due to low commercial demand. Hence, exploring better applications for white space radios needs more effort. With the benefits come the threats. As frequency-agile radio systems (e.g., software-defined radios) are flexible and become extremely low-cost and small-sized, it is very convenient for attackers to build attacking tools and launch wireless attacks using these radios. For example, civilian GPS signals can be easily spoofed by low-cost portable spoofers built with frequency-agile radio systems. In this dissertation, we study both the threat and application of frequency-agile radio systems. Specifically, our work focuses on the spoofing threat of frequency-agile radio towards GPS-based systems and the application of TV white space radio for ocean communications.
Firstly, we explore the feasibility of using frequency-agile radio to stealthily manipulate GPS-based road navigation systems without alerting human drivers. A novel attacking algorithm is proposed, where the frequency-agile radio transmits fake GPS signals to lead the victim to drive on a wrong path that looks very similar with the navigation route on the screen. The attack's feasibility is demonstrated with real-world taxi traces in Manhattan and Boston. We implement a low-cost portable GPS spoofer using an off-the-shelf frequency-agile radio platform to perform physical measurements and real-world driving tests, which shows the low level of difficulty of launching the attack in real road environment. In order to study human-in-the-loop factor, a deceptive user study is conducted and the results show that 95% of the users do not recognize the stealthy attack. Possible countermeasures are summarized and sensor fusion defense is explored with preliminary tests.
Secondly, we study similar GPS spoofing attack in database-driven cognitive radio networks. In such a network, a secondary user queries the database for available spectrum based on its GPS location. By manipulating GPS locations of surrounding secondary users with a frequency-agile radio, an attacker can potentially cause serious primary user interference and denial-of-service to secondary users. The serious impact of such attacks is examined in simulations based on the WhiteSpaceFinder spectrum database. Inspired by the characteristics of the centralized system and the receiving capability of cognitive radios, a combination of three defense mechanisms are proposed to mitigate the location spoofing threat.
Thirdly, we explore the feasibility of building TV white space radio based on frequency-agile radio platform to provide connectivity on the ocean. We design and implement a low-cost low-power white space router ($523, 12 watts) customized for maritime applications. Its communication capability is confirmed by field link measurements and ocean-surface wave propagation simulations. We propose to combine this radio with an energy harvesting buoy so that the radio can operate independently on the ocean and form a wireless mesh network with other similar radios. / PHD / As traditional wireless systems, such as mobile phones and WiFi access points, only operate on some fixed frequency bands, it becomes increasingly crowded for those popular bands. Hence, for more efficient frequency resource utilization, frequency-agile radio systems that can dynamically operate on different frequency bands are developed. With these new technologies come new threats and applications, which are the focus of our work. On the one hand, as frequency-agile radio systems become low-cost and portable, attackers can easily launch wireless attacks with them. For example, we explored the feasibility, impact, and countermeasures for GPS spoofing attacks using frequency-agile radio systems in different scenarios. In a GPS spoofing attack, an attacker transmits false GPS signals to manipulate users’ GPS receivers. This kind of attack can be very dangerous and even life-threatening if it is launched against critical GPS-based applications. For example, once GPS-based navigation systems in self-driving cars are stealthily manipulated by remote attackers, attackers can divert self-driving cars to pre-defined destinations or dangerous situations like wrong-way driving on highway. On the other hand, since there is rich under-utilized spectrum resource in remote areas with no broadband connection yet, frequency-agile radio systems can be used to provide broadband internet connectivity there. For example, based on frequency-agile radio platform, we developed a low-cost low-power wireless router that can dynamically operate on TV broadcasting band. It is able to provide high-speed wireless connection to a large area on the ocean. This technology has the potential to bring low-cost high-speed connection to people and industry on the ocean, which will facilitate various maritime applications.
|
37 |
Characterizing and Detecting Online Deception via Data-Driven MethodsHu, Hang 27 May 2020 (has links)
In recent years, online deception has become a major threat to information security. Online deception that caused significant consequences is usually spear phishing. Spear-phishing emails come in a very small volume, target a small number of audiences, sometimes impersonate a trusted entity and use very specific content to redirect targets to a phishing website, where the attacker tricks targets sharing their credentials.
In this thesis, we aim at measuring the entire process. Starting from phishing emails, we examine anti-spoofing protocols, analyze email services' policies and warnings towards spoofing emails, and measure the email tracking ecosystem. With phishing websites, we implement a powerful tool to detect domain name impersonation and detect phishing pages using dynamic and static analysis. We also analyze credential sharing on phishing websites, and measure what happens after victims share their credentials. Finally, we discuss potential phishing and privacy concerns on new platforms such as Alexa and Google Assistant.
In the first part of this thesis (Chapter 3), we focus on measuring how email providers detect and handle forged emails. We also try to understand how forged emails can reach user inboxes by deliberately composing emails. Finally, we check how email providers warn users about forged emails. In the second part (Chapter 4), we measure the adoption of anti-spoofing protocols and seek to understand the reasons behind the low adoption rates. In the third part of this thesis (Chapter 5), we observe that a lot of phishing emails use email tracking techniques to track targets. We collect a large dataset of email messages using disposable email services and measure the landscape of email tracking. In the fourth part of this thesis (Chapter 6), we move on to phishing websites. We implement a powerful tool to detect squatting domains and train a machine learning model to classify phishing websites. In the fifth part (Chapter 7), we focus on the credential leaks. More specifically, we measure what happens after the targets' credentials are leaked. We monitor and measure the potential post-phishing exploiting activities. Finally, with new voice platforms such as Alexa becoming more and more popular, we wonder if new phishing and privacy concerns emerge with new platforms. In this part (Chapter 8), we systematically assess the attack surfaces by measuring sensitive applications on voice assistant systems.
My thesis measures important parts of the complete process of online deception. With deeper understandings of phishing attacks, more complete and effective defense mechanisms can be developed to mitigate attacks in various dimensions. / Doctor of Philosophy / In recent years, online deception becomes a major threat to information security. The most common form of online deception starts with a phishing email, then redirects targets to a phishing website where the attacker tricks targets sharing their credentials. General phishing emails are relatively easy to recognize from both the target's and the defender's perspective. They are usually from strange addresses, the content is usually very general and they come in a large volume. However, Online deception that caused significant consequences is usually spear phishing. Spear-phishing emails come in a very small volume, target a small number of audiences, sometimes impersonate a trusted entity and use very specific content to redirect targets to a phishing website, where the attacker tricks targets sharing their credentials. Sometimes, attackers use domain impersonation techniques to make the phishing website even more convincing.
In this thesis, we measure the entire process. Starting from phishing emails, we examine anti-spoofing protocols, analyze email services' policies and warnings towards spoofing emails, and measure the email tracking ecosystem. With phishing websites, we implement a tool to detect domain name impersonation and detect phishing pages using dynamic and static analysis. We also studied credential sharing on phishing websites. We measure what happens after targets share their credentials. Finally, we analyze potential phishing and privacy concerns on new platforms such as Alexa and Google Assistant.
|
38 |
Protection and Cybersecurity of Inverter-Based ResourcesAlexander, Brady Steven 14 May 2024 (has links)
Traditionally, power system protection describes detecting, clearing, and locating faults in the power system. Traditional methods for detecting and locating faults may not be sufficient for inverter-based resources (IBR) as the fault response of an IBR differs from the response of a synchronous generator. As the composition of the power grid continues to evolve to integrate more IBRs that employ communication-based control algorithms; the power system is also exposed to cyberattacks. Undetected cyberattacks can disrupt normal system operation causing local outages. Therefore, power system protection must evolve with the changes in the grid to not only detect, locate, and clear faults with IBR generation but also detect and mitigate cyberattacks on IBR controllers. This thesis proposes methods for protecting an IBR-based transmission system from: (i) GPS spoofing cyberattacks on a power sharing controller; (ii) open-circuit faults. The GPS spoofing detection algorithm is a decision tree that enables either the proposed state observer--based mitigation technique or the proposed long short-term memory (LSTM)-based mitigation algorithm. The proposed logic for detecting open-circuit faults addresses each subcategory of open-circuit faults: breaker malfunctions, broken conductors, and series arc faults. PSCAD/EMTDC simulations are performed to test the effectiveness of the proposed methods. / Master of Science / The desire to reduce carbon emissions from electric power generation is resulting in the simultaneous retirement of fossil-fuel-burning electric power generation and increase in the number of renewable energy resources. These renewable energy resources, or inverter-based resources, respond differently to disturbances than traditional generators, and; therefore, require the development of new strategies to improve the disturbance response of an inverter-based resource. Disturbances in the power system can be divided into two types: (i) normal disturbances; (ii) abnormal disturbances. The response of an IBR to normal disturbances is improved with reliable control, further improved with communication, which ensures the stable operation of the power system. The abnormal conditions can also be split into two categories: (i) cyberattacks; (ii) faults. A cyberattack is when an adversary gains access a system with the goal of causing harm. In IBRs, cyberattacks can degrade power quality and lead to local outages. Faults are events that cause a change in the normal current flow in the power system. Undetected faults can cause local outages, lead to forest fires, and personnel injury; therefore, must be detected, located, can cleared in a timely manner. This work explores methods for detecting and mitigating cyberattacks and detecting faults in the presence of inverter-based resources.
|
39 |
A countermeasure method for video-based face spoofing attacks : Detecção de tentativas de ataque com vídeos digitais em sistemas de biometria de face / Detecção de tentativas de ataque com vídeos digitais em sistemas de biometria de facePinto, Allan da Silva, 1984- 23 August 2018 (has links)
Orientador: Anderson de Rezende Rocha / Dissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação / Made available in DSpace on 2018-08-23T22:22:57Z (GMT). No. of bitstreams: 1
Pinto_AllandaSilva_M.pdf: 47523880 bytes, checksum: 072eb0490c26631b80cdcc47d55a4817 (MD5)
Previous issue date: 2013 / Resumo: O resumo poderá ser visualizado no texto completo da tese digital / Abstract: The complete abstract is available with the full electronic document / Mestrado / Ciência da Computação / Mestre em Ciência da Computação
|
40 |
Soubor laboratorních úloh k demonstraci počítačových útoků / Collection of laboratory works for demonstration of computer attacksPlašil, Matouš January 2015 (has links)
Diploma thesis describes published attacks on computers and computer networks. Principles of footprinting such as availability check, OS detection, port scanning were described. Next part explains attacks on confidentiality, integrity and availability. In the practical part were created four laboratory tasks and a virtual environment which allowed testing of ARP spoofing, DNS spoofing, SSL strip, Cross-site scripting, SQL injection, flooding attacks (TCP, ICMP, UDP), TCP reset and attack on operating system using backdoor with Metasploit framework. In practical part were also created video samples with attacks and documentation for teachers.
|
Page generated in 0.0478 seconds