+30 22730 82256
Wireless and Mobile Networks Security
Georgios was born in Samos, Greece. He received the Diploma in Applied Informatics from the Athens University of Economics and Business, and the Ph.D. in Information and Communication Systems Engineering from the dept. of Information and Communications Systems Engineering of the University of the Aegean. He also holds a Master of Education degree from the Hellenic Open University.
Dr. Kambourakis is a full professor at the dept. of Information and Communication Systems Engineering, University of the Aegean, Greece. He has served as the head of the dept. from Sept. 2019 to Oct. 2019, and was the director of Info-Sec-Lab from Sept. 2014 to Dec. 2018. During the spring semester of 2017 he was with George Mason University, Fairfax County, Virginia, USA, where he conducted research on IoT security and privacy. From Oct. 1, 2019 to Sept. 30, 2022, Georgios was with the European Commission, Joint Research Centre (JRC), Ispra, VA, Italy.
His research interests are in the fields of mobile and wireless networks security and privacy, VoIP security, IoT security and privacy, DNS security, and security education, and he has more than 160 refereed publications in the aforementioned areas. He has guest edited special issues of several journals, including ACM/Springer Mobile Networks and Applications, Computer Standards & Interfaces, IEEE Computer, IEEE IT Professional, Information Sciences, Computer Communications, Security and Communication Networks, Symmetry, Wireless Communications and Mobile Computing, Journal of Information Security and Applications, Sensors, Electronics, Future Internet. He also serves in the editorial board of IEEE Communications Surveys and Tutorials, Journal of Information Security and Applications (Elsevier), International Journal of Information Security (Springer), Security and Privacy (Wiley). He has been involved in several national and EU funded R&D projects in the areas of Information and Communication Systems Security. He is a reviewer for a plethora of IEEE and other international journals, and has served as a technical program committee member for more than 300 international conferences in security and networking.
- Mobile and Wireless Communication Systems Security and Privacy
- VoIP Security and Privacy
- DNS Security
- IoT Security & Privacy
- E-learning and M-learning Security
- Security Education.
- Computer Network Security (2010-12, 2014+).
- Mobile and Wireless Networks Security (2006+).
- Object-oriented Programming II, 3rd Semester (2005-2019).
- Information and Communication Systems Security, 6th Semester (2014-2018).
- Computer Network Security and Privacy Enhancing Technologies, 7th Semester, Cycle Information and Communication Systems Security and Privacy (2010-2019 & 2022).
- Wireless and Mobile Networks Security, Cycle Information and Communication Systems Security and Privacy, 8th Semester (2005-2019).
- Mobile Communication Networks (2008-10).
- Introduction to Computer Science and Communications (2005-2007).
- Head, Department of Information and Communication Systems Engineering (9.2018 to 9.2019).
- Director, Postgraduate Program in Information and Communication Systems Security (9.2018 to 9.2019)
- Director, Info-Sec-Lab Laboratory of Information and Communication Systems Security (9.2014 to 12.2018).
- Evaluator, The Estonian Research Council (ETAg), June 2020.
- Evaluator, The Netherlands Organisation for Scientific Research, Joint U.S.-Netherlands Cyber Security Research Programme, Oct. 2017.
- Evaluator, Israeli Ministry of Science, Technology and Space, Israeli-Italian Call for Proposals on Scientific & Technological Cooperation Call for Proposals for 2015-2017, July 2015.
- Evaluator, Qatar National Research Fund (QNRF), Feb. 2012.
- Head, Dept. of Information and Communication Systems Engineering (9.2018 - 9.2019).
- Director, Postgraduate Program in Information and Communication Systems Security (9.2018 - 9.2019)
- Deputy Head, Dept. of Information and Communication Systems Engineering (12.2017-8.2018).
- Director, Laboratory of Information and Communication Systems Security (Info-Sec-Lab) (9.2014 to 12.2018).
- Member of the graduate studies committee (2.2008 - 9.2013 & 9.2018 - 9.2019).
- Member of the postgraduate student selection committee (Stream I: Information & Communication Systems Security).
- Member of several other committees at the Department and University levels.
R&D Activities - National
Greek General Secretariat for Research and Technology, ARISTEIA II: "SCYPE: Security and Forensics Analysis Framework for Cloud-enabled Multimedia Communication SYstem ProvidErs", (2014-2015) - Principal Investigator.
National Strategic Reference Framework 2007-2013, "Simplification and Computerization of the Administrative procedures of the University of the Aegean" (2011-2013).
General Secretariat for Research and Technology, PENED Programme, "Interdomain AAA and context aware Security of Mobile Multimedia Services over ALL-IP based wireless network infrastructures" (2006-2009).
Greek Ministry of Development, PABET-NE-2004, "iLearn: Research and Development for best Methodologies, Procedures, and Specifications for the implementation of an integrated state-of-the-art Internet-based eLearning and eTraining platform", (01.2004-01.2006).
R&D Activities - InterNational
BBVA Foundation (Leonardo Grant), "COSMOS: Collaborative, Seamless and Adaptive Sentinels for the Internet of Things", University of Murcia (09.2017-03.2019).
EU Programme 1G-MED08-309, "MET3 - Mediterranean Transnational Technology Transfer', MED Programme project concerning the exploitation and development of a toolkit for the uptake of innovative research, University of the Aegean (1.2011-2.2011).
EU Programme FP6 IST-SME-1 Craft Project 005892, "SNOCER: Low Cost Tools for Secure and Highly Available VoIP Communication Services', University of the Aegean (11.2004-11.2006).
EU Programme, eTEN, "ΕRΜΙΟΝΕ: E-learning Resource Management Service for the Interoperability Network in the European Cultural Heritage Domain', e-TEN C517357, University of the Aegean, (2005).
EU Programme IST-2001-35120, Project "ICTE-PAN: Methodologies and Tools for building Intelligent Collaboration and Transaction Environments in Public Administration Networks', University of the Aegean, (2001-2004).
Copyright Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted or mass reproduced without the explicit permission of the copyright holder.
This work provides an answer to the following key question: Are the Web-based management interfaces of the contemporary off-the-shelf wireless access points (WAP) free of flaws and vulnerabilities? The short answer is not very much. That is, after performing a vulnerability assessment on the Web interfaces of six different WAPs by an equal number of diverse renowned vendors, we reveal a significant number of assorted medium to high severity vulnerabilities that are straightforwardly or indirectly exploitable. Overall, 13 categories of vulnerabilities translated to 28 zero-day attacks are exposed. Our findings range from legacy path traversal, cross-site scripting, and clickjacking attacks to HTTP request smuggling and splitting, replay, denial of service, and information leakage among others. In the worst case, the attacker can acquire the administrator's (admin) credentials and the WAP's Wi-Fi passphrases or permanently lock the admin out of accessing the WAP's Web interface. On top of everything else, we identify the already applied hardening measures by these devices and elaborate on extra countermeasures which are required to tackle the identified weaknesses. To our knowledge, this work contributes the first wholemeal appraisal of the security level of this kind of Web-based interfaces that go hand and glove with the myriads of WAPs out there, and it is therefore anticipated to serve as a basis for further research in this timely and challenging field.
The impact that IoT technologies have on our everyday life is indisputable. Wearables, smart appliances, lighting, security controls, and others make our life simpler and more comfortable. For the sake of easy monitoring and administration, such devices are typically accompanied by smartphone apps, which are becoming increasingly popular, and sometimes are even required to operate the device. Nevertheless, the use of such apps may indirectly augment the attack surface of the IoT device itself and expose the end-user to security and privacy breaches. Therefore, a key question arises: Do these apps curtail their functionality to the minimum needed, and additionally, are they secure against known vulnerabilities and flaws? In seek of concrete answers to the aforesaid question, this work scrutinizes more than forty chart-topping Android official apps belonging to six diverse mainstream categories of IoT devices. We attentively analyze each app statically, and almost half of them dynamically, after pairing them with real-life IoT devices. The results collected span several axes, namely sensitive permissions, misconfigurations, weaknesses, vulnerabilities, and other issues, including trackers, manifest data, shared software, and more. The short answer to the posed question is that the majority of such apps still remain susceptible to a range of security and privacy issues, which in turn, and at least to a significant degree, reflects the general proclivity in this ecosystem.
Reflection-based volumetric distributed denial-of-service (DDoS) attacks take advantage of the available to all (open) services to flood and possibly overpower a victim's server or network with an amplified amount of traffic. This work concentrates on two key protocols in the assailants' quiver regarding DoS attacks, namely domain name system (DNS) and simple service discovery protocol (SSDP). Our contribution spans three axes: (a) We perform countrywide IP address scans (probes) across three countries in two continents to locate devices that run open DNS or SSDP services, and thus can be effectively exploited in the context of amplification attacks, (b) we fingerprint the discovered devices to derive information about their type and operating system, and (c) we estimate the amplification factor of the discovered reflectors through a dozen of diverse, suitably crafted DNS queries and a couple of SSDP ones depending on the case. The conducted scans span fifteen months, therefore comparative conclusions regarding the evolution of the reflectors population over time, as well as indirect ones regarding the security measures in this field, can be deduced. For instance, for DNS, it was calculated that the third quartile of the amplification factor distribution remains more than 30 for customarily exploited queries across all the examined countries, while in the worst case this figure can reach up to 70. The same figures for SSDP range between roughly 41 and 73 for a specific type of query. To our knowledge, this work offers the first full-fledged mapping and assessment of DNS and SSDP amplifiers, and it is therefore anticipated to serve as a basis for further research in this ever-changing and high-stakes network security field.
Breaches in the cyberspace due to cyber-physical attacks can harm the physical space, and any type of vehicle is an alluring target for wrongdoers for an assortment of reasons. Especially, as the automobiles are becoming increasingly inter-connected within the Cooperative Intelligent Transport System (C-ITS) realm and their level of automation elevates, the risk for cyberattacks augments along with the attack surface, thus inexorably rendering the risk of complacency and inaction sizable. Next to other defensive measures, Intrusion Detection Systems (IDS) already comprise an inextricable component of modern automobiles in charge of detecting intrusions in the system while in operation. This work concentrates on in-vehicle IDS with the goal to deliver a fourfold comprehensive survey of surveys on this topic. First, we collect and analyze all existing in-vehicle IDS classifications and fuse them into a simpler, overarching one that can be used as a base for classifying any work in this area. Second, we gather and elaborate on the so far available datasets which can be possibly used to train and evaluate an in-vehicle IDS. Third, we survey non-commercial simulators which may be utilized for creating a dataset or evaluating an IDS. The last contribution pertains to a thorough exposition of the future trends and challenges in this area. To our knowledge, this work provides the first wholemeal survey on in-vehicle IDS, and it is therefore anticipated to serve as a groundwork and point of reference for multiple stakeholders at varying levels.
A man-in-the-middle (MitM) attack enables threat actors to position themselves in a conversation between two parties. It can be used to eavesdrop on, or impersonate, either of the parties and may enable the perpetrator to steal personal information, including login credentials, payment card data and account details. By leveraging the hijacked information, the attacker can perform an unsanctioned password change, commit identity theft, authorise money transfers, and so on. This article re-examines MitM against HTTPS by both briefly referring to its constituents and assessing its feasibility on modern browsers. We show that under certain circumstances, specific variations of MitM can be effective on all mainstream browsers using cheap, pocket-sized hardware, open-source software and a script-kiddie level of understanding.
While the Domain Name System Security Extensions (DNSSEC) offers authenticity for DNS data, it still presents fairly low levels of deployment and does not provide confidentiality. Encrypted DNS in the form of quite similar and arguably antagonistic protocols, namely DoT, DoH, and DoQ, provides the client with a secure channel to the resolver. Consequently, on top of confidentiality, the DNS responses cannot be maliciously altered while en route from the resolver to the client. This article critically reviews encrypted DNS with a particular focus on each constituent protocol as well as on the debate around the actual strength of the protection it provides.
Wi-Fi is arguably the most proliferated wireless technology today. Due to its massive adoption, Wi-Fi deployments always remain in the epicenter of attackers and evildoers. Surprisingly, research regarding machine learning driven intrusion detection systems (IDS) that are specifically optimized to detect Wi-Fi attacks is lagging behind. On top of that, the field is dominated by false or half-true assumptions that potentially can lead to corresponding models being overfilled to certain validation datasets, simply giving the impression or illusion of high efficiency. This work attempts to provide concrete answers to the following key questions regarding IEEE 802.11 machine learning driven IDS. First, from an expert's viewpoint and with reference to the relevant literature, what are the criteria for determining the smallest possible set of classification features, which are also common and potentially transferable to virtually any deployment types/versions of 802.11? And second, based on these features, what is the detection performance across different network versions and diverse machine learning techniques, i.e., shallow versus deep learning ones? To answer these questions, we rely on the renowned 802.11 security-oriented AWID family of datasets. In a nutshell, our experiments demonstrate that with a rather small set of 16 features and without the use of any optimization or ensemble method, shallow and deep learning classification can achieve an average F1 score of up to 99.55\% and 97.55\%, respectively. We argue that the suggested human expert driven feature selection leads to lightweight, deployment-agnostic detection systems, and therefore can be used as a basis for future work in this interesting and rapidly evolving field.
Intrusion detection in wireless and, more specifically, Wi-Fi networks is lately increasingly under the spotlight of the research community. However, the literature currently lacks a comprehensive assessment of the potential to detect application layer attacks based on both 802.11 and non-802.11 network protocol features. The investigation of this capacity is of paramount importance, since Wi-Fi domains are often used as a stepping stone by threat actors for unleashing an ample variety of application layer assaults. In this setting, by exploiting the contemporary AWID3 benchmark dataset along with both shallow and deep learning machine learning techniques, this work attempts to provide concrete answers to a dyad of principal matters. First, what is the competence of 802.11-specific and non-802.11 features when used separately and in tandem in detecting application layer attacks, say, website spoofing? Second, which network protocol features are the most informative to the machine learning model for detecting application layer attacks? Without relying on any optimization or dimensionality reduction technique, our experiments, indicatively exploiting an engineered feature, demonstrate a detection performance up to 96.7% in terms of the Area under the ROC Curve (AUC) metric.
This work attempts to answer in a clear way the following key questions regarding the optimal initialization of the Sysmon tool for the identification of Lateral Movement in the MS Windows ecosystem. First, from an expert’s standpoint and with reference to the relevant literature, what are the criteria for determining the possibly optimal initialization features of the Sysmon event monitoring tool, which are also applicable as custom rules within the config.xml configuration file? Second, based on the identified features, how can a functional configuration file, able to identify as many LM variants as possible, be generated? To answer these questions, we relied on the MITRE ATT and CK knowledge base of adversary tactics and techniques and focused on the execution of the nine commonest LM methods. The conducted experiments, performed on a properly configured testbed, suggested a great number of interrelated networking features that were implemented as custom rules in the Sysmon’s config.xml file. Moreover, by capitalizing on the rich corpus of the 870K Sysmon logs collected, we created and evaluated, in terms of TP and FP rates, an extensible Python .evtx file analyzer, dubbed PeX, which can be used towards automatizing the parsing and scrutiny of such voluminous files. Both the .evtx logs dataset and the developed PeX tool are provided publicly for further propelling future research in this interesting and rapidly evolving field.
This work attempts to provide a way of scrutinizing the security robustness of Wi-Fi implementations in an automated fashion. To this end, we contribute the first to our knowledge full-featured and extensible Wi-Fi fuzzer. At the time of writing, the tool, made publicly available as open source, covers the IEEE 802.11 management and control frame types and provides a separate module for the pair of messages of the Simultaneous Authentication of Equals (SAE) authentication and key exchange method. It can be primarily used to detect vulnerabilities potentially existing in wireless Access Points (AP) under the newest Wi-Fi Protected Access 3 (WPA3) certification, but its functionalities can also exploited against WPA2-compatible APs. Moreover, the fuzzer incorporates: (a) a dual-mode network monitoring module that monitors in real-time the behavior of the connected to the AP stations and logs possible service or connection disruptions, and (b) an attack tool used to verify any glitch found, and automatically craft the corresponding exploit. We present results after testing the fuzzer against an assortment of off-the-shelf APs by different renowned vendors. Adhering to a coordinated disclosure process, we have reported the discovered issues to the affected vendors, already receiving positive feedback from some of them.
Built on top of UDP, the recently standardized QUIC protocol primarily aims to gradually replace the TCP plus TLS plus HTTP/2 model. For instance, HTTP/3 is designed to exploit QUIC's features, including reduced connection establishment time, multiplexing without head of line blocking, always-encrypted end-to-end security, and others. This work serves two key objectives. Initially, it offers the first to our knowledge full-fledged review on QUIC security as seen through the lens of the relevant literature so far. Second and more importantly, through extensive fuzz testing, we conduct a hands-on security evaluation against the six most popular QUIC-enabled production-grade servers. This assessment identified several effective and practical zero-day vulnerabilities, which, if exploited, can quickly overwhelm the server resources. This finding is a clear indication that the fragmented production-level implementations of this contemporary protocol are not yet mature enough. Overall, the work at hand provides the first wholemeal appraisal of QUIC security from both a literature review and empirical standpoint, and it is therefore foreseen to serve as a reference for future research in this timely area.
Following QUIC protocol ratification on May 2021, the third major version of the Hypertext Transfer Protocol, namely HTTP/3, was published around one year later in RFC 9114. In light of these consequential advancements, the current work aspires to provide a full-blown coverage of the following issues, which to our knowledge have received feeble or no attention in the literature so far. First, we provide a complete review of attacks against HTTP/2, and elaborate on if and in which way they can be migrated to HTTP/3. Second, through the creation of a testbed comprising the at present six most popular HTTP/3-enabled servers, we examine the effectiveness of a quartet of attacks, either stemming directly from the HTTP/2 relevant literature or being entirely new. This scrutiny led to the assignment of at least one CVE ID with a critical base score by MITRE. No less important, by capitalizing on a realistic, abundant in devices testbed, we compiled a voluminous, labeled corpus containing traces of ten diverse attacks against HTTP and QUIC services. An initial evaluation of the dataset mainly by means of machine learning techniques is included as well. Given that the 30 GB dataset is made available in both pcap and CSV formats, forthcoming research can easily take advantage of any subset of features, contingent upon the specific network topology and configuration.
Nowadays, with the increasing usage of Android devices in daily life activities, malware has been increasing rapidly, putting peoples' security and privacy at risk. To mitigate this threat, several researchers have proposed different methods to detect Android malware. Recently, machine learning based models have been explored by a significant mass of researchers checking for Android malware. However, selecting the most appropriate model is not straightforward, since there are several aspects that must be considered. Contributing to this domain, the current paper explores Android malware detection from diverse perspectives; this is done by optimizing and evaluating various machine learning algorithms. Specifically, we conducted an experiment for training, optimizing, and evaluating 27 machine learning algorithms, and a Deep Neural Network (DNN). During the optimization phase, we performed hyperparameter analysis using the Optuna framework. The evaluation phase includes the measurement of different performance metrics against a contemporary, rich dataset, to conclude to the most accurate model. The best model was further interpreted by conducting feature analysis, using the Shapley Additive Explanations (SHAP) framework. Our experiment results showed that the best model is the DNN consisting of 4 layers (two hidden), using the Adamax optimizer, as well as the Binary Cross-Entropy (loss), and the Softsign activation functions. The model succeeded 86% prediction accuracy, while the balanced accuracy, the F1-score, and the ROC-AUC metrics were at 82%.
WPA3-Personal renders the Simultaneous Authentication of Equals (SAE) password-authenticated key agreement method mandatory. The scheme achieves forward secrecy and is highly resistant to offline brute-force dictionary attacks. Given that SAE is based on the Dragonfly handshake, essentially a simple password exponential key exchange, it remains susceptible to clogging type of attacks at the Access Point side. To resist such attacks, SAE includes an anti-clogging scheme. To shed light on this contemporary and high-stakes issue, this work offers a full-fledged empirical study on Denial of Service (DoS) against SAE. By utilizing both real-life modern Wi-Fi 6 certified and non-certified equipment and the OpenBSD's hostapd, we expose a significant number of novel DoS assaults affecting virtually any AP. No less important, more than a dozen of vendor-depended and severe zero-day DoS assaults are manifested, showing that the implementation of the protocol by vendors is not yet mature enough. The fallout of the introduced attacks to the associated stations ranges from a temporary loss of Internet connectivity to outright disconnection. To our knowledge, this work provides the first wholemeal appraisal of SAE's mechanism endurance against DoS, and it is therefore anticipated to serve as a basis for further research in this timely and intriguing area.
Critical infrastructures and industrial organizations aggressively move towards integrating elements of modern Information Technology (IT) into their monolithic Operational Technology (OT) architectures. Yet, as OT systems progressively become more and more interconnected, they silently have turned into alluring targets for diverse groups of adversaries. Meanwhile, the inherent complexity of these systems, along with their advanced-in-age nature, prevents defenders from fully applying contemporary security controls in a timely manner. Forsooth, the combination of these hindering factors has led to some of the most severe cybersecurity incidents of the past years. This work contributes a full-fledged and up-to-date survey of the most prominent threats and attacks against Industrial Control Systems and critical infrastructures, along with the communication protocols and devices adopted in these environments. Our study highlights that threats against critical infrastructure follow an upward spiral due to the mushrooming of commodity tools and techniques that can facilitate either the early or late stages of attacks. Furthermore, our survey exposes that existing vulnerabilities in the design and implementation of several of the OT-specific network protocols and devices may easily grant adversaries the ability to decisively impact physical processes. We provide a categorization of such threats and the corresponding vulnerabilities based on various criteria. As far as we are aware, this is the first time an exhaustive and detailed survey of this kind is attempted.
Digital COVID-19 certificates serve as reliable proof that an individual was vaccinated, tested negative, or healed from COVID-19, facilitating health, occupational, educational, and travel activities during the pandemic. This paper contributes the first to our knowledge state-of-the-art and holistic review of this ecosystem, attempting to answer the following questions: 1) is there a harmonization among academia, organizations, and governments in terms of the certificate deployment technology?; 2) what is the proliferation of such schemes worldwide and how similar are they?; 3) are smartphone applications that accompany such schemes privacy-preserving from an end-user’s perspective? To respond to these questions, a four-tier approach is followed: (a) we scrutinize the so far academic works suggesting some type of digital certificate, highlighting common characteristics and weaknesses; (b) we constructively report on the different initiatives proposed by organizations or alliances; (c) we briefly review 54 country initiatives around the globe; and (d) we analyze both statically and dynamically all official Android smartphone applications offered for such certificates to reveal possible hiccups affecting the security or privacy of the end-user. From a bird’s eye view, the great majority of the proposed or developed schemes follow either the blockchain model or the asymmetric cryptosystem, the spread of schemes especially in Europe and partly in Asia is high, some degree of distinctiveness among the relevant schemes developed by countries does exist, and there are substantial variations regarding the privacy level of the applications between Europe on the one hand and Asia and America on the other.
No nontrivial software system can be built without regard for security. Even noncritical software systems can be used as an entry point to the critical systems to which they are connected, for example, exploiting system vulnerabilities to steal passwords for login and network access. This article describes one such attack.
Contact tracing has historically been used to retard the spread of infectious diseases, but if it is exercised by hand in large-scale, it is known to be a resource-intensive and quite deficient process. Nowadays, digital contact tracing has promptly emerged as an indispensable asset in the global fight against the coronavirus pandemic. The work at hand offers a meticulous study of all the official Android contact tracing apps deployed hitherto by European countries. Each app is closely scrutinized both statically and dynamically by means of dynamic instrumentation. Depending on the level of examination, static analysis results are grouped in two axes. The first encompasses permissions, API calls, and possible connections to external URLs, while the second concentrates on potential security weaknesses and vulnerabilities, including the use of trackers, in-depth manifest analysis, shared software analysis, and taint analysis. Dynamic analysis on the other hand collects data pertaining to Java classes and network traffic. The results demonstrate that while overall these apps are well-engineered, they are not free of weaknesses, vulnerabilities, and misconfigurations that may ultimately put the user security and privacy at risk.
Year after year, mobile malware attacks grow in both sophistication and diffusion. As the open source Android platform continues to dominate the market, malware writers consider it as their preferred target. Almost strictly, state-of-the-art mobile malware detection solutions in the literature capitalize on machine learning to detect pieces of malware. Nevertheless, our findings clearly indicate that the majority of existing works utilize different metrics and models and employ diverse datasets and classification features stemming from disparate analysis techniques, i.e., static, dynamic, or hybrid. This complicates the cross-comparison of the various proposed detection schemes and may also raise doubts about the derived results. To address this problem, spanning a period of the last seven years, this work attempts to schematize the so far ML-powered malware detection approaches and techniques by organizing them under four axes, namely, the age of the selected dataset, the analysis type used, the employed ML techniques, and the chosen performance metrics. Moreover, based on these axes, we introduce a converging scheme which can guide future Android malware detection techniques and provide a solid baseline to machine learning practices in this field.
Using automotive smartphone applications (apps) provided by car manufacturers may offer numerous advantages to the vehicle owner, including improved safety, fuel efficiency, anytime monitoring of vehicle data, and timely over-the-air delivery of software updates. On the other hand, the continuous tracking of the vehicle data by such apps may also pose a risk to the car owner, if, say, sensitive pieces of information are leaked to third parties or the app is vulnerable to attacks. This work contributes the first to our knowledge full-fledged security assessment of all the official single-vehicle management apps offered by major car manufacturers who operate in Europe. The apps are scrutinised statically with the purpose of not only identifying surfeits, say, in terms of the permissions requested, but also from a vulnerability assessment viewpoint. On top of that, we run each app to identify possible weak security practices in the owner-to-app registration process. The results reveal a multitude of issues, ranging from an over-claim of sensitive permissions and the use of possibly privacy-invasive API calls, to numerous potentially exploitable CWE and CVE-identified weaknesses and vulnerabilities, the, in some cases, excessive employment of third-party trackers, and a number of other flaws related to the use of third-party software libraries, unsanitised input, and weak user password policies, to mention just a few.
This work serves two key objectives. First, it markedly supplements and extends the well-known AWID corpus by capturing and studying traces of a wide variety of attacks hurled in the IEEE 802.1X Extensible Authentication Protocol (EAP) environment. Second, given that all the 802.11-oriented attacks have been carried out when the defenses introduced by Protected Management Frames (PMF) were operative, it offers the first to our knowledge full-fledged empirical study regarding the robustness of the IEEE 802.11w amendment, which is mandatory for WPA3 certified devices. Under both the aforementioned settings, the dataset, and study at hand are novel and are anticipated to be of significant aid towards designing and evaluating intrusion detection systems. Moreover, in an effort to deliver a well-rounded dataset of greater lifespan, and under the prism of an attacker escalating their assault from the wireless MAC layer to higher ones, we have additionally included several assaults that are common to IEEE 802.3 networks. Since the corpus is publicly offered in the form of raw cleartext pcap files, future research can straightforwardly exploit any subset of features, depending on the particular application scenario.
During 2021, different worldwide initiatives have been established for the development of digital vaccination certificates to alleviate the restrictions associated to the COVID-19 pandemic to vaccinated individuals. Although diverse technologies can be considered for the deployment of such certificates, the use of blockchain has been suggested as a promising approach due to its decentralization and transparency features. However, the proposed solutions often lack realistic experimental evaluation that could help to determine possible practical challenges for the deployment of a blockchain platform for this purpose. To fill this gap, this work introduces a scalable, blockchain-based platform for the secure sharing of COVID-19 or other disease vaccination certificates. As an indicative use case, we emulate a large-scale deployment by considering the countries of the European Union. The platform is evaluated through extensive experiments measuring computing resource usage, network response time, and bandwidth. Based on the results, the proposed scheme shows satisfactory performance across all major evaluation criteria, suggesting that it can set the pace for real implementations. Vis-a-vis the related work, the proposed platform is novel, especially through the prism of a large-scale, full-fledged implementation and its assessment.
Protocol stacks specifically designed for the Internet of Things (IoT) have become commonplace. At the same time, security and privacy concerns regarding IoT technologies are also attracting significant attention given the risks that are inherently associated with the respective devices and their numerous applications, ranging from healthcare, smart homes and cities, to intelligent transportation systems and industrial automation. Considering the still heterogeneous nature of the majority of IoT protocols, a major concern is to find common references for investigating and analysing their security and privacy threats. To this end, and on top of the current literature, this work provides a comprehensive, vis-à-vis comparison of the security aspects of the so far most widespread IoT Wireless Personal Area Network (WPAN) protocols, namely, BLE, Z-Wave, Zigbee, Thread, and EnOcean. A succinct but exhaustive review of the relevant literature from 2013 up to now is offered as a side contribution.
The openness of the Android operating system and its immense penetration into the market makes it a hot target for malware writers. This work introduces Androtomist, a novel tool capable of symmetrically applying static and dynamic analysis of applications on the Android platform. Unlike similar hybrid solutions, Androtomist capitalizes on a wealth of features stemming from static analysis along with rigorous dynamic instrumentation to dissect applications and decide if they are benign or not. The focus is on anomaly detection using machine learning, but the system is able to autonomously conduct signature-based detection as well. Furthermore, Androtomist is publicly available as open source software and can be straightforwardly installed as a web application. The application itself is dual mode, i.e., fully automated for the novice user and configurable for the expert one. As a proof-of-concept, we meticulously assess the detection accuracy of Androtomist against three different popular malware datasets and a handful of machine learning classifiers. We particularly concentrate on the classification performance achieved when the results of static analysis are combined with dynamic instrumentation vis-`a-vis static analysis only. Our study also introduces an ensemble approach by averaging the output of all base classification models per malware instance separately, and provides a deeper insight on the most influencing features regarding the classification process. Depending on the employed dataset, for hybrid analysis, we report notably promising to excellent results in terms of the accuracy, F1, and AUC metrics.
With hundred billions of emails sent daily, the adoption of contemporary email security standards and best practices by the respective providers are of utmost importance to everyone of us. Leaving out the user-dependent measures, say, S/MIME and PGP, this work concentrates on the current security standards adopted in practice by providers to safeguard the communications among their SMTP servers. To this end, we developed a non-intrusive tool coined MECSA, which is publicly available as a web application service to anyone who wishes to instantly assess the security status of their email provider regarding both the inbound and outbound communication channels. By capitalising on the data collected by MECSA over a period of 15 months, that is, approximately 7,650 assessments, analysing a total of 3,236 unique email providers, we detail on the adoption rate of state-of-the-art email security extensions, including STARTTLS, SPF, DKIM, DMARC, and MTA-STS. Our results indicate a clear increase in encrypted connections and in the use of SPF, but also considerable retardation in the penetration rate of the rest of the standards. This tardiness is further aggravated by the still low prevalence of DNSSEC, which is also appraised for the email security space in the context of this work.
The coronavirus pandemic is a new reality and it severely affects the modus vivendi of the international community. In this context, governments are rushing to devise or embrace novel surveillance mechanisms and monitoring systems to fight the outbreak. The development of digital tracing apps,which among others are aimed at automatising and globalising the prompt alerting of individuals at risk in a privacy-preserving manner is a prominent example of this ongoing effort. Very promptly,a number of digital contact tracing architectures has been sprouted, followed by relevant app implementations adopted by governments worldwide. Bluetooth, and specifically its Low Energy (BLE)power-conserving variant has emerged as the most promising short-range wireless network technology to implement the contact tracing service. This work offers the first to our knowledge, full-fledged review of the most concrete contact tracing architectures proposed so far in a global scale.This endeavour does not only embrace the diverse types of architectures and systems, namely centralised, decentralised, or hybrid, but it equally addresses the client side, i.e., the apps that have been already deployed in Europe by each country. There is also a full-spectrum adversary model section,which does not only amalgamate the previous work in the topic, but also brings new insights and angles to contemplate upon.
Malware detection is a fundamental task and associated with significant applications in humanities, cybersecurity, and social media analytics. In some of the relevant studies, there is substantial evidence that heterogeneous ensembles can provide very reliable solutions, better than any individual verification model. However, so far, there is no systematic study of examining the application of ensemble methods in this task. This paper introduces a sophisticated Extrinsic Random-based Ensemble(ERBE) method where in a predetermined set of repetitions, a subset of external instances (either malware or benign) as well as classification features are randomly selected, and an aggregation function is adopted to combine the output of all base models for each test case separately. By utilising static analysis only, we demonstrate that the proposed method is capable of taking advantage of the availability of multiple external instances of different size and genre. The experimental results in AndroZoo benchmark corpora verify the suitability of a random-based heterogeneous ensemble for this task and exhibit the effectiveness of our method, in some cases improving the hitherto best reported results by more than 5%.
Modern mobile devices are equipped with a variety of tools and services, and handle increasing amounts of sensitive information. In the same trend, the number of vulnerabilities exploiting mobile devices are also augmented on a daily basis and, undoubtedly, popular mobile platforms, such as Android and iOS, represent an alluring target for malware writers. While researchers strive to find alternative detection approaches to fight against mobile malware, recent reports exhibit an alarming increase in mobile malware exploiting victims to create revenues, climbing towards a billion-dollar industry. Current approaches to mobile malware analysis and detection cannot always keep up with future malware sophistication . The aim of this work is to provide a structured and comprehensive overview of the latest research on mobile malware detection techniques and pinpoint their benefits and limitations.
Intrusion detection systems (IDSs) are essential elements when it comes to the protection of an ICT infrastructure. Misuse IDSs a stable method that can achieve high attack detection rates (ADR), while keeping false alarm rates under acceptable levels. However, misuse IDSs suffer from the lack of agility, as they are unqualified to adapt to new and "unknown" environments. That is, such an IDS puts a security administrator into an intensive engineering task for keeping the IDS up-to-date every time it faces efficiency drops. Considering the extended size of modern networks and the complexity of big network traffic data, the problem exceeds by far the limits of human managing capabilities. In this regard, we propose a novel methodology which combines the benefits of self-taught learning and MAPE-K frameworks to deliver a scalable, self-adaptive and autonomous misuse IDS. Our methodology enables a misuse IDS to sustain a high ADR even if it is imposed to consecutive and drastic environmental changes. Through the utilization of deep-learning based methods, the IDS is able to grasp an attack’s nature based on generalized features reconstructions stemming directly from the unknown environment and its unlabeled data. The experimental results reveal that our methodology can breathe new life into the IDS without the constant need of manually refreshing its training set. We evaluate our proposal under several classification metrics, and we show that it is able to increase the ADR of the IDS up to 73.37% in critical situations where a statically trained IDS is rendered totally ineffective.
This paper investigates whether glass wearable devices can be used to authenticate users, both to grant access (onetime)and to maintain access (continuous), in a hands-free way. We do so by designing and implementing Gauth, a system that enables users to authenticate with a service simply by issuing a voice command, while facing the computer terminal they are going to use to access the service. To achieve this goal, we create a physical communication channel from the terminal to the glass device using machine readable visual codes, say, QR codes, and utilize the device’s network adapter to communicate directly with a service. More importantly, we continuously authenticate the user accessing the terminal, exploiting the fact that a user operating a terminal is most likely facing it most of the time. We periodically issue authentication challenges, which are displayed as a QR code on the terminal. This causes the glass device to re-authenticate the user with an appropriate response. We thoroughly evaluate Gauth to determine the technical limits of our approach. We show that even with the relatively low-resolution camera of the current Google Glass prototype, QR codes can be consistently processed correctly with an average accuracy of 88%, and continuous authentication, while strenuous to the battery, is feasible. Finally, we perform a small user study involving students to demonstrate the benefits our our approach. We found that authentication using Gauth takes on average 1.63 seconds, while using username/password credentials takes 3.85 seconds and varies greatly depending on the computer-literacy level of the user.
Social networks are nowadays a primary source of news and information that can be steered, distorted, and influenced. Recent scandals such as the Cambridge Analytics proved that social media users are prone to such direct manipulation. Among the weapons available to perform these antidemocracy attacks, Social Bots are beyond question the most powerful one. These autonomous entities constitute coordinated armies which sneakily manipulate and deceive real users. Thus, our research identifies five major challenges that the research community needs to face toward tackling Social Bots activities in four individual but comparable scenarios. To address these key challenges, we propose, elaborate, and evaluate on a mix of remedies in the form of a proof-of-concept platform combining the agility of Artificial Intelligence with the expertise of human analysts to detect and shield against Social Bots interference
For elementary students, security and privacy education is anticipated to be more joyful when the knowledge is delivered in the form of a digital game-based learning activity. This paper details on the development of a novel learning platform that comprises a web-based Learning Content Management Systems (LCMS) and a mo- bile client application (app) for educating and raising young learners' awareness on basic cybersecurity and privacy issues. The app, which comprises a suite of quick games, can be played either in standalone or in client/server mode and it is especially destined to elementary students. Further, due to the anytime and anywhere characteristics of the app, it can be experienced as a classroom or an outdoor learning activity. Contrary to analogous studies found in the literature so far, during the design phase of the app, our focus was not solely on its technological aspects, but we uniformly paid special attention to the educational factor by applying the Attention, Relevance, Confidence, and Satisfaction (ARCS) model of motivation. A preliminary evaluation of the app, including learning eectiveness, usability, and user's satisfaction was conducted with 52 elementary-aged students. Among others, the results show that the interaction with the app significantly increases the mean performance of the participants by almost 20%.
VoIP services in general, and Session Initiation Protocol (SIP) ones in particular, continue to grow at a fast pace and have already become a key component of Next Generation Networks (NGN). Despite this proliferation, SIP-based services expose a large attack surface for perpetrators and especially those who seek to cause Denial of Service (DoS). While so far a plethora of works in the literature have been devoted to the detection of DoS attacks in SIP ecosystems, the focus is on those which exploit SIP headers neglecting the message body. In an effort to fill this gap, the work at hand concentrates on the detection of DoS attacks which instead capitalize on the Session Description Protocol (SDP) part of SIP requests. To this end, we not only scrutinize this ilk of attacks and demonstrate their effect against the end-user, but also develop an open source extensible SDP parser module capable of detecting intentionally or unintentionally crafted SDP segments parasitizing in SIP requests. Following a firewall-based logic,currently, the parser incorporates 100 different rules organized in 4 categories (policies) based on the corresponding RFC . Through extensive experimentation, we show that our scheme induces negligible overhead in terms of processing time when working as a software module in either the SIP proxy or a separate machine in front of the latter.
Intrusion detection systems (IDSs) are essential entities in a network topology aiming to safeguard the integrity and availability of sensitive assets in the protected systems. In misuse detection systems, which is the topic of the paper at hand, the detection process relies on specific attack signatures (rules) in an effort to distinguish between legitimate and malicious network traffic. Generally, three major challenges are associated with any IDS of this category: identifying patterns of new attacks with high accuracy, ameliorating the human-readability of the detection rules, and rightly designating the category these attacks belong to. To this end, we propose Dendron, a methodology for generating new detection rules which are able to classify both common and rare types of attacks. Our methodology takes advantage of both Decision Trees and Genetic Algorithms for the sake of evolving linguistically interpretable and accurate detection rules. It also integrates heuristic methods in the evolutionary process aiming to deal with the challenging nature of the network traffic, which generally biases machine learning techniques to neglect the minority classes of a dataset. The experimental results, using KDDCup'99, NSL-KDD and UNSW-NB15 datasets, reveal that Dendron is able to achieve superior results over other state-of-the-art and legacy techniques under several classification metrics, while at the same time is able to significantly detect rare intrusive incidents.
With the increasing popularity of smartphones and tablets, Game-Based Learning (GBL) is undergoing a rapid shift to mobile platforms. This transformation is driven by mobility, wireless interfaces, and built-in sensors that these smart devices offer in order to enable blended and context-sensitive mobile learning (m-Learning) activities. Thus, m-Learning is becoming more independent and ubiquitous (u-Learning). In order to identify and analyze the main trends and the future challenging issues involved in designing mGBL learning strategies, as well as to bring to the foreground important issues pertaining to mobile and context-aware ubiquitous GBL, the work at hand conducts a comprehensive survey of this particular area. Specifically, it introduces and applies a six-dimensional framework consisted of Spatio-temporal, Collaboration/Social, Session, Personalization, Data security & privacy, and Pedagogy, with the aim of scrutinizing the contributions in the field of mGBL published from 2004 to 2016. It was found that the transition to mGBL presents several difficulties, and therefore cannot be conceived as a simple and quick modification of existing GBL solutions. In this respect, this work is anticipated to foster the development of well-designed solutions that are intensive not only in their technological aspect, but in pedagogical qualities as well.
It is without doubt that today the volume and sophistication of cyber attacks keeps consistently growing, militating an endless arm race between attackers and defenders. In this context, full-fledged frameworks, methodologies, or strategies that are able to offer optimal or near-optimal reaction in terms of countermeasure selection, preferably in a fully or semi-automated way, are of high demand. This is reflected in the literature, which encompasses a significant number of major works on this topic spanning over a time period of 5 years, that is, from 2012 to 2016. The survey at hand has a dual aim, namely: first, to critically analyze all the pertinent works in this field, and second to offer an in-depth discussion and side-by-side comparison among them based on 7 common criteria. Also, a quite extensive discussion is offered to highlight on the shortcomings and future research challenges and directions in this timely area.
The critical process of hiring has relatively recently been ported to the cloud. Specifically, the automated systems responsible for completing the recruitment of new employees in an online fashion, aim to make the hiring process more immediate, accurate and cost-efficient. However, the online exposure of such traditional business procedures has introduced new points of failure that may lead to privacy loss for applicants and harm the reputation of organizations. So far, the most common case of Online Recruitment Frauds (ORF), is employment scam. Unlike relevant online fraud problems, the tackling of ORF has not yet received the proper attention, remaining largely unexplored until now. Responding to this need, the work at hand defines and describes the characteristics of this severe and timely novel cyber security research topic. At the same time, it contributes and evaluates the first to our knowledge publicly available dataset of 17,880 annotated job ads, retrieved from the use of a real-life system.
The Mirai botnet and its variants and imitators are a wake-up call to the industry to better secure Internet of Things (IoT) devices or risk exposing the Internet infrastructure to increasingly disruptive distributed denial-of-service (DDoS) attacks.
Since their appearance at the dawn of the second millennium, Delay or Disruption Tolerant Networks (DTNs) have gradually evolved, spurring the development of a variety of methods and protocols for making them more secure and resilient. In this context, perhaps, the most challenging problem to deal with is that of cryptographic key management. To the best of our knowledge, the work at hand is the first to survey the relevant literature and classify the various so far proposed key management approaches in such a restricted and harsh environment. Towards this goal, we have grouped the surveyed key management methods into three major categories depending on whether the particular method copes with a) security initialization, b) key establishment, and c) key revocation. We have attempted to provide a concise but fairly complete evaluation of the proposed up-to-date methods in a generalized way with the aim of offering a central reference point for future research.
While more and more users turn to IP-based communication technologies, privacy and anonymity remain largely open issues. One of the most prominent VoIP protocols for multimedia session management is SIP which, despite its popularity, suffers from security and privacy flaws. As SIP messages are sent in plain text, user data are exposed to intermediate proxies and eavesdroppers. As a result, information about users participating in a call can leak from header data, which cannot be omitted since they are needed for the correct routing of SIP messages to their final destination. Even more, traffic analysis attacks can be mounted with data stemming from lower layers. To redress this kind of problems, privacy can be achieved either by the construction of a lower level tunnel (via the use of SSL or IPsec protocols) or by employing a custom-tailored solution. However, SSL and IPsec are known for leading to undesirable, non affordable delays, and thus the need for a SIP-oriented solution is preferable. In the context of this article, we evaluate three alternative solutions to encounter the above issues. More specifically, we use two well-known anonymity networks, Tor and I2P, for secluding both caller's and callee's actions by securing SIP messages content. As a third solution, we present our proposal for preserving privacy in SIP signaling, by using an onion-routing approach, where selected sensitive fields of SIP messages are encrypted using either asymmetric or symmetric encryption. We compare these three alternatives in terms of performance, mentioning the pros and cons that come up with each proposal. Our work also presents the reasons why other existing anonymity networks fail to be considered as appropriate for preserving anonymity in SIP.
With the mushrooming of wireless access infrastructures, the amount of data generated, transferred and consumed by the users of such networks has taken enormous proportions. This fact further complicates the task of network intrusion detection, especially when advanced Machine Learning (ML) operations are involved in the process. In wireless environments, the monitored data are naturally distributed among the numerous sensor nodes of the system. Therefore, the analysis of data must either happen in a central location after first collecting it from the sensors or locally through collaboration by viewing the problem through a distributed ML perspective. In both cases, concerns are risen regarding the requirements of this demanding task in matters of required network resources and achieved security/privacy. This paper proposes TermID, a distributed network intrusion detection system that is well-suited for wireless networks. The system is based on classification rule induction and Swarm Intelligence principles to achieve efficient model training for intrusion detection purposes, without exchanging sensitive data. An additional achievement is that the produced model is easily readable by humans. While these are the main design principles of our approach the accuracy of the produced model is not compromised by the distribution of the tasks and remains at competitive levels. Both the aforementioned claims are verified by the results of detailed experiments withheld with the use of a publicly available security-focused wireless dataset.
Keystroke dynamics is a well-investigated behavioral biometric based on the way and rhythm in which someone interacts with a keyboard or keypad when typing characters. This paper explores the potential of this modality but for touchscreen- equipped smartphones. The main research question posed is whether “touchstroking” can be effective in building the biometric profile of a user, in terms of typing pattern, for future authentication. To reach this goal, we implemented a touchstroke system in the Android platform and executed different scenarios under disparate methodologies to estimate its effectiveness in authenticating the end-user. Apart from typical classification features used in legacy keystroke systems, we introduce two novel ones, namely, speed and distance. From the experiments, it can be argued that touchstroke dynamics can be quite competitive, at least, when compared to similar results obtained from keystroke evaluation studies. As far as we are aware of, this is the first time this newly arisen behavioral trait is put into focus.
WiFi has become the de facto wireless technology for achieving short to medium-range device connectivity. While early attempts to secure this technology have been proved inadequate in several respects, the current, more robust, security amendments will inevitably get outperformed in the future too. In any case, several security vulnerabilities have been spotted in virtually any version of the protocol rendering the integration of external protection mechanisms a necessity. In this context, the contribution of this paper is multi-fold. First, it gathers, categorizes, thoroughly evaluates the most popular attacks on 802.11, and analyzes their signatures. Second, it offers a publicly available dataset containing a rich blend of normal and attack traffic against 802.11 networks. A quite extensive first-hand evaluation of this dataset using several machine learning algorithms and data features is also provided. Given that to the best of our knowledge the literature lacks such a rich and well-tailored dataset, it is anticipated that the results of the work at hand will offer a solid basis for intrusion detection in the current as well as, next generation wireless networks.
It is without a doubt that botnets pose a growing threat to the Internet, with DDoS attacks of any kind carried out by botnets to be on the rise. Nowadays, botmasters rely on advanced Command & Control (C&C) infrastructures to achieve their goals and most importantly to remain undetected. This work introduces two novel botnet architectures that consist only of mobile devices and evaluates both their impact in terms of DNS amplification and TCP flooding attacks, and their cost pertaining to the maintenance of the C&C channel. The first one, puts forward the idea of using a continually-changing mobile HTTP proxy in front of the botherder, while the other capitalizes on DNS protocol as a covert channel for coordinating the botnet. That is, for the latter, the messages exchanged among the bots and the herder appear as legitimate DNS transactions. Also, a third architecture is described and assessed, which is basically an optimized variation of the first one. Namely, it utilizes a mixed layout where all the attacking bots are mobile, but the proxy machines are typical PCs not involved in the actual attack. For the DNS amplification attack, which is by nature more powerful, we report an amplification factor that fluctuates between 32.7 and 34.1. Also, regarding the imposed C&C cost, we assert that it is minimal (about 0.25 Mbps) per bot in the worst case happening momentarily when the bot learns about the parameters of the attack.
Nowadays, due to the widespread participation of elementary school children in cyberspace activities, basic cybersecurity education and awareness is deemed necessary. Within this context, knowledge acquisition in this timely and important field has greater chances to be more fruitful when the learner is properly motivated. Also, it is anticipated to be more joyful when knowledge is acquired in the form of a digital game-based activity. The paper at hand discusses the development of a novel mobile app called CyberAware, destined to cybersecurity education and awareness. At present, the game is designed for K-6 children in order to support either or both formal or informal learning. Additionally, due to its mobile characteristics, the game can be experienced as an outdoor or classroom activity. Finally, opposite to similar studies found in the literature so far, our attention is not solely drawn to game’s technological aspects but equally to the educational factor. This is achieved through the consideration and use of the ARCS motivational model already from the game's design phase.
Corporate hiring has recently been ported to the cloud, mainly through the use of Applicant Tracking Systems (ATS). However, the online exposure fueled a new type of online scam, namely Employment Scam, that jeopardizes job seekers privacy and harms the reputation of organizations. Employment Scam remains largely unexplored until now. It shares common characteristics with relevant fraud detection problems such as email spam and phishing but its own peculiarities can intrigue researchers to delve deeper into the field. To this direction, this article also presents a preliminary empirical analysis of real-life fraudulent job ads.
Voice over IP (VoIP) architecture and services consist of different software and hardware components that may be susceptible to a plethora of attacks. Among them, Denial of Service (DoS) is perhaps the most powerful one, as it aims to drain the underlying resources of a service and make it inaccessible to the legitimate users. So far, various detection and prevention schemes have been deployed to detect, deter and eliminate DoS occurrences. However, none of them seems to be complete in assessing in both realtime and offline modes if a system remains free of such types of attacks. To this end, in the context of this paper, we assert that audit trails in VoIP can be a rich source of information toward flushing out DoS incidents and evaluating the security level of a given system. Specifically, we introduce a privacy-friendly service to assess whether or not a SIP service provider suffers a DoS by examining either the recorded audit trails (in a forensic-like manner) or the realtime traffic. Our solution relies solely on the already received network logistic files, making it simple, easy to deploy, and fully compatible with existing SIP installations. It also allows for the exchange of log files between different providers for cross-analysis or its submission to a single analysis center (as an outsourced service) in an opt-in basis. Through extensive evaluation involving both offline and online executions and a variety of DoS scenarios, it is argued that our detection scheme is efficient enough, while its realtime operation introduces negligible overhead.
Modern mobile devices are nowadays powerful enough and can be used toward defining a new channel of communication with potential consumers. This channel is commonly known as mobile marketing and there is already a number of mobile marketing apps, whose aim is to increase the sales of some product or service. In this context, the Let's Meet! framework presented in this paper is essentially a mobile marketing app. The app groups two or more persons, who basically do not know each other, having as sole criterion their common interest in an offer about a product or a service. Its main objective is to bring them together, so that they can purchase and enjoy an offer, which otherwise could not afford. One of the highlights of our proposal is that all sensitive user data are transmitted in a secure manner, and thus confidentiality is preserved. Users' privacy is also given great consideration. This means for example that the exact geographic locations of the users are never shared with others. For user authentication, Let's Meet! supports both a complete anonymous mode and OAuth 2.0. The framework's main objective, which is to bring the users together, is guaranteed by means of a one-time coupon, generated by the OCRA algorithm, while the final face-to-face user group meeting is achieved through Wi-Fi Direct technology. Moreover, the app implements a smart queueing system for increasing its efficiency. Every possible effort is made to maximize both the number of products being sold and the number of users that eventually enjoy an offer. Finally, a user rating system has been adopted, which rewards any user attitude that helps towards improving the framework's competence. The above qualities make Let's Meet! a novel proposal when considering similar works in the literature so far.
Anonymity is generally conceived to be an integral part of user's right to privacy. Without anonymity, many online activities would become prone to eavesdropping, making them potentially risky to use. This work highlights on the different aspects closely related to anonymity and argues that it is rather a multifaceted and contextual concept. To support this argumentation, the paper examines as a dual case study the ways anonymity is conceptualised in the case of two well-established but dissimilar protocols employed in the cyberspace on a wide-scale; that is, SIP and Kerberos ones. By surveying the research done for preserving anonymity (and privacy in general) in the context of the aforementioned protocols several useful observations emerge. Our aim is to contribute towards acquiring a comprehensive view of this particular research area, mainly by examining how anonymity is put to work in practice. As a result, the work at hand can also be used as a reference for anyone interested in grasping the diverse facets of this constantly developing research field.
Forensic analysis on mobile devices in general and smartphones in particular is on the rise. Naturally, this is because these devices are more than ever used by criminals of all kinds to perform a variety of offensive actions. The mushrooming of mobile services and the way people use their smartphones in their daily activities results in a plethora of valuable and private data stored in the device, which of course can be extremely helpful towards resolving a criminal case. The automatic or semi-automatic correlation of end-user events as recorded in the mobile device can be of great value to the investigator in their struggle to resolve a case. Unfortunately, existing forensic tools targeted to Android lack of such a functionality. To fill this gap, we propose AUDA, a tool that is able to gather end-user’s data stored in critical system areas and then inter-correlate them in terms of a time series of events. We argue that this type of analysis not only saves time and effort from an investigator's viewpoint but also can reveal hidden information related to a case in a roundabout way.
It is without a doubt that malware especially designed for modern mobile platforms is rapidly becoming a serious threat. The problem is further multiplexed by the growing convergence of wired, wireless and cellular networks, since virus writers can now develop sophisticated malicious software that is able to migrate across network domains. This is done in an effort to exploit vulnerabilities and services specific to each network. So far, research in dealing with this risk has concentrated on the Android platform and mainly considered static solutions rather than dynamic ones. Compelled by this fact, in this paper, we contribute a fully-fledged tool able to dynamically analyze any iOS software in terms of method invocation (i.e., which API methods the application invokes and under what order), and produce exploitable results that can be used to manually or automatically trace software’s behavior to decide if it contains malicious code or not. By employing real life malware we assessed our tool both manually, as well as, via heuristic techniques and the results we obtained seem highly accurate in detecting malicious code.
The IEEE 802.16 technology, commonly referred to as WiMAX, gains momentum as an option for broadband wireless communication access. So far, several research works focus on the security of the 802.16 family of standards. In this context, the contribution of this paper is twofold. First, it provides a comprehensive taxonomy of attacks and countermeasures on 802.16. Each attack is classified based on several factors, e.g. its type, likelihood of occurrence, impact upon the system etc. and its potential is reviewed with reference to the standard. Possible countermeasures and remedies proposed for each category of attacks are also discussed to assess their effectiveness. Second, a full-scale assessment study of indicative attacks that belong to broader attack classes is conducted in an effort to better comprehend their impact on the 802.16 realm. As far as we are aware of, this is the first time an exhaustive and detailed survey of this kind is attempted.
Perhaps, the most important parameter for any mobile application or service is the way it is delivered and experienced by the end-users, who usually, in due course, decide to keep it on their software portfolio or not. Most would agree that security and privacy have both a crucial role to play toward this goal. In this context, the current paper revolves around a key question: Do modern mobile applications respect the privacy of the end-user? The focus is on the iPhone platform security and especially on user’s data privacy. By the implementation of a DNS poisoning malware and two real attack scenarios on the popular Siri and Tethering services, we demonstrate that the privacy of the end-user is at stake.
The proliferation of touchscreen devices brings along several interesting research challenges. One of them is whether touchstroke-based analysis (similar to keylogging) can be a reliable means of profiling the user of a mobile device. Of course, in such a setting, the coin has two sides. First, one can employ the output produced by such a system to feed machine learning classifiers and later on intrusion detection engines. Second, aggressors can install touchloggers to harvest user's private data. This malicious option has been also extensively exploited in the past by legacy keyloggers under various settings, but has been scarcely assessed for soft keyboards. Compelled by these separate but interdependent aspects, we implement the first-known native and fully operational touchlogger for ultramodern smartphones and especially for those employing the proprietary iOS platform. The results we obtained for the first objective are very promising showing an accuracy in identifying misuses, and thus post-authenticating the user, in an amount that exceeds 99%. The virulent personality of such software when used maliciously is also demonstrated through real-use cases.
In Next Generation Networks (NGN), Kerberos is becoming a key component to support authentication and key distribution for Internet application services. However, for this purpose, Kerberos needs to rectify certain deficiencies that it presents and especially that of privacy which allows an eavesdropper to obtain information of the services users are accessing. This paper presents a comprehensive privacy framework that guarantees user anonymity, service access unlinkability and message exchange unlinkability in Kerberos both in single-domain and multi-domain scenarios. This proposal is based on different extensibility mechanisms already defined for Kerberos, which facilitate its adoption in already deployed systems. Furthermore, our proposal has been evaluated in terms of performance and the results demonstrate its lightweight nature.
Mobile learning is constantly evolving, following the shift of mobile technologies from laptops to handheld devices and smartphones. Indeed, the opportunities for innovation in this area are numerous and constantly under the focus of all the parties involved, ranging from traditional schools and universities to individual learners. However, mobile technology brings along increased threats to system and data security and privacy, given the fact that learners and educators are mobile, and in most cases, permitted to use their own mobile devices to access resources and services. After identifying the challenges, this paper provides a comprehensive review and classification of the state-of-the-art research on security and privacy in the m-learning realm and beyond. As far as we are aware of, this is the first time an exhaustive and detailed survey of this kind is attempted.
It is without doubt that the Domain Name System (DNS) is one of the most decisive elements of the Internet infrastructure; even a slight disruption to the normal operation of a DNS server could cause serious impairment to network services and thus hinder access to network resources. Hence, it is straightforward that DNS nameservers are constantly under the threat of distributed Denial of Service (DoS) attacks. This paper presents a new, stealthy from the attacker's viewpoint, flavor of DNSSEC-powered amplification attack that takes advantage of the vast number of DNS forwarders out there. Specifically, for augmenting the amplification factor, the attacker utilizes only those forwarders that support DNSSEC-related resource records and advertize a large DNS size packet. The main benefits of the presented attack scenario as compared to that of the typical amplification attack are: (a) The revocation of the need of the aggressor to control a botnet, and (b) the elimination of virtually all traces that may be used toward disclosing the attacker's actions, true identity and geographical location. The conducted experiments taking into consideration three countries, namely Greece, Ireland and Portugal demonstrate that with a proper but simple planning and a reasonable amount of resources, a determined perpetrator is able to create a large torrent of bulky DNS packets towards its target. In the context of the present study this is translated to a maximum amplification factor of 44.
Mobile Device Forensics (MF) is an interdisciplinary field consisting of techniques applied to a wide range of computing devices, including smartphones and satellite navigation systems. Over the last few years, a significant amount of research has been conducted, concerning various mobile device platforms, data acquisition schemes, and information extraction methods. This work provides a comprehensive overview of the field, by presenting a detailed assessment of the actions and methodologies taken throughout the last seven years. A multilevel chronological categorization of the most significant studies is given in order to provide a quick but complete way of observing the trends within the field. This categorization chart also serves as an analytic progress report, with regards to the evolution of MF. Moreover, since standardization efforts in this area are still in their infancy, this synopsis of research helps set the foundations for a common framework proposal. Furthermore, because technology related to mobile devices is evolving rapidly, disciplines in the MF ecosystem experience frequent changes. The rigorous and critical review of the state-of-the-art in this paper will serve as a resource to support efficient and effective reference and adaptation.
Mobile devices have evolved and experienced an immense popularity over the last few years. This growth however has exposed mobile devices to an increasing number of security threats. Despite the variety of peripheral protection mechanisms described in the literature, authentication and access control cannot provide integral protection against intrusions. Thus, a need for more intelligent and sophisticated security controls such as intrusion detection systems (IDSs) is necessary. Whilst much work has been devoted to mobile device IDSs, research on anomaly-based or behaviour-based IDS for such devices has been limited leaving several problems unsolved. Motivated by this fact, in this paper, we focus on anomaly-based IDS for modern mobile devices. A dataset consisting of iPhone users data logs has been created, and various classification and validation methods have been evaluated to assess their effectiveness in detecting misuses. Specifically, the experimental procedure includes and cross-evaluates four machine learning algorithms (i.e. Bayesian networks, radial basis function, K-nearest neighbours and random Forest), which classify the behaviour of the end-user in terms of telephone calls, SMS and Web browsing history. In order to detect illegitimate use of service by a potential malware or a thief, the experimental procedure examines the aforementioned services independently as well as in combination in a multimodal fashion. The results are very promising showing the ability of at least one classifier to detect intrusions with a high true positive rate of 99.8%.
Authentication, authorization, and accounting services provide the framework on top of which a reliable, secure, and robust accounting system can be built. In a previous work of ours, we have presented a flexible and, most importantly, generic accounting scheme for next generation networks. In this paper, we substantially improve our previous work by providing the required Diameter application namely SIP-Accounting (SIPA) that enables the use of our accounting scheme for Session Initiation Protocol (SIP) services. Additionally, in an effort to protect the service providers and the end users against accounting frauds, we implement an add-on mechanism referred to as SIPA+ to combat attacks targeting the core accounting functions and the integrity of the respective accounting messages. Using the implemented SIPA and SIPA+ prototypes, we conducted a complete set of experiments testing several configurations and two distinct scenarios. The results reveal that the proposed accounting system and its security add-on are fully operable in SIP environments without incurring much cost in terms of performance and overhead.
The key issue for any mobile application or service is the way it is delivered and experienced by users, who eventually may decide to keep it on their software portfolio or not. Without doubt, security and privacy have both a crucial role to play towards this goal. Very recently, Gartner has identified the top ten of consumer mobile applications that are expected to dominate the market in the near future. Among them one can earmark location-based services in number 2 and mobile instant messaging in number 9. This paper presents a novel application namely MILC that blends both features. That is, MILC offers users the ability to chat, interchange geographic co-ordinates and make Splashes in real-time. At present, several implementations provide these services separately or jointly, but none of them offers real security and preserves the privacy of the end-users at the same time. On the contrary, MILC provides an acceptable level of security by utilizing both asymmetric and symmetric cryptography, and most importantly, put the user in control of her own personal information and her private sphere. The analysis and our contribution are threefold starting from the theoretical background, continuing to the technical part, and providing an evaluation of the MILC system. We present and discuss several issues, including the different services that MILC supports, system architecture, protocols, security, privacy etc. Using a prototype implemented in Google’s Android OS, we demonstrate that the proposed system is fast performing, secure, privacy-preserving and potentially extensible.
Kerberos is one of the most well-respected and widely used authentication protocols in open and insecure networks. It is envisaged that its impact will increase as it comprises a reliable and scalable solution to support authentication and secure service acquisition in the Next Generation Networks (NGN) era. This means however that security and privacy issues related to the protocol itself must be carefully considered. This paper proposes a novel two-level privacy framework, namely PrivaKERB, to address user privacy in Kerberos. Our solution offers two privacy levels to cope with user anonymity and service access untraceability. We detail how these modes operate in preserving user privacy in both single-realm and cross-realm scenarios. By using the extensibility mechanisms already available in Kerberos, PrivaKERB does not change the semantics of messages and enables future implementations to maintain interoperability. We also evaluate our solution in terms of service time and resource utilization. The results show that PrivaKERB is a lightweight solution imposing negligible overhead in both the participating entities and network.
Intrusion Detection Systems (IDS) have nowadays become a necessary component of almost every security infrastructure. So far, many different approaches have been followed in order to increase the efficiency of IDS. Swarm Intelligence (SI), a relatively new bioinspired family of methods, seeks inspiration in the behavior of swarms of insects or other animals. After applied in other fields with success SI started to gather the interest of researchers working in the field of intrusion detection. In this paper we explore the reasons that led to the application of SI in intrusion detection, and present SI methods that have been used for constructing IDS. A major contribution of this work is also a detailed comparison of several SI-based IDS in terms of efficiency. This gives a clear idea of which solution is more appropriate for each particular case.
The Universal Mobile Telecommunication Standard (UMTS) is continuously evolving to meet the growing demand of modern mobile and Internet applications for high capacity and advanced features in security and quality of service. Although admittedly enhanced in terms of security when compared to 2G systems, UMTS still has weaknesses that can lead to security incidents. In this paper, we investigate the vulnerabilities of the UMTS security architecture that can be exploited by a malicious individual to mount Denial of Service (DoS) attacks. Our focus is on signaling-oriented attacks above the physical layer. We describe and analyze several novel attacks that can be triggered against both core UMTS architecture as well as hybrid UMTS/WLAN realms. An additional contribution of this paper is the presentation of an extensive survey of similar attacks in UMTS and related protocol infrastructures such as IP Multimedia Subsystem (IMS). Finally, we offer some suggestions that would provide greater tolerance to the system against DoS attacks.
During the last decade the academic world is continuously capitalizing on the use of Internet and web-based learning solutions, because of the simplicity and immediacy in creating, organizing and managing educational material and student data. However, the delivery of educational content to the end-user is characterized by visual presentation and the requirement of some sort of access either wired or wireless to the Internet, which blocks visually impaired individuals or people who don’t have access to the Internet in one way or another from accessing educational content. In this paper we describe the design and implementation of the Internet Telephony Learning System (TELS). Besides all other, TELS exploits mature Internet/ web standards and the most popular communication mean in the world, the telephone, to provide audio interactivity between an otherwise traditional web application and the end-user. Unlike other similar applications, TELS does not need any special software or hardware to be accessed and since it is an open source traditional web application it can be custom-tailored to the individual needs of each institution. Since it is accessible to almost every communication device, we argue that it is useful for visually impaired, technologically uneducated, and underprivileged people for accessing information originally intended to be accessed visually via a Personal Computer.
In modern and future networks that belong to different providers, multimedia protocols will have to operate through multiple domains. In such an environment security is considered a crucial parameter; this is true especially for privacy since not all domains can be considered trusted beforehand in terms of personal data protection. Probably the most promising protocol for multimedia session management is SIP. While SIP is popular and a lot of research has been conducted, it still has some security issues, one of which is related to privacy and more particularly the protection of user identities (IDs). In the general case everybody can reveal the communicating parties IDs by simply eavesdropping on the exchanged SIP messages. In this paper we analyze the lack of user ID protection in SIP and propose two solutions; in the first the ID of the caller is protected while in the second both IDs of the caller and the callee are protected. Our work also includes performance results and extensive comparison with similar methods. The most significant advantage of our method is that it can assure user ID protection even when SIP messages are transmitted through untrusted SIP domains before reaching the Home Domain of the user or another trusted domain. Moreover, it does not require from the SIP Proxy server to maintain state information for exchanged SIP requests and respective responses.
In the near future, wireless heterogeneous networks are expected to interconnect in an all-IP architecture. An open issue towards this direction is the uninterrupted continuation of the received services during handover between networks employing different access technologies. In this context, Mobile IP (MIP) is a protocol that allows fast and secure handovers. However, MIP per se cannot handle all the issues that surface during handovers in certain services, and more specifically, when the information of the current state of a service requires re-establishment on the new subnet without having to repeat the entire protocol exchange with the mobile host from the outset. A number of methods have been proposed to solve the aforementioned problem, commonly referred to as secure context transfer. However, while such methods do succeed in minimising the disruption caused by security-related delays, it seems that little has been done to protect the end-users’ privacy as well. In this paper, a number of privacy enhanced (PE) context transfer schemes are presented. The first two of them have been introduced in a previous work of ours while the other two are novel. All schemes are analysed in terms of message exchange and evaluated through simulations. The performance of our schemes is compared with the standard ones proposed by the Seamoby work group (WG). The results demonstrate that the proposed schemes are very efficient in terms of application handover times, while at the same time guarantee the privacy of the end-user.
The scope of this survey is to examine and thoroughly evaluate the cluster-based Group Key Agreement (GKA) protocols for Wireless Sensor Networks (WSNs). Towards this goal, we have grouped the WSNs application environments into two major categories (i.e., infrastructure-based and infrastructureless) and have examined: a) which of the cluster-based Group Key Agreement (GKA) protocols that appear in the literature are applicable to each category, and b) to which degree these protocols will impact the systems' performance and energy consumption. In order to answer these questions we have calculated the complexity of each protocol and the energy cost it will add to the system. The evaluation of all discussed protocols is presented in a generalized way and can therefore serve as a reference point for future evaluations and for the design of new, improved GKA protocols.
Security can only be guaranteed as long as the hardware and other key parameters, including software components, secret keys etc, of a device remain genuine and unmodified. Under this context, device authentication must be considered as a key security issue, complementary and of equal importance to user authentication, in today’s wireless and forthcoming ubiquitous realms. This paper classifies and analyses possible major solutions proposed until now towards solving the device authentication issue. We constructively argue on each solution presented examining its advantages and disadvantages. A qualitative comparative analysis for the device authentication schemes in question is also offered, probing its applicability for both infrastructure and ad-hoc deployments. Inter-domain device authentication, where applicable, and users’ privacy as a side-effect are investigated as well.
IEEE 802.16 technology also well known as WiMax is poised to deliver the next step in the wireless evolution. This is further fostered by the 802.16e specification which, amongst other things, introduces support for mobility. The Multicast/Broadcast Service (MBS) is also an integral part of 802.16e destined to deliver next generation services to subscribers. In this paper we concentrate on the Multicast and Broadcast Rekeying Algorithm (MBRA) of 802.16e. This algorithm has been recently criticized for various vulnerabilities and security inefficiencies, as its designers are trying to balance wisely between performance and security. After surveying related work, we extensively discuss MBRA security issues and propose the use of a novel asymmetric group key agreement protocol based on the work in Wu et al. (2009) . Our scheme guarantees secure delivery of keys to all the members of a given group and mandates rekeying upon join and leave events. It can prevent insider attacks since only the Base Station possesses a secret encryption key while all other members in the network acquire the transmitted data by using their secret decryption keys. We compare our scheme with related work and demonstrate that although heavier in terms of computing costs, it compensates when scalability and security come to the foreground.
In next generation networks one of the most challenging issues is the definition of seamless and secure handoffs in order to assure service continuity. In general, researchers agree on the use of EAP as an authentication framework independent of the underlying technology. To date, efforts have focused on optimizing the authentication process itself, leaving out other relevant but sometimes important aspects like privacy. In this paper we present a solution that provides a lightweight authentication process while preserving user anonymity at the same time. The goal is to define a multi-layered pseudonym architecture that does not affect the fast re-authentication procedure and that allows a user to be untraceable. Taking as reference our previous work in fast re-authentication, we describe the extensions required to support identity privacy. Moreover, results collected from an implemented prototype, reveal that the proposed privacy-enhanced fast re-authentication scheme is attainable without significant cost in terms of performance in 4G foreseeable environments.
In this paper, we describe the design and implementation of an audio wiki application accessible via both the Public Switched Telephone Network and the Internet. The application exploits mature World Wide Web Consortium standards, such as VoiceXML, Speech Synthesis Markup Language, and Speech Recognition Grammar Specification toward achieving our goals. The purpose of such an application is to assist visually impaired, technologically uneducated, and underprivileged people in accessing information originally intended to be accessed visually via a personal computer (PC). Users may access wiki content via fixed or mobile phones, or via a PC using a Web Browser or a Voice over IP service. This feature promotes pervasiveness to collaboratively created content to an extremely large population, i.e., those who simply own a telephone line.
Secure multimedia delivery in modern and future networks is one of the most challenging problems towards the system integration of fourth generation (4G) networks. This integration means that different service and network providers will have to interoperate in order to offer their services to end users. This multidomain environment poses serious threats to the end user who has contract with, and trusts only a limited number of operators and service providers. One such threat is end users’ privacy on which we will focus in this paper. Probably the most promising protocol for multimedia session management is the Session Initiation Protocol (SIP), which is an application layer protocol and thus can operate on top of different lower layer technologies. SIP is quite popular and a lot of research has been conducted; however, it still has some security issues, one of which is related to privacy and more particularly the protection of user identities (IDs). In this paper we comment on the ID privacy issue of SIP and propose a framework called PrivaSIP that can protect either the caller's ID or both the caller's and the callee's IDs in multidomain environments. We present different implementations of our framework based on asymmetric and symmetric cryptography analyzing the pros and cons of each one of them. Furthermore, we provide performance measurements in order to estimate the performance penalty of our framework over standard SIP. The most significant advantage of our method is that it can assure user ID protection even when SIP messages are transmitted through untrusted SIP domains, while our results show that this can be achieved with no perceived delay by the end user.
A Mobile Ad Hoc Network (MANET) is characterized by the lack of any infrastructure, absence of any kind of centralized administration, frequent mobility of nodes, network partitioning, and wireless connections. These properties make traditional wireline security solutions not straightforwardly applicable in MANETs, and of course, constitute the establishment of a Public Key Infrastructure (PKI) in such networks a cumbersome task. After surveying related work, we propose a novel public key management scheme using the well-known web-of-trust or trust graph model. Our scheme is based on a binary tree formation of the network’s nodes. The binary tree structure is proved very effective for building certificate chains between communicating nodes that are multihops away and the cumbersome problem of certificate chain discovery is avoided.We compare our scheme with related work and show that it presents several advantages, especially when a fair balancing between security and performance is desirable. Simulations of the proposed scheme under different scenarios demonstrate that it is effective in terms of tree formation, join and leave occurrences, and certificate chain establishment.
SIP is rapidly becoming a standard for service integration within a variety of wireless and wireline networks. In this regard high availability, reliability and redundancy are key factors for any SIP based infrastructure. In an adverse environment, especially the Internet and foreseeable 3GPP IMS, high availability solutions are of major importance for SIP network components to smoothly mitigate call increments, device failures, misconfigurations, physical disasters and throttle active attacks. This paper proposes a practical and transparent failover solution for SIP and RTP-Proxy servers. We demonstrate that both methods work properly and increase stability and availability of such systems. Furthermore, high availability solutions are enhanced through the employment of easy to implement load balancing schemes. All the proposed solutions are technically analyzed and evaluated via properly designed test-beds, showing fine performance in terms of service times.
e-Informational systems based on the Internet infrastructure and services like e-mail, WWW, etc., are a de-facto option for various educational realms, in order to enhance the quality and diversity of services offered to their educators and students. On the other hand, despite the fact that pure mobile services like short message service (SMS) or multimedia message service (MMS) have managed to highly penetrate the wireless market to a great degree and gain users’ wide acceptance, are rarely employed to support or offer informational services in the context of education. In this paper, we describe in detail a fully functional SMS-oriented mobile-informational (m-informational) system named Pandora that was designed and developed from the onset to speci?cally support a plethora of services obtainable mainly by the students of our university. The analysis and our contribution are two-fold starting from the theoretical background and continuing to the technical part of the Pandora system. We present and discuss several issues, including the different services that Pandora supports, system architecture, Pandora’s box, core, Web services, security, etc. We demonstrate that the proposed system is practical to implement, flexible, effective, secure, affordable and above all scalable and potentially extensible.
Accounting is generally considered as one of the most challenging issues in modern and future mobile networks. As multi-domain complex heterogeneous environments are becoming a common terrain, accounting procedures performed by network and service providers have turned into a key aspect. However, in order for these networks to reliably deliver modern real-time services, they should, among other things, provide accurate accounting services, particularly billing. This work elaborates on the accounting process, proposing a novel and robust accounting system. The requirements of the proposed mechanism are defined and all the accounting scenarios that the system should cope with are examined. All the proposed accounting extensions are implemented by means of Diameter AVPs and commands. Our mechanism is generic and capitalizes on the existing AAA infrastructure, thus providing secure means to transfer and store sensitive billing data. More importantly, it can be easily incorporated into the providers’ existing mechanisms regardless of the underlying network technology. At the same time, its generic nature allows for interoperability between different network operators and service providers. Through extensive experimentation, we can also infer that our scheme is lightweight, scalable, and easy to implement requiring only minor modifications to the core Diameter protocol.
Voice services over Internet Protocol (VoIP) are nowadays much promoted by telecommunication and Internet service providers. However, the utilization of open networks, like the Internet, raises several security issues that must be accounted for. On top of that, there are new sophisticated attacks against VoIP infrastructures that capitalize on vulnerabilities of the protocols employed for the establishment of a VoIP session (for example the Session Initiation Protocol – SIP). This paper provides a categorization of potential attacks against VoIP services, followed by specific security recommendations and guidelines for protecting the underlying infrastructure from these attacks and thus ensuring the provision of robust and secure services. In order to utilize (share) the aforementioned security guidelines and recommendations into different domains, it is necessary to have them represented in some formal way. To this end, ontologies have been used for representing the proposed guidelines and recommendations in the form of a unified security policy for VoIP infrastructures. This ontology-based policy has been then transformed to a First Order Logic (FOL) formal representation. The proposed ontology-based security policy can be applied in a real VoIP environment for detecting attacks against an SIP-based service, but it can be also utilized for security testing purposes and vulnerabilities identification. The work presented in this paper has been focused to the SIP protocol. However, generalization to other signaling protocols is possible.
The emergence of Voice over IP (VoIP) has offered numerous advantages for end users and providers alike, but simultaneously has introduced security threats, vulnerabilities and attacks not previously encountered in networks with a closed architecture like the Public Switch Telephone Network (PSTN). In this paper we propose a two layer architecture to prevent Denial of Service attacks on VoIP systems based on the Session Initiation Protocol (SIP). The architecture is designed to handle different types of attacks, including request flooding, malformed message sending, and attacks on the underlying DNS system. The effectiveness of the prevention mechanisms have been tested both in the laboratory and on a real live VoIP provider network.
It has been generally agreed that the security of electronic patient records and generally e-health applications must meet or exceed the standard security that should be applied to paper medical records, yet the absence of clarity on the proper goals of protection has led to confusion. The primary purpose of this study was to investigate appropriate security mechanisms, which will help clinical professionals and patients discharge their ethical and legal responsibilities by selecting suitable systems and operating them safely and in short order. Thus, in this paper we propose a security model based on XML with the intention of developing a fast security policy mostly intended for mobile healthcare information systems. The proposed schema consists of a set of principles based on XML security models through the use of partial encryption, signature and integrity services and it was implemented by means of a web-based m-health application in a centralized three-tier architecture utilizing wireless networks environment. Several experiments took place with the aim of measuring the client response time implementing a number of m-health scenarios. The results showed that the response times required for the fulfillment of a client request with the XML security model are smaller compared to those corresponding to the conventional security mechanisms such as the application of SSL. By selectively applying confidentiality and integrity services either to the medical information as a whole or to some sensitive parts of it, the obtained results clearly demonstrate that XML security mechanisms overwhelm those of SSL and they are suitable for deployment in m-health applications.
This paper presents a framework that can be utilized for the protection of session initiation protocol (SIP)-based infrastructures from malformed message attacks. Its main characteristic is that it is lightweight and that it can be easily adapted to heterogeneous SIP implementations. The paper analyzes several real-life attacks on VoIP services and proposes a novel detection and protection mechanism that is validated through an experimental test-bed under different test scenarios. Furthermore, it is demonstrated that the employment of such a mechanism for the detection of malformed messages imposes negligible overheads in terms of the overall SIP system performance.
While public key cryptography is continuously evolving and its installed base is growing significantly, recent research works examine its potential use in e-learning or m-learning environments. Public key infrastructure (PKI) and attribute certificates (ACs) can provide the appropriate framework to effectively support authentication and authorization services, offering mutual trust to both learners and service providers. Considering PKI requirements for online distance learning networks, this paper discusses the potential application of ACs in a proposed trust model. Typical e-learning trust interactions between e-learners and providers are presented, demonstrating that robust security mechanisms and effective trust control can be obtained and implemented. The application of ACs to support m-learning is also presented and evaluated through an experimental test-bed setup, using the general packet radio service network. The results showed that AC issuing is attainable in service times while simultaneously can deliver flexible and scalable solutions to both learners and e-learning providers.
In the very near future, we shall witness the coexistence of networks with heterogeneous link layer technologies. Such networks will naturally overlap each other and mobile users will need to frequently handoff among them for a number of reasons, including the quest for higher speeds and/or lower cost. Handoffs between such hybrid networks should be fast enough to support demanding applications, like multimedia content delivery, but also secure enough since different network providers are involved. This gets even more complicated considering that network providers may not simultaneously be multimedia service providers as it is the case today. In order to support security operations in a large scale the employment of an AAA protocol is mandated; however, this adds more delay to the handoff process. This article analyses and compares the prominent methods proposed so far that optimize the secure handoff process in terms of delay and are suitable for uninterruptible secure multimedia service delivery.
The open architecture of the Internet and the use of open standards like Session Initiation Protocol (SIP) constitute the provisioning of services (e.g., Internet telephony, instant messaging, presence, etc.) vulnerable to known Internet attacks, while at the same time introducing new security problems based on these standards that cannot been tackled with current security mechanisms. This article identifies and describes security problems in the SIP protocol that may lead to denial of service. Such security problems include flooding attacks, security vulnerabilities in parser implementations, and attacks exploiting vulnerabilities at the signaling-application level. A qualitative analysis of these security flaws and their impacts on SIP systems is presented.
Third Generation Partnership Project (3GPP) has recently provided a cellular-WLAN interworking architecture as an add-on to 3GPP system specifications. This architecture can offer IP-based services, compatible with those obtainable by 3G packet switched domain, to a 3G subscriber who is connected via a WLAN. Following this approach, in this paper we propose extensions to current 3GPP specifications, implementing and experimenting with a hybrid WLAN-3G network architecture capable of supporting subscribers certificates. We focus on attribute certificates, which are of major importance for user authorization and, due to their temporary nature, entail minimum concern regarding revocation issues. We emphasise on the necessary public key infrastructure incorporation which requires minimum changes in 3G core network elements and signalling and provide a list of the potential threats, which can be identified in a presumable deployment. Apart from the description and requirements of the proposed WLAN-3G architecture, particular emphasis is placed on the experimental evaluation of the performance of two alternative test-bed scenarios, which shows that digital certificates technology is not only feasible to implement in present and future heterogeneous mobile networks, but also can deliver flexible and scalable services to subscribers, without compromising security.
Recent research works examine the potential employment of public-key cryptography schemes in e-health environments. In such systems, where a Public Key Infrastructure (PKI) is established beforehand, Attribute Certificates (ACs) and public key enabled protocols like TLS, can provide the appropriate mechanisms to effectively support authentication, authorization and confidentiality services. In other words, mutual trust and secure communications between all the stakeholders, namely physicians, patients and e-health service providers, can be successfully established and maintained. Furthermore, as the recently introduced mobile devices with access to computer-based patient record systems are expanding, the need of physicians and nurses to interact increasingly with such systems arises. Considering public key infrastructure requirements for mobile online health networks, this paper discusses the potential use of Attribute Certificates (ACs) in an anticipated trust model. Typical trust interactions among doctors, patients and e-health providers are presented, indicating that resourceful security mechanisms and trust control can be obtained and implemented. The application of attribute certificates to support medical mobile service provision along with the utilization of the de-facto TLS protocol to offer competent confidentiality and authorization services is also presented and evaluated through experimentation, using both the 802.11 WLANand General Packet Radio Service (GPRS) networks.
While mobile hosts are evolving into full-IP enabled devices, there is a greater demand to provide a more flexible, reconfigurable, and scalable security mechanism in mobile communication systems beyond 3G (B3G). Work has already begun on such an “all- IP” end-to-end solution, commonly referred to as 4G systems. Fully fledged integration between heterogeneous networks, such as 2.5G, UMTS, WLAN, Bluetooth, and the Internet, demands fully compatible, time-tested, and reliable mechanisms to depend on. SSL protocol has proved its effectiveness in the wired Internet and it will probably be the most promising candidate for future wireless environments. In this paper, we discuss existing problems related to authentication and key agreement (AKA) procedures, such as compromised authentication vectors attacks, as they appear in current 2/2.5G/3G mobile communication systems, and propose how SSL, combined with public key infrastructure (PKI) elements, can be used to overcome these vulnerabilities. In this B3G environment, we perceive authentication as a service, which has to be performed at the higher protocol layers irrespective of the underlying network technology. Furthermore, we analyze the effectiveness of such a solution, based on measurements of a “prototype” implementation. Performance measurements indicate that SSL-based authentication can be possible in terms of service time in future wireless systems, while it can simultaneously provide both the necessary flexibility to network operators and a high level of confidence to end users.
The SSL/TLS protocol is a de-facto standard that has proved its effectiveness in the wired Internet and it will probably be the most promising candidate for future heterogeneous wireless environments. In this paper, we propose potential solutions that this protocol can offer to future “all-IP” heterogeneous mobile networks with particular emphasis on the user’s side. Our approach takes into consideration the necessary underlying public key infrastructure (PKI) to be incorporated in future 3G core network versions and is under investigation by 3GPP. We focus on the standard 3G+ authentication and key agreement (AKA), as well as the recently standardized extensible authentication protocol (EAP)-AKA procedures and claim that SSL-based AKA mechanisms can provide for an alternative, more robust, flexible and scalable security framework. In this 3G+ environment, we perceive authentication as a service, which has to be performed at the higher protocol layers irrespectively of the underlying network technology. We conducted a plethora of experiments concentrating on the SSL’s handshake protocol performance, as this protocol contains demanding public key operations, which are considered heavy for mobile devices. We gathered measurements over the GPRS and IEEE802.11b networks, using prototype implementations, different test beds and considering battery consumption. The results showed that the expected high data rates on one hand, and protocol optimisations on the other hand, can make SSL-based authentication a realistic solution in terms of service time for future mobile systems.
Motivated by the fact that the SSL protocol has proved its effectiveness in wired IP networks, recent research work has examined the potential use of this protocol in various wireless technologies. Although Wi-Fi networks present security deficiencies, they manage to penetrate the wireless market to a great degree due to their low cost, easy administration, great capacity, IP-oriented nature, etc. Considering Wi-Fi networking settings, administrated by different operators, as parts of a common core 3G infrastructure, the author propose the potential application of enhanced SSL-based authentication mechanisms in integrated emerging-3G and Wi-Fi networks. Existing problems related to authentication and key agreement (AKA) procedures and the extensible authentication protocol (EAP)-AKA, as they appear in the latest 3G and integrated 3G/ Wi-Fi specifications, are discussed. It is proposed how EAP-TLS, combined with public key infrastructure (PKI) elements, can be used to overcome these inefficiencies in a hybrid WLAN 3G heterogeneous environment, in order to provide strong authentication and end-to-end security to the mobile user.
Despite Wi-Fi is at the eve of its seventh generation, security concerns regarding this omnipresent technology remain in the spotlight of the research community. This work introduces two new denial of service attacks against contemporary Wi-Fi 5 and 6 networks. Differently to similar works in the literature which focus on 802.11 management frames, the introduced assaults exploit control frames. Both the attacks target the central element of any infrastructure-based 802.11 network, i.e., the access point (AP), and result in depriving the associated stations from any service. We demonstrate that, at the very least, the attacks affect a great mass of off-the-self AP implementations by different renowned vendors, and it can be mounted with inexpensive equipment, little effort, and a low level of expertise. With reference to the latest standard, namely, 802.11-2020, we elaborate on the root cause of the respected vulnerabilities, pinpointing shortcomings. Following a coordinated vulnerability disclosure process, our findings have been promptly communicated to each affected AP vendor, already receiving positive feedback as well as a – currently reserved – common vulnerabilities and exposures (CVE) ID, namely CVE-2022-32666.
One of the most critical building blocks of the reliable operation of the Internet is the Border Gateway Protocol (BGP) that is used to exchange routing messages, signaling active and defective routing paths. During large-scale catastrophic incidents, such as conventional military operations or cyberwarfare, the stability of the Internet is affected, causing the announcements of defective routing paths to increase substantially. This work studies the relation between major incidents, such as armed conflicts in a country scale, and the corresponding network outages observed in the core of the Internet infrastructure as announced by BGP. We focus on the Russo-Ukrainian war as a timely and prominent use case and examine geolocalized BGP data for a 2-month period. Our methodology allows us to cherry-pick long-term network outages among temporary interruptions of service in this specific time window, and pinpoint them to the areas of the operations. Our results indicate that there is a high correlation between the start of military operations and network outages in a city and country level. Furthermore, we show that the last few days before the start of the operations network outages rise as well, indicating that preparatory cyberattack activities take place. No less important, network outages remain at much higher than usual levels during the operations, something that can be attributed to infrastructure destruction possibly backed by cyberattacks.
The Transport Layer Security (TLS) protocol was introduced to solve the lack of security and privacy in the early versions of the world wide web. However, even though it has substantially evolved over the years, certain features still present privacy issues. One such feature is the Server Name Indication (SNI) extension, which allows multiple web servers to reside behind a provider hosting multiple domains with the same IP address; at the same time it allows third parties to discover the domains that end users visit. In the last few years, the Encrypted Server Name Indication (ESNI) Internet draft is being developed by the Internet Engineering Task Force (IETF); this encrypted variant of the extension was renamed to Encrypted Client Hello (ECH) in latest versions. In this paper, we measure the adoption of both these versions, given that they have substantial differences. By analyzing the top 1M domains in terms of popularity, we identify that only a small portion, less than 19%, supports the privacy-preserving ESNI extension and practically no domain supports ECH. Overall, these results demonstrate that there is still a long way to go to ensure the privacy of end users visiting TLS-protected domains which are co-located behind a common Internet-facing server.
Emergency calling services are a cornerstone of public safety. During the last few years such systems are transitioning to VoIP and unified communications, and are continuously evolving under the umbrella of organizations, including NENA and EENA. The outcome of this effort is NG911 or NG112 services operating over the so-called Emergency Services IP network (ESInet). This work introduces and meticulously assesses the impact of an insidious and high-yield denial-of-service (DoS) attack against ESInet. Contrariwise to legacy SIP-based DoS, the introduced assault capitalizes on the SDP body of the SIP message with the sole purpose of instigating CPU-intensive transcoding operations at the ESInet side. We detail on the way such an attack can be carried out, and scrutinize on its severe, if not catastrophic, impact through different realistic scenarios involving a sufficient set of codecs. Finally, highlighting on the fact that 911 or 112 calls cannot be dropped, but need to be answered as fast as possible, we offer suggestions on how this kind of assault can be detected and mitigated.
HTTP security-focused response headers can be of great aid to web applications towards augmenting their overall security level. That is, if set at the server side, these headers define whether certain security countermeasures are in place for protecting end-users. By utilising the curated Tranco list, this work conducts a wide-scale internet measurement that provides timely answers to the following questions: (a) How the adoption of these headers is developing over time?, (b) What is the penetration ratio of each key header in the community?, (c) Are there any differences in the support of these headers between diverse major browsers and platforms?, (d) Does the version of a browser (outdated vs. new) affects the support rate per key header?, and (e) Is the status of a header (active vs. deprecated) reflected to its support rate by web servers? Setting aside the use of the more robust Tranco corpus, to our knowledge, with reference to the literature, the contributions regarding the third and fifth questions are novel, while for the rest an updated, up-to-the-minute view of the state of play is provided. Amongst others, the results reveal that the support of headers is somewhat related to the browser version, the penetration ratio of all headers is less than 17% across all platforms, outdated browser versions may be better supported in terms of headers, while deprecated headers still enjoy wide implementation.
Cyberattacks targeting modern network infrastructures are increasing in number and impact. This growing phenomenon emphasizes the central role of cybersecurity and, in particular, the reaction against ongoing threats targeting assets within the protected system. Such centrality is reflected in the literature, where several works have been presented to propose full-fledged reaction methodologies to tackle offensive incidents’ consequences. In this direction, the work in  developed an immuno-based response approach based on the application of the Artificial Immune System (AIS) methodology. That is, the AIS-powered reaction is able to calculate the optimal set of atomic countermeasure to enforce on the asset within the monitored system, minimizing the risk to which those are exposed in a more than adequate time. To further contribute to this line, the paper at hand presents AISGA, a multi-objective approach that leverages the capabilities of a Genetic Algorithm (GA) to optimize the selection of the input parameters of the AIS methodology. Specifically, AISGA selects the optimal ranges of inputs that balance the tradeoff between minimizing the global risk and the execution time of the methodology. Additionally, by flooding the AIS-powered reaction with a wide range of possible inputs, AISGA intends to demonstrate the robustness of such a model. Exhaustive experiments are executed to precisely compute the optimal ranges of parameters, demonstrating that the proposed multi-objective optimization prefers a fast-but-effective reaction.
The topic of mobile malware detection on the Android platform has attracted significant attention over the last several years. However, while much research has been conducted toward mobile malware detection techniques, little attention has been devoted to feature selection and feature importance. That is, which app feature matters more when it comes to machine learning classification. After succinctly surveying all major, dated from 2012 to 2020, datasets used by state-of-the-art malware detection works in the literature, we analyse a critical mass of apps from the most contemporary and prevailing datasets, namely Drebin, VirusShare, and AndroZoo. Next, we rank the importance of app classification features pertaining to permissions and intents using the Information Gain algorithm for all the three above-mentioned datasets.
Mobile malware poses undoubtedly a major threat to the continuously increasing number of mobile users worldwide. While researchers have been trying vigorously to find optimal detection solutions, mobile malware is becoming more sophisticated and its writers are getting more and more skilled in hiding malicious code. In this paper, we examine the usefulness of two known dimensionality reduction transformations namely, Principal Component Analysis (PCA) and t-distributed stochastic neighbor embedding (t-SNE) in malware detection. Starting from a large set of base prominent classifiers, we study how they can be combined to build an accurate ensemble. We propose a simple ensemble aggregated base model of similar feature type as well as a complex ensemble that can use multiple and possibly heterogeneous base models. The experimental results in contemporary Androzoo benchmark corpora verify the suitability of ensembles for this task and clearly demonstrate the effectiveness of our method.
Smartphones are pervasively used in many everyday life extents, and have been both targets and victims of malware. While there are many anti-malware applications available in mobile markets, so far there are no public services that collect mobile usage data, so as to observe malware effects on mobile devices. The main contribution of this paper is the Mal-warehouse, an open-source tool performing data collection-as-a-service for Android malware behavioral patterns. During its initial development and experimentation phase, the tool extracts mobile device statistics, including CPU, memory and battery usage, process reports, and network statistics for 14 Android malware applications from a target device. It then stores them in a classified manner on a cloud database. Despite the fact that the work at hand is still in an early stage, the detection model is enhanced with a preliminary detection module. Machine learning techniques are used as a proof-of-concept so as to evaluate the detection capabilities of the detection model, when compared to a clean snapshot of the target device. Mal-warehouse is publicly available, meaning that anyone can download and use it locally and then upload their findings to the cloud service for further evaluation and processing by others.
DNS amplification is considered a significant and constant threat to any networking environment. Certainly, the Authoritative Name Servers (ANS) of popular domain zones, and in particular the DNSSEC-enabled ones, do not elude the attention of attackers for entangling them in this type of assaults. The ANS list of Top Level Domains (TLD) are publicly accessible in the form of root.zone file, so even a casual attacker is able to acquire the list of TLD zones and their matching ANSs. In this context, the paper at hand examines the potential of ANSs of TLD to be unknowingly engaged by attackers in DNS amplification attacks. In particular, using two distinct versions of the root.zone file, we assess the amplification factor that these entities may produce when replying to both individual and multiple queries. As a side-goal, we measure the degree of adoption of Response Rate Limiting (RRL) by ANS. Our most important findings are that (i) an 25% and 37% of unique DNS queries for TLDs produce an amplification factor that respectively exceeds 60 and 50 when the query is sent individually or in batch, and (ii) an almost 43% of unique ANSs do not properly implement RRL or leave it inactive.
The rapidly growing presence of Internet of Things (IoT) devices is becoming a continuously alluring playground for malicious actors who try to harness their vast numbers and diverse locations. One of their primary goals is to assemble botnets that can serve their nefarious purposes from Denial of Service (DoS) to spam and advertisement fraud. The most recent example that highlights the severity of the problem is the Mirai family of malware, which is accountable for a plethora of massive DDoS attacks of unprecedented volume and diversity. The aim of this paper is to offer a comprehensive state-of-the-art review of the state of IoT malware and the underlying reasons of its success with a particular focus on Mirai and major similar worms. To that end, we provide extensive details on the internal workings of IoT malware, examine their interrelationships, and elaborate on the possible strategies for defending against them.
Botnet armies constitute a major and continuous threat to the Internet. Their number, diversity, and power grows with each passing day, and the last years we are witnessing their rapid expansion to mobile and even IoT devices. The work at hand focuses on botnets which comprise mobile devices (e.g. smartphones), and aims to raise the alarm on a couple of advanced Command and Control (C&C) architectures that capitalize on Tor's hidden services (HS) and DNS protocol. Via the use of such architectures, the goal of the perpetrator is dual; first to further obfuscate their identity and minimize the botnet's forensic signal, and second to augment the resilience of their army. The novelty of the introduced architectures is that it does not rely on static C&C servers, but on rotating ones, which can be reached by other botnet members through their (varied) onion address. Also, we propose a scheme called "Tor fluxing", which opposite to legacy IP or DNS fluxing, does not rely on A type of DNS resource records but on TXT ones. We demonstrate the soundness and effectiveness of the introduced C&C constructions via a proof-of-concept implementation, and suggest possible remedies.
It is without a doubt that both the controller and switch of an SDN are vulnerable to Distributed Denial of Service (DDoS) attacks. Typically, this ilk of attacks targets the flow table of the deployed switches with the aim of producing overloading, high network delays, and consume bandwidth. Motivated by this fact, in this paper, we propose a lightweight scheme which is based on a set of rules to efficiently characterize packets sent to a network switch as malicious or not. Through testbed experimentation and comparison with legacy DDoS protection schemes, we demonstrate that our solution performs significantly better when it comes to SDN ecosystem for mobile and wireless users.
Over the last decade online services have penetrated the market and for many of us became an integral part of our software portfolio. On the one hand online services offer flexibility in every sector of the social web, but on the other hand these pros do not come without a cost in terms of privacy. This work focuses on online services, and in particular on the possible inherent design errors which make these services an easy target for privacy invaders. We demonstrate the previous fact using a handful of real-world cases pertaining to popular online web services. More specifically, we show that despite the progress made in raising security/privacy awareness amongst all the stakeholders (developers, admins, users) and the existence of mature security/privacy standards and practices, there still exist a plethora of poor implementations that may put user’s privacy at risk. We particularly concentrate on cases where a breach can happen even if the aggressor has limited knowledge about their target and/or the attack can be completed with limited resources. In this context, the main contribution of the paper at hand revolves around the demonstration of effortlessly exploiting privacy leaks existing in widely-known online services due to software development errors.
Over the last decade, VoIP services and more especially the SIP-based ones, have gained much attention due to the low-cost and simple models they offer. Nevertheless, their inherently insecure design make them prone to a plethora of attacks. This work concentrates on the detection of resource consumption attacks targeting SIP ecosystems. While this topic has been addressed in the literature to a great extent, only a handful of works examine the potential of Machine Learning (ML) techniques to detect DoS and even fewer do so in realtime. Spurred by this fact, the work at hand assesses the potential of 5 different ML-driven methods in nipping SIP-powered DDoS attacks in the bud. Our experiments involving 17 realistically simulated (D)DoS scenarios of varied attack volume in terms of calls/sec and user population, suggest that some of the classifiers show promising detection accuracy even in low-rate DDoS incidents. We also show that the performance of ML-based detection in terms of classification time overhead does not exceed 3.5 ms in average with a mean standard deviation of 7.7 ms.
We present a moderately simple to implement but very effective and silent deanonymization scheme for Tor traffic. This is done by bridging the mixes in Tor, that is, we control both the traffic leaving the Onion Proxy (OP) and the traffic entering the Exit node. Specifically, from a user’s viewpoint, our proposal has been implemented in the popular Android platform as a spyware, having the dual aim to manipulate user traffic before it enters the Tor overlay and explicitly instruct OP to choose an exit node that is controlled by the attacker. When the user traffic is received by the rogue exit node it is filtered, and the sender’s IP details become visible. Notably, apart from deobfuscating normal http traffic, say, send via the Tor browser, the proposed scheme is able to manipulate https requests as well.
Nowadays, basic cybersecurity education and awareness is deemed necessary, even for children as young as elementary school-aged. If knowledge on this topic is delivered in the form of a digital game-based activity, then it has greater chances of being more joyful and efficient. The paper at hand discusses the development of a novel mobile app called CyberAware, destined to cybersecurity education and awareness. At present, the game is designed for K-6 aged children and can be used to support either or both formal or informal learning. Also, due to its mobile nature, it can be experienced as an outdoor or classroom activity. Opposite to similar studies found in the literature so far, our attention is not solely drawn to game's technological aspects but equally to the educational factor.
Covert channels pose a significant threat for networking systems. In this paper, we examine the exploitation of Session Description Protocol (SDP) information residing in Session Initiation Protocol (SIP)requests with the aim to hide data in plain sight.While a significant mass of works in the literature cope with covert communication channels, only a very limited number of them rely on SIP to realize its goals. Also, none of them concentrates on SDP data contained in SIP messages to implement and evaluate such a hidden communication channel. Motivated by this fact, the work at hand proposes and demonstrates the feasibility of a simple but very effective in terms of stealthiness and simplicity SIP-based covert channel for botnet Command and Control (C&C). As a side contribution, we assess the soundness and the impact of such a deployment at the victim's side via the use of two different types of flooding attacks.
This paper focuses on network anomaly-detection and especially the effectiveness of Machine Learning (ML) techniques in detecting Denial of Service (DoS) in SIP-based VoIP ecosystems. It is true that until now several works in the literature have been devoted to this topic, but only a small fraction of them have done so in an elaborate way. Even more, none of them takes into account high and low-rate Distributed DoS (DDoS) when assessing the efficacy of such techniques in SIP intrusion detection. To provide a more complete estimation of this potential, we conduct extensive experimentations involving 5 different classifiers and a plethora of realistically simulated attack scenarios representing a variety of (D)DoS incidents. Moreover, for DDoS ones, we compare our results with those produced by two other anomaly-based detection methods, namely Entropy and Hellinger Distance. Our results show that ML-powered detection scores a promising false alarm rate in the general case, and seems to outperform similar methods when it comes to DDoS.
With over 6 billion mobile phone subscribers, it is inevitable that such devices will be involved in criminal activities. Furthermore, the evolution of smartphones has changed the way people use their mobile phones in their everyday life. That is, a huge variety of services exist in the device that can be exploited for either perpetrating a criminal activity or being the subject of the crime. By conducting an analysis of existing forensic tools and the literature, it became evident that there is a significant lack of advanced tools that enable the correlation among the various events of forensic interest in order to facilitate an investigation and reduce the cognitive load on the analyst side. Motivated by this fact, the paper at hand proposes a novel tool that incorporates strong mechanisms to forensically analyze an Android device, aiming to reduce the workload of the investigator through advanced and intelligent correlation and visualization.
Attackers always find ways to elude the employed security mechanisms of a system, no matter how strong they are. Nevertheless, audit trails - which as a rule of thumb are kept by any service provider - store all the events pertaining to the service of interest. Therefore, audit trail data can be a valuable ally when it comes to the certification of the security level of a given service. This stands especially true for critical realtime services such as multimedia ones, which nowadays are on the rise. This work proposes a practical, simple to implement yet powerful solution based on the Hellinger Distance metric for conducting audit trail analysis destined to expose security incidents. Our solution relies on a set of different features existing in the app layer protocol for session handling in order to classify the analyzed traffic as intrusive or not. Taking the well-known Session Initiation Protocol (SIP) as an example, we thoroughly evaluate the effectiveness of the proposed detection scheme in terms of accuracy under various realistic scenarios. The outcomes reveal competitive detection rates in terms of false positives and negatives and can be used as a reference for future works in the field.
Most would agree that modern app-markets have been flooded with applications that not only threaten the security of the OS uperficially, but also in their majority, trample on user’s privacy through the exposure of sensitive information not necessarily needed for their operation. In this context, the current work revolves around 3 key questions: Is there a way for the end-user to easily track - the many times - hidden privacy leaks occurring due to the way mobile apps operate? Can crowdsourcing provide the end-user with a quantitative assessment per app in terms of privacy exposure level? And if yes, in which way a cloud-based crowdsourcing mechanism can detect and alert for changes in the apps’ behavior? Motivated by the aforementioned questions, we design a cloud-based system that operates under a crowdsourcing logic, with the aim to provide i) a real-time privacy-flow tracking service, ii) a collaborative infrastructure for exchanging information related to apps’ privacy exposure level, and iii) potentially a behavior-driven detection mechanism in an effort to take advantage of the crowdsourcing data to its maximum efficasy.
Anonymity on SIP signaling can be achieved either by the construction of a lower level tunnel (via the use of SSL or IPSec protocols) or by employing a custom-tailored solution. Unfortunately, the former category of solutions present significant impediments including the requirement for a PKI and the hop-by-hop fashioned protection, while the latter only concentrate on the application layer, thus neglecting sensitive information leaking from lower layers. To remediate this problem, in the context of this paper, we employ the well-known Tor anonymity system to achieve complete SIP traffic obfuscation from an attacker’s standpoint. Specifically, we capitalize on Tor for preserving anonymity on network links that are considered mostly untrusted, i.e., those among SIP proxies and the one between the last proxy in the chain and the callee. We also, combine this Tor-powered solution with PrivaSIP to achieve an even greater level of protection. By employing PrivaSIP we assure that: (a) the first hop in the path (i.e., between the caller and the outbound proxy) affords anonymity, (b) the callee does not know the real identity of the caller, and (c) no real identities of both the caller and the callee are stored in log files. We also evaluate this scheme in terms of performance and show that even in the worst case, the latency introduced is not so high as it might be expected due to the use of Tor.
Smartphone ownership and usage has seen massive growth in the past years. As a result, their users have attracted unwanted attention from malicious entities and face many security challenges, including malware and privacy issues. This paper concentrates on IDS carefully designed to cater to the security needs of modern mobile platforms. Two main research issues are tackled: (a) the definition of an architecture which can be used towards implementing and deploying such a system in a dual-mode (host/cloud) manner and irrespectively of the underlying platform, and (b) the evaluation of a proof-of-concept anomaly-based IDS implementation that incorporates dissimilar detection features, with the aim to assess its performance qualities when running on state-of-the-art mobile hardware on the host device and on the cloud. This approach allow us to argue in favor of a hybrid host/cloud IDS arrangement (as it assembles the best characteristics of both worlds) and to provide quantitative evaluation facts on if and in which cases machine learning-driven detection is affordable when executed on-device.
Network audit trails, especially those composed of application layer data, can be a valuable source of information regarding the investigation of attack incidents. Nevertheless, the analysis of log files of large volume is usually both complex (slow) and privacy-neglecting. Especially, when it comes to VoIP, the literature on how audit trails can be exploited to identify attacks remains scarce. This paper provides an entropy-driven, privacy-preserving, and practical framework for detecting resource consumption attacks in VoIP ecosystems. We extensively evaluate our framework under various attack scenarios involving single and multiple assailants. The results obtained show that the proposed scheme is capable of identifying malicious traffic with a false positive alarm rate up to 3.5%.
As mobile learning (mLearning) gains momentum, so does the worry of the parties involved to mLearning activities regarding the security and privacy level of the underlying systems and practices. Indeed, the basically spontaneous nature of mLearning and the variety of out-of-control devices that are used for supporting its activities, makes it prone to a plethora of attacks such as masquerading and man-in-the-middle. Thus, the provision of some sort of post- authentication and non-repudiation service in an effort to deter and repel ill-motivated activities may be of particular value in such realms. Compelled by this fact, in this paper, we introduce a dynamic signature-based biometric scheme to enable the offering of both of the aforementioned services in mLearning domains. We argue that our solution is both practical and lightweight. Its feasibility is also demonstrated through the use of machine learning techniques.
Specification (or modeling) languages can be very handy in describing certain aspects of a system and check properties of interest about it. Also, once a model is constructed, one is able to use the associated analyzer to create examples and/or counterexamples to explore hypotheses posed about the system. In the context of cryptography this verification process is of great importance as it can contribute towards finding weaknesses and assessing system's robustness. This paper capitalizes on the well-known Alloy language to model and analyze attacks on DES triple modes namely ECB|ECB|CBC^-1 and ECB|OFB|OFB. We model attacks described in  and show that they can be fruitful in the general case. This work can serve as a framework in modeling similar cryptosystems and assessing certain attacks on them.
It is without a doubt that malware especially designed for modern mobile platforms is rapidly becoming a serious threat. So far, research for dealing with this risk has concentrated on the Android platform and mainly considered static solutions rather than dynamic ones. Compelled by this fact, in this paper, we contribute a fully-fledged tool able to dynamically analyze any iOS software in terms of method invocation (i.e., which API methods the application invokes and under what order), and produce exploitable results that can be used to manually or automatically trace its behavior to decide if it contains malicious code or not. By employing real life malware we assessed our tool both manually as well as via heuristic techniques and the results we obtained are highly accurate in detecting malicious code.
The focus of this paper is on iPhone platform security and especially on user’s data privacy. We are designing and implementing a new malware that takes over the iOS mDNS protocol and exposes user's privacy information by capitalizing on the new Siri facility. The attack architecture also includes a proxy server which acts as man-in-themiddle between the device and the Apple's original Siri server.
Modern and powerful mobile devices comprise an attractive target for any potential intruder or malicious code. The usual goal of an attack is to acquire user’s sensitive data or compromise the device so as to use it as a stepping stone (or bot) to unleash a number of attacks to other targets. In this paper, we focus on the popular iPhone device. We create a new stealth and airborne malware namely iSAM able to wirelessly infect and self-propagate to iPhone devices. iSAM incorporates six different malware mechanisms, and is able to connect back to the iSAM bot master server to update its programming logic or to obey commands and unleash a synchronized attack. Our analysis unveils the internal mechanics of iSAM and discusses the way all iSAM components contribute towards achieving its goals. Although iSAM has been specifically designed for iPhone it can be easily modified to attack any iOS-based device.
IEEE 802.16 technology also well known as WiMax is poised to deliver the next step in the wireless evolution. This is further fostered by the 802.16e specification which, amongst other things, introduces support for mobility. The Multicast/Broadcast Service (MBS) is also an integral part of 802.16e destined to deliver next generation services to subscribers. In this paper we concentrate on the Multicast and Broadcast Rekeying Algorithm (MBRA) of 802.16e. This algorithm has been recently criticized for various vulnerabilities and security inefficiencies, as its designers are trying to balance wisely between performance and security. After surveying related work, we extensively discuss MBRA security issues and propose the use of a novel asymmetric group key agreement protocol based on the work in Wu et al. (2009) . Our scheme guarantees secure delivery of keys to all the members of a given group and mandates rekeying upon join and leave events. It can prevent insider attacks since only the Base Station possesses a secret encryption key while all other members in the network acquire the transmitted data by using their secret decryption keys. We compare our scheme with related work and demonstrate that although heavier in terms of computing costs, it compensates when scalability and security come to the foreground.
The adoption of Wireless Sensor Networks (WSNs) in the healthcare sector poses many security issues, mainly because medical information is considered particularly sensitive. The security mechanisms employed are expected to be more efficient in terms of energy consumption and scalability in order to cope with the constrained capabilities of WSNs and patients’ mobility. Towards this goal, cluster-based medical WSNs can substantially improve efficiency and scalability. In this context, we have proposed a general framework for cluster-based medical environments on top of which security mechanisms can rely. This framework fully covers the varying needs of both in-hospital environments and environments formed ad hoc for medical emergencies. In this paper, we further elaborate on the security of our proposed solution. We specifically focus on key establishment mechanisms and investigate the group key agreement protocols that can best fit in our framework.
At the onset of the ubiquitous computing era, systems need to respond to a variety of challenges, in order to capitalize on the benefits of pervasiveness. One of the pivotal enablers of pervasive computing is the RFID technology which can be successfully applied in numerous applications. However, the interaction of such applications with sensitive personal data renders the need for assuring confidentiality a sine qua non. The native limitations in computing resources, i.e., computational power, memory etc, that characterize nearly all classes of RFID tags make the development of custom-tailored RFID security protocols a troublesome yet challenging task. In this paper we propose a mutual authentication protocol for low cost RFID tags and readers. We also demonstrate that our scheme is more efficient in terms of resource utilization on the backend server, and under identical conditions, more secure when compared with existing congruent protocols.
The Universal Mobile Telecommunication Standard (UMTS) is the Third Generation (3G) mobile technology with the widest public acceptance. Although, enhanced in matters of security, comparing to its predecessor i.e., the GSM, it still has vulnerabilities that can lead to security breach. In this paper we investigate the vulnerabilities of the UMTS architecture that can be exploited by a malicious entity to launch Denial of Service (DoS) attacks. We examine the methodologies that an attacker would possibly follow, as well as the possible outcome of such class of attacks. We also give some suggestions that would provide greater tolerance to the system against DoS attacks.
It is well known that no security mechanism can provide full protection against a potential attack. There is always a possibility that a security incident may happen, mainly as a result of a new or modified attack that the employed countermeasures cannot handle or identify. It is therefore useful to perform a deferred analysis of logged network data, in an attempt to identify abnormal behavior/traffic that flags some type of security incident that has not been detected by the security countermeasures. Such an analysis of logged data for critical real time applications, like VoIP services, is certainly a valuable tool for enhancing the security level of the provided service. In this paper we introduce a practical tool that can be employed for the analysis of logged VoIP data and thus validate the effectiveness of the security mechanisms and the conformance with the corresponding security policy rules. For the analysis of the data we capitalize on our security model for VoIP services  that is based on First Order Logic concepts, while the Protégé API and the Semantic Web Rule Language (SWRL) are also exploited. The proposed tool has been evaluated in terms of an experimental environment, while the results obtained confirm the validity of its operation and demonstrate its effectiveness.
Web personalization is an elegant and flexible process of making a web site responsive to the unique needs of each individual user. Data that reflects user preferences and likings, comprising therefore a user profile, are gathered to an adaptive web site in a non transparent manner. This situation however raises serious privacy concerns to the end user. When browsing a web site, users are not aware of several important privacy parameters i.e., which behavior will be monitored and logged, how it will be processed, how long it will be kept, and with whom it will be shared in the long run. In this paper we propose an abstract architecture that enhances user privacy during interaction with adaptive web sites. This architecture enables users to create and update their personal privacy preferences for the adaptive web sites they visit by holding their (user) profiles in the client side instead of the server side. By doing so users will be able to self-confine the personalization experience the adaptive sites offer, thus enhancing privacy.
With the proliferation of Web 2.0 applications, collaborative learning has gathered a lot of attention due its potentiality in the e-learning field. Forums, Wikis and Blogs for example are only some of the applications that exploit the collaborative nature of e-learning. However, these applications are originally designed for access from desktop systems and access to them when on the move can prove a challenging task. This paper elaborates on the design and implementation of an assistive collaborative platform for educational purposes that can be accessed by heterogeneous hardware platforms such as PCs, PDAs, mobile or traditional phones due to its capability of representing data in vocal manner. Its main purpose is to provide a platform for collaboration between university students and teachers in a way that enhances students’ access to educational resources and their overall learning experience. This is achieved by personalizing its content at least to some degree. Furthermore, its acoustic/vocal characteristics may also prove valuable for learners with visual or kinetic impairments.
The establishment of a public key infrastructure (PKI) in mobile ad hoc networks (MANETs) is considered a difficult task because of the intrinsic characteristics of these networks. The absence of centralized services and the possible network partitions make traditional security solutions not straightforwardly applicable in MANETs. In this paper, we propose a public key management scheme based on a binary tree formation of the networkÂ¿s nodes. Using the binary tree structure, certificate chains are easily built between communicating nodes that are multi-hops away and the cumbersome problem of certificate chain discovery is avoided. We argue that our mechanism has several advantages over similar solutions, especially when a fair balancing between security and performance is terminus.
Accounting along with Authentication and Authorization comprise the concept of AAA provided by IETF (Internet Engineering Task Force). In heterogeneous environments, where different administrative domains and different wired and wireless technologies are utilized, those principles are often hard and complex to correctly implement and evaluate. Specifically, accounting which is our topic of interest, is in many cases a complicated procedure since many aspects need to be taken into consideration. In this respect, a distributed, flexible, robust, secure and generic accounting system needs to be implemented in order to provide the ability to determine which user has acquired which services and for how long at each operator domain. This work examines different scenarios applicable to such 3G/4G hybrid mobile environments and suggests a novel, generic mechanism to support accounting.
The current penetration, but also the huge potential, of Voice over IP (VoIP) telephony services in the market, boosts the competition among telecommunication service providers who promote new services through many different types of offers. However, this transition from the closed Public Switched Telephone Network (PSTN) architecture to the internet based VoIP services, has resulted in the introduction of several threats both intrinsic i.e. VoIP specific, and Internet oriented. In the framework of this paper, we are considering threats that may affect the accuracy and validity of the records of the billing system that the service provider is using for charging the users. We are proposing a simple, practical and effective mechanism for protecting telecommunication service providers and end users from malicious activities originated from the end users and telecommunication service providers respectively. In both cases the malicious activity concerns fraud through the billing system. The proposed mechanism focuses on VoIP services that are based on the Session Initiation Protocol (SIP). However, it can be easily amended to cover other VoIP signaling protocols, as it takes advantage of the underlying AAA network infrastructure to deliver robust time stamping services to SIP network entities.
In this paper, we describe the design and implementation of an audio wiki application accessible via the Public Switched Telephone Network (PSTN) and the Internet for educational purposes. The application exploits mature World Wide Web Consortium standards such as VoiceXML, Speech Synthesis Markup Language (SSML) and Speech Recognition Grammar Specification (SRGS). The purpose of such an application is to assist visually impaired, technologically uneducated, and underprivileged people in accessing information originally intended to be accessed visually via a Personal Computer. Users may access wiki content via wired or mobile phones, or via a Personal Computer using a Web Browser or a Voice over IP service. This feature promotes pervasiveness to educational material to an extremely large population, i.e. those who simply own a telephone line.
The growing demand for voice services and multimedia delivery over the Internet has raised SIPpsilas popularity making it a subject of extensive research. SIP is an application layer control signaling protocol, whose main purpose is to create, modify and terminate multimedia sessions. Research has shown that SIP has a number of security issues that must be solved in order to increase its trustworthiness and supersede or coexist with PSTN. In this paper our purpose is to address such a weakness, namely the caller identity privacy issue. While some solutions to this problem do exist, we will show that they are inadequate in a number of situations. Furthermore, we will propose a novel scheme for the protection of callerpsilas identity which can also support roaming between different administrative domains. Finally, we provide some performance results, which demonstrate that the proposed solution is efficient even in low-end mobile devices.
Wireless sensor networks are expected to make a significant contribution in the healthcare sector by enabling continuous patient monitoring. Since medical services and the associated to them information are considered particularly sensitive, the employment of wireless sensors in medical environments poses many security issues and challenges. However, security services and the underlying key management mechanisms cannot be seen separately from the efficiency and scalability requirements. Network clustering used in both routing and group key management mechanisms can improve the efficiency and scalability and therefore can also be envisioned in medical environments. This paper introduces a general framework for cluster-based wireless sensor medical environments on the top of which efficient security mechanisms can rely. We describe two different scenarios for infrastructure and infrastructure- less application environments, covering this way a wide area of medical applications (in-hospital and medical emergencies). We also examine the existing group-key management schemes for cluster-based wireless networks and discuss which protocols fit best for each proposed scenario.
During the last few years wikis have emerged as one of the most popular tool shells. Wikipedia has boosted their popularity, but they also keep a significant share in elearning, intranet-based applications such as defect tracking, requirements management, test-case management, and project portals. However, existing wiki systems cannot fully support mobile clients due to several incompatibilities that exist. On the top of that, an effective secure mobile wiki system must be lightweight enough to support low-end mobile devices having several limitations. In this paper we analyze the requirements for a novel multiplatform secure wiki implementation. XML Encryption and Signature specifications are employed to realize endto- end confidentiality and integrity services. Our scheme can be applied selectively and only to sensitive wiki content, thus diminishing by far computational resources needed at both ends; the server and the client. To address authentication of wiki clients a simple one-way authentication and session key agreement protocol is also introduced. The proposed solution can be easily applied to both centralized and forthcoming P2P wiki implementations.
In the future 4G wireless networks will span across different administrative domains. In order to provide secure seamless handovers in such an environment the context transfer protocol is an attractive solution. However, the aforementioned protocol arises some privacy issues concerning the location and movement of users roaming between administrative domains. The purpose of this paper is to present and analyze these privacy issues and propose two privacy enhanced context transfer schemes that alleviate these problems. In the first scheme the Mobile Node (MN) is responsible for the transmission of the context to the new domain. In the second scheme the Home Domain (HD) of the user forwards the context acting as a proxy between the old and the new domain. While the second scheme is expected to be more useful towards realizing seamless handovers, the first one poses less signaling load to the HD. In addition, assuming that the most appropriate form of user identity for the context is the Network Access Identifier (NAI), we show how the employment of temporary NAIs can further increase the privacy of our schemes.
Robust Security Network (RSN) epitomised by IEEE 802.11i substandard is promising what it stands for; robust and effective protection for mission critical Wireless Local Area Networks (WLAN). However, despite the fact that 802.11i overhauls the IEEE’s 802.11 security standard several weaknesses still remain. In this context, the complementary assistance of Wireless Intrusion Detection Systems (WIDS) to deal with existing and new threats is greatly appreciated. In this paper we focus on 802.11i intrusion detection, discuss what is missing, what the possibilities are, and experimentally explore ways to make them intertwine and co-work. Our experiments employing well known open source attack tools and custom made software reveal that most 802.11i specific attacks can be effectively recognised, either directly or indirectly. We also consider and discuss Distributed Wireless Intrusion Detection (DIDS), which seems to fit best in RSN networks.
Foreseeable 4G environments will extensively take advantage of the concept of context transfer to provide seamless secure handovers between different administrative domains. However, the utilization of context transfer comes with a cost in the users' privacy. The purpose of this paper is to elaborate on these privacy issues and propose two privacy enhanced context transfer schemes that alleviate these problems. In the first scheme the Mobile Node (MN) is responsible for the transmission of the context to the new domain. In the second scheme the Home Domain (HD) of the user forwards the context acting as a proxy between the old and the new domain. In addition, assuming that the most appropriate form of user identity for the context is the Network Access Identifier (NAI), we show how the employment of temporary NAIs can further increase the privacy of our schemes.
DNS amplification attacks massively exploit open recursive DNS servers mainly for performing bandwidth consumption DDoS attacks. The amplification effect lies in the fact that DNS response messages may be substantially larger than DNS query messages. In this paper, we present and evaluate a novel and practical method that is able to distinguish between authentic and bogus DNS replies. The proposed scheme can effectively protect local DNS servers acting both proactively and reactively. Our analysis and the corresponding real-usage experimental results demonstrate that the proposed scheme offers a flexible, robust and effective solution.
Whilst device authentication must be considered as a cardinal security issue, complementary and of equal importance to user authentication, in today’s wireless networks, only a few papers address it patchily. This paper identifies and analyses possible major solutions towards solving the device authentication problem. We discuss key issues and future challenges that characterize each solution examining its pros and cons. We also offer a short qualitative comparative analysis for the device authentication schemes in question, examining its applicability for both infrastructure and ad-hoc deployments.
In an all-IP environment, the concept of context transfer is used to provide seamless secure handovers between different administrative domains. However, the utilization of context transfer arises some privacy issues concerning the location and movement of users roaming between domains. In this paper we elaborate on these privacy issues and propose an alternative context transfer protocol that protects user’ location privacy as well. In addition, assuming that the context carries a user identity in the form of a Network Access Identifier (NAI), we show how the employment of temporary NAIs can further increase the privacy of our scheme.
Recent serious security incidents reported several attackers employing IP spoofing to massively exploit recursive name servers to amplify DDoS attacks against numerous networks. DNS amplification attack scenarios utilize DNS servers mainly for performing bandwidth consumption DoS attacks. This kind of attack takes advantage of the fact that DNS response messages may be substantially larger than DNS query messages. In this paper we present a novel, simple and practical scheme that enable administrators to distinguish between genuine and falsified DNS replies. The proposed scheme, acts proactively by monitoring in real time DNS traffic and alerting security supervisors when necessary. It also acts reactively in co-operation with the firewalls by automatically updating rules to ban bogus packets. Our analysis and the corresponding experimental results show that the proposed scheme offers an effective solution, when the specific attack unfolds.
The proliferation of wireless devices and the availability of wireless applications and services constantly raise new security concerns. Towards this direction, wireless intrusion detection systems (WIDS) can assist a great deal to proactively and reactively protect wireless networks, thus discouraging or repealing potential adversaries. In this paper we discuss the major wireless attack categories concerning IEEE 802.11 family networks and in particular the latest 802.11i security standard. We elaborate on 802.11 specific attacks and experimentally explore how these outbreaks can be effectively mitigated or thwarted by a properly designed WIDS. Among specially crafted software for both WIDS's modules as well as for attack generators, our test-bed embraces the majority of well known open source attack tools. Test results show that the proposed WIDS modules are able to effectively detect, either directly or indirectly, most attacks.
Research on wireless sensor networks targeting to medical environments has gathered a great attention. In this context, the most recent and perhaps the most promising complete scheme is the CodeBlue hardware and software combined platform, developed in the context of the self-titled Harvard's University project. CodeBlue relies on miniature wearable sensors to monitor real-time patients' vital activities and collecting data for further processing. Apart from the essential query interface for medical monitoring, CodeBlue offers protocols for hardware discovery and multihop routing. This paper contributes to the CodeBlue security, which until now is considered as pending or left out for future work by its designers. We identify and describe several security issues and attack incidents that can be directly applied on CodeBlue compromising its trustworthiness. We also discuss possible solutions for both internal and external attacks and the key-management mechanisms that these solutions presume.
Bluetooth standard has been long criticized for various vulnerabilities and security inefficiencies, as its designers are trying to balance wisely between performance and complementary services including security. On the other hand, well respected security protocols like IP secure (IPsec) and Secure Shell (SSH) provide robust, low cost and easy to implement solutions for exchanging data over insecure communication links. Although, the deployment of these mechanisms is a well established and accustomed practice in the wireline world, more research effort is needed for wireless links, due to several limitations of the radio-based connections especially for handheld devices e.g. link unreliability, bandwidth, low processing power and battery consumption. This paper focuses on performance rather than on security, evaluating the efficiency of these de-facto security protocols over Bluetooth connections when low-end handheld devices are utilized. Several Personal Area Network (PAN) parameters, including absolute transfer times, link capacity and throughput, are evaluated. Our experiments employ both Bluetooth native security mechanisms as well as the two aforementioned protocols. Through a plethora of scenarios we offer a comprehensive in-depth comparative analysis of each of the aforementioned security mechanisms when deployed over Bluetooth links.
This paper presents a novel mechanism to protect Session Initiation Protocol (SIP)-based infrastructure against malformed message attacks. The basic characteristics of this mechanism are the following: lightweight and easy to adapt to various SIP implementations. The proposed mechanism has been evaluated in terms of overhead processing. It is demonstrated that the employment of appropriate IDS against malformed messages impose minimum overhead in terms of events’ processing.
Session Initiation Protocol (SIP) high availability, reliability and redundancy are determined by the ability of the core SIP network components to offer high quality SIP services in the event(s) of high call transactions, link outages, device failures, misconfigurations and security attacks. In this context, load balancers can be used to achieve redundancy and active load balancing of SIP transactions. In load balancing schemes, new requests are allocated across available servers using a selection algorithm. Although considerable work has been already done for Web traffic balancing, little research effort is primarily aiming to SIP load balancing. This paper proposes a SIP dedicated load balancing solution, which is currently under development within the EC funded project SNOCER. We describe in detail our balancing scheme, its associated architecture elements and provide implementation details showing that it is simple to realize, effective, flexible, robust and secure.
Public ENUM is used until now in trials and some "test-bed" or "production" VoIP environments with small volume. Very lately, another application of the ENUM protocol has emerged namely the "Carrier ENUM", becoming popular among VoIP and mobile providers. In this context, a new competitive to public and carrier ENUM, peer-to-peer approach promotes itself, stating to be more reliable and secure, called DUNDi. Although considerable arguing has been generated among various ENUM forums and standardization fora on ENUM implementations, until now, several issues remain obscured and unresolved. In this paper we address security and privacy issues raised by all the aforementioned solutions, presenting implementation details, general concerns, future trends, and possible solution.
The educational collaborative virtual distance learning environment is supposed to promote the active participation of teachers and students, interacting one another, exchanging knowledge and creating new abilities. Consequently, the learning process is anticipated to be promoted on both sides, by exchanging experiences, discussing new ideas and accomplishment of group, thus allowing the creation of knowledge, based on the collective involvement. On the other hand, in the context of eLearning, many standard software platforms, so called portal servers, have appeared on the market integrating various and often advanced synchronous and asynchronous collaborative tools and features. In this paper, we conduct a preliminary analysis measuring the Hellenic Open University’s (HOU) students’ perceptions toward the educational portal’s learning tools focusing mainly on collaborative activities. We make an attempt to identify whether the learners are using the portal, the tools it provides and to what degree. The study takes into account a plethora of variables to estimate whether these variables and at what degree are affecting significantly portal usability. Apart from normal descriptive analysis, we furnish two different linear regression models illustrating the various cross-dependencies among different dependent and independent variables and conducting two disparate Analyses of Variance (one-way ANOVA).
This paper evaluates the performance of a hybrid WLAN-3GPP network architecture for delivering subscribers' certificates. Two main categories of simulation scenarios are implemented and evaluated based on the underlying access network technology used; 802.11b and UMTS. Each of the scenarios is categorized further in numerous sub-cases. Results showed that AC acquisition when deployed in large scale between several heterogeneous networks is feasible within acceptable time limits.
As Internet Telephony and Voice over IP (VoIP) are considered advanced Internet applications/services, they are vulnerable to attacks existing in Internet applications/services. For instance HTTP digest authentication attacks, malformed messages, message tampering with malicious code, SQL injection and more, can be launched against any Internet application/service. In this paper, we describe, analyze and demonstrate the inheritance of message tampering attacks, focusing on SQL injection, in the SIP protocol. This type of attack has been successfully launched in Internet environments, with very little cost, effort and specialized knowledge. However, in the context of the SIP protocol, no works or research efforts are reported until now. The paper provides an in-depth analysis of SQL injection in SIP realms, discussing implementation details, constraints and possibilities for the attacker. In addition, we provide some indicative experimental results by triggering this style of attack against a properly designed SIP-based testbed environment. Finally, specific countermeasures, remedies and new signature-oriented framework are suggested for identifying and counter fight against this attack.
Internet telephony like any other Internet service suffers from security flaws caused by various implementation errors (e.g. in end-users terminals, protocols, operating systems, hardware, etc). These implementation problems usually lead VoIP subsystems (e.g. SIP servers) to various unstable operations whenever trying to process a message not conforming to the underlying standards. As Internet telephony becomes more and more popular, attackers will attempt to exhaustively "test" implementations' robustness, transmitting various types of malformed messages to them. Since it is almost infeasible to avoid or predict every potential error caused during the developing process of these subsystems, it is necessary to specify an appropriate and robust, from the security point of view, framework that will facilitate the successful detection and handling of any kind of malformed messages aiming to destruct the provided service. In this paper, we adequately present malformed message attacks against SIP network servers and/or SIP end-user terminals and we propose a new detection "framework" of prototyped attacks' signatures that can assist the detection procedure and provide effective defence against this category of attacks
The commercial deployment of VoIP necessitates the employment of security mechanisms that can assure availability, reliability, confidentiality and integrity. The Session Initiation Protocol (SIP) is considered as the dominant signalling protocol for calls over the Internet. SIP, like other Internet protocols, is vulnerable to known Internet attacks, while at the same time it introduces new security problems in the VoIP system. This paper lists the existing security problems in SIP and provides a brief description, followed by a critical analysis, of the security mechanisms it employs.
Certificate based authentication of parties provides a powerful means for verifying claimed identities, avoiding the necessity of distributing shared secrets beforehand. Whereas Wi-Fi networks present security deficiencies, they manage to highly penetrate into the wireless market in a great degree due to their low cost, easy administration, great capacity, IP-oriented nature, etc. Con-sidering Wi-Fi networking settings, administrated by different operators, as parts of a common core 3G infrastructure, the paper proposes and evaluates the potential application of enhanced TLS-based authentication mechanisms in in-tegrated emerging-3G and Wi-Fi networks. We propose to use EAP-TLS proto-col seconded by Public Key Infrastructure entities, to provide users with robust authentication mechanisms in hybrid WLAN-3G heterogeneous environment. Our alternative solution is discussed against EAP-AKA procedures as they ap-pear in the latest 3G and integrated 3G/Wi-Fi specifications. Finally, the pro-posed mechanism is evaluated through a properly designed experimental test bed setup.
Attribute Certificates (ACs) have been developed and standardized by the ANSI X9 committee as an alternative and better approach, to X.509 public key certificates, for carrying authorization information. Attribute Authorities (AA) bind the characteristics of an entity (called attributes) to that entity by signing the appropriate AC. Therefore, ACs can be used for controlling access to system resources and employing role-based authorization and access controls policies accordingly. Although ACs are widely used and standardized, to the best of our knowledge, no mobile infrastructure or service currently utilizes them. In this paper, we first examine how basic Public Key Infrastructure (PKI) can be incorporated into mobile networks and especially the Universal Mobile Telecommunications System (UMTS). As a case study, we then experiment with ACs in the GPRS network, using a prototype implementation. In particular, we investigate and measure the performance in terms of service and transfer times when ACs are introduced in the mobile environment. Our measurements show that ACs technology not only is feasible to implement in present and future mobile networks, but at the same time can deliver flexible and relatively fast services to the subscribers, without compromising security.
With a large number of different heterogeneous network technologies (e.g. UMTS, WLAN, HIPERLAN) and operators expected in the future mobile communications environment, that should frequently and seamlessly interwork with each other and a constantly increasing population of communication parties, capturing the full benefits of open channel key transfers and scaling public key methods requires Public Key Infrastructure (PKI). In this paper, we discuss and investigate different ways to take advantage of a proposed PKI system. Focusing on UMTS Release 6 IP multimedia subsystem, we analyze the ongoing 3GPP specifications and its limitations and examine how PKI can provide robust security solutions to both 3G-and-beyond inter/intra core network and the mobile user. Public key security mechanisms to protect operator’s core networks seem to gain ground and protocols like IPsec and SSL, seconded by PKI, can support the continuous growth of diverse technologies and solve inter-operator many-to-many modeled trust relationships. From the user’s side we present solutions, which far enhance authentication procedures and end-to-end communication model trust. We argue that PKI can become a promising candidate, which offers the competitive framework to overcome symmetric key based security inefficiencies and provide powerful solutions to protect both network core signalling and user’s data from potential intruders.
Motivating by the fact that public key cryptography is continuously evolving and its installed base is growing singniffically, very recent research works examine the potential use of it in eLearning or mLearning services. Attribute or temporary Certificates (ACs) seconded by Public Key Infrastructure (PKI) can provide the appropriate framework to secure distributed interactive eLearning applications, offering mutual “trust” to both learners and service providers. Considering PKI requirements for eLearning networks, the paper discusses the potential application of ACs in a proposed trust model. In the concept of that model, typical eLearning trusts interactions between eLearners and providers are presented, which demonstrate that robust security mechanisms and effective trust control can be obtained and implemented. The application of ACs to support mLearning are also presented and evaluated through an experimental test bed setup.
Current wireless network standards perform user authentication, signaling and data encryption, as well as message integrity protection, by utilizing only symmetric key methods. However, as mobile networks are evolving into full-IP and the communication is envisaged to change from second generation (2G) person-to-person model to fourth generation (4G) machine-to-machine model, there is greater demand to provide more flexible, reconfigurable and scalable security mechanisms that can advance in a many-to-many trust relationship model. Employing public key methods in many-to-many schemes drops the requirement for a secure channel to transfer keys between two communication parties, thus providing the appropriate scalability to the whole system. With a large number of different network technologies and operators, expected in the future mobile communications environment, that should frequently and seamlessly interwork with each other, and a constantly increasing population of communication parties, capturing the full benefits of open channel key transfers and scaling public key methods requires Public Key Infrastructure (PKI). In this paper, we discuss and investigate different ways to take advantage of a proposed PKI system. From the network side, we investigate how PKI can provide future inter/intra mobile core network security, while from the user’s perspective we present solutions that far enhance authentication procedures and end-to-end communication model trust. We show that PKI offers the appropriate framework to overcome symmetric key based security inefficiencies, providing powerful solutions to protect both network core signaling and user’s data from potential intruders.
Existing security schemes in 2G and 3G systems are inadequate, as there is a greater demand to provide a more flexible, reconfigurable and scalable security mechanism that can advance as fast as mobile hosts are evolving into full-IP enabled devices. Work has already begun on such an "all-IP" end-to-end solution, commonly referred to as 4G systems. Fully-fledged integration between mobile networks and the Internet demands fully compatible, time-tested and reliable mechanisms to depend on. SSL/TLS protocol has proved its effectiveness in wired Internet and it will probably be the most promising candidate for future wireless environments. We discuss existing problems related to authentication and key agreement procedures (AKA), such as compromised authentication vectors attacks, as they appear in 2G and 3G systems, and propose how SSL/TLS can be used to overcome these inefficiencies. Further on, we mark down additional benefits that stem from the introduction of SSL/TLS combined with the appropriate PKI elements in the 4G wireless environment.