research project i
play

Research Project I PROTECTING AGAINST RELAY ATTACKS FORGING - PowerPoint PPT Presentation

Dec 16, 2022 •33 likes •263 views

SYSTEM AND NETWORK ENGINEERING MSc Research Project I PROTECTING AGAINST RELAY ATTACKS FORGING INCREASED DISTANCE REPORTS Xavier Torrent Gorjn xavier.torrentgorjon@os3.nl Supervisors: Paul van Iterson Jordi van

  1. SYSTEM AND NETWORK ENGINEERING MSc Research Project I PROTECTING AGAINST RELAY ATTACKS FORGING INCREASED DISTANCE REPORTS Xavier Torrent Gorjón xavier.torrentgorjon@os3.nl Supervisors: Paul van Iterson Jordi van den Breekel vanIterson.Paul@kpmg.nl vandenBreekel.Jordi@kpmg.nl

  2. Summary ● Distance-bounding protocols ● Feasibility of the attack: study cases – Autonomous Cars – Drone MANETs (Mobile Ad-Hoc NETworks) ● Limitations of other systems ● Preventing increased distance reports – Behavior verification – Multiple distance-bounding signals – Distributed knowledge ● Conclusions

  3. Summary ● Distance-bounding protocols ● Feasibility of the attack: study cases – Autonomous Cars – Drone MANETs (Mobile Ad-Hoc NETworks) ● Limitations of other systems ● Preventing increased distance reports – Behavior verification – Multiple distance-bounding signals – Distributed knowledge ● Conclusions

  4. Distance-bounding protocols ● With the current implementations, closer distances cannot be faked. – Proof through physical limitations : cannot go faster than the speed of light. – Need for a shared nonce and a fast processing time. Challenge channel: 1 bit Response channel 1: 1 bit Response channel 2: 1 bit Figure 1: Distance-bounding protocol. Each challenge bit is answered with two bits: one in the communication and another one in the form of channel selection.

  5. Distance-bounding protocols ● Current implementations can be used to prevent a wide range of attacks that attempt to fake decreased distance reports, generally on Access Control Systems. Figure 2: Distance-bounding protocols can be used to protect Passive Key Entry Systems (PKES).

  6. Distance-bounding protocols ● However, current distance-bounding protocols do not prevent increased distance reports. – Physical limitations cannot be used. – This leads to our research questions: ● Study the feasibility of relay attacks forging increased distance reports. ● How can these relay attacks be prevented.

  7. Summary ● Distance-bounding protocols ● Feasibility of the attack: study cases – Autonomous Cars – Drone MANETs (Mobile Ad-Hoc NETworks) ● Limitations of other systems ● Preventing increased distance reports – Behavior verification – Multiple distance-bounding signals – Distributed knowledge ● Conclusions

  8. Feasibility of the attack: study cases ● Autonomous Cars – If two cars believe they are further away than they really are, they might crash. – Other systems might prevent this, but distance- bounding protocols could be an additional safety measure. Figure 3: An early design of a fully autonomous car by Google.

  9. Feasibility of the attack: study cases ● Drone MANETs I: Autonomous delivery service – To save costs, multiple drones could be used to carry large packages. – Tempering the distance awareness of these drones might cause them to lose equilibrium and fall. Figure 4: A delivery drone by Amazon.

  10. Feasibility of the attack: study cases ● Drone MANETs II: Area surveillance – Drones can be used to check areas for multiple purposes: military operations, updating maps, searching for lost people... – Erroneous distance reports can lead to leave areas unexplored.

  11. Summary ● Distance-bounding protocols ● Feasibility of the attack: study cases – Autonomous Cars – Drone MANETs (Mobile Ad-Hoc NETworks) ● Limitations of other systems ● Preventing increased distance reports – Behavior verification – Multiple distance-bounding signals – Distributed knowledge ● Conclusions

  12. Limitations of other systems ● It could be argued that distance-bounding protocols were not made for this purpose. ● However, other location systems present difficulties as well.

  13. Limitations of other systems ● GPS location ● Radar detection ● Inertial Navigation System

  14. Limitations of other systems ● GPS location – Can be disrupted – Sometimes not reliable even in non-dangerous environments. Figure 5: GPS requires unobstructed line of sight with satellites to work. This limits its usability inside buildings or underground.

  15. Limitations of other systems ● Radar detection – Systems could attempt to physically detect attackers – Problem: stealth technology surpasses anti-stealth technology in the current state of the art Figure 5: The US F117 is a 13m wide airplane, but under the radar it appears to have the same size as a bird.

  16. Limitations of other systems ● Inertial navigation system – Fits perfectly our purpose, but it cannot be reliably used as a stand-alone positioning system due its accuracy. This may change in the future. Figure 6: An Inertial Navigation System used by the French army.

  17. Summary ● Distance-bounding protocols ● Feasibility of the attack: study cases – Autonomous Cars – Drone MANETs (Mobile Ad-Hoc NETworks) ● Limitations of other systems ● Preventing increased distance reports – Behavior verification – Multiple distance-bounding signals – Distributed knowledge ● Conclusions

  18. Preventing increased distance reports ● Behavior verification – Similar idea to Intruder Detection System on networking environments. – Attempt to detect sudden changes in the received data, such as signal strength or large variations on the reported locations.

  19. Preventing increased distance reports ● Multiple distance-bounding signals – Original distance-bounding only attempts to check if a reporter is inside or outside a certain range. – Use multiple distance-bounding signals to obtain approximate location, not only distance. Figure 7: Multiple signals difficult attacks on the system, as attackers need to coherently fake multiple distances. However, distance in a straight line is still easy to fake.

  20. Preventing increased distance reports ● Distributed knowledge – Instead of relying only on its own measurement, a node could also ask for the measurements of other nodes. – It would be extremely difficult for an attacker to fake multiple different distances at the same time.

  21. Summary ● Distance-bounding protocols ● Feasibility of the attack: study cases – Autonomous Cars – Drone MANETs (Mobile Ad-Hoc NETworks) ● Limitations of other systems ● Preventing increased distance reports – Behavior verification – Multiple distance-bounding signals – Distributed knowledge ● Conclusions

  22. Conclusions ● Most of the systems discussed are not employed nowadays but they are a latent problem . ● Lower-distance bound cannot rely on physical limitations for its security: difficult to achieve perfect security . ● Proposed solutions -specially a combination of them- reduce the changes of performing an attack without the system noticing it.

  23. Questions?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

RESEARCH IN THE PERSONAL PROJECT Research is systematic and effective to the project, with

RESEARCH IN THE PERSONAL PROJECT Research is systematic and effective to the project, with

RESEARCH IN THE PERSONAL PROJECT Research is systematic and effective to the project, with insightful understanding of perspectives. Information is documented fully and correctly. ~Further guidance for MYP projects April, 2018 Whats

598 views • 18 slides
Research A Lecture 2: Elements of a research project Lejla

Research A Lecture 2: Elements of a research project Lejla

Research A Lecture 2: Elements of a research project Lejla Batina and Peter Schwabe Slides credit: James Mc Kinna Outline Admin and status Your research project Proposal writing

1.06k views • 50 slides
Research Project 1 Research project by: Supervisor: Catherine de Weever Jeroen Scheerder

Research Project 1 Research project by: Supervisor: Catherine de Weever Jeroen Scheerder

Zero Trust Network Security Model in containerized environment Research Project 1 Research project by: Supervisor: Catherine de Weever Jeroen Scheerder Marios Andreou The Problem Deploy Container Images with Malicious Code.

316 views • 20 slides
or enriched research thinking? 1. Project review & research The Educational Project

or enriched research thinking? 1. Project review & research The Educational Project

English-medium researcher collaboration in a Spanish-medium narrative study: unhelpful complexity or enriched research thinking? 1. Project review & research The Educational Project [since 2007]: 15 TTs per year from Cordoba

373 views • 21 slides
Grade 11 Photography Research Project: Masters of Photography For this project you are to

Grade 11 Photography Research Project: Masters of Photography For this project you are to

Grade 11 Photography Research Project: Masters of Photography For this project you are to research a famous photographer and present your findings to the class. The project will have two major components: 1) Presentation 2) Critique

200 views • 3 slides
CSC2541-f18 Course Project 1 Logistics For the course project, you will implement a research

CSC2541-f18 Course Project 1 Logistics For the course project, you will implement a research

CSC2541-f18 Course Project 1 Logistics For the course project, you will implement a research idea on the topic of deep rein- forcement learning. The purpose of the final project is to give you some experience working on a piece of original

385 views • 3 slides
EAVISE: VIPER Visual Person Detection made Reliable - Research carried out by knowledge

EAVISE: VIPER Visual Person Detection made Reliable - Research carried out by knowledge

19/11/2015 Program 12:00 Reception with sandwiches 13:00 Welcome and presentation of research team IWT-Tetra project 13:15 presentation from IWT: what is a tetra project? 13:30 Project idea and planning 14:00 Research carried

248 views • 13 slides
Team Teaching Research Project Workshop 1 1 Team Teaching Research Project What Ten schools

Team Teaching Research Project Workshop 1 1 Team Teaching Research Project What Ten schools

Team Teaching Research Project Workshop 1 1 Team Teaching Research Project What Ten schools will be offered the opportunity to work with a consultant over 2016 to design and trial a model of team teaching, and to inves?gate its impact on

418 views • 6 slides
>> Research Project 2 1 Content The organisation The project Storage

>> Research Project 2 1 Content The organisation The project Storage

Concept S torage A rea N etwork H ealth S tatus M onitor Amsterdam Adriaan van der Zee 1 July 2009 Yanick de Jong >> Research Project 2 1 Content The organisation The project Storage infrastructure, physical and logical

441 views • 19 slides
Heavyroute project Heavyroute project Three year project (2006-2009) Co-funded under the

Heavyroute project Heavyroute project Three year project (2006-2009) Co-funded under the

Heavyroute project Heavyroute project Three year project (2006-2009) Co-funded under the Sixth Framework Programme of the European Commission DG Research (Sustainable Surface Transport Unit) Specific Targeted Research

293 views • 11 slides
A EUROPEAN SOCIAL SCIENCES RESEARCH INFRASTRUCTURE PROJECT This project is supported by funding

A EUROPEAN SOCIAL SCIENCES RESEARCH INFRASTRUCTURE PROJECT This project is supported by funding

A EUROPEAN SOCIAL SCIENCES RESEARCH INFRASTRUCTURE PROJECT This project is supported by funding under the EU Seventh Research Framework Programme Capacities In clusive G rowth R esearch I nfrastructure D iffusion Funded under 7 th

306 views • 17 slides
(Preliminary) results of the (Preliminary) results of the EFFACE research project Christiane

(Preliminary) results of the (Preliminary) results of the EFFACE research project Christiane

(Preliminary) results of the (Preliminary) results of the EFFACE research project Christiane Gerstetter, Ecologic Institute Grazia Maria Vagliasindi, University of Catania The project . EU-funded research project European Union Action

133 views • 9 slides
A PhD Research at Kyoto University Vietnam SATREPS Project Kii Peninsula, Japan Research

A PhD Research at Kyoto University Vietnam SATREPS Project Kii Peninsula, Japan Research

A PhD Research at Kyoto University Vietnam SATREPS Project Kii Peninsula, Japan Research Framework on Landslides in PhD Program Participating in research activities of the project Site surveys on Hai Van Landslides Aerial photo

508 views • 11 slides
Argument Retrieval in Project Debater Yufang Hou IBM Research Europe, Dublin IBM Research:

Argument Retrieval in Project Debater Yufang Hou IBM Research Europe, Dublin IBM Research:

Argument Retrieval in Project Debater Yufang Hou IBM Research Europe, Dublin IBM Research: History of Grand Challenges 2019 First computer to successfully debate champion debaters 2011 ( Proje ater ) Project Debat First computer to defeat

951 views • 27 slides
High Performance Manuka Plantations Manuka Research Partnership Ltd PGP Project $2.7 M

High Performance Manuka Plantations Manuka Research Partnership Ltd PGP Project $2.7 M

High Performance Manuka Plantations Manuka Research Partnership Ltd PGP Project $2.7 M Manuka Plantation PGP Research Project with Ministry of Primary Industries 8 Year Timeline - 2011 to 2018 Massey University Research

272 views • 25 slides
Getting Started on a Research Project Griffin Dietz CS197 Section 3 Today Research Methods in

Getting Started on a Research Project Griffin Dietz CS197 Section 3 Today Research Methods in

Getting Started on a Research Project Griffin Dietz CS197 Section 3 Today Research Methods in HCI IRB for your Project Sections moving forward Activity 2 Research Methods in HCI 3 The High Level Quantitative:

443 views • 21 slides
Attribute-based Access Control Architectures with the eIDAS Protocols 21. SSR 2016 Frank

Attribute-based Access Control Architectures with the eIDAS Protocols 21. SSR 2016 Frank

Attribute-based Access Control Architectures with the eIDAS Protocols 21. SSR 2016 Frank Morgner (Bundesdruckerei) Paul Bastian (Bundesdruckerei) Marc Fischlin (TU Darmstadt) 13. Oktober 2010 | Dr.Marc Fischlin | Kryptosicherheit | 1

404 views • 22 slides
AEGIS A Fast Authenticated Encryption Algorithm Hongjun Wu, Bart Preneel Nanyang Technological

AEGIS A Fast Authenticated Encryption Algorithm Hongjun Wu, Bart Preneel Nanyang Technological

AEGIS A Fast Authenticated Encryption Algorithm Hongjun Wu, Bart Preneel Nanyang Technological University, Katholieke Universiteit Leuven Presented at DIAC 1 Classification of Authenticated Encryption AEGIS Design rationale

635 views • 19 slides
Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS Hanno Bck, Aaron

Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS Hanno Bck, Aaron

Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS Hanno Bck, Aaron Zauner, Sean Devlin, Juraj Somorovsky, Philipp Jovanovic 1 TLS Encryption 1. Asymmetric key exchange RSA, DHE, ECDHE 2. Symmetric encryption 2

956 views • 28 slides
Co-simulation Design towards Cyber-Physical Robotic Applications Leveraging on FMI Standard and

Co-simulation Design towards Cyber-Physical Robotic Applications Leveraging on FMI Standard and

Co-simulation Design towards Cyber-Physical Robotic Applications Leveraging on FMI Standard and CSP Semantics Zhou Lu and Jan Broenink Robotics and Mechatronics, University of Twente 22 Aug, 2017 Introduction - Context Cyber-Physical

784 views • 31 slides
Analyzing BU Mining Protocol Ren Zhang & Bart Preneel ren.zhang@esat.kuleuven.be

Analyzing BU Mining Protocol Ren Zhang & Bart Preneel ren.zhang@esat.kuleuven.be

On the Necessity of a Prescribed Block Validity Consensus: Analyzing BU Mining Protocol Ren Zhang & Bart Preneel ren.zhang@esat.kuleuven.be bart.preneel@esat.kuleuven.be What is A peer-to-peer network of public nodes Maintaining a

518 views • 32 slides
BOUTIQUE P APER BAGS Custom sizing and printing with your artwork ANY COLOUR ST ANDARD TO

BOUTIQUE P APER BAGS Custom sizing and printing with your artwork ANY COLOUR ST ANDARD TO

BOUTIQUE P APER BAGS Custom sizing and printing with your artwork ANY COLOUR ST ANDARD TO SUIT YOUR & POPULAR CHOICE SIZES Capability to provide specific sizes Unlimited range of colours available according to customers

320 views • 12 slides
Nii Quaynor Wacren As Africa adopted Internet Foundation Beginning Formation Growth 86-90

Nii Quaynor Wacren As Africa adopted Internet Foundation Beginning Formation Growth 86-90

Blockchain and transformation of the digital economy: Stakes and Challenges for Central Africa Nii Quaynor Wacren As Africa adopted Internet Foundation Beginning Formation Growth 86-90 91-95 96-00 2000-2005+ First Structures &

344 views • 16 slides
Lets Encrypt October 11, 2018 Justin Sun Padlock icon Your browser is communicating

Lets Encrypt October 11, 2018 Justin Sun Padlock icon Your browser is communicating

Introduction to Lets Encrypt October 11, 2018 Justin Sun Padlock icon Your browser is communicating securely with the nejug.org through an encrypted channel Your browser trusts nejug.org because the NEJUG website has a certificate

270 views • 15 slides

More recommend