Abstract:We propose a novel dynamic host mutation (DHM) architecture based on moving target defense (MTD) that can actively cope with cyberattacks. The goal of the DHM is to break the cyber kill chain, expand the attack surface to increase the attacker's target analysis cost, and disrupt the attacker's fingerprinting to disable the server trace. We define the participating entities that share the MTD policy within the enterprise network or the critical infrastructure, and define functional modules of each entity for DHM enforcement. The threat model of this study is an insider threat of a type not considered in previous studies. We define an attack model considering an insider threat and propose a decoy injection mechanism to confuse the attacker. In addition, we analyze the security of the proposed structure and mechanism based on the security requirements and propose a trade-off considering security and availability.
Location spoofing is a critical attack in mobile communications. While several previous studies investigated the detection of location spoofing attacks, they are limited in their performance and lack the consideration of emerging attack variations. In this paper, we present a data-driven methodology for the reliable detection of location spoofing and its variations. To enhance the performance, we introduce and utilize a new set of features, which is differential in nature and enables the checking of the mobility constraints and inconsistency. Our comparison study with the previous research shows that the presented scheme using the new features significantly improves the accuracy and reliability of the detection against location spoofing attacks. To take the possibility of attack variations into account, we establish a set of scenarios manipulating coordinate data to create attack variants. Our experimental results confirm the feasibility and effectiveness of the new features for identifying diverse types of spoofing attacks and their variations, greatly improving the detection performance by up to 99.1% accuracy. Additionally, we present a profiling-based detection approach (building the detector referring only to legitimate coordinate data), to further extend resilience to previously unseen attacks as a means to zero-day detection. The evaluation result shows the potential of the profiling-based detector with comparable or even better performance than the supervised learning methods (requiring both legitimate and falsified data to construct the detector).
A flying base station based on an unmanned aerial vehicle (UAV) uses its mobility to extend its connectivity coverage and improve its communication channel quality to achieve a greater communication rate and latency performances. While UAV flying base stations have been used in emergency events in 5G networking (sporadic and temporary), their use will significantly increase in 6G networking, as 6G expects reliable connectivity even in rural regions and requires high-performance communication channels and line-of-sight channels for millimeter wave (mmWave) communications. Securing the integrity and availability of the base station operations is critical because of the users’ increasing reliance on the connectivity provided by the base stations, e.g., the mobile user loses connectivity if the base station operation gets disrupted. This paper identifies the security issues and research gaps of flying base stations, focusing on their unique properties, while building on the existing research in wireless communications for stationary ground base stations and embedded control for UAV drones. More specifically, the flying base station’s user-dependent positioning, its battery-constrained power, and the dynamic and distributed operations cause vulnerabilities that are distinct from those in 5G and previous-generation mobile networking with stationary ground base stations. This paper reviews the relevant security research from the perspectives of communications (mobile computing, 5G networking, and distributed computing) and embedded/control systems (UAV vehicular positioning and battery control) and then identifies the security gaps and new issues emerging for flying base stations. Through this review paper, we inform readers of flying base station research, development, and standardization for future mobile and 6G networking.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.