Why Botnets Work: Distributed Brute-Force Attacks Need No Synchronization

Salamatian, Salman; Huleihel, Wasim; Beirami, Ahmad; Cohen, Asaf; Médard, Muriel

doi:10.1109/tifs.2019.2895955

Cited by 43 publications

(39 citation statements)

References 35 publications

(69 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…x V (x)W (y|x). As is well known from previous work (see, e.g., [5], [6]), randomized guessing according to an i.i.d. distribution Q yields a guessing exponent of ln( y P (y)/[Q(y)] ρ ).…”

Section: The Assumption Wmentioning

confidence: 99%

Noisy Guesses

Merhav

2020

IEEE Trans. Inform. Theory

View full text Add to dashboard Cite

We consider the problem of guessing a random, finite-alphabet, secret n-vector, where the guesses are transmitted via a noisy channel. We provide a single-letter formula for the best achievable exponential growth rate of the ρ-th moment of the number of guesses, as a function of n. This formula exhibits a fairly clear insight concerning the penalty due to the noise. We describe two different randomized schemes that achieve the optimal guessing exponent. One of them is fully universal in the sense of being independent of source (that governs the vector to be guessed), the channel (that corrupts the guesses), and the moment power ρ. Interestingly, it turns out that, in general, the optimal guessing exponent function exhibits a phase transition when it is examined either as a function of the channel parameters, or as a function of ρ: as long as the channel is not too distant (in a certain sense to be defined precisely) from the identity channel (i.e., the clean channel), or equivalently, as long ρ is larger than a certain critical value, ρ c , there is no penalty at all in the guessing exponent, compared to the case of noiseless guessing.

show abstract

“…x V (x)W (y|x). As is well known from previous work (see, e.g., [5], [6]), randomized guessing according to an i.i.d. distribution Q yields a guessing exponent of ln( y P (y)/[Q(y)] ρ ).…”

Section: The Assumption Wmentioning

confidence: 99%

Noisy Guesses

Merhav

2020

IEEE Trans. Inform. Theory

View full text Add to dashboard Cite

show abstract

“…• A brute force attack aims to produce a list of all possible passwords that can be used by IoT devices at agriculture sensors layer, then to exhaust them one by one until the correct password can be identified [65].…”

Section: Attacks Against Confidentialitymentioning

confidence: 99%

Security and Privacy for Green IoT-Based Agriculture: Review, Blockchain Solutions, and Challenges

et al. 2020

View full text Add to dashboard Cite

This paper presents research challenges on security and privacy issues in the field of green IoT-based agriculture. We start by describing a four-tier green IoT-based agriculture architecture and summarizing the existing surveys that deal with smart agriculture. Then, we provide a classification of threat models against green IoT-based agriculture into five categories, including, attacks against privacy, authentication, confidentiality, availability, and integrity properties. Moreover, we provide a taxonomy and a side-by-side comparison of the state-of-the-art methods toward secure and privacy-preserving technologies for IoT applications and how they will be adapted for green IoT-based agriculture. In addition, we analyze the privacy-oriented blockchain-based solutions as well as consensus algorithms for IoT applications and how they will be adapted for green IoT-based agriculture. Based on the current survey, we highlight open research challenges and discuss possible future research directions in the security and privacy of green IoT-based agriculture.

show abstract

“…Given a distribution of X , a commonly used performance metric for this problem is the expected number of guesses or, more generally, the

moment of the number of guesses until X is guessed successfully. When it comes to guessing random vectors, say, of length n , minimizing the moments of the number of guesses by different (deterministic or randomized) guessing strategies has several applications and motivations in information theory, such as sequential decoding, guessing passwords, etc., and it is also strongly related to lossless source coding (see, e.g., [ 9 , 10 , 11 , 12 , 13 , 19 , 20 , 21 , 22 , 32 , 33 , 34 ]). In this vector case, the moments of the number of guesses behave as exponential functions of the vector dimension, n , at least asymptotically, as n grows without bound.…”

Section: Applicationsmentioning

confidence: 99%

“…Consider a random guessing strategy where the guesser sequentially submits a sequence of independently drawn random guesses according to a certain probability distribution,

, defined on

. Randomized guessing strategies have the advantage that they can be used by multiple asynchronous agents, which submit their guesses concurrently (see [ 33 , 34 ]).…”

Section: Applicationsmentioning

confidence: 99%

Some Useful Integral Representations for Information-Theoretic Analyses

Merhav

Sason

2020

Entropy

View full text Add to dashboard Cite

This work is an extension of our earlier article, where a well-known integral representation of the logarithmic function was explored and was accompanied with demonstrations of its usefulness in obtaining compact, easily-calculable, exact formulas for quantities that involve expectations of the logarithm of a positive random variable. Here, in the same spirit, we derive an exact integral representation (in one or two dimensions) of the moment of a nonnegative random variable, or the sum of such independent random variables, where the moment order is a general positive non-integer real (also known as fractional moments). The proposed formula is applied to a variety of examples with an information-theoretic motivation, and it is shown how it facilitates their numerical evaluations. In particular, when applied to the calculation of a moment of the sum of a large number, n, of nonnegative random variables, it is clear that integration over one or two dimensions, as suggested by our proposed integral representation, is significantly easier than the alternative of integrating over n dimensions, as needed in the direct calculation of the desired moment.

show abstract

Why Botnets Work: Distributed Brute-Force Attacks Need No Synchronization

Cited by 43 publications

References 35 publications

Noisy Guesses

Noisy Guesses

Security and Privacy for Green IoT-Based Agriculture: Review, Blockchain Solutions, and Challenges

Some Useful Integral Representations for Information-Theoretic Analyses

Contact Info

Product

Resources

About