Results 121-140 of 208.
![]() ; Palattella, Maria Rita ![]() ![]() in Proc. of IEEE Conf. on Standards for Communications & Networking (CSCN’15) (2015) Detailed reference viewed: 293 (6 UL)![]() Lanze, Fabian ![]() ![]() in Proceedings of the 12th Annual IEEE Consumer Communications & Networking Conference (CCNC 2015) (2015) The usage of public Wi-Fi hotspots has become a common routine in our everyday life. They are ubiquitous and offer fast and budget-friendly connectivity for various client devices. However, they are ... [more ▼] The usage of public Wi-Fi hotspots has become a common routine in our everyday life. They are ubiquitous and offer fast and budget-friendly connectivity for various client devices. However, they are exposed to a severe security threat: since 802.11 identifiers (SSID, BSSID) can be easily faked, an attacker can setup an evil twin, i.e., an access point (AP) that users are unable to distinguish from a legitimate one. Once a user connects to the evil twin, he inadvertently creates a playground for various attacks such as collection of sensitive data (e.g., credit card information, passwords) or man-in-the-middle attacks even on encrypted traffic. It is particularly alarming that this security flaw has led to the development of several tools that are freely available, easy to use and allow mounting the attack from commodity client devices such as laptops, smartphones or tablets without attracting attention. In this paper we provide a detailed overview of tools that have been developed (or can be misused) to set up evil twin APs. We inspect them thoroughly in order to identify characteristics that allow them to be distinguished from legitimate hardware-based access points. Our analysis has discovered three methods for detecting software-based APs. These exploit accuracy flaws due to emulation of hardware behavior or peculiarities of the client Wi-Fi hardware they operate on. Our evaluation with 60 hardware APs and a variety of tools on different platforms reveals enormous potential for reliable detection. Furthermore, our methods can be performed on typical client hardware within a short period of time without even connecting to a potentially untrustworthy access point. [less ▲] Detailed reference viewed: 312 (4 UL)![]() Palattella, Maria Rita ![]() in IEEE Sensors Journal (2015) Detailed reference viewed: 209 (12 UL)![]() Marchal, Samuel ![]() ![]() ![]() in IEEE Transactions on Network and Service Management (2014), 11(December), 458-471 Despite the growth of prevention techniques, phishing remains an important threat since the principal countermeasures in use are still based on reactive URL blacklisting. This technique is inefficient due ... [more ▼] Despite the growth of prevention techniques, phishing remains an important threat since the principal countermeasures in use are still based on reactive URL blacklisting. This technique is inefficient due to the short lifetime of phishing Web sites, making recent approaches relying on real-time or proactive phishing URL detection techniques more appropriate. In this paper, we introduce PhishStorm, an automated phishing detection system that can analyze in real time any URL in order to identify potential phishing sites. PhishStorm can interface with any email server or HTTP proxy. We argue that phishing URLs usually have few relationships between the part of the URL that must be registered (low-level domain) and the remaining part of the URL (upper-level domain, path, query). We show in this paper that experimental evidence supports this observation and can be used to detect phishing sites. For this purpose, we define the new concept of intra-URL relatedness and evaluate it using features extracted from words that compose a URL based on query data from Google and Yahoo search engines. These features are then used in machine-learning-based classification to detect phishing URLs from a real dataset. Our technique is assessed on 96 018 phishing and legitimate URLs that result in a correct classification rate of 94.91% with only 1.44% false positives. An extension for a URL phishingness rating system exhibiting high confidence rate ( $>$ 99%) is proposed. We discuss in this paper efficient implementation patterns that allow real-time analytics using Big Data architectures such as STORM and advanced data structures based on the Bloom filter. [less ▲] Detailed reference viewed: 661 (5 UL)![]() Bronzi, Walter ![]() ![]() ![]() in 2014 IEEE Vehicular Networking Conference (VNC) (2014, December) Bluetooth Low Energy (BLE) is quickly and steadily gaining importance for a wide range of applications. In this paper we investigate the potential of BLE in a vehicular context. By means of experiments ... [more ▼] Bluetooth Low Energy (BLE) is quickly and steadily gaining importance for a wide range of applications. In this paper we investigate the potential of BLE in a vehicular context. By means of experiments, we first evaluate the characteristics of the wireless channel, then we define a set of driving scenarios to analyze how BLE is affected by varying speed, distance and traffic conditions. We that found the maximum communication range between two devices can go beyond 100 meters and that a robust connection can be achieved up to a distance of 50 meters even for varying traffic and driving conditions. Next, we present a proof-of-concept mobile application for off-the-shelf smartphones that can be used to transmit data over multiple hops. Finally we discuss the advantages and limitations of BLE for Inter-Vehicular Communications (IVC) and propose potential applications. [less ▲] Detailed reference viewed: 240 (11 UL)![]() Forster, Markus ![]() ![]() ![]() in International Conference on Connected Vehicles and Expo (2014, November) In this paper we investigate an event-driven Inter-Vehicle Communication protocol to mitigate shock waves in dense traffic situation. From previous work we know that flooding or frequent beaconing require ... [more ▼] In this paper we investigate an event-driven Inter-Vehicle Communication protocol to mitigate shock waves in dense traffic situation. From previous work we know that flooding or frequent beaconing require excessive network resources. To overcome this limitation we focus on an efficient message exchange mechanism requiring as few network resources as possible, while still providing timely and accurate traffic information. We designed Density Redistribution through Intelligent Velocity Estimation (DRIVE), an event-driven Inter-Vehicle Communication protocol that learns about traffic conditions ahead and recommends optimal velocities in order to prevent the formation of vehicular shock waves. We demonstrate that our approach of reacting in case of traffic fluctuations leads to significant improvements in overall traffic flow. Furthermore we show that even a low number of equipped vehicles is sufficient to achieve this target. [less ▲] Detailed reference viewed: 217 (3 UL)![]() Marchal, Samuel ![]() ![]() ![]() in Proceedings of the 10th International Conference on Network and Service Management (2014, November) Despite the growth of prevention techniques, phishing remains an important threat since the principal countermeasures in use are still based on reactive URL blacklisting. This technique is inefficient due ... [more ▼] Despite the growth of prevention techniques, phishing remains an important threat since the principal countermeasures in use are still based on reactive URL blacklisting. This technique is inefficient due to the short lifetime of phishing Web sites, making recent approaches relying on real-time or proactive phishing URLs detection techniques more appropriate. In this paper we introduce PhishScore, an automated real-time phishing detection system. We observed that phishing URLs usually have few relationships between the part of the URL that must be registered (upper level domain) and the remaining part of the URL (low level domain, path, query). Hence, we define this concept as intra-URL relatedness and evaluate it using features extracted from words that compose a URL based on query data from Google and Yahoo search engines. These features are then used in machine learning based classification to detect phishing URLs from a real dataset. [less ▲] Detailed reference viewed: 377 (12 UL)![]() Melakessou, Foued ![]() ![]() in Abstract book of 30th International CAE Conference, CAE'14 (2014) Network Analysis and Routing eVALuation, referenced as NARVAL has been designed on top of the Scilab environment. It has been created at the University of Luxembourg within the Interdisciplinary Centre ... [more ▼] Network Analysis and Routing eVALuation, referenced as NARVAL has been designed on top of the Scilab environment. It has been created at the University of Luxembourg within the Interdisciplinary Centre for Security, Reliability and Trust (SnT). The Centre carries out interdisciplinary research and graduate education in secure, reliable, and trustworthy ICT systems and services. This Scilab External Module is focusing on the analysis of network protocols and algorithms. Each network of communicating devices such as computers, phones or sensors, needs to follows specific rules in order to organize and control the data exchange between source and destination nodes. Communication protocols enable to discover the network topology, and to propagate the data traffic between network entities. The main goal of our toolbox is to provide a complete software environment enabling the understanding of available communication algorithms, but also the design of new schemes in order to evaluate and improve the traffic behavior and distribution on network topologies defined by the user. NARVAL permits to generate random topologies according to various algorithms such as Locality, Waxman, Barabasi-Albert and hierarchical models. The user can also design his own topology by providing nodes' coordinates, visualization parameters, and also links' information that are necessary for path calculation. The combination of these functions enables to build a large range of topologies with distinct routing properties. The NARVAL module permits to study the impact of routing algorithms on the effectiveness of transmission protocols used by data communications on a defined network topology. We provide a set of basic functions in order to create network graphs, compute routing algorithms (AODV, BFS, DFS, Bellman-Ford, Dijkstra, Flood, Floyd-Warshall, Multiple Paths, RPL, ARC, etc.) on them and finally make statistical analysis on the efficiency of data communications. The mobility of nodes (Mobile/Vehicular Ad hoc NETwork MANET/ VANET) is also supported according to models such as Random Direction, Random Walk, Random Way Point, etc. The target audience of this external module includes academics, students, engineers and scientists. We put some efforts to build detailed help files. The description of each function has been carefully done in order to facilitate the end users' comprehension. It is often accompanied with explicit diagrams. Our simulations and results obtained with NARVAL have been published in several IEEE international conferences and journals. This research contribution was partially supported by the following European FP7 projects: U2010 (http://www.u2010.eu), EFIPSANS (http://www.efipsans.org), IoT6 (http://www.iot6.eu) and BUTLER (http://www.iot-butler.eu). [less ▲] Detailed reference viewed: 450 (4 UL)![]() Afshari, Saeed ![]() ![]() ![]() in Proceedings of NordiCHI '14, October 26 - 30 2014, Helsinki, Finland (2014, October 26) This work-in-progress paper presents a study of interaction techniques for mobile devices, with a focus on gaming scenarios. We introduce and explore usability and performance aspects of a novel compass ... [more ▼] This work-in-progress paper presents a study of interaction techniques for mobile devices, with a focus on gaming scenarios. We introduce and explore usability and performance aspects of a novel compass based control for tangible around-device interaction, and compare it with traditional mobile gaming controls, such as touchscreen thumbstick, swiping and tilt-based approaches. [less ▲] Detailed reference viewed: 423 (27 UL)![]() Codeca, Lara ![]() ![]() ![]() in Proceedings of 17th Internatonal IEEE Conference on Intelligent Transportation Systems (2014, October) There are many studies concerning the problem of traffic congestion in cities. One of the best accepted solutions to relieving congestion involves optimization of resources already available, by means of ... [more ▼] There are many studies concerning the problem of traffic congestion in cities. One of the best accepted solutions to relieving congestion involves optimization of resources already available, by means of balancing traffic flows to minimize travel delays. To achieve this optimization, it is necessary to collect and process Floating Car Data (FCD) from vehicles. In this paper we evaluate the repercussions of partial information on the overall traffic view, and consequently on the outcome of the optimization. Our study focuses on the role of the user participation rate and the availability of Road Side Units to collect the FCD. By means of simulation we quantify the impact of partially-available information on the computation of route optimization, and how it impedes traffic flows. Our results show that even minor uncertainties can significantly impact routing strategies and lead to deterioration in the overall traffic situation. [less ▲] Detailed reference viewed: 212 (14 UL)![]() Kracheel, Martin ![]() ![]() ![]() Scientific Conference (2014, September 30) The project aims to produce a pervasive, gamified system that tries to incentivize mobility behaviour change by offering alternative activities in contrast to usual journeys in such way that it will ... [more ▼] The project aims to produce a pervasive, gamified system that tries to incentivize mobility behaviour change by offering alternative activities in contrast to usual journeys in such way that it will reduce traffic, emissions and, in the end, save money. The alternatives, for example, such as taking different modes of transport, are incentivised through gamification. In order to develop this pervasive system, we analysed existing mobility patterns of commuters in Luxembourg. The methodology that we developed consists of a questionnaire, a smartphone application and focus group interviews. This paper presents the findings of the questionnaire and how they influence the design of the gamified pervasive application. [less ▲] Detailed reference viewed: 260 (15 UL)![]() Melakessou, Foued ![]() ![]() ![]() in Towards a New Way of Reliable Routing: Multiple Paths over ARCs (2014, September 24) The Available Routing Construct (ARC), recently proposed at IETF, provides a promising model for achieving highly reliable routing in large-scale networks. Among its features, ARC offers multi-path ... [more ▼] The Available Routing Construct (ARC), recently proposed at IETF, provides a promising model for achieving highly reliable routing in large-scale networks. Among its features, ARC offers multi-path routing by design. In the present work, we introduced ARC for the first time to the research community. Then, we showed, by means of simulation results, how ARC over-performs classical multi-path routing algorithms, by building disjoint multiple paths without extra-cost due to new route computation. [less ▲] Detailed reference viewed: 188 (0 UL)![]() Lanze, Fabian ![]() ![]() in Proceedings of the 10th ACM International Symposium on QoS and Security for Wireless and Mobile Networks (2014, September) Commonly used identifiers for IEEE 802.11 access points (APs), such as network name (SSID), MAC (BSSID), or IP address can be trivially spoofed. Impersonating existing APs with faked ones to attract their ... [more ▼] Commonly used identifiers for IEEE 802.11 access points (APs), such as network name (SSID), MAC (BSSID), or IP address can be trivially spoofed. Impersonating existing APs with faked ones to attract their traffic is referred to in the literature as the evil twin attack. It allows an attacker with little effort and expenditure to fake a genuine AP and intercept, collect, or alter (potentially even encrypted) data. Due to its severity, the topic has gained remarkable research interest in the past decade. In this paper, we introduce a differentiated attacker model to express the attack in all its facets. We propose a taxonomy for classifying and struc- turing countermeasures and apply it to existing approaches. We are the first to conduct a comprehensive survey in this domain to reveal the potential and the limits of state-of- the-art solutions. Our study discloses an important attack scenario which has not been addressed so far, i.e., the usage of specialized software to mount the attack. We propose and experimentally validate a novel method to detect evil twin APs operated by software within a few seconds. [less ▲] Detailed reference viewed: 302 (7 UL)![]() Hermann, Frank ![]() ![]() ![]() Report (2014) Software translation is a challenging task. Several requirements are important - including automation of the execution, maintainability of the translation patterns, and, most importantly, reliability ... [more ▼] Software translation is a challenging task. Several requirements are important - including automation of the execution, maintainability of the translation patterns, and, most importantly, reliability concerning the correctness of the translation. Triple graph grammars (TGGs) have shown to be an intuitive, wellde ned technique for model translation. In this paper, we leverage TGGs for industry scale software translations. The approach is implemented using the Eclipse-based graph transformation tool Henshin and has been successfully applied in a large industrial project with the satellite operator SES on the translation of satellite control procedures. We evaluate the approach regarding requirements from the project and performance on a complete set of procedures of one satellite. [less ▲] Detailed reference viewed: 306 (49 UL)![]() Marchal, Samuel ![]() ![]() in Proceedings of the 3rd IEEE Congress on Big Data (2014, July) Network traffic is a rich source of information for security monitoring. However the increasing volume of data to treat raises issues, rendering holistic analysis of network traffic difficult. In this ... [more ▼] Network traffic is a rich source of information for security monitoring. However the increasing volume of data to treat raises issues, rendering holistic analysis of network traffic difficult. In this paper we propose a solution to cope with the tremendous amount of data to analyse for security monitoring perspectives. We introduce an architecture dedicated to security monitoring of local enterprise networks. The application domain of such a system is mainly network intrusion detection and prevention, but can be used as well for forensic analysis. This architecture integrates two systems, one dedicated to scalable distributed data storage and management and the other dedicated to data exploitation. DNS data, NetFlow records, HTTP traffic and honeypot data are mined and correlated in a distributed system that leverages state of the art big data solution. Data correlation schemes are proposed and their performance are evaluated against several well-known big data framework including Hadoop and Spark. [less ▲] Detailed reference viewed: 588 (14 UL)![]() Hermann, Frank ![]() ![]() ![]() in Theory and Practice of Model Transformations (2014, July) Software translation is a challenging task. Several requirements are important – including automation of the execution, maintainability of the translation patterns, and, most importantly, reliability ... [more ▼] Software translation is a challenging task. Several requirements are important – including automation of the execution, maintainability of the translation patterns, and, most importantly, reliability concerning the correctness of the translation. Triple graph grammars (TGGs) have shown to be an intuitive, well-defined technique for model translation. In this paper, we leverage TGGs for industry scale software translations. The approach is implemented using the Eclipse-based graph transformation tool Henshin and has been successfully applied in a large industrial project with the satellite operator SES on the translation of satellite control procedures. We evaluate the approach regarding requirements from the project and performance on a complete set of procedures of one satellite. [less ▲] Detailed reference viewed: 364 (39 UL)![]() Jerome, Quentin ![]() ![]() ![]() in IEEE International Conference on Communications, ICC 2014, Sydney Australia, June 10-14, 2014 (2014, June) Recently, the Android platform has seen its number of malicious applications increased sharply. Motivated by the easy application submission process and the number of alternative market places for ... [more ▼] Recently, the Android platform has seen its number of malicious applications increased sharply. Motivated by the easy application submission process and the number of alternative market places for distributing Android applications, rogue authors are developing constantly new malicious programs. While current anti-virus software mainly relies on signature detection, the issue of alternative malware detection has to be addressed. In this paper, we present a feature based detection mechanism relying on opcode-sequences combined with machine learning techniques. We assess our tool on both a reference dataset known as Genome Project as well as on a wider sample of 40,000 applications retrieved from the Google Play Store. [less ▲] Detailed reference viewed: 320 (12 UL)![]() Melakessou, Foued ![]() ![]() Scientific Conference (2014, May 15) Detailed reference viewed: 128 (0 UL)![]() Frank, Raphaël ![]() ![]() ![]() in Proceedings of the 11th IEEE/IFIP Annual Conference on Wireless On-demand Network Systems and Services (2014, April) Detailed reference viewed: 294 (8 UL)![]() Hermann, Frank ![]() ![]() ![]() Report (2014) Software Defined Networks using OpenFlow have to provide a re- liable way to detect network faults and attacks. This technical report shows a formal analysis of correctness for an automated code extension ... [more ▼] Software Defined Networks using OpenFlow have to provide a re- liable way to detect network faults and attacks. This technical report shows a formal analysis of correctness for an automated code extension technique used to extend OpenFlow networks with a logging mecha- nism that is used for the detection of faults and attacks. As presented in a companion paper, we applied the code extension techniques for a framework that can extend controller programs transparently, making possible on-line fault management, debugging as well as off-line and forensic analysis. [less ▲] Detailed reference viewed: 199 (37 UL) |
||