Visible to the public Biblio

Filters: Keyword is Object recognition  [Clear All Filters]
2021-08-11
Huang, Cheng-Wei, Wu, Tien-Yi, Tai, Yuan, Shao, Ching-Hsuan, Chen, Lo-An, Tsai, Meng-Hsun.  2020.  Machine learning-based IP Camera identification system. 2020 International Computer Symposium (ICS). :426—430.
With the development of technology, application of the Internet in daily life is increasing, making our connection with the Internet closer. However, with the improvement of convenience, information security has become more and more important. How to ensure information security in a convenient living environment is a question worth discussing. For instance, the widespread deployment of IP-cameras has made great progress in terms of convenience. On the contrary, it increases the risk of privacy exposure. Poorly designed surveillance devices may be implanted with suspicious software, which might be a thorny issue to human life. To effectively identify vulnerable devices, we design an SDN-based identification system that uses machine learning technology to identify brands and probable model types by identifying packet features. The identifying results make it possible for further vulnerability analysis.
MILLAR, KYLE, CHENG, ADRIEL, CHEW, HONG GUNN, LIM, CHENG-CHEW.  2020.  Operating System Classification: A Minimalist Approach. 2020 International Conference on Machine Learning and Cybernetics (ICMLC). :143—150.
Operating system (OS) classification is of growing importance to network administrators and cybersecurity analysts alike. The composition of OSs on a network allows for a better quality of device management to be achieved. Additionally, it can be used to identify devices that pose a security risk to the network. However, the sheer number and diversity of OSs that comprise modern networks have vastly increased this management complexity. We leverage insights from social networking theory to provide an encryption-invariant OS classification technique that is quick to train and widely deployable on various network configurations. In particular, we show how an affiliation graph can be used as an input to a machine learning classifier to predict the OS of a device using only the IP addresses for which the device communicates with.We examine the effectiveness of our approach through an empirical analysis of 498 devices on a university campus’ wireless network. In particular, we show our methodology can classify different OS families (i.e., Apple, Windows, and Android OSs) with an accuracy of 99.3%. Furthermore, we extend this study by: 1) examining distinct OSs (e.g., iOS, OS X, and Windows 10); 2) investigating the interval of time required to make an accurate prediction; and, 3) determining the effectiveness of our approach after six months.
2021-05-20
Antonio, Elbren, Fajardo, Arnel, Medina, Ruji.  2020.  Tracking Browser Fingerprint using Rule Based Algorithm. 2020 16th IEEE International Colloquium on Signal Processing Its Applications (CSPA). :225—229.

Browsers collects information for better user experience by allowing JavaScript's and other extensions. Advertiser and other trackers take advantage on this useful information to tracked users across the web from remote devices on the purpose of individual unique identifications the so-called browser fingerprinting. Our work explores the diversity and stability of browser fingerprint by modifying the rule-based algorithm. Browser fingerprint rely only from the gathered data through browser, it is hard to tell that this piece of information still the same when upgrades and or downgrades are happening to any browsers and software's without user consent, which is stability and diversity are the most important usage of generating browser fingerprint. We implemented device fingerprint to identify consenting visitors in our website and evaluate individual devices attributes by calculating entropy of each selected attributes. In this research, it is noted that we emphasize only on data collected through a web browser by employing twenty (20) attributes to identify promising high value information to track how device information evolve and consistent in a period of time, likewise, we manually selected device information for evaluation where we apply the modified rules. Finally, this research is conducted and focused on the devices having the closest configuration and device information to test how devices differ from each other after several days of using on the basis of individual user configurations, this will prove in our study that every device is unique.

2021-05-03
Zhu, Fangzhou, Liu, Liang, Meng, Weizhi, Lv, Ting, Hu, Simin, Ye, Renjun.  2020.  SCAFFISD: A Scalable Framework for Fine-Grained Identification and Security Detection of Wireless Routers. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1194–1199.

The security of wireless network devices has received widespread attention, but most existing schemes cannot achieve fine-grained device identification. In practice, the security vulnerabilities of a device are heavily depending on its model and firmware version. Motivated by this issue, we propose a universal, extensible and device-independent framework called SCAFFISD, which can provide fine-grained identification of wireless routers. It can generate access rules to extract effective information from the router admin page automatically and perform quick scans for known device vulnerabilities. Meanwhile, SCAFFISD can identify rogue access points (APs) in combination with existing detection methods, with the purpose of performing a comprehensive security assessment of wireless networks. We implement the prototype of SCAFFISD and verify its effectiveness through security scans of actual products.

2021-04-27
Zerrouki, F., Ouchani, S., Bouarfa, H..  2020.  Quantifying Security and Performance of Physical Unclonable Functions. 2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS). :1—4.

Physical Unclonable Function is an innovative hardware security primitives that exploit the physical characteristics of a physical object to generate a unique identifier, which play the role of the object's fingerprint. Silicon PUF, a popular type of PUFs, exploits the variation in the manufacturing process of integrated circuits (ICs). It needs an input called challenge to generate the response as an output. In addition, of classical attacks, PUFs are vulnerable to physical and modeling attacks. The performance of the PUFs is measured by several metrics like reliability, uniqueness and uniformity. So as an evidence, the main goal is to provide a complete tool that checks the strength and quantifies the performance of a given physical unconscionable function. This paper provides a tool and develops a set of metrics that can achieve safely the proposed goal.

2021-03-29
Maklachkova, V. V., Dokuchaev, V. A., Statev, V. Y..  2020.  Risks Identification in the Exploitation of a Geographically Distributed Cloud Infrastructure for Storing Personal Data. 2020 International Conference on Engineering Management of Communication and Technology (EMCTECH). :1—6.

Throughout the life cycle of any technical project, the enterprise needs to assess the risks associated with its development, commissioning, operation and decommissioning. This article defines the task of researching risks in relation to the operation of a data storage subsystem in the cloud infrastructure of a geographically distributed company and the tools that are required for this. Analysts point out that, compared to 2018, in 2019 there were 3.5 times more cases of confidential information leaks from storages on unprotected (freely accessible due to incorrect configuration) servers in cloud services. The total number of compromised personal data and payment information records increased 5.4 times compared to 2018 and amounted to more than 8.35 billion records. Moreover, the share of leaks of payment information has decreased, but the percentage of leaks of personal data has grown and accounts for almost 90% of all leaks from cloud storage. On average, each unsecured service identified resulted in 33.7 million personal data records being leaked. Leaks are mainly related to misconfiguration of services and stored resources, as well as human factors. These impacts can be minimized by improving the skills of cloud storage administrators and regularly auditing storage. Despite its seeming insecurity, the cloud is a reliable way of storing data. At the same time, leaks are still occurring. According to Kaspersky Lab, every tenth (11%) data leak from the cloud became possible due to the actions of the provider, while a third of all cyber incidents in the cloud (31% in Russia and 33% in the world) were due to gullibility company employees caught up in social engineering techniques. Minimizing the risks associated with the storage of personal data is one of the main tasks when operating a company's cloud infrastructure.

2021-03-17
Haseeb, J., Mansoori, M., Welch, I..  2020.  A Measurement Study of IoT-Based Attacks Using IoT Kill Chain. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :557—567.

Manufacturing limitations, configuration and maintenance flaws associated with the Internet of Things (IoT) devices have resulted in an ever-expanding attack surface. Attackers exploit IoT devices to steal private information, take part in botnets, perform Denial of Service (DoS) attacks and use their resources for the mining of cryptocurrency. In this paper, we experimentally evaluate a hypothesis that attacks on IoT devices follow the generalised Cyber Kill Chain (CKC) model. We used a medium-interaction honeypot to capture and analyse more than 30,000 attacks targeting IoT devices. We classified the steps taken by the attackers using the CKC model and extended CKC to an IoT Kill Chain (IoTKC) model. The IoTKC provides details about IoT-specific attack characteristics and attackers' activities in the exploitation of IoT devices.

2021-03-01
Taylor, E., Shekhar, S., Taylor, G. W..  2020.  Response Time Analysis for Explainability of Visual Processing in CNNs. 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW). :1555–1558.
Explainable artificial intelligence (XAI) methods rely on access to model architecture and parameters that is not always feasible for most users, practitioners, and regulators. Inspired by cognitive psychology, we present a case for response times (RTs) as a technique for XAI. RTs are observable without access to the model. Moreover, dynamic inference models performing conditional computation generate variable RTs for visual learning tasks depending on hierarchical representations. We show that MSDNet, a conditional computation model with early-exit architecture, exhibits slower RT for images with more complex features in the ObjectNet test set, as well as the human phenomenon of scene grammar, where object recognition depends on intrascene object-object relationships. These results cast light on MSDNet's feature space without opening the black box and illustrate the promise of RT methods for XAI.
2021-02-08
Prathusha, P., Jyothi, S., Mamatha, D. M..  2018.  Enhanced Image Edge Detection Methods for Crab Species Identification. 2018 International Conference on Soft-computing and Network Security (ICSNS). :1—7.

Automatic Image Analysis, Image Classification, Automatic Object Recognition are some of the aspiring research areas in various fields of Engineering. Many Industrial and biological applications demand Image Analysis and Image Classification. Sample images available for classification may be complex, image data may be inadequate or component regions in the image may have poor visibility. With the available information each Digital Image Processing application has to analyze, classify and recognize the objects appropriately. Pre-processing, Image segmentation, feature extraction and classification are the most common steps to follow for Classification of Images. In this study we applied various existing edge detection methods like Robert, Sobel, Prewitt, Canny, Otsu and Laplacian of Guassian to crab images. From the conducted analysis of all edge detection operators, it is observed that Sobel, Prewitt, Robert operators are ideal for enhancement. The paper proposes Enhanced Sobel operator, Enhanced Prewitt operator and Enhanced Robert operator using morphological operations and masking. The novelty of the proposed approach is that it gives thick edges to the crab images and removes spurious edges with help of m-connectivity. Parameters which measure the accuracy of the results are employed to compare the existing edge detection operators with proposed edge detection operators. This approach shows better results than existing edge detection operators.

2021-02-03
Sabu, R., Yasuda, K., Kato, R., Kawaguchi, S., Iwata, H..  2020.  Does visual search by neck motion improve hemispatial neglect?: An experimental study using an immersive virtual reality system 2020 IEEE International Conference on Systems, Man, and Cybernetics (SMC). :262—267.

Unilateral spatial neglect (USN) is a higher cognitive dysfunction that can occur after a stroke. It is defined as an impairment in finding, reporting, reacting to, and directing stimuli opposite the damaged side of the brain. We have proposed a system to identify neglected regions in USN patients in three dimensions using three-dimensional virtual reality. The objectives of this study are twofold: first, to propose a system for numerically identifying the neglected regions using an object detection task in a virtual space, and second, to compare the neglected regions during object detection when the patient's neck is immobilized (‘fixed-neck’ condition) versus when the neck can be freely moved to search (‘free-neck’ condition). We performed the test using an immersive virtual reality system, once with the patient's neck fixed and once with the patient's neck free to move. Comparing the results of the study in two patients, we found that the neglected areas were similar in the fixed-neck condition. However, in the free-neck condition, one patient's neglect improved while the other patient’s neglect worsened. These results suggest that exploratory ability affects the symptoms of USN and is crucial for clinical evaluation of USN patients.

2021-01-11
Fomin, I., Burin, V., Bakhshiev, A..  2020.  Research on Neural Networks Integration for Object Classification in Video Analysis Systems. 2020 International Conference on Industrial Engineering, Applications and Manufacturing (ICIEAM). :1—5.

Object recognition with the help of outdoor video surveillance cameras is an important task in the context of ensuring the security at enterprises, public places and even private premises. There have long existed systems that allow detecting moving objects in the image sequence from a video surveillance system. Such a system is partially considered in this research. It detects moving objects using a background model, which has certain problems. Due to this some objects are missed or detected falsely. We propose to combine the moving objects detection results with the classification, using a deep neural network. This will allow determining whether a detected object belongs to a certain class, sorting out false detections, discarding the unnecessary ones (sometimes individual classes are unwanted), to divide detected people into the employees in the uniform and all others, etc. The authors perform a network training in the Keras developer-friendly environment that provides for quick building, changing and training of network architectures. The performance of the Keras integration into a video analysis system, using direct Python script execution techniques, is between 6 and 52 ms, while the precision is between 59.1% and 97.2% for different architectures. The integration, made by freezing a selected network architecture with weights, is selected after testing. After that, frozen architecture can be imported into video analysis using the TensorFlow interface for C++. The performance of such type of integration is between 3 and 49 ms. The precision is between 63.4% and 97.8% for different architectures.

2020-12-07
Yekini, T. Akeem, Jaafar, F., Zavarsky, P..  2019.  Study of Trust at Device Level of the Internet of Things Architecture. 2019 IEEE 19th International Symposium on High Assurance Systems Engineering (HASE). :150–155.
In the Internet of Things architecture, devices are frequently connected to the Internet either directly or indirectly. However, many IoT devices lack built-in security features such as device level encryption, user authentication and basic firewall protection. This paper discusses security risks in the layers of general Internet of Things architecture and shows examples of potential risks at each level of the architecture. The paper also compares IoT security solutions provided by three major vendors and shows that the solutions are mutually complementary. Nevertheless, none of the examined IoT solutions provides security at the device level of the IoT architecture model. In order to address risks at the device level of the architecture, an implementation of Trusted Platform Module and Unique Device Identifier on IoT devices and gateways for encryption, authentication and device management is advocated in the paper.
2020-11-17
Poltronieri, F., Sadler, L., Benincasa, G., Gregory, T., Harrell, J. M., Metu, S., Moulton, C..  2018.  Enabling Efficient and Interoperable Control of IoBT Devices in a Multi-Force Environment. MILCOM 2018 - 2018 IEEE Military Communications Conference (MILCOM). :757—762.

Efficient application of Internet of Battlefield Things (IoBT) technology on the battlefield calls for innovative solutions to control and manage the deluge of heterogeneous IoBT devices. This paper presents an innovative paradigm to address heterogeneity in controlling IoBT and IoT devices, enabling multi-force cooperation in challenging battlefield scenarios.

2020-11-04
Khalid, F., Hanif, M. A., Rehman, S., Ahmed, R., Shafique, M..  2019.  TrISec: Training Data-Unaware Imperceptible Security Attacks on Deep Neural Networks. 2019 IEEE 25th International Symposium on On-Line Testing and Robust System Design (IOLTS). :188—193.

Most of the data manipulation attacks on deep neural networks (DNNs) during the training stage introduce a perceptible noise that can be catered by preprocessing during inference, or can be identified during the validation phase. There-fore, data poisoning attacks during inference (e.g., adversarial attacks) are becoming more popular. However, many of them do not consider the imperceptibility factor in their optimization algorithms, and can be detected by correlation and structural similarity analysis, or noticeable (e.g., by humans) in multi-level security system. Moreover, majority of the inference attack rely on some knowledge about the training dataset. In this paper, we propose a novel methodology which automatically generates imperceptible attack images by using the back-propagation algorithm on pre-trained DNNs, without requiring any information about the training dataset (i.e., completely training data-unaware). We present a case study on traffic sign detection using the VGGNet trained on the German Traffic Sign Recognition Benchmarks dataset in an autonomous driving use case. Our results demonstrate that the generated attack images successfully perform misclassification while remaining imperceptible in both “subjective” and “objective” quality tests.

2020-08-03
Xin, Le, Li, Yuanji, Shang, Shize, Li, Guangrui, Yang, Yuhao.  2019.  A Template Matching Background Filtering Method for Millimeter Wave Human Security Image. 2019 6th Asia-Pacific Conference on Synthetic Aperture Radar (APSAR). :1–6.
In order to solve the interference of burrs, aliasing and other noises in the background area of millimeter wave human security inspection on the objects identification, an adaptive template matching filtering method is proposed. First, the preprocessed original image is segmented by level set algorithm, then the result is used as a template to filter the background of the original image. Finally, the image after background filtered is used as the input of bilateral filtering. The contrast experiments based on the actual millimeter wave image verifies the improvement of this algorithm compared with the traditional filtering method, and proves that this algorithm can filter the background noise of the human security image, retain the image details of the human body area, and is conducive to the object recognition and location in the millimeter wave security image.
2020-07-30
He, Yongzhong, Zhao, Xiaojuan, Wang, Chao.  2019.  Privacy Mining of Large-scale Mobile Usage Data. 2019 IEEE International Conference on Power, Intelligent Computing and Systems (ICPICS). :81—86.
While enjoying the convenience brought by mobile phones, users have been exposed to high risk of private information leakage. It is known that many applications on mobile devices read private data and send them to remote servers. However how, when and in what scale the private data are leaked are not investigated systematically in the real-world scenario. In this paper, a framework is proposed to analyze the usage data from mobile devices and the traffic data from the mobile network and make a comprehensive privacy leakage detection and privacy inference mining on a large scale of realworld mobile data. Firstly, this paper sets up a training dataset and trains a privacy detection model on mobile traffic data. Then classical machine learning tools are used to discover private usage patterns. Based on our experiments and data analysis, it is found that i) a large number of private information is transmitted in plaintext, and even passwords are transmitted in plaintext by some applications, ii) more privacy types are leaked in Android than iOS, while GPS location is the most leaked privacy in both Android and iOS system, iii) the usage pattern is related to mobile device price. Through our experiments and analysis, it can be concluded that mobile privacy leakage is pervasive and serious.
2020-06-29
Wehbi, Khadijeh, Hong, Liang, Al-salah, Tulha, Bhutta, Adeel A.  2019.  A Survey on Machine Learning Based Detection on DDoS Attacks for IoT Systems. 2019 SoutheastCon. :1–6.
Internet of Things (IoT) is transforming the way we live today, improving the quality of living standard and growing the world economy by having smart devices around us making decisions and performing our daily tasks and chores. However, securing the IoT system from malicious attacks is a very challenging task. Some of the most common malicious attacks are Denial of service (DoS), and Distributed Denial of service (DDoS) attacks, which have been causing major security threats to all networks and specifically to limited resource IoT devices. As security will always be a primary factor for enabling most IoT applications, developing a comprehensive detection method that effectively defends against DDoS attacks and can provide 100% detection for DDoS attacks in IoT is a primary goal for the future of IoT. The development of such a method requires a deep understanding of the methods that have been used thus far in the detection of DDoS attacks in the IoT environment. In our survey, we try to emphasize some of the most recent Machine Learning (ML) approaches developed for the detection of DDoS attacks in IoT networks along with their advantage and disadvantages. Comparison between the performances of selected approaches is also provided.
2020-06-19
Haefner, Kyle, Ray, Indrakshi.  2019.  ComplexIoT: Behavior-Based Trust For IoT Networks. 2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA). :56—65.

This work takes a novel approach to classifying the behavior of devices by exploiting the single-purpose nature of IoT devices and analyzing the complexity and variance of their network traffic. We develop a formalized measurement of complexity for IoT devices, and use this measurement to precisely tune an anomaly detection algorithm for each device. We postulate that IoT devices with low complexity lead to a high confidence in their behavioral model and have a correspondingly more precise decision boundary on their predicted behavior. Conversely, complex general purpose devices have lower confidence and a more generalized decision boundary. We show that there is a positive correlation to our complexity measure and the number of outliers found by an anomaly detection algorithm. By tuning this decision boundary based on device complexity we are able to build a behavioral framework for each device that reduces false positive outliers. Finally, we propose an architecture that can use this tuned behavioral model to rank each flow on the network and calculate a trust score ranking of all traffic to and from a device which allows the network to autonomously make access control decisions on a per-flow basis.

2020-05-08
Su, Chunmei, Li, Yonggang, Mao, Wen, Hu, Shangcheng.  2018.  Information Network Risk Assessment Based on AHP and Neural Network. 2018 10th International Conference on Communication Software and Networks (ICCSN). :227—231.
This paper analyzes information network security risk assessment methods and models. Firstly an improved AHP method is proposed to assign the value of assets for solving the problem of risk judgment matrix consistency effectively. And then the neural network technology is proposed to construct the neural network model corresponding to the risk judgment matrix for evaluating the individual risk of assets objectively, the methods for calculating the asset risk value and system risk value are given. Finally some application results are given. Practice proves that the methods are correct and effective, which has been used in information network security risk assessment application and offers a good foundation for the implementation of the automatic assessment.
2020-03-18
Nikoue, Jean Claude, Butakov, Sergey, Malik, Yasir.  2019.  Security Evaluation Methodology for Software Defined Network Solutions. 2019 International Conference on Platform Technology and Service (PlatCon). :1–6.

Software Defined Networking (SDN) has introduced both innovative opportunities and additional risks in the computer networking. Among disadvantages of SDNs one can mention their susceptibility to vulnerabilities associated with both virtualization and the traditional networking. Selecting a proper controller for an organization may not be a trivial task as there is a variety of SDN controllers on the market and each of them may come with its own pros and cons from the security point of view. This research proposes a comprehensive methodology for organizations to evaluate security-related features available in SDN controllers. The methodology can serve as a guideline in the decisions related to SDN choice. The proposed security assessment follows a structured approach to evaluate each layer of the SDN architecture and each metrics defined in presented research has been matched with the security controls defined in NIST 800-53. Through the tests on actual controllers the paper provides an example on how the proposed methodology can be used to evaluate existing SDN solutions.

2020-03-16
Al Ghazo, Alaa T., Kumar, Ratnesh.  2019.  ICS/SCADA Device Recognition: A Hybrid Communication-Patterns and Passive-Fingerprinting Approach. 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). :19–24.
The Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) systems are the backbones for monitoring and supervising factories, power grids, water distribution systems, nuclear plants, and other critical infrastructures. These systems are installed by third party contractors, maintained by site engineers, and operate for a long time. This makes tracing the documentation of the systems' changes and updates challenging since some of their components' information (type, manufacturer, model, etc.) may not be up-to-date, leading to possibly unaccounted security vulnerabilities in the systems. Device recognition is useful first step in vulnerability identification and defense augmentation, but due to the lack of full traceability in case of legacy ICS/SCADA systems, the typical device recognition based on document inspection is not applicable. In this paper, we propose a hybrid approach involving the mix of communication-patterns and passive-fingerprinting to identify the unknown devices' types, manufacturers, and models. The algorithm uses the ICS/SCADA devices's communication-patterns to recognize the control hierarchy levels of the devices. In conjunction, certain distinguishable features in the communication-packets are used to recognize the device manufacturer, and model. We have implemented this hybrid approach in Python, and tested on traffic data from a water treatment SCADA testbed in Singapore (iTrust).
2020-03-09
PONGSRISOMCHAI, Sutthinee, Ngamsuriyaroj, Sudsanguan.  2019.  Automated IT Audit of Windows Server Access Control. 2019 21st International Conference on Advanced Communication Technology (ICACT). :539–544.

To protect sensitive information of an organization, we need to have proper access controls since several data breach incidents were happened because of broken access controls. Normally, the IT auditing process would be used to identify security weaknesses and should be able to detect any potential access control violations in advance. However, most auditing processes are done manually and not performed consistently since lots of resources are required; thus, the auditing is performed for quality assurance purposes only. This paper proposes an automated process to audit the access controls on the Windows server operating system. We define the audit checklist and use the controls defined in ISO/IEC 27002:2013 as a guideline for identifying audit objectives. In addition, an automated audit tool is developed for checking security controls against defined security policies. The results of auditing are the list of automatically generated passed and failed policies. If the auditing is done consistently and automatically, the intrusion incidents could be detected earlier and essential damages could be prevented. Eventually, it would help increase the reliability of the system.

2020-02-17
Nouichi, Douae, Abdelsalam, Mohamed, Nasir, Qassim, Abbas, Sohail.  2019.  IoT Devices Security Using RF Fingerprinting. 2019 Advances in Science and Engineering Technology International Conferences (ASET). :1–7.
Internet of Things (IoT) devices industry is rapidly growing, with an accelerated increase in the list of manufacturers offering a wide range of smart devices selected to enhance end-users' standard of living. Security remains an after-thought in these devices resulting in vulnerabilities. While there exists a cryptographic protocol designed to solve such authentication problem, the computational complexity of cryptographic protocols and scalability problems make almost all cryptography-based authentication protocols impractical for IoT. Wireless RFF (Radio Frequency Fingerprinting) comes as a physical layer-based security authentication method that improves wireless security authentication, which is especially useful for the power and computing limited devices. As a proof-of-concept, this paper proposes a universal SDR (software defined Radio)-based inexpensive implementation intended to sense emitted wireless signals from IoT devices. Our approach is validated by extracting mobile phone signal bursts under different user-dedicated modes. The proposed setup is well adapted to accurately capture signals from different telecommunication standards. To ensure a unique identification of IoT devices, this paper also provides an optimum set of features useful to generate the device identity fingerprint.
2019-10-02
Damghani, H., Hosseinian, H., Damghani, L..  2019.  Investigating Attacks to Improve Security and Privacy in RFID Systems Using the Security Bit Method. 2019 5th Conference on Knowledge Based Engineering and Innovation (KBEI). :833–838.

The RFID technology is now widely used and combined with everyday life. RFID Tag is a wireless device used to identify individuals and objects, in fact, it is a combination of the chip and antenna that sends the necessary information to an RFID Reader. On the other hand, an RFID Reader converts received radio waves into digital information and then provides facilities such as sending data to the computer and processing them. Radio frequency identification is a comprehensive processing technology that has led to a revolution in industry and medicine as an alternative to commercial barcodes. RFID Tag is used to tracking commodities and personal assets in the chain stores and even the human body and medical science. However, security and privacy problems have not yet been solved satisfactorily. There are many technical and economic challenges in this direction. In this paper, some of the latest technical research on privacy and security problems has been investigated in radio-frequency identification and security bit method, and it has been shown that in order to achieve this level of individual security, multiple technologies of RFID security development should combine with each other. These solutions should be cheap, efficient, reliable, flexible and long-term.

2019-04-01
Ledbetter, W., Glisson, W., McDonald, T., Andel, T., Grispos, G., Choo, K..  2018.  Digital Blues: An Investigation Into the Use of Bluetooth Protocols. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :498–503.
The proliferation of Bluetooth mobile device communications into all aspects of modern society raises security questions by both academicians and practitioners. This environment prompted an investigation into the real-world use of Bluetooth protocols along with an analysis of documented security attacks. The experiment discussed in this paper collected data for one week in a local coffee shop. The data collection took about an hour each day and identified 478 distinct devices. The contribution of this research is two-fold. First, it provides insight into real-world Bluetooth protocols that are being utilized by the general public. Second, it provides foundational research that is necessary for future Bluetooth penetration testing research.