Christophe Huygens

LooCI: a loosely-coupled component infrastructure for networked embedded systems

Considerable research has been performed in applying run-time reconfigurable component models to the domain of wireless sensor networks. The ability to dynamically deploy and reconfigure software components has clear advantages in sensor network deployments, which are typically large in scale and expected to operate for long periods in the face of node mobility, dynamic environmental conditions and changing application requirements. To date, research on component and binding models for sensor networks has primarily focused on the development of specialized component models that are optimized for use in resource-constrained environments. However, current approaches impose significant overhead upon developers and tend to use inflexible binding models based on remote procedure calls. To address these concerns, we introduce a novel component and binding model for networked embedded systems (LooCI). LooCI components are designed to impose minimal additional overhead on developers. Furthermore, LooCI components use a novel event-based binding model that allows developers to model rich component interactions, while providing support for easy interception, re-wiring and re-use. A prototype implementation of our component and binding model has been realised for the SunSPOT platform. Our preliminary evaluation shows that LooCI has an acceptable memory footprint and imposes minimal overhead on developers.

A Study on Advanced Persistent Threats

A recent class of threats, known as Advanced Persistent Threats (APTs), has drawn increasing attention from researchers, primarily from the industrial security sector. APTs are cyber attacks executed by sophisticated and well-resourced adversaries targeting specific information in high-profile companies and governments, usually in a long term campaign involving different steps. To a significant extent, the academic community has neglected the specificity of these threats and as such an objective approach to the APT issue is lacking. In this paper, we present the results of a comprehensive study on APT, characterizing its distinguishing characteristics and attack model, and analyzing techniques commonly seen in APT attacks. We also enumerate some non-conventional countermeasures that can help to mitigate APTs, hereby highlighting the directions for future research.

Using Security Patterns to Combine Security Metrics

Measuring security is an important step in creating and deploying secure applications. In order to efficiently measure the level of security that an application provides, three problems need to be solved: obviously metrics need to be available, a suitable metrics framework needs to be chosen and implemented, and the resulting measurements need to be interpreted. This work focuses on the second and third problem. We propose an approach to facilitate the selection and integration of appropriate security metrics, and to support the aggregation and interpretation of measurements. Our approach associates security metrics to security patterns, and we exploit the relationships between security patterns and security objectives to enable the interpretation of measurements. The approach is illustrated in a case study.

LooCI: The Loosely-coupled Component Infrastructure

Creating and managing applications for Wireless Sensor Networks (WSNs) is complicated by large scale, resource constraints and network dynamics. Reconfigurable component models minimize these complexities throughout the application lifecycle. However, contemporary component based middleware for WSNs is limited by its poor support for distribution. This paper introduces the Loosely-coupled Component Infrastructure (LooCI), a middleware for building distributed component-based WSN applications. LooCI advances the state-of-the-art by cleanly separating distributed concerns from component implementation, supporting application-level interoperability between heterogeneous WSN platforms and providing compatibility testing of bindings at runtime. Together, these features promote the safe and efficient composition and reconfiguration of distributed WSN applications. We evaluate the performance of LooCI on three classes of sensor nodes and demonstrate that these features can be provided with minimal overhead in terms of computation, memory and message passing.

A middleware platform to support river monitoring using wireless sensor networks

Flooding is a critical global problem, which is growing more severe due to the effects of climate change. This problem is particularly acute in the state of São Paulo, Brazil, where flooding during the rainy season incurs significant financial and human costs. Another critical problem associated with flooding is the high level of pollution present in urban rivers. Efforts to address these problems focus upon three key research areas: river monitoring, modelling of river conditions and incident response. This paper introduces a rich next-generation middleware platform designed to support wireless sensor network based environmental monitoring along with a supporting hardware platform. This system has been deployed and evaluated in a real-world river monitoring scenario in the city of São Carlos, Brazil.

Federated and Shared Use of Sensor Networks through Security Middleware

The lack of support for federation and sharing inhibits real-world deployment of wireless sensor networks (WSNs). In federated mode, multiple sensor networks belonging to separate administrative domains are used to achieve an application’s goal; in shared mode a single sensor or network provides its services to a range of applications. The lack of support for federation and sharing is particularly problematic with respect to enforcing security, not only at node or network level but also at the end-to-end application level. This paper highlights the missing links in state-of-the-art WSN security mechanisms, identifies the extra security requirements of shared and federated operations, and provides a high-level overview of security middleware and mechanisms to address the challenges. The resulting structured inventory of mechanisms provides building blocks to tackle the security problem and guides further research in this area.

Building Wireless Sensor Network Applications with LooCI

Considerable research has been performed in applying run-time reconfigurable component models to the domain of wireless sensor networks. The ability to dynamically deploy and reconfigure software components has clear advantages in sensor networks, which are typically large in scale and expected to operate for long periods in the face of node mobility, dynamic environmental conditions, and changing application requirements. LooCI is a component and binding model that is optimized for use in resource-constrained environments such as Wireless Sensor Networks. LooCI components use a novel event-based binding model that allows developers to model rich component interactions, while providing support for run-time reconfiguration, reflection, and policy-based management. This paper reports on the design of LooCI and describes a prototype implementation for the Sun SPOT. This platform is then evaluated in context of a real-world river monitoring and warning scenario in the city of Sao Carlos, Brazil.

MASY: MAnagement of Secret keYs for federated mobile wireless sensor networks

Wireless Sensor Networks are becoming federated and mobile environments. These new capabilities pose a lot of new possibilities and challenges. One of these challenges is to create a secure environment to allow multiple trusted companies to share and merge their sensor network infrastructure. The most basic need for a secure environment is the deployment of key material. However, most current day research assumes pre-shared secrets between the sensor nodes of most, if not all, companies in a federation. These solutions are often not scalable nor mobile enough to meet realistic business requirements. Additionally, most key deployment protocols totally omit any connectivity with back-end infrastructure. This paper proposes a novel deployment protocol for the MAnagement of Secret keYs (MASY). MASY allows secure deployment of a key to a sensor node when it enters a previously unknown network. By off-loading the trust creation process to the resource-rich back-end infrastructure, the burden on the sensor nodes remains very limited.

A Dangerous Mix: Large-Scale Analysis of Mixed-Content Websites

In this paper, we investigate the current state of practice about mixed-content websites, websites that are accessed using the HTTPS protocol, yet include some additional resources using HTTP. Through a large-scale experiment, we show that about half of the Internets most popular websites are currently using this practice and are thus vulnerable to a wide range of attacks, including the stealing of cookies and the injection of malicious JavaScript in the context of the vulnerable websites. Additionally, we investigate the default behavior of browsers on mobile devices and show that most of them, by default, allow the rendering of mixed content, which demonstrates that hundreds of thousands of mobile users are currently vulnerable to MITM attacks.

Evolutionary algorithms for classification of malware families through different network behaviors

The staggering increase of malware families and their diversity poses a significant threat and creates a compelling need for automatic classification techniques. In this paper, we first analyze the role of network behavior as a powerful technique to automatically classify malware families and their polymorphic variants. Afterwards, we present a framework to efficiently classify malware families by modeling their different network behaviors (such as HTTP, SMTP, UDP, and TCP). We propose protocol-aware and state-space modeling schemes to extract features from malware network behaviors. We analyze the applicability of various evolutionary and non-evolutionary algorithms for our malware family classification framework. To evaluate our framework, we collected a real-world dataset of