Laura Gheorghe

Fault-Tolerant Flooding Time Synchronization Protocol for Wireless Sensor Networks

Time synchronization is one of the basic middleware services in Wireless Sensor Networks. It is required in various applications such as target tracking, sensor event ordering, sound delay measurements and time-division multiplexing. Fault-tolerance in needed in order to perform correctly in the presence of faulty nodes. We extended Flooding Time Synchronization Protocol to support fault-tolerance in the case of malicious nodes that lie about their global time. The proposed algorithm will detect inconsistent global time and start asking the neighbors about their received global time. After it gathers sufficient information from its neighbors so that it can compute a new time value, it decides if the initially received global time was correct or not. If it was incorrect, the new computed value is stored. Otherwise, it permits the initial global time to be stored on the sensor device.

Accelerating Encryption Algorithms Using Parallelism

The importance of protecting the information has increased rapidly during the last decades and as a consequence so did the need for cryptographic algorithms. We want to increase the speed of these methods that protect our data as much as we can. In this paper , we used parallelism for encryption algorithms and I/O operations to emphasize the benefit of it, by implementing and improving two cryptographic modes such as Cipher Block Chaining (CBC ) and Interleaved CBC (ICBC ) for Advanced Encryption Algorithm (AES ). The result of this paper is the remarkable speedup in encryption and decryption time of cryptographic systems when using parallel paradigms (OpenCL, Cuda, OpenMP) and the comparison of the serial versus parallel implementation.

Adaptive Security Framework for Wireless Sensor Networks

Wireless Sensor Networks are used in a large number of tracking and monitoring applications. The level of security required by an application depends on the threat level, available resources, and security requirements. In this paper, we present a modular and extensible framework, called Adaptive Security Framework (ASF) that adjusts security to the detected threats, available energy and memory, and application requirements. The framework includes three types of components: the Context modules, the Security Adaptation module, and the Security layer. The security level is modified according to the output of the Context modules, and it is then used to enable the appropriate security primitives available in the Security layer. We evaluate our solution in multiple attack scenarios, we determine its resource consumption and we compare it to other State of the Art solutions. Our framework has the following advantages: it takes into consideration the context, but also allows for manual reconfiguration, it has a global, aggregated view of the context, it provides different authentication and encryption algorithms associated to each security level, it is extensible and modular.

Real time implementation of MELP speech compression algorithm using Blackfin processors

A large part of the latest research in speech coding algorithms is motivated by the need of obtaining secure military communications, to allow effective operation in a hostile environment. Since the bandwidth of the communication channel is a sensitive problem in military applications, low bit-rate speech compression methods are mostly used. Several speech processing applications such as Mixed Excitation Linear Prediction are characterized by very strict requirements in power consumption, size, and voltage supply. These requirements are difficult to fulfill, given the complexity and number of functions to be implemented, together with the real time requirement and large dynamic range of the input signals. To meet these constraints, careful optimization should be done at all levels, ranging from algorithmic level, through system and circuit architecture, to layout and design of the cell library. The key points of this optimization are among others, the choice of the algorithms, the modification of the algorithms to reduce computational complexity, the choice of a fixed-point arithmetic unit, the minimization of the number of bits required at every node of the algorithm, and a careful match between algorithms and architecture. This paper concentrates on low bit rate speech coding technology, mainly in MELP and solved the problem of optimizing the program of MELP on Digital Signal Processor platform. The algorithm was ported onto a fixed point DSP, Blackfin 537, and stage by stage optimization was performed to meet the real time requirements. The main functions involved were analysis, parameter encoding, parameter decoding and synthesis. The fixed point source code at the MELP front end was also thoroughly optimized at the C Level. Memory optimization techniques such as data placement and caching were also used to reduce the processing time. The results we obtained show that real-time implementations of a speech vocoder based on the MELP standard for low bit rate communications (2400 bps) can be successful on DSP platforms.

Authentication and Anti-replay Security Protocol for Wireless Sensor Networks

Wireless Sensor Networks are used in domains such as medical monitoring, homeland security, industrial automation and military applications, therefore it is very critical to protect the network against malicious attacks. This paper presents a new security protocol that provides conversation authentication, integrity, intrusion prevention and anti-replay protection. The protocol uses two methods in order to meet these requirements: the last MAC method and an authentication handshake. The protocol has been implemented in TinyOS in two layers of the communication stack: the MAC and Authentication layer. The MAC layer is the implementation of the last MAC method and the Authentication layer generates and verifies the four messages exchanged during the authentication handshake. Authentication and Anti-replay Security Protocol has been tested with TOSSIM in various attack scenarios and has proved that it is able to reject malicious attempts to communicate with the network nodes.

Attack Evaluation and Mitigation Framework

This paper proposes an implementation of an intrusion detection and prevention system in a Linux environment, with an extensive database of attack signatures, but also with a flexible interface for defining new signatures. The project relies on the analysis of current requirements and challenges in network security, leading to an evaluation of existing detection and network attack mitigation techniques. Attack evaluation and mitigation framework has a modular design, with multiple configuration options and availability during configuration. For increased accessibility, the solution provides a graphical interface available through a web browser, and a command line interface for the network administrator.

A Survey on Secure Communication Protocols for IoT Systems

The Internet of Things (IoT) integrates a large number of physical objects that are uniquely identified, ubiquitously interconnected and accessible through the Internet. IoT aims to transform any object in the real-world into a computing device that has sensing, communication and control capabilities. There is a growing number of IoT devices and applications and this leads to an increase in the number and complexity of malicious attacks. It is important to protect IoT systems against malicious attacks, especially to prevent attackers from obtaining control over the devices. A large number of security research solutions for IoT have been proposed in the last years, but most of them are not standardized or interoperable. In this paper, we investigate the security capabilities of existing protocols and networking stacks for IoT. We focus on solutions specified by well-known standardization bodies such as IEEE and IETF, and industry alliances, such as NFC Forum, ZigBee Alliance, Thread Group and LoRa Alliance.

Monitoring and auditing mobile operating systems

The popularity and usage of mobile devices have increased and therefore performance demands changed. An important aspect is represented by the whole system stability which has a big impact on general user experience. This paper proposes a solution for improving the implementation process and stability of operating systems for mobile devices. It presents penetration testing techniques, in order to discover security vulnerabilities. The focus will be on the process of finding the bugs, the exploration part, and the exploitation will only be mentioned to highlight the importance of the vulnerabilities. The second part of the paper consists of a system service which collects the error messages and sends them to a server in order to perform a triage. Received data is saved, processed and then useful information is exposed to developers.

Smart malware detection on Android

Nowadays, because of its increased popularity, Android is target to a growing number of attacks and malicious applications, with the purpose of stealing private information and consuming credit by subscribing to premium services. Most of the current commercial antivirus solutions use static signatures for malware detection, which may fail to detect different variants of the same malware and zero-day attacks. In this paper, we present a behavior-based, dynamic analysis security solution, called Android Malware Detection System, for detecting both well-known and zero-day malware. The proposed solution uses a machine learning classifier in order to differentiate between the behaviors of legitimate and malicious applications. In addition, it uses the application statistics for determining its reputation. The final decision is based on a combination of the classifiers result and the application reputation. The solution includes a unique and extensive set of data collectors, which gather application-specific data that describe the behavior of the monitored application. We evaluated our solution on a set of legitimate and malicious applications and obtained a high accuracy of 0.985. Our system is able to detect zero-day malware samples that are not detected by current commercial solutions. Our solution outperforms other similar solutions running on mobile devices. Copyright

Commodity hardware performance in AES processing

Specialized encryption processors offer both low latency and high throughput at the expense of higher cost. A modern x86 system that encompasses several compute architectures (SISD/SIMD) might be able to perform well compared to a dedicated encryption unit at the fraction of the cost. This paper presents how one might accelerate AES ECB 128 bit using modern commodity hardware found in todays x86 computers. Focus architecture is AMD A6 5400K, coupled with a discrete GPU AMD R7 250. Benchmark results compare CPU OpenSSL execution, CPU AES-NI acceleration, integrated, discrete GPU and heterogeneous combinations of the above processing units. We present multiple test results and attempt to explain some inconsistencies of what would be expected.