| 1. |
- Giannetsos, Thanassis, et al.
(författare)
-
Spy-sense : Spyware tool for executing stealthy exploits against sensor networks
- 2013
-
Ingår i: HotWiSec 2013 - Proceedings of the 2013 ACM Workshop on Hot Topics on Wireless Network Security and Privacy. - New York, NY, USA : ACM. - 9781450320030 ; , s. 7-11
-
Konferensbidrag (refereegranskat)abstract
- As the domains of pervasive computing and sensor networking are expanding, a new era is emerging, enabling the design and proliferation of intelligent sensor-based applications. At the same time, it is important to maintain a high degree of confidentiality, integrity and availability of both the data and network resources. However, a common threat that is often overlooked in the design of secure sensor network applicationsis the existence of spyware programs. This work demonstrates Spy-Sense, a spyware tool that allows the injection of stealthy exploits in the nodes of a sensor network. Spy-Sense is hard to recognize and get rid of, and once activated, it runs discretely in the background without interfering or disrupting normal network operation. To the best of our knowledge, this is the first instance of a spyware program that can be used to attack the confidentiality and functionality of a sensor network.
|
|
| 2. |
- Gisdakis, Stylianos, et al.
(författare)
-
SPPEAR : Security & privacy-preserving architecture for participatory-sensing applications
- 2014
-
Ingår i: WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks. - New York, NY, USA : ACM. - 9781450329729 ; , s. 39-50
-
Konferensbidrag (refereegranskat)abstract
- Recent advances in sensing, computing, and networking have paved the way for the emerging paradigm of participatory sensing (PS). The openness of such systems and the richness of user data they entail raise significant concerns for their security, privacy and resilience. Prior works addressed different aspects of the problem. But in order to reap the benefits of this new sensing paradigm, we need a comprehensive solution. That is, a secure and accountable PS system that preserves user privacy, and enables the provision of incentives to the participants. At the same time, we are after a PS system that is resilient to abusive users and guarantees privacy protection even against multiple misbehaving PS entities (servers). We address these seemingly contradicting requirements with our SPPEAR architecture. Our full blown implementation and experimental evaluation demonstrate that SPPEAR is efficient, practical, and scalable. Last but not least, we formally assess the achieved security and privacy properties. Overall, our system is a comprehensive solution that significantly extends the state-of-the-art and can catalyze the deployment of PS applications.
|
|
