29 research outputs found
On the detection of multi-channel man-in-the-middle attacks against Wi-Fi networks
No full textOne of the advanced Man-in-the-Middle (MitM) attacks is the Multi-Channel MitM (MC-MitM) attack, which manipulates encrypted wireless frames between clients and the Access Point (AP) in a WLAN. Key reinstallation attacks (2019), FragAttacks (2021), and SSID confusion attacks (2024) have significantly impacted millions of Wi-Fi systems, especially IoT devices.This thesis evaluates MC-MitM attacks, categorizing them based on objectives and reviewing existing defense mechanisms, which often require impractical firmware modifications and advanced hardware. We propose a signature-based intrusion detection system for effective defense. In our research, we design lightweight signatures for quick identification of MC-MitM attacks. We introduce an intrusion detection system, a plug-and-play and passive monitoring system for detecting MC-MitM attacks. Our prototype, tested in a smart home network, achieved high detection accuracy. We further enhance our system with a distributed detection mechanism, significantly improving detection performance in smart home and IoT settings.Uno de los ataques avanzados de intermediario (MitM) es el ataque MitM de múltiples canales (MC-MitM), que manipula tramas inalámbricas cifradas entre los clientes y el punto de acceso (AP) en una WLAN. Los ataques de reinstalación de claves, los FragAttacks y los ataques de confusión de SSID han afectado significativamente a millones de sistemas wifi, especialmente a dispositivos IoT. Esta tesis evalúa los ataques MC-MitM, los categoriza según sus objetivos y revisa los mecanismos de defensa existentes, que a menudo requieren modificaciones de firmware poco prácticas y hardware avanzado. Proponemos un sistema de detección basado en firmas ligeras para la identificación rápida de ataques MC-MitM. Introducimos un sistema de detección de intrusiones, un sistema plug-and-play y de monitoreo pasivo para detectar ataques MC-MitM. Nuestro prototipo, probado en una red de hogar inteligente, logró una alta precisión de detección. Mejoramos nuestro sistema con un mecanismo de detección distribuido, lo que aumenta significativamente el rendimiento de detección en entornos de hogares inteligentes e IoT.Un dels atacs avançats d'intermediari (MitM) és l'atac MitM de múltiples canals (MC-MitM), que manipula trames sense fils xifrades entre els clients i el punt d'accés (AP) en una WLAN. Els atacs de reinstal·lació de claus, els FragAttacks i els atacs de confusió d'SSID han afectat significativament milions de sistemes wifi, especialment dispositius IoT. Aquesta tesi avalua els atacs MC-MitM, els classifica segons els seus objectius i revisa els mecanismes de defensa existents, que sovint demanen modificacions de microprogramari poc pràctiques i maquinari avançat. Proposem un sistema de detecció basat en signatures lleugeres per a la identificació ràpida dels atacs MC-MitM. Introduïm un sistema de detecció d'intrusions, un sistema plug-and-play i de monitoratge passiu per detectar atacs MC-MitM. El nostre prototip, provat en una xarxa de llar intel·ligent, va aconseguir una alta precisió de detecció. Millorem el sistema amb un mecanisme de detecció distribuït, cosa que augmenta significativament el rendiment de detecció en entorns de llars intel·ligents i IoT.Tecnologías de la información y de rede
Multi-Channel Attacks Review
No full textMulti-Channel Man-in-the-Middle (MitM) attacks are special MitM attacks capable of manipulating encrypted wireless frames between two legitimate endpoints. Since its inception in 2014, attackers have been targeting Wi-Fi networks to perform different attacks, such as cipher downgrades, denial of service, key reinstallation attacks (KRACK) in 2017, and recently FragAttacks in 2021, which widely impacted millions of Wi-Fi devices, especially IoT devices. To the best of our knowledge, there are no studies in the literature that holistically review the different types of Multi-Channel MitM enabled attacks and analyze their potential impact. To this end, we evaluate the capabilities of Multi-Channel MitM and review every reported attack in the state of the art. We examine practical issues that hamper the total adoption of protection mechanisms, i.e., security patches and Protected Management Frames (PMF), and review available defense mechanisms in confronting the Multi-Channel MitM enabled attacks in the IoT context. Finally, we highlight the potential research problems and identify future research lines in this field.</p
System for collaborative musical composition
No full textThesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2016.This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.Cataloged from student-submitted PDF version of thesis.Includes bibliographical references (pages 91-92).Exquisite Score is a web application which allows users to collaborate on short musical compositions using the paradigm of the parlor game Exquisite Corpse. Through a MIDI-sequencer interface, composers each contribute a section to a piece of music, only seeing a brief fragment immediately preceding their section. Exquisite Score went through many iterations and was tested by several students and musicians. Several short pieces were produced, some of which are included and analyzed here. Exquisite Score succeeds in providing a new way to create collaborative musical compositions that celebrate the novel and creative.by Daniel Manesh.M. Eng
Multiscale Patterning of a Metallic Glass using Sacrificial Imprint Lithography
No full textBulk metallic glasses have been advanced as a means to achieve durable multiscale, nanotextured surfaces with desirable properties dictated by topography for a multitude of applications. One barrier to this achievement is the lack of a bridging technique between macroscale thermoplastic forming and nanoimprint lithography, which arises from the difficulty and cost of generating controlled nanostructures on complex geometries using conventional top-down approaches. This difficulty is compounded by the necessary destruction of any resulting reentrant structures during rigid demolding. We have developed a generalized method to overcome this limitation by sacrificial template imprinting using zinc oxide nanostructures. It is established that such structures can be grown inexpensively and quickly with tunable morphologies on a wide variety of substrates out of solution, which we exploit to generate the nanoscale portion of the multiscale pattern through this bottom-up approach. In this way, we achieve metallic structures that simultaneously demonstrate features from the macroscale down to the nanoscale, requiring only the top-down fabrication of macro/microstructured molds. Upon detachment of the formed part from the multiscale molds, the zinc oxide remains embedded in the surface and can be removed by etching in mild conditions to both regenerate the mold and render the surface of the bulk metallic glass nanoporous. The ability to pattern metallic surfaces in a single step on length scales from centimeters down to nanometers is a critical step toward fabricating devices with complex shapes that rely on multiscale topography for their intended functions, such as for biomedical and electrochemical applications.Peer reviewe
Three-Dimensional Compatible Sacrificial Nanoimprint Lithography for Tuning the Wettability of Thermoplastic Materials
No full textWe report the tuning of surface wetting through sacrificial nanoimprint lithography (SNIL). In this process, grown ZnO nanomaterials are transferred by imprint into a metallic glass (MG) and an elastomeric material, and then etched to impart controlled surface roughness. This process increases the hydrophilicity and hydrophobicity of both surfaces, the Pt57.5Cu14.7Ni5.3P22.5 MG and thermoplastic elastomer (TPE), respectively. The growth conditions of the ZnO change the characteristic length scale of the roughness, which in turn alters the properties of the patterned surface. The novelty of this approach includes reusability of templates and that it is able to create superhydrophilic and superhydrophobic surfaces in a manner compatible with the fabrication of macroscopic three-dimensional (3D) parts. Because the wettability is achieved by only modifying topography, without using any chemical surface modifiers, the prepared surfaces are relatively more durable.Peer reviewe
Optimizing Antibiotic Duration for Spontaneous Bacterial Peritonitis Prophylaxis: Time to Rethink
No full textAbstract are not provided by the author/publisher
A Critical Review on the Book The Rise and Fall of the Abbasids (132‒324 AH): A Research in to the Structure and Evolution of the Ideology, Economics and Military Institution
Full text linkAs an enthused group in the late Umayyad period, the Abbasids sought to mobilize their resources in the engagement with the ruling dynasty by presenting a new ideology, viz. the so-called Summon System, and undertook significant actions in enticing anti-Umayyad elements to bring them under the unified patronage promoted by the slogan “al-Riza min Al-e Muhammad.” The book The Rise and Fall of the Abbasids (132‒324 AH): A Research into the Structure and Evolution of the Ideology, Economics and Military Institution is an authored work by Mohammad Ahmadi Manesh, published by the SAMT Publications in 2018. The author has fittingly organized the book in the two sections of “A Historical Inquiry” (consisting of eight chapters) and “A Theoretical Inquiry” (comprising two chapters), producing a worthwhile work. The present article attempts to review the volume, pinning down and examining its strengths and shortcomings. At any rate, as a result of the lack of due care and laxity, the volume suffers somewhat from occasional shortfalls, among them being the choice of the title “The Fall and Down…,” and a series of points that are made in the Introduction but are not reflected in the text, not to mention the author’s failure to address the complexities involved in the Abbasid rule and to adopt a holistic approach to their rise to power, particularly in Khorasan
A secure routing protocol for underwater acoustic sensor networks using reinforcement learning
Full text linkUnderwater acoustic sensor networks are essential for underwater environment surveillance and monitoring and offshore exploration. Underwater acoustic sensor network experience challenges because of the hostile underwater environment, including bandwidth limitation, node mobility, propagation high propagation delays and security threats. Reinforcement Learning (RL) is a branch of machine learning where an agent learns to make decisions by interacting with an environment and receiving feedback in the form of rewards or penalties. The importance of reinforcement learning lies in its ability to handle complex decision-making problems where explicit supervision is difficult or impossible. This paper proposes a novel Reinforcement Learning-based Secured Routing Protocol (RL-SRP) for underwater acoustic sensor network. The proposed protocol integrates Q-learning with a trust management system to dynamically select secure and energy efficient routes while mitigating common attacks which consist of blackhole attack. Simulation results indicates that RL-SRP significantly improves packet delivery ratio, reduces end-to-end delay, and enhances network security and energy efficiency compared to existing routing protocols DBR and AODV
Public health responses to CBRN terrorism in the Middle East and North Africa
No full textObjective: Escalating global challenges (such as disasters, conflict, and climate change) underline the importance of addressing Chemical, Biological, Radiological, and Nuclear (CBRN) terrorism for sustainable public health strategies. This study aims to provide a comprehensive epidemiological analysis of CBRN incidents in the Middle East and North Africa (MENA) region, emphasizing the necessity of sustainable responses to safeguard healthcare infrastructures. Method: Utilizing a retrospective approach, this research analyzes data from the Global Terrorism Database (GTD) covering the period from 2003 to 2020. The study focuses on examining the frequency, characteristics, and consequences of CBRN incidents in the MENA region to identify patterns and trends that pose significant challenges to public health systems. Results: The analysis revealed a significant clustering of CBRN incidents in Iraq and Syria, with a predominant involvement of chemical agents. These findings indicate the extensive impact of CBRN terrorism on healthcare infrastructures, highlighting the challenges in providing immediate health responses and the necessity for long-term recovery strategies. Conclusions: The study underscores the need for improved healthcare preparedness, robust emergency response systems, and the development of sustainable public health policies. Advocating for international collaboration, the research contributes to the strategic adaptation of healthcare systems to mitigate the impacts of CBRN terrorism, ensuring preparedness for future incidents in the MENA region and beyond. © The Author(s), 2024. Published by Cambridge University Press on behalf of Society for Disaster Medicine and Public Health, Inc
iThem: Programming Internet of Things Beyond Trigger-Action Pattern
No full textWith emerging technologies bringing Internet of Things (IoT) devices into domestic environments, trigger-action programming such as IFTTT with its simple if-this-then-that pattern provides an efective way for end-users to connect fragmented intelligent services and program their own smart home/work space automation. While the simplicity of trigger-action programming can be efective for non-programmers with its straightforward concepts and graphical user interface, it does not allow the algorithmic expressivity that a programming language has. For instance, the simple if-this-thenthat structure cannot cover complex algorithms that arise from real world scenarios involving multiple conditions or keeping track of a sequence of conditions (e.g., incrementing counters, triggering one action if two conditions are both true). In this exploratory work, we take an alternative approach by creating a programmable channel between application programming interfaces (APIs), which allows programmers to preserve states and to use them to write complex algorithms. We propose iThem, which stands for intelligence of them—internet of things, that allow programmers to author any complex algorithms that can connect diferent IoT services and fully unleash the freedom of a general programming language. In this poster, we share the design, development, and ongoing validation progress of iThem, which piggybacks on existing programmable IoT system IFTTT, and which allows for a programmable channel that connects triggers and actions in IFTTT with versatility.Published versio
