Security challenges in d2d communication by ajithkumar vyasarao
Security Challenges in D2D
CCNA Cyber Ops, CCIE Service Provider, Cisco Security Ninja Black Belt
• Security and Privacy Challenges
• We are witnessing revolution in Device to device communication.
There are standards of personal area networks, such as Blue- tooth
• These technologies mainly been focused on reliable and fast
• At the same time, need to provide more safety in this domain.
D2D communications scope
• Device to Device communication encompass technologies
• Mobile and Handheld devices
• Vulnerable to various Security issues
• Passive Eaves dropping
• Active eaves dropping
• Side channel attacks
Network based anomaly detection
• Collect and Analyze flows
• Establish baseline
• Alarm on anomalies detected
Alerts and Actions
• All decisions of security controls can be classified as one of the following:
• True positives: The security control, such as an IPS or IDS sensor, acted as a
consequence of malicious activity, which represents normal and optimal
• False positives: The security control that is acted as a consequence of non-
malicious activity, which represents an error, generally caused by too tight
proactive controls (which do not permit all legitimate traffic) or too relaxed
reactive controls (with too broad descriptions of the attack).
• True negatives: The security control has not acted, because there was no
malicious activity, which represents normal and optimal operation.
• False negatives: The security control has not acted, even though there was
malicious activity, which represents an error, generally caused by too relaxed
proactive controls (which permit more than just minimal legitimate traffic) or too
specific reactive controls (with too-specific descriptions of the attack).
Cyber Kill Chain Model
• There are 2 models
• Cyber Kill chain model
• Diamond model
Cyber Kill Chain Model
• Cyber kill chain model explains various stages of attack
Actions on Objectives
Cyber Kill Chain
• Originally introduced by Lockheed Martin
• The cyber kill chain has 7 stages.
• Attackers do not necessarily need to follow the exact steps and
sequences of the cyber kill chain
• Developed by Caltagirone, Pendergast, and Betzis
• The four nodes in the model are: adversary, capability, infrastructure,
• An event is described as an adversary deploys a capability over some
infrastructure against a victim