SlideShare a Scribd company logo

SecuPAN: A Security Scheme for 6LoWPAN Fragmentation Attacks

โ€ข
โ€ข
Mahmud Hossain
Mahmud Hossain

A Security Scheme to Mitigate Fragmentation-Based Network Attacks in 6LoWPAN

Technology
1 of 22
Download to read offline
SECuRE and Trustworthy Computing Lab Authors Mahmud Hossain, Yasser Karim, and Ragib Hasan SECuRE and Trustworthy computing Lab (SECRETLab) University of Alabama at Birmingham Presenter: Mahmud Hossain http://secret.cis.uab.edu IoT SecuPAN: A Security Scheme to Mitigate Fragmentation-Based Network Attacks in 6LoWPAN
SECuRE and Trustworthy Computing Lab 2 The Internet of Things (IoT) ๏ฎ A programmable world ๏ฎ Everyday objects are interconnected ๏ฎ Objects are smart enough to make decision
SECuRE and Trustworthy Computing Lab Source: Zinnov Zones (2016) IoT Forecasts and Market Estimates 3 ๏ฎ Estimation of connected things by 2020 ๏ฎ 20.8 billion (Gartner) ๏ฎ 26.3 billion (Cisco) ๏ฎ 28 billion (Ericson) ๏ฎ 34 billion (Business Insider) Source: ZStatista (2018)
SECuRE and Trustworthy Computing Lab Protocols for IoT network ๏ฎ IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN) ๏ฎ Zigbee ๏ฎ Bluetooth ๏ฎ Z-Wave ๏ฎ Sigfox ๏ฎ Wi-Fi 4
SECuRE and Trustworthy Computing Lab 6LoWPAN: Protocol Stack ๏ฎ IEEE 802.15.4 ๏ฎ IPv6 5
SECuRE and Trustworthy Computing Lab Fragmentation in 6LoWPAN ๏ฎ Maximum Transmission Unit (MTU) size 127 octets(bytes). ๏ฎ IPv6 packets are usually larger than 127 octets. (Maximum 1280 octets) 6
SECuRE and Trustworthy Computing Lab Vulnerabilities of 6LoWPAN Fragmentation Mechanism ๏ฎ Fragment authentication ๏ฎ Fragment freshness verification ๏ฎ Payload integrity verification ๏ฎ Source IP-Address validation 7
SECuRE and Trustworthy Computing Lab Threat Model ๏ฎ Capability of Target and Malicious Devices ๏ฎ Resource Constrained ๏ฎ Location ๏ฎ Within Radio Range (Mallory) ๏ฎ Via Gateway (Eve) ๏ฎ Via Internet (Malice) ๏ฎ Extract key materials ๏ฎ Memory Probing 8
SECuRE and Trustworthy Computing Lab Threat Model ๏ฎ Network External Attacks ๏ฎ Attackers conduct activity from outside via Internet. ๏ฎ No resource limitation ๏ฎ Attackers can easily send large number of packets which are further broken into fragments. ๏ฎ Gateway can prevent such attack by employing an authenticated tunnel, such as IPsec. ๏ฎ Secure rate limiting mechanisms for large packets from authenticated sources. 9
SECuRE and Trustworthy Computing Lab Threat Model ๏ฎ Network Internal Attacks 10 Replay Alteration Spoofing Duplicate Buffer exhaustion
SECuRE and Trustworthy Computing Lab SecuPAN : Proposed Solutions ๏ฎ Nonce field in the FRAG1 header. ๏ฎ MAC-based scheme. ๏ฎ Cryptographic datagram-tag and cryptographically generated IPv6 address (CGA-IPv6). ๏ฎ Reputation-based buffer management mechanism. 11
SECuRE and Trustworthy Computing Lab Proposed Datagram Tag, Nonce & MAC fields 12 ๏ฎ Crypto Datagram Tag 16 bits. ๏ฎ MAC (N || Hash (Payload added to FRAG1) ๏ฎ Nonce 16 bits. ๏ฎ MAC field 32 bits. ๏ฎ MAC (Hash (Payload added to FRAGN)) ๏ฎ Ensures fragments integrity and freshness.
SECuRE and Trustworthy Computing Lab Cryptographic IPv6 Address Assignment ๏ฎ A CGA is an Internet Protocol Version 6 (IPv6) address that contains a host identifier computed from a cryptographic hash function. ๏ฎ In our proposed solution, a Border Router in a 6LoWPAN network assigns a CGA-IPv6 address to joining device. ๏ฎ Prevent address spoofing. 13
SECuRE and Trustworthy Computing Lab Secure Transfer of Packet Fragmentations ๏ฎ Public Key Retrieval ๏ฎ Secure Fragmentation 14
SECuRE and Trustworthy Computing Lab Operational Model 15 Verify Crypto Datagram Tag MACK (N) =? Hash Yes
SECuRE and Trustworthy Computing Lab SecuPAN : Secure Management of Reassembly Buffer ๏ฎ A reputation point based buffer management scheme ๏ฎ Reputation point, ๐‘Ÿ๐‘— is defined as follows: ๐‘Ÿ๐‘— = min ๐‘Ÿ๐‘— + 1 2 , 1 max ๐‘Ÿ๐‘— โˆ’ ๐‘๐‘ข๐‘“๐‘— ๐‘Ÿ๐‘— 1 โˆ’ ฮผ ๐‘— , 0.1 ๏ฎ Here, ๐œ‡ ๐‘— = ๐‘‡๐‘œ๐‘ก๐‘Ž๐‘™ ๐‘๐‘ฆ๐‘ก๐‘’๐‘  ๐‘Ÿ๐‘’๐‘๐‘’๐‘–๐‘ฃ๐‘’๐‘‘ ๐‘‡๐‘œ๐‘ก๐‘Ž๐‘™ ๐‘™๐‘’๐‘›๐‘”๐‘กโ„Ž ๐‘œ๐‘“ ๐‘กโ„Ž๐‘’ ๐‘๐‘Ž๐‘๐‘˜๐‘’๐‘ก and ๐‘๐‘ข๐‘“๐‘— = ๐‘‡๐‘œ๐‘ก๐‘Ž๐‘™ ๐‘Ž๐‘™๐‘™๐‘œ๐‘๐‘Ž๐‘ก๐‘’๐‘‘ ๐‘๐‘œ๐‘Ÿ๐‘ก๐‘–๐‘œ๐‘› ๐‘œ๐‘“ ๐‘กโ„Ž๐‘’ ๐‘๐‘ข๐‘“๐‘“๐‘’๐‘Ÿ(๐‘๐‘ข๐‘“๐‘Ž) ๐‘‡๐‘œ๐‘ก๐‘Ž๐‘™ ๐‘ ๐‘–๐‘ง๐‘’ ๐‘œ๐‘“ ๐‘กโ„Ž๐‘’ ๐‘๐‘ข๐‘“๐‘“๐‘’๐‘Ÿ ๏ฎ A receiver allocates ๐‘๐‘ข๐‘“๐‘Ž for a fragmented packet as: ๐‘๐‘ข๐‘“๐‘Ž = ๐‘ + ๐‘ž, ๐‘ = ๐‘Ÿ๐‘— โˆ— ๐‘‘๐‘Ž๐‘ก๐‘Ž๐‘”๐‘Ÿ๐‘Ž๐‘š_๐‘ ๐‘–๐‘ง๐‘’, ๐‘Ž๐‘›๐‘‘ ๐‘ž = ๐‘ + 8 ๐‘š๐‘œ๐‘‘ 8 ๏ฎ Packet discard policy: Uncertainty Point ucP = ๐‘“ ๐‘Ÿ +๐‘ก๐‘Ÿ+๐‘›๐‘  ๐‘Ÿ ๐‘  16 If a sender sends all the fragments. If the receiver fails receiving all the packet fragments before time expires
SECuRE and Trustworthy Computing Lab Experimental Setup 17
SECuRE and Trustworthy Computing Lab Evaluation 18 Packet Delivery Ratio (buffer reservation) Effective Packet Number
SECuRE and Trustworthy Computing Lab Evaluation 19 End to End Delay Throughput Energy Consumption for Communications
SECuRE and Trustworthy Computing Lab Security Analysis ๏ฎ Replay ๏ฎ Nonce field ๏ฎ Alteration ๏ฎ MAC field ๏ฎ Spoofing ๏ฎ CGA-IPv6 ๏ฎ Duplication ๏ฎ MAC field ๏ฎ Buffer exhaustion ๏ฎ Reputation point based system 20
SECuRE and Trustworthy Computing Lab Conclusion ๏ฎ Fragmentation mechanism enables vulnerabilities in 6LoWPAN. ๏ฎ Proposed a security mechanism based on Cryptographically Generated IPv6 Address to mitigate impersonation attacks. ๏ฎ MAC-based fragmentation scheme to verify authenticity and integrity of packet fragments. ๏ฎ Reputation-based buffer management scheme to protect resource-limited devices from buffer over๏ฌ‚ow. 21
SECuRE and Trustworthy Computing Lab Thank You 22 SECRETLab@UAB ๏‚ง Phone: 205.934.8643 ๏‚ง Fax: 205.934.5473 ๏‚ง Web: http://secret.cis.uab.edu/ Mahmud Hossain ๏‚ง Email: mahmud@uab.edu

Recommended

Seattle Scalability Meetup 6-26-13
Seattle Scalability Meetup 6-26-13Seattle Scalability Meetup 6-26-13
Seattle Scalability Meetup 6-26-13specialk29
ย 
Classical cryptographic techniques, Feistel cipher structure
Classical cryptographic techniques, Feistel cipher structureClassical cryptographic techniques, Feistel cipher structure
Classical cryptographic techniques, Feistel cipher structureAdri Jovin
ย 
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...IJERA Editor
ย 
Datagrams
DatagramsDatagrams
Datagramsrajshreemuthiah
ย 
M021201092098
M021201092098M021201092098
M021201092098theijes
ย 
Searchable Encryption Systems
Searchable Encryption SystemsSearchable Encryption Systems
Searchable Encryption SystemsChristopher Frenz
ย 
Hardware Attacks and Security
Hardware Attacks and SecurityHardware Attacks and Security
Hardware Attacks and SecurityPriyanka Aash
ย 
Privacy and integrity-preserving range queries in sensor networks
Privacy and integrity-preserving range queries in sensor networksPrivacy and integrity-preserving range queries in sensor networks
Privacy and integrity-preserving range queries in sensor networksIMPULSE_TECHNOLOGY
ย 

Recommended

Seattle Scalability Meetup 6-26-13
Seattle Scalability Meetup 6-26-13Seattle Scalability Meetup 6-26-13
Seattle Scalability Meetup 6-26-13specialk29
ย 
Classical cryptographic techniques, Feistel cipher structure
Classical cryptographic techniques, Feistel cipher structureClassical cryptographic techniques, Feistel cipher structure
Classical cryptographic techniques, Feistel cipher structureAdri Jovin
ย 
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...IJERA Editor
ย 
Datagrams
DatagramsDatagrams
Datagramsrajshreemuthiah
ย 
M021201092098
M021201092098M021201092098
M021201092098theijes
ย 
Searchable Encryption Systems
Searchable Encryption SystemsSearchable Encryption Systems
Searchable Encryption SystemsChristopher Frenz
ย 
Hardware Attacks and Security
Hardware Attacks and SecurityHardware Attacks and Security
Hardware Attacks and SecurityPriyanka Aash
ย 
Privacy and integrity-preserving range queries in sensor networks
Privacy and integrity-preserving range queries in sensor networksPrivacy and integrity-preserving range queries in sensor networks
Privacy and integrity-preserving range queries in sensor networksIMPULSE_TECHNOLOGY
ย 
Models and approaches for Differential Power Analysis
Models and approaches for Differential Power AnalysisModels and approaches for Differential Power Analysis
Models and approaches for Differential Power AnalysisAndrej ล imko
ย 
Virus, Vaccines, Genes and Quantum - 2020-06-18
Virus, Vaccines, Genes and Quantum - 2020-06-18Virus, Vaccines, Genes and Quantum - 2020-06-18
Virus, Vaccines, Genes and Quantum - 2020-06-18Aritra Sarkar
ย 
Hardware Implementation of Algorithm for Cryptanalysis
Hardware Implementation of Algorithm for CryptanalysisHardware Implementation of Algorithm for Cryptanalysis
Hardware Implementation of Algorithm for Cryptanalysisijcisjournal
ย 
Technical Seminar on Securing the IoT in the Quantum World
Technical Seminar on Securing the IoT in the Quantum WorldTechnical Seminar on Securing the IoT in the Quantum World
Technical Seminar on Securing the IoT in the Quantum WorldSiri Murthy
ย 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)inventionjournals
ย 
Encryption & steganography in i pv6 source address
Encryption & steganography in i pv6 source addressEncryption & steganography in i pv6 source address
Encryption & steganography in i pv6 source addressIAEME Publication
ย 
NS2 Network Simulation Example Research Assistance
NS2 Network Simulation Example Research AssistanceNS2 Network Simulation Example Research Assistance
NS2 Network Simulation Example Research AssistanceNetwork Simulation Tools
ย 
Ben herzberg๏ผincapsula trends of cyber attacks
Ben herzberg๏ผincapsula trends of cyber attacksBen herzberg๏ผincapsula trends of cyber attacks
Ben herzberg๏ผincapsula trends of cyber attacksChungSC_tw
ย 
Power Analysis Attacks
Power Analysis AttacksPower Analysis Attacks
Power Analysis AttacksLee Stewart
ย 
Narrow bicliques cryptanalysisoffullidea
Narrow bicliques cryptanalysisoffullideaNarrow bicliques cryptanalysisoffullidea
Narrow bicliques cryptanalysisoffullideaRifad Mohamed
ย 
Enabling a Secure Multi-Tenant Environment for HPC
Enabling a Secure Multi-Tenant Environment for HPCEnabling a Secure Multi-Tenant Environment for HPC
Enabling a Secure Multi-Tenant Environment for HPCinside-BigData.com
ย 
Searchable Symmetric Encryption with Forward Search Privacy
Searchable Symmetric Encryption with Forward Search PrivacySearchable Symmetric Encryption with Forward Search Privacy
Searchable Symmetric Encryption with Forward Search PrivacyJAYAPRAKASH JPINFOTECH
ย 
Gluing the IoT world with Java and LoRaWAN (Jfokus 2018)
Gluing the IoT world with Java and LoRaWAN (Jfokus 2018)Gluing the IoT world with Java and LoRaWAN (Jfokus 2018)
Gluing the IoT world with Java and LoRaWAN (Jfokus 2018)Pance Cavkovski
ย 
2014 IEEE JAVA NETWORKING PROJECT Receiver based flow control for networks in...
2014 IEEE JAVA NETWORKING PROJECT Receiver based flow control for networks in...2014 IEEE JAVA NETWORKING PROJECT Receiver based flow control for networks in...
2014 IEEE JAVA NETWORKING PROJECT Receiver based flow control for networks in...IEEEFINALSEMSTUDENTSPROJECTS
ย 
IEEE 2014 JAVA NETWORKING PROJECTS Receiver based flow control for networks i...
IEEE 2014 JAVA NETWORKING PROJECTS Receiver based flow control for networks i...IEEE 2014 JAVA NETWORKING PROJECTS Receiver based flow control for networks i...
IEEE 2014 JAVA NETWORKING PROJECTS Receiver based flow control for networks i...IEEEGLOBALSOFTSTUDENTPROJECTS
ย 
Qo s based mac protocol for medical wireless body area sensor networks
Qo s based mac protocol for medical wireless body area sensor networksQo s based mac protocol for medical wireless body area sensor networks
Qo s based mac protocol for medical wireless body area sensor networksIffat Anjum
ย 
6Tisch telecom_bretagne_2016
6Tisch telecom_bretagne_20166Tisch telecom_bretagne_2016
6Tisch telecom_bretagne_2016Pascal Thubert
ย 
Network Bottleneck Avoidance Using Edge Routers
Network Bottleneck Avoidance Using Edge RoutersNetwork Bottleneck Avoidance Using Edge Routers
Network Bottleneck Avoidance Using Edge RoutersAnkur Singhal
ย 
Markle Tree Based Authentication Protocol for Lifetime Enhancement in Wireles...
Markle Tree Based Authentication Protocol for Lifetime Enhancement in Wireles...Markle Tree Based Authentication Protocol for Lifetime Enhancement in Wireles...
Markle Tree Based Authentication Protocol for Lifetime Enhancement in Wireles...Eswar Publications
ย 
A hybrid modified lightweight algorithm for achieving data integrity and con...
A hybrid modified lightweight algorithm for achieving data integrity and con...A hybrid modified lightweight algorithm for achieving data integrity and con...
A hybrid modified lightweight algorithm for achieving data integrity and con...IJECEIAES
ย 
Client server computing in mobile environments part 2
Client server computing in mobile environments part 2Client server computing in mobile environments part 2
Client server computing in mobile environments part 2Praveen Joshi
ย 
A lightweight secure scheme for detecting
A lightweight secure scheme for detectingA lightweight secure scheme for detecting
A lightweight secure scheme for detectingjpstudcorner
ย 

More Related Content

What's hot

Models and approaches for Differential Power Analysis
Models and approaches for Differential Power AnalysisModels and approaches for Differential Power Analysis
Models and approaches for Differential Power AnalysisAndrej ล imko
ย 
Virus, Vaccines, Genes and Quantum - 2020-06-18
Virus, Vaccines, Genes and Quantum - 2020-06-18Virus, Vaccines, Genes and Quantum - 2020-06-18
Virus, Vaccines, Genes and Quantum - 2020-06-18Aritra Sarkar
ย 
Hardware Implementation of Algorithm for Cryptanalysis
Hardware Implementation of Algorithm for CryptanalysisHardware Implementation of Algorithm for Cryptanalysis
Hardware Implementation of Algorithm for Cryptanalysisijcisjournal
ย 
Technical Seminar on Securing the IoT in the Quantum World
Technical Seminar on Securing the IoT in the Quantum WorldTechnical Seminar on Securing the IoT in the Quantum World
Technical Seminar on Securing the IoT in the Quantum WorldSiri Murthy
ย 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)inventionjournals
ย 
Encryption & steganography in i pv6 source address
Encryption & steganography in i pv6 source addressEncryption & steganography in i pv6 source address
Encryption & steganography in i pv6 source addressIAEME Publication
ย 
NS2 Network Simulation Example Research Assistance
NS2 Network Simulation Example Research AssistanceNS2 Network Simulation Example Research Assistance
NS2 Network Simulation Example Research AssistanceNetwork Simulation Tools
ย 
Ben herzberg๏ผincapsula trends of cyber attacks
Ben herzberg๏ผincapsula trends of cyber attacksBen herzberg๏ผincapsula trends of cyber attacks
Ben herzberg๏ผincapsula trends of cyber attacksChungSC_tw
ย 
Power Analysis Attacks
Power Analysis AttacksPower Analysis Attacks
Power Analysis AttacksLee Stewart
ย 
Narrow bicliques cryptanalysisoffullidea
Narrow bicliques cryptanalysisoffullideaNarrow bicliques cryptanalysisoffullidea
Narrow bicliques cryptanalysisoffullideaRifad Mohamed
ย 
Enabling a Secure Multi-Tenant Environment for HPC
Enabling a Secure Multi-Tenant Environment for HPCEnabling a Secure Multi-Tenant Environment for HPC
Enabling a Secure Multi-Tenant Environment for HPCinside-BigData.com
ย 
Searchable Symmetric Encryption with Forward Search Privacy
Searchable Symmetric Encryption with Forward Search PrivacySearchable Symmetric Encryption with Forward Search Privacy
Searchable Symmetric Encryption with Forward Search PrivacyJAYAPRAKASH JPINFOTECH
ย 

What's hot (12)

Models and approaches for Differential Power Analysis
Models and approaches for Differential Power AnalysisModels and approaches for Differential Power Analysis
Models and approaches for Differential Power Analysis
ย 
Virus, Vaccines, Genes and Quantum - 2020-06-18
Virus, Vaccines, Genes and Quantum - 2020-06-18Virus, Vaccines, Genes and Quantum - 2020-06-18
Virus, Vaccines, Genes and Quantum - 2020-06-18
ย 
Hardware Implementation of Algorithm for Cryptanalysis
Hardware Implementation of Algorithm for CryptanalysisHardware Implementation of Algorithm for Cryptanalysis
Hardware Implementation of Algorithm for Cryptanalysis
ย 
Technical Seminar on Securing the IoT in the Quantum World
Technical Seminar on Securing the IoT in the Quantum WorldTechnical Seminar on Securing the IoT in the Quantum World
Technical Seminar on Securing the IoT in the Quantum World
ย 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
ย 
Encryption & steganography in i pv6 source address
Encryption & steganography in i pv6 source addressEncryption & steganography in i pv6 source address
Encryption & steganography in i pv6 source address
ย 
NS2 Network Simulation Example Research Assistance
NS2 Network Simulation Example Research AssistanceNS2 Network Simulation Example Research Assistance
NS2 Network Simulation Example Research Assistance
ย 
Ben herzberg๏ผincapsula trends of cyber attacks
Ben herzberg๏ผincapsula trends of cyber attacksBen herzberg๏ผincapsula trends of cyber attacks
Ben herzberg๏ผincapsula trends of cyber attacks
ย 
Power Analysis Attacks
Power Analysis AttacksPower Analysis Attacks
Power Analysis Attacks
ย 
Narrow bicliques cryptanalysisoffullidea
Narrow bicliques cryptanalysisoffullideaNarrow bicliques cryptanalysisoffullidea
Narrow bicliques cryptanalysisoffullidea
ย 
Enabling a Secure Multi-Tenant Environment for HPC
Enabling a Secure Multi-Tenant Environment for HPCEnabling a Secure Multi-Tenant Environment for HPC
Enabling a Secure Multi-Tenant Environment for HPC
ย 
Searchable Symmetric Encryption with Forward Search Privacy
Searchable Symmetric Encryption with Forward Search PrivacySearchable Symmetric Encryption with Forward Search Privacy
Searchable Symmetric Encryption with Forward Search Privacy
ย 

Similar to SecuPAN: A Security Scheme for 6LoWPAN Fragmentation Attacks

Gluing the IoT world with Java and LoRaWAN (Jfokus 2018)
Gluing the IoT world with Java and LoRaWAN (Jfokus 2018)Gluing the IoT world with Java and LoRaWAN (Jfokus 2018)
Gluing the IoT world with Java and LoRaWAN (Jfokus 2018)Pance Cavkovski
ย 
2014 IEEE JAVA NETWORKING PROJECT Receiver based flow control for networks in...
2014 IEEE JAVA NETWORKING PROJECT Receiver based flow control for networks in...2014 IEEE JAVA NETWORKING PROJECT Receiver based flow control for networks in...
2014 IEEE JAVA NETWORKING PROJECT Receiver based flow control for networks in...IEEEFINALSEMSTUDENTSPROJECTS
ย 
IEEE 2014 JAVA NETWORKING PROJECTS Receiver based flow control for networks i...
IEEE 2014 JAVA NETWORKING PROJECTS Receiver based flow control for networks i...IEEE 2014 JAVA NETWORKING PROJECTS Receiver based flow control for networks i...
IEEE 2014 JAVA NETWORKING PROJECTS Receiver based flow control for networks i...IEEEGLOBALSOFTSTUDENTPROJECTS
ย 
Qo s based mac protocol for medical wireless body area sensor networks
Qo s based mac protocol for medical wireless body area sensor networksQo s based mac protocol for medical wireless body area sensor networks
Qo s based mac protocol for medical wireless body area sensor networksIffat Anjum
ย 
6Tisch telecom_bretagne_2016
6Tisch telecom_bretagne_20166Tisch telecom_bretagne_2016
6Tisch telecom_bretagne_2016Pascal Thubert
ย 
Network Bottleneck Avoidance Using Edge Routers
Network Bottleneck Avoidance Using Edge RoutersNetwork Bottleneck Avoidance Using Edge Routers
Network Bottleneck Avoidance Using Edge RoutersAnkur Singhal
ย 
Markle Tree Based Authentication Protocol for Lifetime Enhancement in Wireles...
Markle Tree Based Authentication Protocol for Lifetime Enhancement in Wireles...Markle Tree Based Authentication Protocol for Lifetime Enhancement in Wireles...
Markle Tree Based Authentication Protocol for Lifetime Enhancement in Wireles...Eswar Publications
ย 
A hybrid modified lightweight algorithm for achieving data integrity and con...
A hybrid modified lightweight algorithm for achieving data integrity and con...A hybrid modified lightweight algorithm for achieving data integrity and con...
A hybrid modified lightweight algorithm for achieving data integrity and con...IJECEIAES
ย 
Client server computing in mobile environments part 2
Client server computing in mobile environments part 2Client server computing in mobile environments part 2
Client server computing in mobile environments part 2Praveen Joshi
ย 
A lightweight secure scheme for detecting
A lightweight secure scheme for detectingA lightweight secure scheme for detecting
A lightweight secure scheme for detectingjpstudcorner
ย 
Mixed Scanning and DFT Techniques for Arithmetic Core
Mixed Scanning and DFT Techniques for Arithmetic CoreMixed Scanning and DFT Techniques for Arithmetic Core
Mixed Scanning and DFT Techniques for Arithmetic CoreIJERA Editor
ย 
Cotopaxi - IoT testing toolkit (Black Hat Asia 2019 Arsenal)
Cotopaxi - IoT testing toolkit (Black Hat Asia 2019 Arsenal)Cotopaxi - IoT testing toolkit (Black Hat Asia 2019 Arsenal)
Cotopaxi - IoT testing toolkit (Black Hat Asia 2019 Arsenal)Jakub Botwicz
ย 
Implementation on Data Security Approach in Dynamic Multi Hop Communication
Implementation on Data Security Approach in Dynamic Multi Hop Communication Implementation on Data Security Approach in Dynamic Multi Hop Communication
Implementation on Data Security Approach in Dynamic Multi Hop CommunicationIJCSIS Research Publications
ย 
IRJET- Assessment of Network Protocol Packet Analysis in IPV4 and IPV6 on Loc...
IRJET- Assessment of Network Protocol Packet Analysis in IPV4 and IPV6 on Loc...IRJET- Assessment of Network Protocol Packet Analysis in IPV4 and IPV6 on Loc...
IRJET- Assessment of Network Protocol Packet Analysis in IPV4 and IPV6 on Loc...IRJET Journal
ย 
Design and implementation of proposed 320 bit RC6-cascaded encryption/decrypt...
Design and implementation of proposed 320 bit RC6-cascaded encryption/decrypt...Design and implementation of proposed 320 bit RC6-cascaded encryption/decrypt...
Design and implementation of proposed 320 bit RC6-cascaded encryption/decrypt...IJECEIAES
ย 
IS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecurityIS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecuritySarthak Patel
ย 
A NOVEL ROBUST ROUTER ARCHITECTURE
A NOVEL ROBUST ROUTER ARCHITECTURE A NOVEL ROBUST ROUTER ARCHITECTURE
A NOVEL ROBUST ROUTER ARCHITECTURE IJERA Editor
ย 
High throughput reliable multicast in multi-hop wireless mesh networks
High throughput reliable multicast in multi-hop wireless mesh networksHigh throughput reliable multicast in multi-hop wireless mesh networks
High throughput reliable multicast in multi-hop wireless mesh networksLogicMindtech Nologies
ย 
High throughput reliable multicast in multi-hop wireless mesh networks
High throughput reliable multicast in multi-hop wireless mesh networksHigh throughput reliable multicast in multi-hop wireless mesh networks
High throughput reliable multicast in multi-hop wireless mesh networksLogicMindtech Nologies
ย 
High throughput reliable multicast in multi-hop wireless mesh networks
High throughput reliable multicast in multi-hop wireless mesh networksHigh throughput reliable multicast in multi-hop wireless mesh networks
High throughput reliable multicast in multi-hop wireless mesh networksLogicMindtech Nologies
ย 

Similar to SecuPAN: A Security Scheme for 6LoWPAN Fragmentation Attacks (20)

Gluing the IoT world with Java and LoRaWAN (Jfokus 2018)
Gluing the IoT world with Java and LoRaWAN (Jfokus 2018)Gluing the IoT world with Java and LoRaWAN (Jfokus 2018)
Gluing the IoT world with Java and LoRaWAN (Jfokus 2018)
ย 
2014 IEEE JAVA NETWORKING PROJECT Receiver based flow control for networks in...
2014 IEEE JAVA NETWORKING PROJECT Receiver based flow control for networks in...2014 IEEE JAVA NETWORKING PROJECT Receiver based flow control for networks in...
2014 IEEE JAVA NETWORKING PROJECT Receiver based flow control for networks in...
ย 
IEEE 2014 JAVA NETWORKING PROJECTS Receiver based flow control for networks i...
IEEE 2014 JAVA NETWORKING PROJECTS Receiver based flow control for networks i...IEEE 2014 JAVA NETWORKING PROJECTS Receiver based flow control for networks i...
IEEE 2014 JAVA NETWORKING PROJECTS Receiver based flow control for networks i...
ย 
Qo s based mac protocol for medical wireless body area sensor networks
Qo s based mac protocol for medical wireless body area sensor networksQo s based mac protocol for medical wireless body area sensor networks
Qo s based mac protocol for medical wireless body area sensor networks
ย 
6Tisch telecom_bretagne_2016
6Tisch telecom_bretagne_20166Tisch telecom_bretagne_2016
6Tisch telecom_bretagne_2016
ย 
Network Bottleneck Avoidance Using Edge Routers
Network Bottleneck Avoidance Using Edge RoutersNetwork Bottleneck Avoidance Using Edge Routers
Network Bottleneck Avoidance Using Edge Routers
ย 
Markle Tree Based Authentication Protocol for Lifetime Enhancement in Wireles...
Markle Tree Based Authentication Protocol for Lifetime Enhancement in Wireles...Markle Tree Based Authentication Protocol for Lifetime Enhancement in Wireles...
Markle Tree Based Authentication Protocol for Lifetime Enhancement in Wireles...
ย 
A hybrid modified lightweight algorithm for achieving data integrity and con...
A hybrid modified lightweight algorithm for achieving data integrity and con...A hybrid modified lightweight algorithm for achieving data integrity and con...
A hybrid modified lightweight algorithm for achieving data integrity and con...
ย 
Client server computing in mobile environments part 2
Client server computing in mobile environments part 2Client server computing in mobile environments part 2
Client server computing in mobile environments part 2
ย 
A lightweight secure scheme for detecting
A lightweight secure scheme for detectingA lightweight secure scheme for detecting
A lightweight secure scheme for detecting
ย 
Mixed Scanning and DFT Techniques for Arithmetic Core
Mixed Scanning and DFT Techniques for Arithmetic CoreMixed Scanning and DFT Techniques for Arithmetic Core
Mixed Scanning and DFT Techniques for Arithmetic Core
ย 
Cotopaxi - IoT testing toolkit (Black Hat Asia 2019 Arsenal)
Cotopaxi - IoT testing toolkit (Black Hat Asia 2019 Arsenal)Cotopaxi - IoT testing toolkit (Black Hat Asia 2019 Arsenal)
Cotopaxi - IoT testing toolkit (Black Hat Asia 2019 Arsenal)
ย 
Implementation on Data Security Approach in Dynamic Multi Hop Communication
Implementation on Data Security Approach in Dynamic Multi Hop Communication Implementation on Data Security Approach in Dynamic Multi Hop Communication
Implementation on Data Security Approach in Dynamic Multi Hop Communication
ย 
IRJET- Assessment of Network Protocol Packet Analysis in IPV4 and IPV6 on Loc...
IRJET- Assessment of Network Protocol Packet Analysis in IPV4 and IPV6 on Loc...IRJET- Assessment of Network Protocol Packet Analysis in IPV4 and IPV6 on Loc...
IRJET- Assessment of Network Protocol Packet Analysis in IPV4 and IPV6 on Loc...
ย 
Design and implementation of proposed 320 bit RC6-cascaded encryption/decrypt...
Design and implementation of proposed 320 bit RC6-cascaded encryption/decrypt...Design and implementation of proposed 320 bit RC6-cascaded encryption/decrypt...
Design and implementation of proposed 320 bit RC6-cascaded encryption/decrypt...
ย 
IS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecurityIS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email Security
ย 
A NOVEL ROBUST ROUTER ARCHITECTURE
A NOVEL ROBUST ROUTER ARCHITECTURE A NOVEL ROBUST ROUTER ARCHITECTURE
A NOVEL ROBUST ROUTER ARCHITECTURE
ย 
High throughput reliable multicast in multi-hop wireless mesh networks
High throughput reliable multicast in multi-hop wireless mesh networksHigh throughput reliable multicast in multi-hop wireless mesh networks
High throughput reliable multicast in multi-hop wireless mesh networks
ย 
High throughput reliable multicast in multi-hop wireless mesh networks
High throughput reliable multicast in multi-hop wireless mesh networksHigh throughput reliable multicast in multi-hop wireless mesh networks
High throughput reliable multicast in multi-hop wireless mesh networks
ย 
High throughput reliable multicast in multi-hop wireless mesh networks
High throughput reliable multicast in multi-hop wireless mesh networksHigh throughput reliable multicast in multi-hop wireless mesh networks
High throughput reliable multicast in multi-hop wireless mesh networks
ย 

More from Mahmud Hossain

Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...Mahmud Hossain
ย 
CACROS: A Context-Aware Cloud Content Roaming Service
CACROS: A Context-Aware Cloud Content Roaming ServiceCACROS: A Context-Aware Cloud Content Roaming Service
CACROS: A Context-Aware Cloud Content Roaming ServiceMahmud Hossain
ย 
Aura: An IoT based Cloud Infrastructure for Localized Mobile Computation Outs...
Aura: An IoT based Cloud Infrastructure for Localized Mobile Computation Outs...Aura: An IoT based Cloud Infrastructure for Localized Mobile Computation Outs...
Aura: An IoT based Cloud Infrastructure for Localized Mobile Computation Outs...Mahmud Hossain
ย 
Trust-IoV: A Trustworthy Forensic Investigation Framework for the Internet of...
Trust-IoV: A Trustworthy Forensic Investigation Framework for the Internet of...Trust-IoV: A Trustworthy Forensic Investigation Framework for the Internet of...
Trust-IoV: A Trustworthy Forensic Investigation Framework for the Internet of...Mahmud Hossain
ย 
Secprov: Trustworthy and Efficient Provenance Management in the Cloud
Secprov: Trustworthy and Efficient Provenance Management in the CloudSecprov: Trustworthy and Efficient Provenance Management in the Cloud
Secprov: Trustworthy and Efficient Provenance Management in the CloudMahmud Hossain
ย 
Rosaic: A Round-wise Fair Scheduling Approach for Mobile Clouds Based on Task...
Rosaic: A Round-wise Fair Scheduling Approach for Mobile Clouds Based on Task...Rosaic: A Round-wise Fair Scheduling Approach for Mobile Clouds Based on Task...
Rosaic: A Round-wise Fair Scheduling Approach for Mobile Clouds Based on Task...Mahmud Hossain
ย 
Probe-IoT: A Public Digital Ledger Based Forensic Investigation Framework for...
Probe-IoT: A Public Digital Ledger Based Forensic Investigation Framework for...Probe-IoT: A Public Digital Ledger Based Forensic Investigation Framework for...
Probe-IoT: A Public Digital Ledger Based Forensic Investigation Framework for...Mahmud Hossain
ย 
Jugo: A Generic Architecture for Composite Cloud as a Service Auth
Jugo: A Generic Architecture for Composite Cloud as a Service AuthJugo: A Generic Architecture for Composite Cloud as a Service Auth
Jugo: A Generic Architecture for Composite Cloud as a Service AuthMahmud Hossain
ย 
Towards an Analysis of Security Issues, Challenges, and Open Problems in the ...
Towards an Analysis of Security Issues, Challenges, and Open Problems in the ...Towards an Analysis of Security Issues, Challenges, and Open Problems in the ...
Towards an Analysis of Security Issues, Challenges, and Open Problems in the ...Mahmud Hossain
ย 
IoTbed: A Generic Architecture for Testbed as a Service for Internet of Thing...
IoTbed: A Generic Architecture for Testbed as a Service for Internet of Thing...IoTbed: A Generic Architecture for Testbed as a Service for Internet of Thing...
IoTbed: A Generic Architecture for Testbed as a Service for Internet of Thing...Mahmud Hossain
ย 
HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...
HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...
HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...Mahmud Hossain
ย 
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...Mahmud Hossain
ย 

More from Mahmud Hossain (12)

Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
ย 
CACROS: A Context-Aware Cloud Content Roaming Service
CACROS: A Context-Aware Cloud Content Roaming ServiceCACROS: A Context-Aware Cloud Content Roaming Service
CACROS: A Context-Aware Cloud Content Roaming Service
ย 
Aura: An IoT based Cloud Infrastructure for Localized Mobile Computation Outs...
Aura: An IoT based Cloud Infrastructure for Localized Mobile Computation Outs...Aura: An IoT based Cloud Infrastructure for Localized Mobile Computation Outs...
Aura: An IoT based Cloud Infrastructure for Localized Mobile Computation Outs...
ย 
Trust-IoV: A Trustworthy Forensic Investigation Framework for the Internet of...
Trust-IoV: A Trustworthy Forensic Investigation Framework for the Internet of...Trust-IoV: A Trustworthy Forensic Investigation Framework for the Internet of...
Trust-IoV: A Trustworthy Forensic Investigation Framework for the Internet of...
ย 
Secprov: Trustworthy and Efficient Provenance Management in the Cloud
Secprov: Trustworthy and Efficient Provenance Management in the CloudSecprov: Trustworthy and Efficient Provenance Management in the Cloud
Secprov: Trustworthy and Efficient Provenance Management in the Cloud
ย 
Rosaic: A Round-wise Fair Scheduling Approach for Mobile Clouds Based on Task...
Rosaic: A Round-wise Fair Scheduling Approach for Mobile Clouds Based on Task...Rosaic: A Round-wise Fair Scheduling Approach for Mobile Clouds Based on Task...
Rosaic: A Round-wise Fair Scheduling Approach for Mobile Clouds Based on Task...
ย 
Probe-IoT: A Public Digital Ledger Based Forensic Investigation Framework for...
Probe-IoT: A Public Digital Ledger Based Forensic Investigation Framework for...Probe-IoT: A Public Digital Ledger Based Forensic Investigation Framework for...
Probe-IoT: A Public Digital Ledger Based Forensic Investigation Framework for...
ย 
Jugo: A Generic Architecture for Composite Cloud as a Service Auth
Jugo: A Generic Architecture for Composite Cloud as a Service AuthJugo: A Generic Architecture for Composite Cloud as a Service Auth
Jugo: A Generic Architecture for Composite Cloud as a Service Auth
ย 
Towards an Analysis of Security Issues, Challenges, and Open Problems in the ...
Towards an Analysis of Security Issues, Challenges, and Open Problems in the ...Towards an Analysis of Security Issues, Challenges, and Open Problems in the ...
Towards an Analysis of Security Issues, Challenges, and Open Problems in the ...
ย 
IoTbed: A Generic Architecture for Testbed as a Service for Internet of Thing...
IoTbed: A Generic Architecture for Testbed as a Service for Internet of Thing...IoTbed: A Generic Architecture for Testbed as a Service for Internet of Thing...
IoTbed: A Generic Architecture for Testbed as a Service for Internet of Thing...
ย 
HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...
HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...
HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...
ย 
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
ย 

Recently uploaded

Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
ย 
FULL ENJOY ๐Ÿ” 8264348440 ๐Ÿ” Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY ๐Ÿ” 8264348440 ๐Ÿ” Call Girls in Diplomatic Enclave | DelhiFULL ENJOY ๐Ÿ” 8264348440 ๐Ÿ” Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY ๐Ÿ” 8264348440 ๐Ÿ” Call Girls in Diplomatic Enclave | Delhisoniya singh
ย 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
ย 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
ย 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
ย 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
ย 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
ย 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
ย 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
ย 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
ย 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
ย 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
ย 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
ย 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
ย 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
ย 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
ย 
Integration and Automation in Practice: CI/CD in Muleย Integration and Automat...
Integration and Automation in Practice: CI/CD in Muleย Integration and Automat...Integration and Automation in Practice: CI/CD in Muleย Integration and Automat...
Integration and Automation in Practice: CI/CD in Muleย Integration and Automat...Patryk Bandurski
ย 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
ย 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
ย 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
ย 

Recently uploaded (20)

Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
ย 
FULL ENJOY ๐Ÿ” 8264348440 ๐Ÿ” Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY ๐Ÿ” 8264348440 ๐Ÿ” Call Girls in Diplomatic Enclave | DelhiFULL ENJOY ๐Ÿ” 8264348440 ๐Ÿ” Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY ๐Ÿ” 8264348440 ๐Ÿ” Call Girls in Diplomatic Enclave | Delhi
ย 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
ย 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
ย 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
ย 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
ย 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
ย 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
ย 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
ย 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
ย 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
ย 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
ย 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
ย 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
ย 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
ย 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
ย 
Integration and Automation in Practice: CI/CD in Muleย Integration and Automat...
Integration and Automation in Practice: CI/CD in Muleย Integration and Automat...Integration and Automation in Practice: CI/CD in Muleย Integration and Automat...
Integration and Automation in Practice: CI/CD in Muleย Integration and Automat...
ย 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
ย 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
ย 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
ย 

SecuPAN: A Security Scheme for 6LoWPAN Fragmentation Attacks

  • 1. SECuRE and Trustworthy Computing Lab Authors Mahmud Hossain, Yasser Karim, and Ragib Hasan SECuRE and Trustworthy computing Lab (SECRETLab) University of Alabama at Birmingham Presenter: Mahmud Hossain http://secret.cis.uab.edu IoT SecuPAN: A Security Scheme to Mitigate Fragmentation-Based Network Attacks in 6LoWPAN
  • 2. SECuRE and Trustworthy Computing Lab 2 The Internet of Things (IoT) ๏ฎ A programmable world ๏ฎ Everyday objects are interconnected ๏ฎ Objects are smart enough to make decision
  • 3. SECuRE and Trustworthy Computing Lab Source: Zinnov Zones (2016) IoT Forecasts and Market Estimates 3 ๏ฎ Estimation of connected things by 2020 ๏ฎ 20.8 billion (Gartner) ๏ฎ 26.3 billion (Cisco) ๏ฎ 28 billion (Ericson) ๏ฎ 34 billion (Business Insider) Source: ZStatista (2018)
  • 4. SECuRE and Trustworthy Computing Lab Protocols for IoT network ๏ฎ IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN) ๏ฎ Zigbee ๏ฎ Bluetooth ๏ฎ Z-Wave ๏ฎ Sigfox ๏ฎ Wi-Fi 4
  • 5. SECuRE and Trustworthy Computing Lab 6LoWPAN: Protocol Stack ๏ฎ IEEE 802.15.4 ๏ฎ IPv6 5
  • 6. SECuRE and Trustworthy Computing Lab Fragmentation in 6LoWPAN ๏ฎ Maximum Transmission Unit (MTU) size 127 octets(bytes). ๏ฎ IPv6 packets are usually larger than 127 octets. (Maximum 1280 octets) 6
  • 7. SECuRE and Trustworthy Computing Lab Vulnerabilities of 6LoWPAN Fragmentation Mechanism ๏ฎ Fragment authentication ๏ฎ Fragment freshness verification ๏ฎ Payload integrity verification ๏ฎ Source IP-Address validation 7
  • 8. SECuRE and Trustworthy Computing Lab Threat Model ๏ฎ Capability of Target and Malicious Devices ๏ฎ Resource Constrained ๏ฎ Location ๏ฎ Within Radio Range (Mallory) ๏ฎ Via Gateway (Eve) ๏ฎ Via Internet (Malice) ๏ฎ Extract key materials ๏ฎ Memory Probing 8
  • 9. SECuRE and Trustworthy Computing Lab Threat Model ๏ฎ Network External Attacks ๏ฎ Attackers conduct activity from outside via Internet. ๏ฎ No resource limitation ๏ฎ Attackers can easily send large number of packets which are further broken into fragments. ๏ฎ Gateway can prevent such attack by employing an authenticated tunnel, such as IPsec. ๏ฎ Secure rate limiting mechanisms for large packets from authenticated sources. 9
  • 10. SECuRE and Trustworthy Computing Lab Threat Model ๏ฎ Network Internal Attacks 10 Replay Alteration Spoofing Duplicate Buffer exhaustion
  • 11. SECuRE and Trustworthy Computing Lab SecuPAN : Proposed Solutions ๏ฎ Nonce field in the FRAG1 header. ๏ฎ MAC-based scheme. ๏ฎ Cryptographic datagram-tag and cryptographically generated IPv6 address (CGA-IPv6). ๏ฎ Reputation-based buffer management mechanism. 11
  • 12. SECuRE and Trustworthy Computing Lab Proposed Datagram Tag, Nonce & MAC fields 12 ๏ฎ Crypto Datagram Tag 16 bits. ๏ฎ MAC (N || Hash (Payload added to FRAG1) ๏ฎ Nonce 16 bits. ๏ฎ MAC field 32 bits. ๏ฎ MAC (Hash (Payload added to FRAGN)) ๏ฎ Ensures fragments integrity and freshness.
  • 13. SECuRE and Trustworthy Computing Lab Cryptographic IPv6 Address Assignment ๏ฎ A CGA is an Internet Protocol Version 6 (IPv6) address that contains a host identifier computed from a cryptographic hash function. ๏ฎ In our proposed solution, a Border Router in a 6LoWPAN network assigns a CGA-IPv6 address to joining device. ๏ฎ Prevent address spoofing. 13
  • 14. SECuRE and Trustworthy Computing Lab Secure Transfer of Packet Fragmentations ๏ฎ Public Key Retrieval ๏ฎ Secure Fragmentation 14
  • 15. SECuRE and Trustworthy Computing Lab Operational Model 15 Verify Crypto Datagram Tag MACK (N) =? Hash Yes
  • 16. SECuRE and Trustworthy Computing Lab SecuPAN : Secure Management of Reassembly Buffer ๏ฎ A reputation point based buffer management scheme ๏ฎ Reputation point, ๐‘Ÿ๐‘— is defined as follows: ๐‘Ÿ๐‘— = min ๐‘Ÿ๐‘— + 1 2 , 1 max ๐‘Ÿ๐‘— โˆ’ ๐‘๐‘ข๐‘“๐‘— ๐‘Ÿ๐‘— 1 โˆ’ ฮผ ๐‘— , 0.1 ๏ฎ Here, ๐œ‡ ๐‘— = ๐‘‡๐‘œ๐‘ก๐‘Ž๐‘™ ๐‘๐‘ฆ๐‘ก๐‘’๐‘  ๐‘Ÿ๐‘’๐‘๐‘’๐‘–๐‘ฃ๐‘’๐‘‘ ๐‘‡๐‘œ๐‘ก๐‘Ž๐‘™ ๐‘™๐‘’๐‘›๐‘”๐‘กโ„Ž ๐‘œ๐‘“ ๐‘กโ„Ž๐‘’ ๐‘๐‘Ž๐‘๐‘˜๐‘’๐‘ก and ๐‘๐‘ข๐‘“๐‘— = ๐‘‡๐‘œ๐‘ก๐‘Ž๐‘™ ๐‘Ž๐‘™๐‘™๐‘œ๐‘๐‘Ž๐‘ก๐‘’๐‘‘ ๐‘๐‘œ๐‘Ÿ๐‘ก๐‘–๐‘œ๐‘› ๐‘œ๐‘“ ๐‘กโ„Ž๐‘’ ๐‘๐‘ข๐‘“๐‘“๐‘’๐‘Ÿ(๐‘๐‘ข๐‘“๐‘Ž) ๐‘‡๐‘œ๐‘ก๐‘Ž๐‘™ ๐‘ ๐‘–๐‘ง๐‘’ ๐‘œ๐‘“ ๐‘กโ„Ž๐‘’ ๐‘๐‘ข๐‘“๐‘“๐‘’๐‘Ÿ ๏ฎ A receiver allocates ๐‘๐‘ข๐‘“๐‘Ž for a fragmented packet as: ๐‘๐‘ข๐‘“๐‘Ž = ๐‘ + ๐‘ž, ๐‘ = ๐‘Ÿ๐‘— โˆ— ๐‘‘๐‘Ž๐‘ก๐‘Ž๐‘”๐‘Ÿ๐‘Ž๐‘š_๐‘ ๐‘–๐‘ง๐‘’, ๐‘Ž๐‘›๐‘‘ ๐‘ž = ๐‘ + 8 ๐‘š๐‘œ๐‘‘ 8 ๏ฎ Packet discard policy: Uncertainty Point ucP = ๐‘“ ๐‘Ÿ +๐‘ก๐‘Ÿ+๐‘›๐‘  ๐‘Ÿ ๐‘  16 If a sender sends all the fragments. If the receiver fails receiving all the packet fragments before time expires
  • 17. SECuRE and Trustworthy Computing Lab Experimental Setup 17
  • 18. SECuRE and Trustworthy Computing Lab Evaluation 18 Packet Delivery Ratio (buffer reservation) Effective Packet Number
  • 19. SECuRE and Trustworthy Computing Lab Evaluation 19 End to End Delay Throughput Energy Consumption for Communications
  • 20. SECuRE and Trustworthy Computing Lab Security Analysis ๏ฎ Replay ๏ฎ Nonce field ๏ฎ Alteration ๏ฎ MAC field ๏ฎ Spoofing ๏ฎ CGA-IPv6 ๏ฎ Duplication ๏ฎ MAC field ๏ฎ Buffer exhaustion ๏ฎ Reputation point based system 20
  • 21. SECuRE and Trustworthy Computing Lab Conclusion ๏ฎ Fragmentation mechanism enables vulnerabilities in 6LoWPAN. ๏ฎ Proposed a security mechanism based on Cryptographically Generated IPv6 Address to mitigate impersonation attacks. ๏ฎ MAC-based fragmentation scheme to verify authenticity and integrity of packet fragments. ๏ฎ Reputation-based buffer management scheme to protect resource-limited devices from buffer over๏ฌ‚ow. 21
  • 22. SECuRE and Trustworthy Computing Lab Thank You 22 SECRETLab@UAB ๏‚ง Phone: 205.934.8643 ๏‚ง Fax: 205.934.5473 ๏‚ง Web: http://secret.cis.uab.edu/ Mahmud Hossain ๏‚ง Email: mahmud@uab.edu