The new 802.11 security protocol called 802.11w was recently ratified. Check this 802.11w-Tutorial to know how it works and what it means for your WLAN.
Here I am describing general topics about :
1) Brief about 802.11 standard.
2) MAC layer frames
3) MLME
4) SoftMAC and HardMAC
5) Broadcom bcm43xx chipsets
6) Tx path and Rx path of brcmsmac driver
7) Mac80211 debugfs
8) Live demonstration
Ike Al Pres on 5G and 5G Advanced selected Capabilities to LF Edge Akraino Su...Ike Alisson
Insights into 3GPP specifications for "5G Advanced" release related to both, insights and pace of development related to "equivalent" NPNs/SNPNs (Private Networks) with support to non 3GPP Access and providing support for Localized Services, APIs evolvement for realization of Service Enablement Framework Services, Analytics on System & Application level, Enhacements on System & Application level for developing Applications/Service on the Edge, exemplifying the alignment between 3GPP EDGEAPP & ETSI MEC Architectures as part of the GSMA proposed in June 2021 Solution for providing E2E Solution for Edge Applications & some insights on the O-RAN Alliance SMO related non RT-RIC related to rApps.
We all use Wifi today. You know how much money it saves for your smart-phone data usage band-width. Connecting all your computers and gadgets with cables is not just history, even if you attempt it would be impractical!
Wifi being so pervasive, also brings along tremendous security implications. Come join us to look into details of Wifi security. How to secure your wifi network? How certain wifi encryption technologies can be hacked? We would prove that with live demos!
Join us to reflect on the security aspect of this technology, discuss about it and leave with more confidence about how 'secure' your WiFi access is?
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV Clusterbyonggon chun
Introduce the container runtime environment which is set up with Kubernetes and various CRI runtimes(Docker, Containerd, CRI-O) and the method of NUMA-aware resource management(CPU Manager, Topology Manager, Etc) for CNF(Containerized Network Function) within Kubernetes and related issues.
Here I am describing general topics about :
1) Brief about 802.11 standard.
2) MAC layer frames
3) MLME
4) SoftMAC and HardMAC
5) Broadcom bcm43xx chipsets
6) Tx path and Rx path of brcmsmac driver
7) Mac80211 debugfs
8) Live demonstration
Ike Al Pres on 5G and 5G Advanced selected Capabilities to LF Edge Akraino Su...Ike Alisson
Insights into 3GPP specifications for "5G Advanced" release related to both, insights and pace of development related to "equivalent" NPNs/SNPNs (Private Networks) with support to non 3GPP Access and providing support for Localized Services, APIs evolvement for realization of Service Enablement Framework Services, Analytics on System & Application level, Enhacements on System & Application level for developing Applications/Service on the Edge, exemplifying the alignment between 3GPP EDGEAPP & ETSI MEC Architectures as part of the GSMA proposed in June 2021 Solution for providing E2E Solution for Edge Applications & some insights on the O-RAN Alliance SMO related non RT-RIC related to rApps.
We all use Wifi today. You know how much money it saves for your smart-phone data usage band-width. Connecting all your computers and gadgets with cables is not just history, even if you attempt it would be impractical!
Wifi being so pervasive, also brings along tremendous security implications. Come join us to look into details of Wifi security. How to secure your wifi network? How certain wifi encryption technologies can be hacked? We would prove that with live demos!
Join us to reflect on the security aspect of this technology, discuss about it and leave with more confidence about how 'secure' your WiFi access is?
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV Clusterbyonggon chun
Introduce the container runtime environment which is set up with Kubernetes and various CRI runtimes(Docker, Containerd, CRI-O) and the method of NUMA-aware resource management(CPU Manager, Topology Manager, Etc) for CNF(Containerized Network Function) within Kubernetes and related issues.
Presented at NZISIG on Tuesday 26th February 2019.
"WPA3: What is it good for? (With a little bit of Bluetooth and a soupçon of GPS)"
I offered this talk to Purplecon but they didn't want it so you're getting it instead. Since it's been a few months I've added some other stuff on the end.
Overview of existing issues in WAP, WPA, WPA2 and WPS
Skateboarding dog story
WPA3 improvements:
- Password protection
- Preshared keys (Simultaneous Authentication of Equals - SAE)
- CNSA
- Opportunistic Wireless Encryption (OWE)
- Wifi Easy Connect
Bluetooth
- Direction finding
- End to end security
GPS
- 6th April could get interesting.
This presentation and demo show the hardware which consist of 5G UE’s, 5G radios, a fronthaul network and C-RAN with high density switches and servers, a transport network of 3 DWDM switches and a DC network of servers and high density switches. The basic software arrangement will be shown with emphasis on the structure of the orchestration and SDN controllers and the choice of virtualization components and logical networking. An eMBB slice will be brought up which will entail programming of the radios, the fronthaul, backhaul, a node B and the core. Its behavior will be noted through the test UE’s. An URRLC slice will be brought up and its nodeB and core will be demonstrated through its test UE’s showing extremely low latency. An MMTC slice will be brought up and a large number of test IOT devices will be demonstrated via the test UE’s. The eMBB slice will be augmented by programming a slice selection function that will create a ICN slice and an application (TBD) will be shown running over that ICN core (but with the eMBB slice). Spectrum will be reassigned from slice to slice and the changes noted as an optimizer recomputes the proper allocation of resources and executes it. Traffic will be increased and the changes in the backhaul over transport and core function placements will be noted. An additional demonstration will show creation of multiple 4G air interfaces using the same infrastructure network but with 4G radios and 4G UE’s using OAI software and ETTUS SDRs. A Skype session will be created between the two 4G slices. We will also try to show some of the EPC functions being moved while the UE sessions are not impacted.
Author : Peter Ashwood-Smith, Huawei Technologies
Presented at ITU-T Focus Group IMT-2020 Workshop and Demo Day, 7 December 2016.
More details on the event : http://www.itu.int/en/ITU-T/Workshops-and-Seminars/201612/Pages/Programme.aspx
Synopsis: A high-level technical introduction to ConfD. Introduction to ConfD architecture, data model driven paradigm, core engine features and northbound interfaces.
Technical Overview of Cisco Catalyst 9200 Series SwitchesRobb Boyd
TechWiseTV's Cisco Container Platform live workshop took place on July 18th.
For the first time in the industry, a single family of fixed, stackable, and modular switches are running on the same IOS-XE operating system along with a common ASIC.
Cisco’s Catalyst 9200 rounds out the lower end of its incredible Catalyst 9000 family of switches. The 9200 is designed for small, medium, and branch deployments, providing greater modularity, redundancy, and stackability than the Catalyst 2960 it replaces.
Register now.
In this deck, Greg Wahl from Advantech presents: Transforming Private 5G Networks.
Advantech Networks & Communications Group is driving innovation in next-generation network solutions with their High Performance Servers. We provide business critical hardware to the world's leading telecom and networking equipment manufacturers with both standard and customized products. Our High Performance Servers are highly configurable platforms designed to balance the best in x86 server-class processing performance with maximum I/O and offload density. The systems are cost effective, highly available and optimized to meet next generation networking and media processing needs.
“Advantech’s Networks and Communication Group has been both an innovator and trusted enabling partner in the telecommunications and network security markets for over a decade, designing and manufacturing products for OEMs that accelerate their network platform evolution and time to market.” Said Advantech Vice President of Networks & Communications Group, Ween Niu. “In the new IP Infrastructure era, we will be expanding our expertise in Software Defined Networking (SDN) and Network Function Virtualization (NFV), two of the essential conduits to 5G infrastructure agility making networks easier to install, secure, automate and manage in a cloud-based infrastructure.”
In addition to innovation in air interface technologies and architecture extensions, 5G will also need a new generation of network computing platforms to run the emerging software defined infrastructure, one that provides greater topology flexibility, essential to deliver on the promises of high availability, high coverage, low latency and high bandwidth connections. This will open up new parallel industry opportunities through dedicated 5G network slices reserved for specific industries dedicated to video traffic, augmented reality, IoT, connected cars etc. 5G unlocks many new doors and one of the keys to its enablement lies in the elasticity and flexibility of the underlying infrastructure.
Advantech’s corporate vision is to enable an intelligent planet. The company is a global leader in the fields of IoT intelligent systems and embedded platforms. To embrace the trends of IoT, big data, and artificial intelligence, Advantech promotes IoT hardware and software solutions with the Edge Intelligence WISE-PaaS core to assist business partners and clients in connecting their industrial chains. Advantech is also working with business partners to co-create business ecosystems that accelerate the goal of industrial intelligence."
Watch the video: https://wp.me/p3RLHQ-lPQ
* Company website: https://www.advantech.com/
* Solution page: https://www2.advantech.com/nc/newsletter/NCG/SKY/benefits.html
Sign up for our insideHPC Newsletter: http://insidehpc.com/newsletter
Dos on 802.11 and other security issues ( Case Study ) Shrobon Biswas
This is a paper which demonstrates the blunders in the WEP encryption protocol and how to stage and spet up the attacks making use of such gory loopholes .
There is also a presentation i uploaded with the same name . Check that out if you liked the document .
Presented at NZISIG on Tuesday 26th February 2019.
"WPA3: What is it good for? (With a little bit of Bluetooth and a soupçon of GPS)"
I offered this talk to Purplecon but they didn't want it so you're getting it instead. Since it's been a few months I've added some other stuff on the end.
Overview of existing issues in WAP, WPA, WPA2 and WPS
Skateboarding dog story
WPA3 improvements:
- Password protection
- Preshared keys (Simultaneous Authentication of Equals - SAE)
- CNSA
- Opportunistic Wireless Encryption (OWE)
- Wifi Easy Connect
Bluetooth
- Direction finding
- End to end security
GPS
- 6th April could get interesting.
This presentation and demo show the hardware which consist of 5G UE’s, 5G radios, a fronthaul network and C-RAN with high density switches and servers, a transport network of 3 DWDM switches and a DC network of servers and high density switches. The basic software arrangement will be shown with emphasis on the structure of the orchestration and SDN controllers and the choice of virtualization components and logical networking. An eMBB slice will be brought up which will entail programming of the radios, the fronthaul, backhaul, a node B and the core. Its behavior will be noted through the test UE’s. An URRLC slice will be brought up and its nodeB and core will be demonstrated through its test UE’s showing extremely low latency. An MMTC slice will be brought up and a large number of test IOT devices will be demonstrated via the test UE’s. The eMBB slice will be augmented by programming a slice selection function that will create a ICN slice and an application (TBD) will be shown running over that ICN core (but with the eMBB slice). Spectrum will be reassigned from slice to slice and the changes noted as an optimizer recomputes the proper allocation of resources and executes it. Traffic will be increased and the changes in the backhaul over transport and core function placements will be noted. An additional demonstration will show creation of multiple 4G air interfaces using the same infrastructure network but with 4G radios and 4G UE’s using OAI software and ETTUS SDRs. A Skype session will be created between the two 4G slices. We will also try to show some of the EPC functions being moved while the UE sessions are not impacted.
Author : Peter Ashwood-Smith, Huawei Technologies
Presented at ITU-T Focus Group IMT-2020 Workshop and Demo Day, 7 December 2016.
More details on the event : http://www.itu.int/en/ITU-T/Workshops-and-Seminars/201612/Pages/Programme.aspx
Synopsis: A high-level technical introduction to ConfD. Introduction to ConfD architecture, data model driven paradigm, core engine features and northbound interfaces.
Technical Overview of Cisco Catalyst 9200 Series SwitchesRobb Boyd
TechWiseTV's Cisco Container Platform live workshop took place on July 18th.
For the first time in the industry, a single family of fixed, stackable, and modular switches are running on the same IOS-XE operating system along with a common ASIC.
Cisco’s Catalyst 9200 rounds out the lower end of its incredible Catalyst 9000 family of switches. The 9200 is designed for small, medium, and branch deployments, providing greater modularity, redundancy, and stackability than the Catalyst 2960 it replaces.
Register now.
In this deck, Greg Wahl from Advantech presents: Transforming Private 5G Networks.
Advantech Networks & Communications Group is driving innovation in next-generation network solutions with their High Performance Servers. We provide business critical hardware to the world's leading telecom and networking equipment manufacturers with both standard and customized products. Our High Performance Servers are highly configurable platforms designed to balance the best in x86 server-class processing performance with maximum I/O and offload density. The systems are cost effective, highly available and optimized to meet next generation networking and media processing needs.
“Advantech’s Networks and Communication Group has been both an innovator and trusted enabling partner in the telecommunications and network security markets for over a decade, designing and manufacturing products for OEMs that accelerate their network platform evolution and time to market.” Said Advantech Vice President of Networks & Communications Group, Ween Niu. “In the new IP Infrastructure era, we will be expanding our expertise in Software Defined Networking (SDN) and Network Function Virtualization (NFV), two of the essential conduits to 5G infrastructure agility making networks easier to install, secure, automate and manage in a cloud-based infrastructure.”
In addition to innovation in air interface technologies and architecture extensions, 5G will also need a new generation of network computing platforms to run the emerging software defined infrastructure, one that provides greater topology flexibility, essential to deliver on the promises of high availability, high coverage, low latency and high bandwidth connections. This will open up new parallel industry opportunities through dedicated 5G network slices reserved for specific industries dedicated to video traffic, augmented reality, IoT, connected cars etc. 5G unlocks many new doors and one of the keys to its enablement lies in the elasticity and flexibility of the underlying infrastructure.
Advantech’s corporate vision is to enable an intelligent planet. The company is a global leader in the fields of IoT intelligent systems and embedded platforms. To embrace the trends of IoT, big data, and artificial intelligence, Advantech promotes IoT hardware and software solutions with the Edge Intelligence WISE-PaaS core to assist business partners and clients in connecting their industrial chains. Advantech is also working with business partners to co-create business ecosystems that accelerate the goal of industrial intelligence."
Watch the video: https://wp.me/p3RLHQ-lPQ
* Company website: https://www.advantech.com/
* Solution page: https://www2.advantech.com/nc/newsletter/NCG/SKY/benefits.html
Sign up for our insideHPC Newsletter: http://insidehpc.com/newsletter
Dos on 802.11 and other security issues ( Case Study ) Shrobon Biswas
This is a paper which demonstrates the blunders in the WEP encryption protocol and how to stage and spet up the attacks making use of such gory loopholes .
There is also a presentation i uploaded with the same name . Check that out if you liked the document .
The WLAN can be compared to the human body in its complexity. Similar methodology which is used to study the phenomenon in humans can be applied to study wireless systems when they are invaded by intruders such as foreign clients or malicious code.
The purpose of the human immune system is to defend against attacks from germs, viruses & foreign bodies. Likewise, the purpose of access point security software is to defend against attacks from intruders and hackers. But when the immune system fails to distinguish between healthy cells and foreign bodies, it mistakenly attacks and destroys healthy cells. This is called an autoimmunity disorder.
AirTight security researchers have discovered a similar autoimmunity disorder in select open source and commercial 802.11 AP implementations. This presentation for DEFCON16 demonstrates how this vulnerability provides an open door through which DoS attacks can still be launched.
Watch the full OnDemand webcast here: http://bit.ly/wc_80211-2012_update
The 802.11 protocol, or simply Wi-Fi as most users know it, is constantly under development. Users of 802.11 usually only notice the major changes, typically those that increase overall Wi-Fi performance, like 802.11a or 802.11n. But for every "public" change there are many background changes, some of which have pretty significant impacts, especially for device manufacturers, OEMs, and network engineers who must understand the nuances and the interactions of change to the protocol. With over twenty 802.11 specifications already ratified, and many more still in the development phase, it makes sense to occasionally "roll up" the changes into a single 802.11 specification. This is exactly what 802.11-2012 is all about.
802.11-2012 incorporates ten recently ratified 802.11 amendments into an overall 802.11 spec, making it much easier for engineers who are working with 802.11, especially those that may be new to Wi-Fi. Also, since many of the amendments include functional overlap, consolidation helps make potential design issues more obvious. Join us as we dissect the ten 802.11 specifications recently rolled into the 802.11-2012 specification update, focusing on their general applicability as well as their impact on other 802.11 specifications and features.
In this web seminar, we will cover:
- What’s in 802.11-2012
- Overall descriptions of each amendment
- Potential applications for each amendment
- Functional overlap, inconsistencies, or conflicts
What you will learn:
- How 802.11-2012 influences the overall WLAN market
- Which amendments are actively being implemented
- How WLAN analysis is impacted by these amendments
Moving towards a new Wi-Fi technology does not have to be too much of an undertaking. Of course, that's assuming great deal of planning and attention to detail in terms of defining the clear steps on how to get there. In this session we will discuss 802.11ac placement, Wi-Fi coverage and capacity planning for 802.11ac devices and how to take advantage of 802.11ac transmit beamforming.
WPA’s stature as a secure protocol was recently challenged for the first time. TKIP, an essential encryption component of WPA, which was heralded for years as the replacement for the broken WEP encryption, was shown to be vulnerable to a packet injection exploit.
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Dr. Amarjeet Singh
The growing volume of attacks on the Internet has
increased the demand for more robust systems and
sophisticated tools for vulnerability analysis, intrusion
detection, forensic investigations, and possible responses.
Current hacker tools and technologies warrant reengineering
to address cyber crime and homeland security. The being
aware of the flaws on a network is necessary to secure the
information infrastructure by gathering network topology,
intelligence, internal/external vulnerability analysis, and
penetration testing. This paper has as main objective to
minimize damages and preventing the attackers from
exploiting weaknesses and vulnerabilities in the 4 ways
handshake (WIFI).
We equally present a detail study on various attacks and
some solutions to avoid or prevent such attacks in WLAN.
Cisco Umbrella is the easiest and fastest cloud security platform for provisioning secure and compliant guest Wi-Fi. Our
solution’s simplicity and performance is the reason Fortune 50 retailers, top universities, and some of the largest hospitals in
the US trust Umbrella to protect their Wi-Fi.
Device to device (D2D) communications facilitate proximal devices to directly communicate with each other, by passing cellular base stations or access points, and bring many benefits such as improvement in both spectral efficiency and energy efficiency. Among existing D2D enabling techniques, the recently released Wi-Fi Direct is one promising protocol that offers high data rate D2D communications in local areas.
Meeting the business and technical challenges of today's organizations requires an architectural approach. The Cisco Borderless Network Architecture is the technical architecture that allows organizations to connect anyone, anywhere, anytime, and on any device - securely, reliably, and seamlessly. It is built on an infrastructure of scalable and resilient hardware and software. Components of the architecture come together to build network systems that span your organization from network access to the cloud. Intelligent network, endpoint, and user services provide the flexibility, speed, and scale to support new devices, applications, and deployment models.
The impact of the consumerization of IT and mobility cannot be understated. The impact that these two key business elements have on the evolution of Enterprise Architecture and for Service Provider's ability to offer services to Enterprises, Governments, and Consumers will be addressed in this webinar. We will talk about the importance of the shift and movement of the secure network edge leads to a very close examination of the changing threat vectors and vulnerabilities impacting your businesses today. We will also detail service delivery and consumption on the three 'service horizons,' (Mobile Endpoint and CPE, Virtualized Network Edge/Data Center Edge, and the Cloud).
AirTight Networks and AirTight Senior Technical Engineer, Robert Ferruolo, will be addressing how 802.11ac will shape your thought process for network planning. Robert will address the implications of 802.11ac on network design methodology. He will also map 802.11ac to use cases of your business and give a glimpse into our new access point calculator/estimator.
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration AirTight Networks
Part of Hospitality Technology Magazine's webinar "Restaurant Wi-Fi Primer". View the on-demand webinar at http://hospitalitytechnology.edgl.com/web-event/Restaurant-Wi-Fi-Primer--Network-Design---Optimization90930
AirTight Secure Wi-Fi™ is the first Wi-Fi access and security solution designed specifically for retail enterprises with distributed outlets. It is an automated PCI wireless scanning and compliance service that can double as an enterprise Wi-Fi access solution,
This doc provides a guide to some practical steps to combat often cited non-WiFi interference sources such as microwave oven, Bluetooth, baby monitors, cordless phones, wireless cameras and jammers.
"Hole196" is a vulnerability in the WPA2 security protocol exposing WPA2-secured Wi-Fi networks to insider attacks. AirTight Networks uncovered a weakness in the WPA2 protocol, which was documented but buried on the last line on page 196 of the 1232-page IEEE 802.11 Standard (Revision, 2007). Thus, the moniker “Hole196.” This document explains most of the FAQs about Hole196
WPA2 Hole196 Vulnerability: Exploits and Remediation StrategiesAirTight Networks
This paper presents a vulnerability, called Hole1961, in the WPA2 protocol that makes all
implementations of WPA- and WPA2-secured Wi-Fi networks (regardless of the authentication
and encryption used) vulnerable to insider attacks. It discusses ways in which a malicious
insider can exploit Hole196 to attack other authorized Wi-Fi users in a WPA2-secured wireless
LAN (WLAN). It also explores remediation strategies at various levels that organizations can
implement to mitigate this threat.
Windows 7 soft ap is a new wireless risk to the enterprise. This presentation demonstrates how windows 7 can be converted to a soft ap(hotspot) and become a thread to your organization.
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
These slides include discussion on important Wi-Fi security issues and the solutions available to address them. Enterprises which need to secure their networks from Wi-Fi threats in order to protect their information assets, prevent unauthorized use of their network, enforce no-Wi-Fi zones, and meet regulatory compliance for themselves and their clients will benefit from this discussion.
Skyjacking A Cisco Wlan Attack Analysis And CountermeasuresAirTight Networks
This presentation will deconstruct the skyjacking vulnerability - explaining why the vulnerability occurs in Cisco WLANs, which Cisco access points are affected, how skyjacking can be exploited to launch potent attacks, and what are the best practices to proactively protect your enterprise network against such zero-day vulnerabilities and attacks.
Retail Stores and Wireless Security—RecommendationsAirTight Networks
Wireless computer networks are rapidly becoming universal. As a consumer-driven technology,
wireless was developed to be simple to install, configure and use. It is that very
simplicity, however, that has made it an easy attack vector. More than 95 percent of all
laptop computers have wireless built-in; consumers use wireless routers at home to attach
to their DSL or cable modems; cell phones and digital cameras are getting Wi-Fi enabled.
For a retailer, this means that even if you are not deploying wireless LANs in your establishments,
you have a wireless problem and you need a wireless security policy.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
1. Global Leader in Wireless Security
Hooray, 802.11w Is Ratified...
So, What Does it Mean for Your WLAN?
A Brief Tutorial on IEEE 802.11w
Gopinath K N and Hemant Chaskar
AirTight Networks
www.AirTightNetworks.com
2009 AirTight Networks, Inc. All Rights Reserved.
2. Background
802.11 WiFi going from
“convenience” to “mission critical”
Access
However, ever since inception, Client
Point (AP)
WiFi has been vulnerable to
Denial of Service (DoS) attacks
of various types:
X
• RF Jamming
• Virtual Jamming
• Spoofed Disconnect
• EAP Spoofing
DoS Attacker
• Connection Request Flooding
• etc.
Page 2 2009 AirTight Networks, Inc. All Rights Reserved.
3. 802.11w: A step in the direction of DoS avoidance
802.11w gets rid of “Spoofed Disconnect” DoS attacks
resulting from spoofing of
• (i) Deauthentication (Deauth), (ii) Disassociation (Disassoc), (iii)
Association (Assoc) Request in existing connection, or (iv)
Authentication (Auth) Request in existing connection
Certain “Action Management Frames” are also made
anti-spoofing
• Spectrum Management, QoS, BlockAck, Radio Measurement,
Fast BSS Transition
Page 3 2009 AirTight Networks, Inc. All Rights Reserved.
4. How does 802.11w avoid Spoofed Disconnect DoS
802.11w adds cryptographic protection to Deauth and
Disassoc frames to make them anti-spoofing
Mechanism called Security Association (SA) teardown
protection is added to prevent spoofed Assoc Request
or Auth Request from disconnecting the already
connected Client
Page 4 2009 AirTight Networks, Inc. All Rights Reserved.
5. Example: Deauth Attack
• Deauthentication frame was
meant to gracefully break the
connection between AP and Client
• Problem however is that it is in
clear text, so it can be spoofed (in
the absence of 802.11w)
Page 5 2009 AirTight Networks, Inc. All Rights Reserved.
6. Example: Deauth attack averted with 802.11w
Only legitimate Deauth is accepted MIC (Message
Integrity Code)
Spoofed Deauth is ignored
added using
shared key
Legitimate Deauth
Legacy Deauth MIC
Secret key
shared
between AP
and Client
th
eau
ofed
D MIC No MIC or
Spo th
D eau bad MIC
ac y
Leg
Page 6 2009 AirTight Networks, Inc. All Rights Reserved.
7. Where does the shared secret key come from
It is derived using EAPOL 4-way handshake between
AP and Client
This also means that 802.11w can only be used if you
are using WPA or WPA2
Broadcast/multicast management frames are protected
using a key called Integrity Group Temporal Key (IGTK)
Unicast management frames are protected using
WPA/WPA2 pair-wise encryption key (PTK)
Page 7 2009 AirTight Networks, Inc. All Rights Reserved.
8. SA teardown protection
Pre 802.11w, if AP receives Assoc or Auth Request
from already associated Client, it terminates existing
connection to start a new one
• So existing connection can be broken with spoofed Auth
Request or Assoc Request
With SA teardown of 802.11w
• After AP receives Assoc or Auth Request for associated Client,
• Crypto protected probe is sent to Client
• If crypto protected response is received, the Assoc or Auth
Request is considered spoofed and rejected
• Else, existing connection is terminated to start a new one
Page 8 2009 AirTight Networks, Inc. All Rights Reserved.
9. How are Action Mgmt Frames made spoof
resistant
By adding authentication & encryption using IGTK
• Spectrum Management
• QoS
• DLS
• Block Ack
• Radio measurement
• Fast BSS Transition
• HT
• SA Query
• Protected Dual of Public Action
Page 9 2009 AirTight Networks, Inc. All Rights Reserved.
10. 802.11w: A piece in WiFi security puzzle
802.11w averts Spoofed Disconnect DoS and makes Action
Management Frames spoof-resistant
Other DoS attacks (RF jamming, virtual jamming, EAP spoofing,
connection request flooding etc.) are outside the scope of 802.11w
WPA/WPA2 is still needed for client authentication and data
encryption. Also WPA/WPA2 is needed for 802.11w to work
Threats from unmanaged devices (rogue APs, mis-associations, ad
hoc connections, honeypots (Evil Twin), AP/client MAC spoofing,
cracking, infrastructure attacks (skyjacking) etc.) are outside the
scope of 802.11w
You should definitely enable 802.11w in your WLAN when it
becomes available (shortly) in WLAN equipment, but one should not
be complacent that it will solve all wireless security problems
Page 10 2009 AirTight Networks, Inc. All Rights Reserved.
11. Questions/comments
Please discuss@
http://blog.airtightnetworks.com/802-11w-tutorial/
Page 11 2009 AirTight Networks, Inc. All Rights Reserved.
12. Appendix 1: Broadcast Integrity
Protocol (BIP)
Provides authentication and replay protection for
broadcast/multicast Management Frames
Uses “Integrity Group Temporal Key” (IGTK), a new
key derived & distributed via EAPOL 4-way handshake
Transmitter appends each protected frame with a
Management MIC Information Element (IE)
Receiver validates the MIC before accepting the frame
Page 12 2009 AirTight Networks, Inc. All Rights Reserved.
13. Appendix 2: Message Integrity Check (MIC) IE
ID Length Key ID IPN MIC
ID
• Information Element number
Key ID
• Indicates the IGTK used for computing MIC
IPN
• Used for replay protection
• Monotonically increasing non-negative number
MIC
• The keyed cryptographic hash derived over management frame
body (Payload + MAC header)
Page 13 2009 AirTight Networks, Inc. All Rights Reserved.
14. Appendix 3: 802.11w parameter negotiation
Negotiated at the beginning of Association
MFP Mandatory AES-128-CMAC
MFPR = 1
MFPC = 0
Page 14 2009 AirTight Networks, Inc. All Rights Reserved.