With increased interest in 6G (6th Generation) cellular networks that can support intelligently small-cell communication will result effective device-to-device (D2D) communication. High throughput requirement 5G/6G technology requires each device to act as intelligent transmission relays. Inclusion of such intelligence relays and quantum computing at D2D may compromise existing security mechani...

Though attacks on the industrial control system (ICS) and their protocols are not a new occurrence, recent years have highlighted a growing trend in such attacks. To make matters worse, cyber defenders have also dealt with a slow migration to more secure ICS protocols due to costs associated with equipment downtime. With the increase in attacks and the slow migration to more secure ICS protocol...

With the convergence of fixed and mobile networks, heterogeneous networks are becoming ubiquitous. Internet giants seeing plight identity authentication. To address this issue, unified access management (UAM) was conceived. This paper provides a novel scheme, named SGX-UAM, with one-time passwords (OTPs) based on Intel software guard extensions (SGX). SGX-UAM outperforms generic UAM for providi...

Nowadays, the Internet of Things (IoT) devices and applications have rapidly expanded worldwide due to their benefits in improving business environment, industrial people’s daily lives. However, IoT are not immune malicious network traffic, which causes potential negative consequences sabotages operating devices. Therefore, developing a method for screening traffic is necessary detect classify ...

Although recent compromises and admissions have given new credibility to claimed encounters of Man-in-the-middle (MitM) attacks on SSL/TLS, very little proof exists in the public realm. In this paper, we report on the development and deployment of Crossbear, a tool to detect MitM attacks on SSL/TLS and localise their position in the network with a fair degree of confidence. MitM attacks are det...

Secured communication has been widely deployed to guarantee confidentiality and integrity of connections over untrusted networks, e.g., the Internet. Although secure connections are designed to prevent attacks on the connection, they hide attacks inside the channel from being analyzed by Intrusion Detection Systems (IDS). Furthermore, secure connections require a certain key exchange at the ini...

Simple Password Exponential Key Exchange (SPEKE) is a well-known Password Authenticated Key Exchange (PAKE) protocol that has been used in Blackberry phones for secure messaging and Entrust’s TruePass end-toend web products. It has also been included into international standards such as ISO/IEC 11770-4 and IEEE P1363.2. In this paper, we analyse the SPEKE protocol as specified in the ISO/IEC an...

Domain Name System (DNS) cache poisoning is a stepping stone towards advanced (cyber) attacks. DNS cache poisoning can be used to monitor users’ activities for censorship, to distribute malware and spam and to subvert correctness and availability of Internet clients and services. Currently, the DNS infrastructure relies on challengeresponse defences against attacks by (the common) off-path adve...

Protection of Internet communication is becoming more common in many products, as the demand for privacy in an age of state-level adversaries and crime syndicates is steadily increasing. The industry standard for doing this is TLS. The TLS protocol supports a multitude of key agreement and authentication options which provide various different security guarantees. Recent attacks showed that thi...