This content will become publicly available on May 13, 2025
I2S Attack: Exploring MITM Attack on Satellite Communications by Spectrum Shared IoTs
- Award ID(s):
- 2127881
- PAR ID:
- 10543753
- Publisher / Repository:
- IEEE
- Date Published:
- ISBN:
- 979-8-3503-1764-0
- Page Range / eLocation ID:
- 223 to 226
- Format(s):
- Medium: X
- Location:
- Washington, DC, USA
- Sponsoring Org:
- National Science Foundation
More Like this
-
Modern attacks against enterprises often have multiple targets inside the enterprise network. Due to the large size of these networks and increasingly stealthy attacks, attacker activities spanning multiple hosts are extremely difficult to correlate during a threat-hunting effort. In this paper, we present a method for an efficient cross-host attack correlation across multiple hosts. Unlike previous works, our approach does not require lateral movement detection techniques or host-level modifications. Instead, our approach relies on an observation that attackers have a few strategic mission objectives on every host that they infiltrate, and there exist only a handful of techniques for achieving those objectives. The central idea behind our approach involves comparing (OS agnostic) activities on different hosts and correlating the hosts that display the use of similar tactics, techniques, and procedures. We implement our approach in a tool called Ostinato and successfully evaluate it in threat hunting scenarios involving DARPA-led red team engagements spanning 500 hosts and in another multi-host attack scenario. Ostinato successfully detected 21 additional compromised hosts, which the underlying host-based detection system overlooked in activities spanning multiple days of the attack campaign. Additionally, Ostinato successfully reduced alarms generated from the underlying detection system by more than 90%, thus helping to mitigate the threat alert fatigue problem.more » « less
-
Phishing Attacks, cybercrime in which a target(s) is contacted by someone posing as a legitimate institution to lure individuals into providing sensitive data. The problem at stake is most people who use smartphones, tablets, and computers do not know how to protect themselves from phishing attacks, making themselves susceptible to data theft. This paper will use research of phishing attack types, what makes those more vulnerable to phishing attacks, and how to detect and report them. Additionally, I will interview a Department of Homeland Security employee working in cybersecurity as they have an insightful perspective on the problem. I will combine my research and in-person interview to conduct a literary search on the best methods to prevent and avoid phishing attacks for the average technology user to practice, especially children. This will give a valuable solution to the problem, decreasing the rate at which phishing attacks are successful.more » « less
-
We present a probabilistic framework for studying adversarial attacks on discrete data. Based on this framework, we derive a perturbation-based method, Greedy Attack, and a scalable learning-based method, Gumbel Attack, that illustrate various tradeoffs in the design of attacks. We demonstrate the effectiveness of these methods using both quantitative metrics and human evaluation on various stateof-the-art models for text classification, including a word-based CNN, a character-based CNN and an LSTM. As an example of our results, we show that the accuracy of character-based convolutional networks drops to the level of random selection by modifying only five characters through Greedy Attack.more » « less