Search for: All records

IoT devices fundamentally lack built-in security mechanisms to protect themselves from security attacks. Existing works on improving IoT security mostly focus on detecting anomalous behaviors of IoT devices. However, these existing anomaly detection schemes may trigger an overwhelmingly large number of false alerts, rendering them unusable in detecting compromised IoT devices. In this paper we develop an effective and efficient framework, named CUMAD, to detect compromised IoT devices. Instead of directly relying on individual anomalous events, CUMAD aims to accumulate sufficient evidence in detecting compromised IoT devices, by integrating an autoencoder-based anomaly detection subsystem with a sequential probability ratio test (SPRT)-based sequential hypothesis testing subsystem. CUMAD can effectively reduce the number of false alerts in detecting compromised IoT devices, and moreover, it can detect compromised IoT devices quickly. Our evaluation studies based on the public-domain N-BaIoT dataset show that CUMAD can on average reduce the false positive rate from about 3.57% using only the autoencoder-based anomaly detection scheme to about 0.5%; in addition, CUMAD can detect compromised IoT devices quickly, with less than 5 observations on average. 

IoT devices fundamentally lack built-in security mechanisms to protect themselves from security attacks. Existing works on improving IoT security mostly focus on detecting anomalous behaviors of IoT devices. However, these existing anomaly detection schemes may trigger an overwhelmingly large number of false alerts, rendering them unusable in detecting compromised IoT devices. In this paper we develop an effective and efficient framework, named CUMAD, to detect compromised IoT devices. Instead of directly relying on individual anomalous events, CUMAD aims to accumulate sufficient evidence in detecting compromised IoT devices, by integrating an autoencoder-based anomaly detection subsystem with a sequential probability ratio test (SPRT)-based sequential hypothesis testing subsystem. CUMAD can effectively reduce the number of false alerts in detecting compromised IoT devices, and moreover, it can detect compromised IoT devices quickly. Our evaluation studies based on the public-domain N-BaIoT dataset show that CUMAD can on average reduce the false positive rate from about 3.57% using only the autoencoder-based anomaly detection scheme to about 0.5%; in addition, CUMAD can detect compromised IoT devices quickly, with less than 5 observations on average. 

Abstract Forest thinning and prescribed fire are expected to improve the climate resilience and water security of forests in the western U.S., but few studies have directly modeled the hydrological effects of multi‐decadal landscape‐scale forest disturbance. By updating a distributed process‐based hydrological model (DHSVM) with vegetation maps from a distributed forest ecosystem model (LANDIS‐II), we simulate the water resource impacts of forest management scenarios targeting partial or full restoration of the pre‐colonial disturbance return interval in the central Sierra Nevada mountains. In a fully restored disturbance regime that includes fire, thinning, and insect mortality, reservoir inflow increases by 4%–9% total and 8%–14% in dry years. At sub‐watershed scales (10–100 km²), thinning dense forests can increase streamflow by >20% in dry years. In a thinner forest, increased understory transpiration compensates for decreased overstory transpiration. Consequentially, 73% of streamflow gains are attributable to decreased overstory rain and snow interception loss. Thinner forests can increase headwater peak flows, but reservoir‐scale peak flows are almost exclusively influenced by climate. Uncertainty in future precipitation causes high uncertainty in future water yield, but the additional water yield attributable to forest disturbance is about five times less sensitive to annual precipitation uncertainty. This partial decoupling of the streamflow disturbance response from annual precipitation makes disturbance especially valuable for water supply during dry years. Our study can increase confidence in the water resource benefits of restoring historic forest disturbance frequencies in the central Sierra Nevada mountains, and our modeling framework is widely applicable to other forested mountain landscapes. 

Although some existing counterdrone measures can disrupt the invasion of certain consumer drone, to the best of our knowledge, none of them can accurately redirect it to a given location for defense. In this paper, we proposed a Drone Position Manipulation (DPM) attack to address this issue by utilizing the vulnerabilities of control and navigation algorithms used on consumer drones. As such drones usually depend on GPS for autopiloting, we carefully spoof GPS signals based on where we want to redirect a drone to, such that we indirectly affect its position estimates that are used by its navigation algorithm. By carefully manipulating these states, we make a drone gradually move to a path based on our requirements. This unique attack exploits the entire stack of sensing, state estimation, and navigation control together for quantitative manipulation of flight paths, different from all existing methods. In addition, we have formally analyzed the feasible range of redirected destinations for a given target. Our evaluation on open-source ArduPilot system shows that DPM is able to not only accurately lead a drone to a redirected destination but also achieve a large redirection range.