Search for: All records

Autonomous vehicles (AVs) rely on on-board sensors and computation capabilities to drive on the road with limited or no human intervention. However, autonomous driving decisions can go wrong for numerous reasons, leading to accidents on the road. The AVs lack a proper forensics investigation framework, which is essential for various reasons such as resolving insurance disputes, investigating attacks, compliance with autonomous driving safety guidelines, etc. To design robust and safe AVs, identifying the actual reason behind any incident involving the AV is crucial. Hence, it is essential to collect meaningful logs from different autonomous driving modules and store them in a secure and tamper-proof way. In this paper, we propose AVGuard, a forensic investigation framework that collects and stores the autonomous driving logs. The framework can generate and verify proofs to ensure the integrity of collected logs while preventing collusion attacks among multiple dishonest parties. The stored logs can be used later by investigators to identify the exact incident. Our proof-of-concept implementation shows that the framework can be integrated with autonomous driving modules efficiently without any significant overheads. 

The Internet of Things (IoT) devices exchange certificates and authorization tokens over the IEEE 802.15.4 radio medium that supports a Maximum Transmission Unit (MTU) of 127 bytes. However, these credentials are significantly larger than the MTU and are therefore sent in a large number of fragments. As IoT devices are resource-constrained and battery-powered, there are considerable computations and communication overheads for fragment processing both on sender and receiver devices, which limit their ability to serve real-time requests. Moreover, the fragment processing operations increase energy consumption by CPUs and radio-transceivers, which results in shorter battery life. In this article, we propose CATComp -a compression-aware authorization protocol for Constrained Application Protocol (CoAP) and Datagram Transport Layer Security (DTLS) that enables IoT devices to exchange smallsized certificates and capability tokens over the IEEE 802.15.4 media. CATComp introduces additional messages in the CoAP and DTLS handshakes that allow communicating devices to negotiate a compression method, which devices use to reduce the credentials’ sizes before sending them over an IEEE 802.15.4 link. The decrease in the size of the security materials minimizes the total number of packet fragments, communication overheads for fragment delivery, fragment processing delays, and energy consumption. As such, devices can respond to requests faster and have longer battery life. We implement a prototype of CATComp on Contiki-enabled RE-Mote IoT devices and provide a performance analysis of CATComp. The experimental results show that communication latency and energy consumption are reduced when CATComp is integrated with CoAP and DTLS. 

As our lives become more dependent on digital technology, cyber crime is increasing in our society. There is now an ever-increasing need to counter cyber crime through digital forensics investigations. With rapid developments in technology such as cloud computing, the Internet of Things, and mobile computing, it is vital to ensure proper training of law enforcement personnel and judges in the theory and practice of digital forensics. In this paper, we describe our methods and approach to create curricula, educational materials, and courses for training law en- forcement and judicial personnel in digital forensics. We partnered with legal experts to design a series of modules/courses on digital forensics to educate the actual target demographics. Training materials have been designed to be not only scalable to nationwide law enforcement and ju- dicial professionals, but also amenable to regular updates to respond to rapidly changing attacks and forensic techniques.