Backward-compatible Software Upgrades for ADS-B and AIS To Support ECDSA-Secured Protocols
Saleem, A., Turtiainen, H., Costin, A., & Hämäläinen, T. (2024). Backward-compatible Software Upgrades for ADS-B and AIS To Support ECDSA-Secured Protocols. In M. Lehto, & M. Karjalainen (Eds.), Proceedings of the 23rd European Conference on Cyber Warfare and Security (23, pp. 446-456). Academic Conferences International Ltd. Proceedings of the European Conference on Cyber Warfare and Security. https://doi.org/10.34190/eccws.23.1.2250
Julkaistu sarjassa
Proceedings of the European Conference on Cyber Warfare and SecurityPäivämäärä
2024Tekijänoikeudet
© 2024 European Conference on Cyber Warfare and Security
During the past few decades, the aviation, maritime, aerospace, and search-and-rescue domains have witnessed tremendous improvement thanks to technological, digitalization and Internet of Things (IoT) advances such as Automatic Dependent Surveillance–Broadcast (ADS-B) (e.g., Aviation IoT, Airports IoT) and Automatic Identification System (AIS) (e.g., Maritime IoT). All these are high-profile examples of new digital communication protocols combined with IoT devices that make efficient use of wide-area earth and space radio communications to provide real-time, truly globally interoperable, and optimised services required by these domains. However, the protocols and technologies mentioned above, both from an architectural and implementation point of view, exhibit fundamental cybersecurity weaknesses (both at protocol and IoT device level). These weaknesses make them an easy target for potential attackers. The two fundamental flaws of these protocols are the lack of digital signatures (i.e., integrity and authenticity) and the lack of encryption (i.e., confidentiality and privacy). The risks associated with these, and other weaknesses have been over the last decade repeatedly demonstrated with ease by ethical cybersecurity researchers. In this paper, we design, propose, and discuss a single generic PKI-enabled message integrity and authenticity scheme that works seamlessly for any of the ADS-B, and AIS, with the possibility of easy extension and integration into other protocols (e.g., ACARS). Our scheme can be added as backward-compatible software upgrades (e.g., third-party library) to existing systems without requiring expensive architectural redesign, upgrades, and retrofitting. Our present work is aimed to serve as a bootstrap to securing such insecure protocols without completely replacing or redesigning the systems. It also aims to provide a discussion background of advantages and limitations of such backward-compatible securing methods.
...
Julkaisija
Academic Conferences International LtdKonferenssi
European Conference on Cyber Warfare and SecurityKuuluu julkaisuun
Proceedings of the 23rd European Conference on Cyber Warfare and SecurityISSN Hae Julkaisufoorumista
2048-8602Asiasanat
Julkaisu tutkimustietojärjestelmässä
https://converis.jyu.fi/converis/portal/detail/Publication/220853449
Metadata
Näytä kaikki kuvailutiedotKokoelmat
Lisätietoja rahoituksesta
Hannu Turtiainen thanks the Finnish Cultural Foundation / Suomen Kulttuurirahasto (www.skr.fi) for supporting his Ph.D. dissertation work and research (grant decision no. 00231412).Lisenssi
Samankaltainen aineisto
Näytetään aineistoja, joilla on samankaltainen nimeke tai asiasanat.
-
Insecure Firmware and Wireless Technologies as “Achilles’ Heel” in Cybersecurity of Cyber-Physical Systems
Costin, Andrei (Springer, 2022)In this chapter, we analyze cybersecurity weaknesses in three use-cases of real-world cyber-physical systems: transportation (aviation), remote explosives and robotic weapons (fireworks pyrotechnics), and physical security ... -
Sand Play for 0–8-Year-Old Children’s Health and Development : A Systematic Review Protocol
Iivonen, Susanna; Kettukangas, Titta; Soini, Anne; Viholainen, Helena (MDPI AG, 2021)Sand play may be a significant determinant of health and development in early childhood, but systematically synthesised evidence is absent in the literature. The main objective of this study was to present a planned ... -
An efficient controlled semi-quantum secret sharing protocol with entangled state
Houshmand, Monireh; Hassanpour, Shima; Haghparast, Majid (Springer, 2024)In this paper, we present an entangled state controlled semi-quantum secret sharing CSQSS protocol for the frst time. In this scheme, with the permission of a trusted classical user, Bob1, Alice, as a quantum user, can ... -
MQTT-protokollan tietoturvallisuuden testaaminen
Hakonen, Sami (2023)Tässä tutkielmassa tarkoituksena oli selvittää älykoti ja IoT-järjestelmissä yleisesti käytetyn MQTT-protokollan tietoturvallisuuden ominaisuuksia, protokollaan kohdistettavia hyökkäyksiä ja hyökkäyksien lievennyskeinoja. ... -
Visions of the Future : What Could Happen to User Authentication?
Paananen, Hanna; Woods, Naomi (Academic Conferences International Ltd, 2024)The most prevalent information system security feature for the user is the authentication process. Passwords have been the primary authentication method for decades due to their simplicity for both the user and the system ...
Ellei toisin mainittu, julkisesti saatavilla olevia JYX-metatietoja (poislukien tiivistelmät) saa vapaasti uudelleenkäyttää CC0-lisenssillä.