Common Global Positioning System (GPS) Cyber-Attacks

Saturday, August 4, 2018

InstructionGlobal Positioning System (GPS) become a crucial service for the modern technology and society. However, the GPS is vulnerable to cyber-attacks. The following post succinctly cover some of the cyber-attacks that can be used by adversary to attack the GPS and by this, effect on the Cyber-Physical System (CPS) state and/or function.Common Attack Vectors1. False Data Injection Attack (FDIA) - e.g. Compromises sensors measurements by providing a false data2. Spoofing – e.g. Fake satellite source3. Denial of Services (DoS) - e.g. Jamming, disrupt the system's time and/or location data, reflection/amplification4. GPS Injection - e.g. adding a malicious data to...

Common SSL/TLS Decryption Techniques

Sunday, June 17, 2018

IntroductionThe following article cover a few common SSL/TLS decryption techniques. Please note that the article assumes that the attacker doesn’t have a pre-access to the digital certificate private key or the encryption keys.Attack Vectors1. Stealing the digital certificate private key and/or the SSL/TLS session key. A physical access, trojan horse or other client-side attack techniques can be used to accomplish this task. After it, the attacker can use sniffer or another tool, to copy the network traffic to a local or remote store, and then decrypt it. Please note the limitations of this technique while the SSL/TLS is based...