Page 77 - RAC_CIAW_ a_I_n_01_2021.pdf
P. 77
Despite the solid effort in developing functional (e.g., malware injection on PostresSQL –
implementations of blockchain technology to secure CVE-2019-9193 – [12]);
data in monitoring systems, to the best of our knowl- • Impossibility to attack all NDs due to the
edge, no works present an implementation of Fabric complexity and the need to successfully ex-
permissioned blockchain in MMSs. This work pursuit ploit multiple attack vectors.
fulfilling this gap, developing a practical blockchain 2) Integrity Attack: attackers try to tamper with
implementation using the Fabric platform and evalu- stored sensing data in an MMS. The attacker steals or
ating its performance in a real maritime monitoring coerces an internal agent to obtain his/her credentials.
scenario where the blockchain clients run on low-cost With the credentials, attackers could access the Naval
devices with limited computational resources. Authority private network and gather network settings
information to fulfill the database attack, compromis-
SYSTEM MODEL ing integrity. The attacker has the following capabili-
ties/restrictions:
• Access Naval Authority private network
Maritime Monitoring System with legitimate credentials;
A priori, we assume the deployment of MMS com- • Modify and corrupt data, while remains
posed of many clusters, each one consisting of several covert;
sensing buoys and UAVs, besides a data Fusion Center • Impossibility to attack all NDs due to the
covering a specific maritime area under the responsibil- complexity and the need to successfully ex-
ity of a Naval District (ND). Each ND aggregates data ploit multiple attack vectors.
from buoys and UAVs, which communicate through a 3) Collusion Attack: corrupted servers can coop-
mesh Wireless Metropolitan Area Network (WMAN) erate in disabling the entire system, partially or totally
[11]. Buoys and UAVs are equipped with weather sen- degrading the system’s routing and networking capabil-
sors and an AIS receiver that allows the Naval Author- ities, compromising data integrity and availability [13].
ity to monitor the marine traffic. This MMS can store The attacker has the following capabilities/restrictions:
the sensing data in two distinct ways: a centralized da- • Capability to compromise more than one of
tabase or a distributed redundant database. the system servers in different NDs;
Aiming to evaluate the vulnerabilities of the afore- • Modify and corrupt data in compromised
mentioned system, we analyze possible attacks against servers;
the integrity, authenticity and availability of the sensing • Compromised servers can communicate
data. After, we propose our blockchain-based MMS with others;
and how it can mitigate these attacks. • Impossibility to corrupt all system servers.
4) UAV Hijacking: attackers try to spoof UAV-Op-
erator communications to gain UAVs’ control or to re-
Attack model move them from their operational area. They explore
Our attack model embraces four different sce- authentication lack in UAV-Operator RF communica-
narios with known vulnerabilities (e.g., PostgreSQL tions. The attacker has the following capabilities/re-
exploits) as attack vectors, and some more sophisticat- strictions:
ed attack techniques, like the supply-chain attacks on • Eavesdropping UAV-Operator communica-
SolarWinds [1]. The four attack scenarios with their tions;
respective attacker’s capabilities/restrictions are: • Spoofing UAV control messages;
1) Availability Attack: attackers try to disable an • The attacker has to be in the RF UAV-Opera-
MMS using a supply-chain attack as an initial attack tor coverage area.
vector. The attacker has the following capabilities/re-
strictions: Blockchain-based MMS
• Infiltrate in Naval Authority private network Aiming to leverage sensing data security, we pro-
using a backdoor opened by a supply-chain pose a blockchain-based MMS implemented in the
attack; Fabric platform that ensures data integrity, authentici-
• Explore known database vulnerabilities
CIAW – EFICIÊNCIA, CULTURA E TRADIÇÃO 77
