3. Introduction
• We are witnessing revolution in Device to device communication.
There are standards of personal area networks, such as Blue- tooth
and ZigBee.
• These technologies mainly been focused on reliable and fast
communication.
• At the same time, need to provide more safety in this domain.
4. D2D communications scope
• Device to Device communication encompass technologies
• Blue-tooth
• Wifi
• IOT
• Mobile and Handheld devices
5. D2D communication
• Vulnerable to various Security issues
• Passive Eaves dropping
• Active eaves dropping
• Side channel attacks
7. Network based anomaly detection
• Collect and Analyze flows
• Establish baseline
• Alarm on anomalies detected
8. Alerts and Actions
• All decisions of security controls can be classified as one of the following:
• True positives: The security control, such as an IPS or IDS sensor, acted as a
consequence of malicious activity, which represents normal and optimal
operation.
• False positives: The security control that is acted as a consequence of non-
malicious activity, which represents an error, generally caused by too tight
proactive controls (which do not permit all legitimate traffic) or too relaxed
reactive controls (with too broad descriptions of the attack).
• True negatives: The security control has not acted, because there was no
malicious activity, which represents normal and optimal operation.
• False negatives: The security control has not acted, even though there was
malicious activity, which represents an error, generally caused by too relaxed
proactive controls (which permit more than just minimal legitimate traffic) or too
specific reactive controls (with too-specific descriptions of the attack).
9. Cyber Kill Chain Model
• There are 2 models
• Cyber Kill chain model
• Diamond model
10. Cyber Kill Chain Model
• Cyber kill chain model explains various stages of attack
Reconnaissance
Weaponization
Delivery
Exploitation
Installationn
Command-and-control
Actions on Objectives
11. Cyber Kill Chain
• Originally introduced by Lockheed Martin
• The cyber kill chain has 7 stages.
• Attackers do not necessarily need to follow the exact steps and
sequences of the cyber kill chain
13. Diamond Model
• Developed by Caltagirone, Pendergast, and Betzis
• The four nodes in the model are: adversary, capability, infrastructure,
victim
• An event is described as an adversary deploys a capability over some
infrastructure against a victim