Time-Frequency Analysis and Security 2015 |
Time-frequency analysis is a useful method that allows simultaneous consideration of both time and frequency domains. It is useful to the Science of Security community for analysis in cyber-physical systems and for working toward solving the hard problems of resilience, predictive metrics, and scalability. The work cited here was presented in 2015.
Lücken, V.; Singh, T.; Cepheli, O.; Kurt, G.K.; Ascheid, G.; Dartmann, G., “Filter Hopping: Physical Layer Secrecy Based on FBMC,” in Wireless Communications and Networking Conference (WCNC), 2015 IEEE, vol., no., pp. 568–573, 9–12 March 2015. doi:10.1109/WCNC.2015.7127532
Abstract: This paper presents a novel physical layer secrecy enhancement technique for multicarrier communications based on dynamic filter hopping. Using the Filter Bank Multicarrier (FBMC) waveform, an efficient eavesdropping mitigation technique is developed using time- and frequency-varying prototype filters. Without knowledge of the filter assignment pattern, an eavesdropper will experience a high level of inter-carrier (ICI) and inter-symbol interference (ISI). With this severe receive signal-to-interference-plus-noise ratio (SINR) degradation for an illegitimate receiver, the secrecy capacity of the communication system is increased. At the same time, the interference at the legitimate receiver is designed to be negligible in comparison to the channel noise.
Keywords: channel bank filters; intercarrier interference; intersymbol interference; telecommunication security; time-frequency analysis; waveform analysis; FBMC; ICI; ISI; SINR degradation; channel noise; dynamic filter hopping; eavesdropping mitigation technique; filter assignment pattern; filter bank multicarrier waveform; multicarrier communication; physical layer secrecy enhancement technique; signal-to-interference-plus-noise ratio; time-frequency-varying prototype filter; Degradation; Interference; Interpolation; Prototypes; Receivers; Signal to noise ratio; Time-frequency analysis; Filter bank multicarrier; eavesdropping; filter hopping; secrecy (ID#: 15-7856)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7127532&isnumber=7127309
Fangyue Chen; Yunke Wang; Heng Song; Xiangyang Li, “A Statistical Study of Covert Timing Channels Using Network Packet Frequency,” in Intelligence and Security Informatics (ISI), 2015 IEEE International Conference on, vol., no., pp.166–168, 27–29 May 2015. doi:10.1109/ISI.2015.7165963
Abstract: This paper first reviews covert timing channels with network packet frequencies as information carriers. Then, based on the study of communication and statistical models, it proposes a method to detect an enhanced covert timing channel and its use of carrier frequencies. With the help of MATLAB for simulation, several experiments have been conducted for the verification of the proposed method.
Keywords: decoding; protocols; statistical analysis; telecommunication channels; telecommunication traffic; MATLAB; carrier frequencies; communication models; covert timing channels; information carriers; network packet frequency; statistical models; timing channels; Data models; Encoding; Mathematical model; Protocols; Time-frequency analysis; Timing; Covert Timing Channel; Detection; Mathematical Simulation (ID#: 15-7857)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7165963&isnumber=7165923
Marijan, D., “Multi-perspective Regression Test Prioritization for Time-Constrained Environments,” in Software Quality, Reliability and Security (QRS), 2015 IEEE International Conference on, vol., no., pp. 157–162, 3–5 Aug. 2015. doi:10.1109/QRS.2015.31
Abstract: Test case prioritization techniques are widely used to enable reaching certain performance goals during regression testing faster. A commonly used goal is high fault detection rate, where test cases are ordered in a way that enables detecting faults faster. However, for optimal regression testing, there is a need to take into account multiple performance indicators, as considered by different project stakeholders. In this paper, we introduce a new optimal multi-perspective approach for regression test case prioritization. The approach is designed to optimize regression testing for faster fault detection integrating three different perspectives: business perspective, performance perspective, and technical perspective. The approach has been validated in regression testing of industrial mobile device systems developed in continuous integration. The results show that our proposed framework efficiently prioritizes test cases for faster and more efficient regression fault detection, maximizing the number of executed test cases with high failure frequency, high failure impact, and cross-functional coverage, compared to manual practice.
Keywords: fault diagnosis; program testing; regression analysis; business perspective; continuous integration; cross-functional coverage; failure frequency; failure impact; fault detection rate; industrial mobile device system; multiperspective regression test prioritization; optimal multiperspective approach; optimal regression testing; performance indicator; performance perspective; regression fault detection; regression test case prioritization; technical perspective; test case prioritization technique; time-constrained environment; Business; Fault detection; Manuals; Software; Testing; Time factors; Time-frequency analysis; regression testing; software testing; test case prioritization (ID#: 15-7858)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7272927&isnumber=7272893
Prokopenko, I.; Prokopenko, K.; Martynchuk, I., “Moving Objects Recognition by Micro-Doppler Spectrum,” in Radar Symposium (IRS), 2015 16th International, vol., no., pp. 186–190, 24–26 June 2015. doi:10.1109/IRS.2015.7226365
Abstract: Doppler signals are widely used for applications in security systems, surveillance systems, radar detection and recognition of airplanes, helicopters. Also, Doppler signals recognition algorithms are widespread in automotive radar systems. There is an important task of pedestrian recognition when parking the car and when driving on the highways. Methods based on micro-Doppler spectrum, can solve the problem of objects classification by the difference in movement dynamics. Purpose of this article is to develop the algorithm for recognition of moving objects by their micro-Doppler signature.
Keywords: Doppler radar; object recognition; radar signal processing; road vehicle radar; signal classification; Doppler signal recognition; airplane recognition; automotive radar system; micro-Doppler signature; micro-Doppler spectrum; moving object recognition; objects classification; pedestrian recognition; radar detection; security system; surveillance system; Doppler shift; Legged locomotion; Radar imaging; Time-frequency analysis (ID#: 15-7859)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7226365&isnumber=7226207
Molière, R.; Delaveau, F.; Kameni Ngassa, C.L.; Lemenager, C.; Mazloum, T.; Sibille, A., “Tag Signals for Early Authentication and Secret Key Generation in Wireless Public Networks,” in Networks and Communications (EuCNC), 2015 European Conference on, vol., no., pp. 108–112, June 29 2015–July 2 2015. doi:10.1109/EuCNC.2015.7194050
Abstract: In this paper, a new protocol is proposed for securing both authentication and communication in wireless public networks. It relies on the combination of two techniques presented in the article: Tag Signal (TS) and Secret Key Generation (SKG). First, tag signals are used to securely exchange identification information, perform Channel Frequency Response (CFR) and provide a controlled radio advantage to legitimate users. Then secret keys are generated using authenticated CFR to protect communication. In addition to the presentation of the techniques, measured CFR and SKG performance are also provided for real WiFi communications.
Keywords: computer network security; frequency response; private key cryptography; wireless LAN; wireless channels; CFR; SKG; TS; Wi-Fi communication; channel frequency response; early authentication; identification information exchange security; secret key generation; tag signal; wireless public network; Authentication; Bit error rate; Decision support systems; IEEE 802.11 Standard; Protocols; Time-frequency analysis; Channel Frequency Response (CFR); Direct Spread Spectrum (DSS); Full-Duplex (FuDu); Physical layer Security (Physec); Secret Key Generation (SKG); Tag Signal (TS) (ID#: 15-7860)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7194050&isnumber=7194024
Slimeni, F.; Scheers, B.; Chtourou, Z.; Le Nir, V., “Jamming Mitigation in Cognitive Radio Networks Using a Modified Q-Learning Algorithm,” in Military Communications and Information Systems (ICMCIS), 2015 International Conference on, vol., no., pp. 1–7, 18–19 May 2015. doi:10.1109/ICMCIS.2015.7158697
Abstract: The jamming attack is one of the most severe threats in cognitive radio networks, because it can lead to network degradation and even denial of service. However, a cognitive radio can exploit its ability of dynamic spectrum access and its learning capabilities to avoid jammed channels. In this paper, we study how Q-learning can be used to learn the jammer strategy in order to pro-actively avoid jammed channels. The problem with Q-learning is that it needs a long training period to learn the behavior of the jammer. To address the above concern, we take advantage of the wideband spectrum sensing capabilities of the cognitive radio to speed up the learning process and we make advantage of the already learned information to minimize the number of collisions with the jammer during training. The effectiveness of this modified algorithm is evaluated by simulations in the presence of different jamming strategies and the simulation results are compared to the original Q-learning algorithm applied to the same scenarios.
Keywords: cognitive radio; interference suppression; jamming; learning (artificial intelligence); radio spectrum management; telecommunication security; cognitive radio networks; denial of service; dynamic spectrum access; jamming attack mitigation; modified Q-learning algorithm; network degradation; wideband spectrum sensing capability; Cognitive radio; Convergence; Jamming; Markov processes; Standards; Time-frequency analysis; Training; Cognitive radio network; Q-learning algorithm; jamming attack; markov decision process (ID#: 15-7861)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7158697&isnumber=7158667
Daly, P.; Flynn, D.; Cunniffe, N., “Inertia Considerations Within Unit Commitment and Economic Dispatch for Systems with High Non-Synchronous Penetrations,” in PowerTech, 2015 IEEE Eindhoven, vol., no., pp.1–6, June 29 2015–July 2 2015. doi:10.1109/PTC.2015.7232567
Abstract: The priority dispatch status of non-synchronous renewable generation (wind, wave, solar), and increasing levels of installed high voltage direct current interconnection between synchronous systems, is fundamentally changing unit commitment and economic dispatch (UCED) schedules. Conventional synchronous plant, the traditional provider of services which ensure frequency stability—synchronising torque, synchronous inertia and governor response— are being displaced by marginally zero cost non-synchronous renewables. Such a trend has operational security implications, as systems—particularly synchronously isolated systems—may be subject to higher rates of change of frequency and more extreme frequency nadirs/zeniths following a system disturbance. This paper proposes UCED-based strategies to address potential shortfalls in synchronous inertia associated with high non-synchronous penetrations. The effectiveness of the day-ahead strategies is assessed by weighing the cost of the schedules against the risk level incurred (the initial rate of change of frequency following a generation-load imbalance), and the level of wind curtailment engendered.
Keywords: frequency stability; power generation dispatch; power generation economics; power generation scheduling; power system security; power system stability; wind power; UCED schedules; day-ahead strategies; economic dispatch; frequency nadirs-zeniths; frequency stability; governor response; installed high voltage direct current interconnection; nonsynchronous penetrations; nonsynchronous renewable generation; operational security implications; priority dispatch status; risk level; synchronising torque; synchronous inertia; synchronous plant; synchronous systems; system disturbance; unit commitment; wind curtailment; Frequency synchronization; HVDC transmission; Mathematical model; Schedules; Security; Time-frequency analysis; inertia; wind generation (ID#: 15-7862)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7232567&isnumber=7232233
Rodriguez-Calvo, A.; Izadkhast, S.; Cossent, R.; Frias, P., “Evaluating the Determinants of the Scalability and Replicability of Islanded Operation in Medium Voltage Networks with Cogeneration,” in Smart Electric Distribution Systems and Technologies (EDST), 2015 International Symposium on, vol., no., pp. 80–87, 8–11 Sept. 2015. doi:10.1109/SEDST.2015.7315187
Abstract: The development of smart grid solution concepts, such as islanding, make it possible to improve the security of supply in networks. The results experimented in real-life test systems must be extrapolated to wider areas and in other locations, which is not straightforward. The scalability and replicability analysis (SRA) aims to identify the relevant factors that affect smart grid implementations and understand the effects of their variation on the results achieved by smart grid solutions. This paper presents the SRA of an islanding use case in a medium voltage network using cogeneration. Furthermore, the results obtained have been used to obtain a set of scalability and replicability rules for islanding use cases that can be applied in other cases.
Keywords: cogeneration; distributed power generation; extrapolation; power distribution; power system security; smart power grids; determinant evaluation; islanded operation; medium voltage networks; scalability-and-replicability analysis; smart grid implementations; supply security improvement; Cogeneration; Islanding; Load modeling; Production; Scalability; Smart grids; Time-frequency analysis; Islanding; replicability; scalability; smart grids (ID#: 15-7863)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7315187&isnumber=7315169
Sundararajan, A.; Pons, A.; Sarwat, A.I., “A Generic Framework for EEG-Based Biometric Authentication,” in Information Technology - New Generations (ITNG), 2015 12th International Conference on, vol., no., pp. 139–144, 13–15 April 2015. doi:10.1109/ITNG.2015.27
Abstract: Biometric systems are a part and parcel of everyone’s lives these days. However, with the increase in their use, the security risks associated with them have equally increased. Hence, there is an increased need to develop systems which use biometrics efficiently and ensure the authentication is integral and effective. This paper aims to introduce the concept of using Electro Encephalogram (EEG), commonly known as brain waves, as a biometric. A wavelet based feature extraction method is proposed, that uses visual and auditory evoked potentials. The future scope, pros and cons of this biometric are analyzed next.
Keywords: biometrics (access control); electroencephalography; feature extraction; medical image processing; wavelet transforms; EEG-based biometric authentication; auditory evoked potentials; biometric systems; brain waves; electroencephalogram; generic framework; security risks; visual evoked potentials; wavelet based feature extraction method; Authentication; Electroencephalography; Feature extraction; Noise; Time-frequency analysis; Wavelet transforms; EEG; biometric; brain wave; evoked potentials; pros and cons; security; wavelets (ID#: 15-7864)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7113462&isnumber=7113432
Zhao Wang; Ming Xiao; Skoglund, M.; Poor, H.V., “Secrecy Degrees of Freedom of Wireless X Networks Using Artificial Noise Alignment,” in Information Theory (ISIT), 2015 IEEE International Symposium on, vol., no., pp. 616–620, 14–19 June 2015. doi:10.1109/ISIT.2015.7282528
Abstract: The problem of transmitting confidential messages in the M × K wireless X network is considered, in which each transmitter intends to send one confidential message to every receiver. In particular, the secrecy degrees of freedom (SDOF) of the considered network are studied by an artificial noise alignment (ANA) approach, which integrates interference alignment and artificial noise transmission. At first, an SDOF upper bound is derived for the M × K X network with confidential messages (XNCM) K(M-1)/K+M-2 to be equation. By proposing an ANA approach, it is shown that the SDOF upper bound is tight when either K = 2 or M = 2 for the considered XNCM with time/frequency varying channels. For K, M ≥ 3, it is shown that an SDOF of K(M-1)/K+M1 equation can be achieved, even when an external eavesdropper appears. The key idea of the proposed scheme is to inject artificial noise into the network, which can be aligned in the interference space at receivers for confidentiality. The proposed method provides a linear approach for secure interference alignment.
Keywords: radio receivers; radio transmitters; radiofrequency interference; telecommunication security; time-varying channels; ANA; M × K wireless X network; SDOF; artificial noise alignment; artificial noise transmission; eavesdropper; frequency varying channels; interference alignment; interference space; secrecy degrees of freedom; time varying channels; Interference; Noise; Receivers; Time-frequency analysis; Transmitters; Upper bound; Wireless communication; Secrecy degrees of freedom; artificial noise; wireless X networks (ID#: 15-7865)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7282528&isnumber=7282397
Zaher, A.A., “A Cryptography Algorithm for Transmitting Multimedia Data Using Quadruple-State CSK,” in Computer, Communications, and Control Technology (I4CT), 2015 International Conference on, vol., no., pp. 87–92, 21–23 April 2015. doi:10.1109/I4CT.2015.7219543
Abstract: A new technique for secure communication is introduced that aims at robustifying classical Chaotic Shift Keying (CSK) methods. The secret data are hidden within the chaotic transmitter states that can change among four different chaotic attractors such that binary information is effectively diffused. A novel cryptography algorithm is used to change the transmitter parameters such that they have a quadruple form; thus, breaking into the public communication channel using return map attacks will fail. At the receiver side, an adaptive control method is used to estimate the time-varying transmitter parameters via adopting a complete synchronization approach. Simulation results demonstrate the superior performance of the proposed technique in both time and frequency domains. A Duffing oscillator is used to build the proposed system using only the time series for the output. Different implementation issues are investigated for various digital multimedia data and an experimental investigation is carried out to verify the effectiveness of the proposed technique. Finally, generalizations to other chaotic systems as well as real-time compatibility of the design are discussed.
Keywords: adaptive control; chaotic communication; cryptography; digital communication; multimedia communication; receivers; synchronisation; telecommunication security; time series; time-frequency analysis; time-varying channels; transmitters; Duffing oscillator; adaptive control method; chaotic shift keying method; chaotic transmitter; cryptography algorithm; digital multimedia data transmission; public communication channel; quadruple-state CSK; receiver side; return map attack; secret data hiding; secure communication; synchronization approach; time-frequency domain; time-varying transmitter parameter estimation; Chaotic communication; Cryptography; Oscillators; Receivers; Synchronization; Transmitters; CSK; Duffing Oscillators; Secure Communication (ID#: 15-7866)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7219543&isnumber=7219513
Çatak, E.; Ata, L.D.; Mantar, H.A., “Enhanced Physical Layer Security by OFDM Signal Transmission in Fractional Fourier Domains,” in Signal Processing and Communications Applications Conference (SIU), 2015 23rd, vol., no., pp. 1881–1884, 16–19 May 2015. doi:10.1109/SIU.2015.7130225
Abstract: The main idea of physical layer security for wireless communications is making the transmitted signal as meaningless for eavesdroppers. It can be achieved by signal processing techniques. In this study, fractional Fourier transform is used for secure communication. Transmitted signal is divided to equal and random intervals, then each interval was taken fractional Fourier transform with four degrees. In this way, signals can be transmitted with an angle between time and frequency domain. Receiver needs to know which angular parameters are used in each interval for obtaining the signal correctly. It is difficult to obtain signals by eavesdropper without any parameter knowledge. In this study, the bit error rate performances of legitimate users and eavesdropper are compared and the bit error rate performance of eavesdropper becomes close to 0,5.
Keywords: Fourier transforms; OFDM modulation; error statistics; radiocommunication; signal processing; telecommunication security; time-frequency analysis; OFDM signal transmission; angular parameters; bit error rate performance; communication security; eavesdroppers; enhanced physical layer security; fractional Fourier domains; fractional Fourier transform; frequency domain; legitimate users; signal processing technique; time domain; transmitted signal; wireless communication; Bit error rate; Fourier transforms; OFDM; Physical layer; Security; Signal processing; Wireless communication; Physical layer security (ID#: 15-7867)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7130225&isnumber=7129794
Callan, R.; Zajić, A.; Prvulovic, M., “FASE: Finding Amplitude-Modulated Side-channel Emanations,” in Computer Architecture (ISCA), 2015 ACM/IEEE 42nd Annual International Symposium on, vol., no., pp. 592–603, 13–17 June 2015. doi:10.1145/2749469.2750394
Abstract: While all computation generates electromagnetic (EM) side-channel signals, some of the strongest and farthest-propagating signals are created when an existing strong periodic signal (e.g. a clock signal) becomes stronger or weaker (amplitude-modulated) depending on processor or memory activity. However, modern systems create emanations at thousands of different frequencies, so it is a difficult, error-prone, and time-consuming task to find those few emanations that are AM-modulated by processor/memory activity. This paper presents a methodology for rapidly finding such activity-modulated signals. This method creates recognizable spectral patterns generated by specially designed micro-benchmarks and then processes the recorded spectra to identify signals that exhibit amplitude-modulation behavior. We apply this method to several computer systems and find several such modulated signals. To illustrate how our methodology can benefit side-channel security research and practice, we also identify the physical mechanisms behind those signals, and find that the strongest signals are created by voltage regulators, memory refreshes, and DRAM clocks. Our results indicate that each signal may carry unique information about system activity, potentially enhancing an attacker’s capability to extract sensitive information. We also confirm that our methodology correctly separates emanated signals that are affected by specific processor or memory activities from those that are not.
Keywords: amplitude modulation; cryptography; spectral analysis; DRAM clocks; EM side-channel signals; FASE; activity-modulated signals; amplitude-modulation behavior; clock signal; computer systems; electromagnetic side-channel signals; emanated signals; finding amplitude-modulated side-channel emanations; memory activity; memory refreshes; microbenchmarks; periodic signal; physical mechanisms; processor; propagating signals; side-channel security; signals identification; spectral patterns; system activity; voltage regulators; Clocks; Computers; Frequency modulation; Noise; Switches (ID#: 15-7868)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7284097&isnumber=7284049
Nemati, A.; Feizi, S.; Ahmadi, A.; Haghiri, S.; Ahmadi, M.; Alirezaee, S., “An Efficient Hardware Implementation of FeW Lightweight Block Cipher,” in Artificial Intelligence and Signal Processing (AISP), 2015 International Symposium on, vol., no.,
pp. 273–278, 3–5 March 2015. doi:10.1109/AISP.2015.7123493
Abstract: Radio-frequency identification (RFID) are becoming a part of our everyday life with a wide range of applications such as labeling products and supply chain management and etc. These smart and tiny devices have extremely constrained resources in terms of area, computational abilities, memory, and power. At the same time, security and privacy issues remain as an important problem, thus with the large deployment of low resource devices, increasing need to provide security and privacy among such devices, has arisen. Resource-efficient cryptographic incipient become basic for realizing both security and efficiency in constrained environments and embedded systems like RFID tags and sensor nodes. Among those primitives, lightweight block cipher plays a significant role as a building block for security systems. In 2014 Manoj Kumar et al proposed a new Lightweight block cipher named as FeW, which are suitable for extremely constrained environments and embedded systems. In this paper, we simulate and synthesize the FeW block cipher. Implementation results of the FeW cryptography algorithm on a FPGA are presented. The design target is efficiency of area and cost.
Keywords: cryptography; field programmable gate arrays; radiofrequency identification; FPGA; FeW cryptography algorithm; FeW lightweight block cipher; RFID; hardware implementation; radio-frequency identification; resource-efficient cryptographic incipient; security system; sensor node; Algorithm design and analysis; Ciphers; Encryption; Hardware; Schedules; Block Cipher; FeW Algorithm; Feistel structure; Field Programmable Gate Array (FPGA); High Level Synthesis (ID#: 15-7869)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7123493&isnumber=7123478
Xiaona Li; Xue Xie; Juan Zeng; Yongming Wang, “Vulnerability Analysis and Verification for LTE Initial Synchronization Mechanism,” in Sarnoff Symposium, 2015 36th IEEE, vol., no., pp. 150–154, 20–22 Sept. 2015. doi:10.1109/SARNOF.2015.7324660
Abstract: Vulnerability analysis is significant for the security of LTE public networks and private networks. The current research on LTE vulnerability considers little about the balance between effectiveness and complexity of jamming. This paper analyzes the vulnerability of LTE initial synchronization mechanism, and puts forward a LTE jamming method based on spoofing synchronization signals to verify this vulnerability. By changing the correlation peaks’ positions of initial synchronization with the spoofing signals, the method can make synchronization fail. Simulation results verify the effectiveness of this method, prove the vulnerability of the initial synchronization mechanism and also reveal the optimal time shifting between the spoofing signals and the actual signals.
Keywords: Base stations; Error analysis; Frequency estimation; Frequency synchronization; Jamming; Long Term Evolution; Synchronization; LTE; jamming; synchronization mechanism; vulnerability (ID#: 15-7870)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7324660&isnumber=7324628
Chunhua He; Bo Hou; Liwei Wang; Yunfei En; Shaofeng Xie, “A Failure Physics Model for Hardware Trojan Detection
Based on Frequency Spectrum Analysis,” in Reliability Physics Symposium (IRPS), 2015 IEEE International, vol., no.,
pp. PR.1.1–PR.1.4, 19–23 April 2015. doi:10.1109/IRPS.2015.7112822
Abstract: Hardware Trojan embedded by adversaries has emerged as a serious security threat. Until now, there is no a universal method for effective and accurate detection. Since traditional analysis approaches sometime seem helpless when the Trojan area is extremely tiny, this paper will focus on the novel detection method based on frequency spectrum analysis. Meanwhile, a failure physics model is presented and depicted in detail. A digital CORDIC IP core is adopted as a golden circuit, while a counter is utilized as a Trojan circuit. The automatic test platform is set up with Xilinx FPGA, LabVIEW software, and high precision oscilloscope. The power trace of the core power supply in FPGA is monitored and saved for frequency spectrum analysis. Experimental results in time domain and frequency domain both accord with those of theoretical analysis, which verifies that the proposed failure physics model is accurate. In addition, due to immunity to vast measurement noise, the novel method processing in frequency domain is superior to the traditional method conducting in time domain. It can easily achieve about 0.1% Trojan detection sensitivity, which indicates that the novel detection method is effective.
Keywords: field programmable gate arrays; invasive software; multiprocessing systems; FPGA; LabVIEW software; Trojan area; Trojan circuit; Xilinx FPGA; automatic test platform; core power supply; digital CORDIC IP core; failure physics model; frequency spectrum analysis; golden circuit; hardware Trojan detection; novel detection method; security threat; Frequency-domain analysis; Hardware; Noise; Physics; Spectral analysis; Time-domain analysis; Trojan horses; HardwareTrojan; failure physics model; frequency spectrum analysis; side-channel analysis (ID#: 15-7871)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7112822&isnumber=7112653
Namdev, D.; Bansal, A., “Frequency Domain Analysis for Audio Data Forgery Detection,” in Communication Systems and Network Technologies (CSNT), 2015 Fifth International Conference on, vol., no., pp. 702–705, 4–6 April 2015. doi:10.1109/CSNT.2015.168
Abstract: Information security is a classical need of human, from ancient time the sensitive and private data is secured using different kinds of techniques. Now in these days data are becomes digitized and due to use of internet based applications spread world-wide. The available data on internet can easily duplicated or manipulated for re-distribution purpose, this act is known as forgery of digital contents. In this presented work the digital data forgery is investigated and their possible solutions are explored. In observations that are found there are a number of preventive methods are available such as watermarking and copy right acts. But due to diversity of data they become less effective. In this paper the audio data based forgery detection is proposed. For that purpose different audio file formats and their attributes are investigated and wav file format is adopted for analysis. For analysing the audio files Fourier transform for time and frequency domain analysis is performed on files. In addition of that using the cyclic data preservation and similarity computation the similarity between two audio files are computed for detecting the forged audio files. The implementation of the desired audio forgery detection tool is performed using the visual studio environment. Additionally for justification of work the performance of the proposed system is evaluated in terms of time complexity, space complexity, time domain error, frequency domain error and the best overlapped file parts. During the experimentations the performance of the proposed audio file analysis system found optimum and adoptable for forensic usage.
Keywords: Fourier transforms; audio watermarking; digital forensics; frequency-domain analysis; security of data; time-domain analysis; Internet; ancient time; audio data forgery detection; audio file analysis system; audio files Fourier transform; audio forgery detection; copy right acts; cyclic data preservation; digital content forgery; digital data forgery; forensic; frequency domain analysis; frequency domain error; information security; private data; sensitive data; space complexity; time complexity; time domain analysis; time domain error; visual studio environment; watermarking; Accuracy; Arrays; Error analysis; Forgery; Frequency-domain analysis; Memory management; Time-domain analysis; audio forgery; frequency domain analysis; implementation; information security; performance study (ID#: 15-7872)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7280009&isnumber=7279856
Abirami, T.; Meenalochini, M.; Thilakraj, S., “Secure Continuous Aggregation and Load Balancing with False Temporal Pattern Identification for Wireless Sensor Networks,” in Engineering and Technology (ICETECH), 2015 IEEE International Conference on, vol., no., pp. 1–3, 20–20 March 2015. doi:10.1109/ICETECH.2015.7275014
Abstract: Continuous aggregation is required in sensor applications to obtain the temporal variation information of aggregates. It helps the users to understand how the environment changes over time and track real time measurements for trend analysis. In the continuous aggregation, the attacker could manipulate a series of aggregation results through compromised nodes to fabricate false temporal variation patterns of the aggregates. Existing secure aggregation schemes conduct one individual verification for each aggregation result. Due to the high frequency and the long period of a continuous aggregation in every epoch, the false temporal variation pattern would incur a great communication cost. In this paper, we detect and verify a false temporal variations pattern by checking only a small part of aggregation results to reduces a verification cost. A sampling based approach is used to check the aggregation results and we also proposed a security mechanisms to protect the sampling process.
Keywords: telecommunication security; wireless sensor networks; false temporal pattern identification; false temporal variation patterns; load balancing; real time measurements; sampling process; secure continuous aggregation; security mechanisms; Aggregates; Authentication; Base stations; Conferences; Monitoring; Wireless sensor networks; continuous data aggregation; sampling (ID#: 15-7873)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7275014&isnumber=7274993
Xingsi Zhong; Ahmadi, A.; Brooks, R.; Venayagamoorthy, G.K.; Lu Yu; Yu Fu, “Side Channel Analysis of Multiple PMU Data in Electric Power Systems,” in Power Systems Conference (PSC), 2015 Clemson University, vol., no., pp. 1–6, 10–13 March 2015. doi:10.1109/PSC.2015.7101704
Abstract: The deployment of Phasor Measurement Units (PMUs) in an electric power grid will enhance real-time monitoring and analysis of grid operations. The PMU collects bus voltage phasors, branch current phasors, and bus frequency measurements and uses a communication network to transmit the measurements to the respective substation(s)/control center(s). PMU information is sensitive, since missing or incorrect PMU data could lead to grid failure and/or damage. It is important to use encrypted communicate channels to avoid cyber attacks. In this study, a side-channel attack using inter-packet delays to isolate the stream of packets of one PMU from an encrypted tunnel is shown. Also, encryption in power system VPNs and vulnerabilities due to side channel analysis is discussed.
Keywords: phasor measurement; power grids; security of data; branch current phasors; bus frequency measurements; bus voltage phasors; electric power grid; electric power systems; encrypted tunnel; inter-packet delays; multiple PMU data; real-time monitoring; side channel analysis; Cryptography; Delays; Hidden Markov models; Logic gates; Phasor measurement units; Cybersecurity; grid operations; phasor measurement units; power system; side channel analysis (ID#: 15-7874)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7101704&isnumber=7101673
Bartholemy, A.; Weifeng Chen, “An Examination of Distributed Denial of Service Attacks,” in Electro/Information Technology (EIT), 2015 IEEE International Conference on, vol., no., pp. 274–279, 21–23 May 2015. doi:10.1109/EIT.2015.7293352
Abstract: Denial of service (DoS) attacks have been around for a significant period of time and is exponentially growing in popularity. This paper discusses various DoS attacks and the evolution towards distributed denial of service (DDoS) attacks. An analysis of high profile attacks will be conducted to evaluate the methods used by the attackers. We will also describe the roles of enterprise, consumers, and ISPs in reducing the damage and frequency of the attacks.
Keywords: computer network security; DDoS attack; Distributed Denial of Service attack; consumer role; enterprise role; Bandwidth; Computer crime; Games; Internet; Organizations; Servers (ID#: 15-7875)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7293352&isnumber=7293314
Hasan, S.R.; Mossa, S.F.; Elkeelany, O.S.A.; Awwad, F., “Tenacious Hardware Trojans Due to High Temperature in Middle Tiers of 3-D ICs,” in Circuits and Systems (MWSCAS), 2015 IEEE 58th International Midwest Symposium on, vol., no.,
pp. 1–4, 2–5 Aug. 2015. doi:10.1109/MWSCAS.2015.7282148
Abstract: Hardware security is a major concern in the intellectual property (IP) centric integrated circuits (IC). 3-D IC design augments IP centric designs. However, 3-D ICs suffer from high temperatures in their middle tiers due to long heat dissipation paths. We anticipate that this problem would exacerbate the hardware security issues in 3-D ICs. Because, high temperature leads to undesired timing characteristics in ICs. In this paper we provide a detailed analysis on how these delay variations can lead to non-ideal behavior of control paths. It is demonstrated that a hardware intruder can leverage this phenomenon to trigger the payload, without requiring a separate triggering circuit. Our simulation results show that a state machine can lead to temporary glitches long enough to cause malfunctioning at temperatures of 87°C or above, under nominal frequencies. The overall area overhead of the payload compared to a very small Mod-3 counter is 6%.
Keywords: finite state machines; integrated circuit design; invasive software; three-dimensional integrated circuits; 3D IC design; IP centric designs; IP centric integrated circuits; delay variations; hardware intruder; hardware security; intellectual property centric integrated circuits; state machine; tenacious hardware trojans; undesired timing characteristics; Flip-flops; Hardware; Integrated circuits; Law; Radiation detectors; Trojan horses; 3-D IC; hardware Trojan; high temperature (ID#: 15-7876)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7282148&isnumber=7281994
Younghyun Kim; Woo Suk Lee; Vijay Raghunathan; Niraj K. Jha; Anand Raghunathan, “Vibration-Based Secure Side Channel for Medical Devices,” in Design Automation Conference (DAC), 2015 52nd ACM/EDAC/IEEE, vol., no., pp. 1–6, 8–12 June 2015. doi:10.1145/2744769.2744928
Abstract: Implantable and wearable medical devices are used for monitoring, diagnosis, and treatment of an ever-increasing range of medical conditions, leading to an improved quality of life for patients. The addition of wireless connectivity to medical devices has enabled post-deployment tuning of therapy and access to device data virtually anytime and anywhere but, at the same time, has led to the emergence of security attacks as a critical concern. While cryptography and secure communication protocols may be used to address most known attacks, the lack of a viable secure connection establishment and key exchange mechanism is a fundamental challenge that needs to be addressed. We propose a vibration-based secure side channel between an external device (medical programmer or smartphone) and a medical device. Vibration is an intrinsically short-range, user-perceptible channel that is suitable for realizing physically secure communication at low energy and size/weight overheads. We identify and address key challenges associated with the vibration channel, and propose a vibration-based wakeup and key exchange scheme, named SecureVibe, that is resistant to battery drain attacks. We analyze the risk of acoustic eavesdropping attacks and propose an acoustic masking countermeasure. We demonstrate and evaluate vibration-based wakeup and key exchange between a smartphone and a prototype medical device in the context of a realistic human body model.
Keywords: bioacoustics; biomedical telemetry; body sensor networks; patient diagnosis; patient monitoring; smart phones; telemedicine; vibrations; Implantable medical devices; SecureVibe; acoustic eavesdropping attacks; acoustic masking countermeasure; battery drain attacks; cryptography; device data virtually; intrinsically short-range user-perceptible channel; key exchange mechanism; key exchange scheme; medical condition; medical programmer; patient treatment; physically secure communication; post-deployment tuning; realistic human body model; secure communication protocols; size-weight overheads; smartphone; therapy; viable secure connection establishment; vibration-based secure side channel; vibration-based wakeup; wearable medical devices; wireless connectivity; Accelerometers; Acoustics; Batteries; Cryptography; Protocols; Radio frequency; Vibrations (ID#: 15-7877)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7167216&isnumber=7167177
ElSayed, A.; Elleithy, A.; Thunga, P.; Zhengping Wu, “Highly Secure Image Steganography Algorithm Using Curvelet Transform and DCT Encryption,” in Systems, Applications and Technology Conference (LISAT), 2015 IEEE Long Island, vol., no., pp. 1–6, 1–1 May 2015. doi:10.1109/LISAT.2015.7160204
Abstract: This paper presents a highly secure data hiding system (a.k.a. Steganography) in a cover image using the low frequency Curvelet domain. The contribution of the suggested technique is its high security, because it is using four secret keys (encryption key, two shuffling keys, data hiding key) and using only the low frequency component of Curvelet domain. The use of low frequency component of Curvelet transform in steganography provides a number of advantages compared to other techniques such as: 1) Computation time reduction and, 2) Curvelet transform are designed to handle curves discontinuities using only a small number of coefficients, so hiding in the low frequency components will not affect edges coefficients, which produces better stego object quality.
Keywords: curvelet transforms; discrete cosine transforms; image coding; steganography; DCT encryption; computation time reduction; curvelet transform; data hiding system; discrete cosine transform; image steganography algorithm; low frequency curvelet domain; stego object quality; Discrete cosine transforms; Encryption; Frequency-domain analysis; Image reconstruction; Wavelet transforms; Curevelet Transform; DCT; Secure Data Hiding; Steganography (ID#: 15-7878)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7160204&isnumber=7160171
Le An; Khomh, F., “An Empirical Study of Highly Impactful Bugs in Mozilla Projects,” in Software Quality, Reliability and Security (QRS), 2015 IEEE International Conference on, vol., no., pp. 262–271, 3–5 Aug. 2015. doi:10.1109/QRS.2015.45
Abstract: Bug triaging is the process that consists in screening and prioritising bugs to allow a software organisation to focus its limited resources on bugs with high impact on software quality. In a previous work, we proposed an entropy-based crash triaging approach that can help software organisations identify crash-types that affect a large user base with high frequency. We refer to bugs associated to these crash-types as highly-impactful bugs. The proposed triaging approach can identify highly-impactful bugs only after they have led to crashes in the field for a certain period of time. Therefore, to reduce the impact of highly-impactful bugs on user perceived quality, an early identification of these bugs is necessary. In this paper, we examine the characteristics of highly-impactful bugs in Mozilla Firefox and Fennec for Android, and propose statistical models to help software organisations predict them early on before they impact a large population of users. Results show that our proposed prediction models can achieve a precision up to 64.2% (in Firefox) and a recall up to 98.3% (in Fennec). We also evaluate the benefits of our proposed models and found that, on average, they could help reduce 23.0% of Firefox’ crashes and 13.4% of Fennec’s crashes, while reducing 28.6% of impacted machine profiles for Firefox and 49.4% for Fennec. Software organisations could use our prediction models to catch highly-impactful bugs early during the triaging process, preventing them from impacting a larger user base.
Keywords: entropy; program debugging; software quality; software tools; Android; Mozilla Fennec; Mozilla Firefox; automatic crash reporting tool; bug triaging; entropy-based crash triaging approach; highly-impactful bug; software organisation; software quality; Computer bugs; Data mining; Entropy; Measurement; Predictive models; Software; bug triaging; crash report; entropy analysis; mining software repositories; prediction model (ID#: 15-7879)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7272941&isnumber=7272893
Pugh, M.; Brewer, J.; Kvam, J., “Sensor Fusion for Intrusion Detection Under False Alarm Constraints,” in Sensors Applications Symposium (SAS), 2015 IEEE, vol., no., pp. 1–6, 13–15 April 2015. doi:10.1109/SAS.2015.7133634
Abstract: Sensor fusion algorithms allow the combination of many heterogeneous data types to make sophisticated decisions. In many situations, these algorithms give increased performance such as better detectability and/or reduced false alarm rates. To achieve these benefits, typically some system or signal model is given. This work focuses on the situation where the event signal is unknown and a false alarm criterion must be met. Specifically, the case where data from multiple passive infrared (PIR) sensors are processed to detect intrusion into a room while satisfying a false alarm constraint is analyzed. The central challenge is the space of intrusion signals is unknown and we want to quantify analytically the probability of false alarm. It is shown that this quantification is possible by estimating the background noise statistics and computing the Mahalanobis distance in the frequency domain. Using the Mahalanobis distance as the decision metric, a threshold is computed to satisfy the false alarm constraint.
Keywords: frequency-domain analysis; infrared detectors; probability; safety systems; security of data; sensor fusion; signal detection; statistics; Mahalanobis distance; PIR sensor; background noise statistics; false alarm probability constraint; frequency domain analysis; intrusion detection; multiple passive infrared sensor; sensor fusion algorithm; Frequency-domain analysis; Gaussian distribution; Noise; Noise measurement; Principal component analysis; Sensor fusion; Time series analysis
(ID#: 15-7880)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7133634&isnumber=7133559
Kitsos, P.; Voyiatzis, A.G., “A Comparison of TERO and RO Timing Sensitivity for Hardware Trojan Detection Applications,” in Digital System Design (DSD), 2015 Euromicro Conference on, vol., no., pp. 547–550, 26–28 Aug. 2015. doi:10.1109/DSD.2015.32
Abstract: A Ring Oscillator (RO) integrated in a design can be used for detecting insertion of malicious logic i.e., a hardware Trojan horse. Recently, the Transition Effect Ring Oscillator (TERO) was proposed as a means for implementing True Random Number Generators (TRNGs) and Physically Uncloneable Functions (PUFs). In this paper, we explore the timing sensitivity of TERO against RO, towards introducing TERO as an alternative means for detecting Trojans on FPGAs.
Keywords: feature extraction; field programmable gate arrays; invasive software; random number generation; FPGA; PUF; TERO timing sensitivity; TRNG; field programmable gate array; hardware Trojan horse detection application; physically uncloneable function; transition effect ring oscillator; true random number generator; Field programmable gate arrays; Frequency measurement; Hardware; Logic gates; Ring oscillators; Table lookup; Trojan horses; FPGA security; Transition Effect Ring Oscillator; hardware Trojan horse; ring oscillators; time analysis (ID#: 15-7881)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7302323&isnumber=7302233
Yogeshwaran, S.; Venkatesh, S., “Real Time Voice Identification Based Gear Control System in LMV Using MFCC,” in Soft-Computing and Networks Security (ICSNS), 2015 International Conference on, vol., no., pp. 1–7, 25–27 Feb. 2015. doi:10.1109/ICSNS.2015.7292393
Abstract: Speech recognition and speaker recognition have wide range of applications in security systems and smart home designs. In this paper we discuss a method by which text dependent speaker recognition can be used to control gear shifting in light motor vehicles which could be helpful for people who lost one hand in accidents to drive cars. Speaker recognition involves two processes namely feature extraction and feature matching. In feature extraction we extract the dominant features from the voice of the speaker for standard text commands during the training session. There are methods such as Linear Predictive Coding (LPC), Mel Frequency Cepstral Coefficients (MFCC) used for feature extraction. After obtaining these features we form a codebook where characteristics of all the speakers are stored. In feature matching we compare the characteristics of the speaker and intelligent decision making based on the predefined threshold identifies the speaker i.e., driver in our scenario. Hidden Markov Model, Gaussian Mixture Model, Vector Quantization and Neural network as multiclass classifier are some of the methods used for feature matching, while here we make use of neural network. Once the command of the driver is detected, then the gear shifting can be done by an electro mechanical system.
Keywords: Gaussian processes; cepstral analysis; control engineering computing; decision making; feature extraction; gears; hidden Markov models; linear predictive coding; mixture models; neural nets; road vehicles; speaker recognition; traffic engineering computing; vector quantisation; Gaussian mixture model; LMV; LPC; electromechanical system; feature matching; hidden Markov model; intelligent decision making; light motor vehicles; linear predictive coding; mel frequency cepstral coefficients; multiclass classifier; neural network; real time voice identification based gear control system; speech recognition; text dependent speaker recognition; vector quantization; Feature extraction; Filter banks; Gears; Mel frequency cepstral coefficient; Noise; Speaker recognition; Speech; BPNN; MFCC (ID#: 15-7882)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7292393&isnumber=7292366
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.