Visible to the public Biblio

Filters: Keyword is Timing  [Clear All Filters]
2023-08-24
Zhang, Ge, Zhang, Zheyu, Sun, Jun, Wang, Zun, Wang, Rui, Wang, Shirui, Xie, Chengyun.  2022.  10 Gigabit industrial thermal data acquisition and storage solution based on software-defined network. 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC). :616–619.
With the wide application of Internet technology in the industrial control field, industrial control networks are getting larger and larger, and the industrial data generated by industrial control systems are increasing dramatically, and the performance requirements of the acquisition and storage systems are getting higher and higher. The collection and analysis of industrial equipment work logs and industrial timing data can realize comprehensive management and continuous monitoring of industrial control system work status, as well as intrusion detection and energy efficiency analysis in terms of traffic and data. In the face of increasingly large realtime industrial data, existing log collection systems and timing data gateways, such as packet loss and other phenomena [1], can not be more complete preservation of industrial control network thermal data. The emergence of software-defined networking provides a new solution to realize massive thermal data collection in industrial control networks. This paper proposes a 10-gigabit industrial thermal data acquisition and storage scheme based on software-defined networking, which uses software-defined networking technology to solve the problem of insufficient performance of existing gateways.
2023-07-14
Mašek, Vít, Novotný, Martin.  2022.  Versatile Hardware Framework for Elliptic Curve Cryptography. 2022 25th International Symposium on Design and Diagnostics of Electronic Circuits and Systems (DDECS). :80–83.
We propose versatile hardware framework for ECC. The framework supports arithmetic operations over P-256, Ed25519 and Curve25519 curves, enabling easy implementation of various ECC algorithms. Framework finds its application area e.g. in FIDO2 attestation or in nowadays rapidly expanding field of hardware wallets. As the design is intended to be ASIC-ready, we designed it to be area efficient. Hardware units are reused for calculations in several finite fields, and some of them are superior to previously designed circuits in terms of time-area product. The framework implements several attack countermeasures. It enables implementation of certain countermeasures even in later stages of design. The design was validated on SoC FPGA.
ISSN: 2473-2117
2023-05-19
Ondov, Adrián, Helebrandt, Pavol.  2022.  Covert Channel Detection Methods. 2022 20th International Conference on Emerging eLearning Technologies and Applications (ICETA). :491—496.
The modern networking world is being exposed to many risks more frequently every day. Most of systems strongly rely on remaining anonymous throughout the whole endpoint exploitation process. Covert channels represent risk since they ex-ploit legitimate communications and network protocols to evade typical filtering. This firewall avoidance sees covert channels frequently used for malicious communication of intruders with systems they compromised, and thus a real threat to network security. While there are commercial tools to safeguard computer networks, novel applications such as automotive connectivity and V2X present new challenges. This paper focuses on the analysis of the recent ways of using covert channels and detecting them, but also on the state-of-the-art possibilities of protection against them. We investigate observing the timing covert channels behavior simulated via injected ICMP traffic into standard network communications. Most importantly, we concentrate on enhancing firewall with detection and prevention of such attack built-in features. The main contribution of the paper is design for detection timing covert channel threats utilizing detection methods based on statistical analysis. These detection methods are combined and implemented in one program as a simple host-based intrusion detection system (HIDS). As a result, the proposed design can analyze and detect timing covert channels, with the addition of taking preventive measures to block any future attempts to breach the security of an end device.
Severino, Ricardo, Rodrigues, João, Ferreira, Luis Lino.  2022.  Exploring Timing Covert Channel Performance over the IEEE 802.15.4. 2022 IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA). :1—8.
As IoT technologies mature, they are increasingly finding their way into more sensitive domains, such as Medical and Industrial IoT, in which safety and cyber-security are paramount. While the number of deployed IoT devices continues to increase annually, they still present severe cyber-security vulnerabilities, turning them into potential targets and entry points to support further attacks. Naturally, as these nodes are compromised, attackers aim at setting up stealthy communication behaviours, to exfiltrate data or to orchestrate nodes of a botnet in a cloaked fashion. Network covert channels are increasingly being used with such malicious intents. The IEEE 802.15.4 is one of the most pervasive protocols in IoT, and a fundamental part of many communication infrastructures. Despite this fact, the possibility of setting up such covert communication techniques on this medium has received very little attention. We aim at analysing the performance and feasibility of such covert-channel implementations upon the IEEE 802.15.4 protocol. This will enable a better understanding of the involved risk and help supporting the development of further cyber-security mechanisms to mitigate this threat.
2023-04-14
Lin, Chen, Wang, Yi.  2022.  Implementation of Cache Timing Attack Based on Present Algorithm. 2022 8th Annual International Conference on Network and Information Systems for Computers (ICNISC). :32–35.
Traditional side-channel attacks have shortcomings such as low efficiency, extremely difficult collection and injection of fault information in real environments, and poor applicability of attacks. The cache timing attack proposed in recent years is a new type of side-channel attack method. This attack method uses the difference in the reading speed of the computer CPU cache to enable the attacker to obtain the confidential information during the execution of the algorithm. The attack efficiency is high, and the cost is relatively low. little. Present algorithm is a lightweight block cipher proposed in 2007. The algorithm has excellent hardware implementation and concise round function design. On this basis, scholars at home and abroad have carried out different side-channel attacks on it, such as differential attacks., multiple differential chain attacks, algebraic attacks, etc. At present, there is no published research on the Cache timing attack against the Present algorithm at home and abroad. In this paper, the output value of the S box in the first and second rounds of the encryption process is obtained through the combination of the Cache timing attack and the side-channel Trojan horse, and Combined with the key recovery algorithm, the master key of the algorithm is finally recovered.
2023-02-17
Eftekhari Moghadam, Vahid, Prinetto, Paolo, Roascio, Gianluca.  2022.  Real-Time Control-Flow Integrity for Multicore Mixed-Criticality IoT Systems. 2022 IEEE European Test Symposium (ETS). :1–4.
The spread of the Internet of Things (IoT) and the use of smart control systems in many mission-critical or safety-critical applications domains, like automotive or aeronautical, make devices attractive targets for attackers. Nowadays, several of these are mixed-criticality systems, i.e., they run both high-criticality tasks (e.g., a car control system) and low-criticality ones (e.g., infotainment). High-criticality routines often employ Real-Time Operating Systems (RTOS) to enforce hard real-time requirements, while the tasks with lower constraints can be delegated to more generic-purpose operating systems (GPOS).Much of the control code for these devices is written in memory-unsafe languages such as C and C++. This makes them susceptible to powerful binary attacks, such as the famous Return-Oriented Programming (ROP). Control-Flow Integrity (CFI) is the most investigated security technique to protect against such threats. At now, CFI solutions for real-time embedded systems are not as mature as the ones for general-purpose systems, and even more, there is a lack of in-depth studies on how different operating systems with different security requirements and timing constraints can coexist on a single multicore platform.This paper aims at drawing attention to the subject, discussing the current scientific proposal, and in turn proposing a solution for an optimized asymmetric verification system for execution integrity. By using an embedded hypervisor, predefined cores could be dedicated to only high or low-criticality tasks, with the high-priority core being monitored by the lower-criticality core, relying on offline binary instrumentation and a light exchange of information and signals at runtime. The work also presents preliminary results about a possible implementation for multicore ARM platforms, running both RTOS and GPOS, both in terms of security and performance penalties.
2023-02-03
Song, Sanquan, Tell, Stephen G., Zimmer, Brian, Kudva, Sudhir S., Nedovic, Nikola, Gray, C. Thomas.  2022.  An FLL-Based Clock Glitch Detector for Security Circuits in a 5nm FINFET Process. 2022 IEEE Symposium on VLSI Technology and Circuits (VLSI Technology and Circuits). :146–147.
The rapid complexity growth of electronic systems nowadays increases their vulnerability to hacking, such as fault injection, including insertion of glitches into the system clock to corrupt internal state through timing errors. As a countermeasure, a frequency locked loop (FLL) based clock glitch detector is proposed in this paper. Regulated from an external supply voltage, this FLL locks at 16-36X of the system clock, creating four phases to measure the system clock by oversampling at 64-144X. The samples are then used to sense the frequency and close the frequency locked loop, as well as to detect glitches through pattern matching. Implemented in a 5nm FINFET process, it can detect the glitches or pulse width variations down to 3.125% of the input 40MHz clock cycle with the supply varying from 0.5 to 1.0V.
ISSN: 2158-9682
2022-12-01
Bindschadler, Duane, Hwangpo, Nari, Sarrel, Marc.  2022.  Metrics for Flight Operations: Application to Europa Clipper Tour Selection. 2022 IEEE Aerospace Conference (AERO). :1—12.

Objective measures are ubiquitous in the formulation, design and implementation of deep space missions. Tour durations, flyby altitudes, propellant budgets, power consumption, and other metrics are essential to developing and managing NASA missions. But beyond the simple metrics of cost and workforce, it has been difficult to identify objective, quantitative measures that assist in evaluating choices made during formulation or implementation phases in terms of their impact on flight operations. As part of the development of the Europa Clipper Mission system, a set of operations metrics have been defined along with the necessary design information and software tooling to calculate them. We have applied these methods and metrics to help assess the impact to the flight team on the six options for the Clipper Tour that are currently being vetted for selection in the fall of 2021. To generate these metrics, the Clipper MOS team first designed the set of essential processes by which flight operations will be conducted, using a standard approach and template to identify (among other aspects) timelines for each process, along with their time constraints (e.g., uplinks for sequence execution). Each of the resulting 50 processes is documented in a common format and concurred by stakeholders. Process timelines were converted into generic schedules and workforce-loaded using COTS scheduling software, based on the inputs of the process authors and domain experts. Custom code was generated to create an operations schedule for a specific portion of Clipper's prime mission, with instances of a given process scheduled based on specific timing rules (e.g., process X starts once per week on Thursdays) or relative to mission events (e.g., sequence generation process begins on a Monday, at least three weeks before each Europa closest approach). Over a 5-month period, and for each of six Clipper candidate tours, the result was a 20,000+ line, workforce-loaded schedule that documents all of the process-driven work effort at the level of individual roles, along with a significant portion of the level-of-effort work. Post-processing code calculated the absolute and relative number of work hours during a nominal 5 day / 40 hour work week, the work effort during 2nd and 3rd shift, as well as 1st shift on weekends. The resultant schedules and shift tables were used to generate objective measures that can be related to both human factors and to operational risk and showed that Clipper tours which utilize 6:1 resonant (21.25 day) orbits instead of 4:1 resonant (14.17 day) orbits during the first dozen or so Europa flybys are advantageous to flight operations. A similar approach can be extended to assist missions in more objective assessments of a number of mission issues and trades, including tour selection and spacecraft design for operability.

2022-10-20
King, James, Bendiab, Gueltoum, Savage, Nick, Shiaeles, Stavros.  2021.  Data Exfiltration: Methods and Detection Countermeasures. 2021 IEEE International Conference on Cyber Security and Resilience (CSR). :442—447.
Data exfiltration is of increasing concern throughout the world. The number of incidents and capabilities of data exfiltration attacks are growing at an unprecedented rate. However, such attack vectors have not been deeply explored in the literature. This paper aims to address this gap by implementing a data exfiltration methodology, detailing some data exfiltration methods. Groups of exfiltration methods are incorporated into a program that can act as a testbed for owners of any network that stores sensitive data. The implemented methods are tested against the well-known network intrusion detection system Snort, where all of them have been successfully evaded detection by its community rule sets. Thus, in this paper, we have developed new countermeasures to prevent and detect data exfiltration attempts using these methods.
Nassar, Reem, Elhajj, Imad, Kayssi, Ayman, Salam, Samer.  2021.  Identifying NAT Devices to Detect Shadow IT: A Machine Learning Approach. 2021 IEEE/ACS 18th International Conference on Computer Systems and Applications (AICCSA). :1—7.
Network Address Translation (NAT) is an address remapping technique placed at the borders of stub domains. It is present in almost all routers and CPEs. Most NAT devices implement Port Address Translation (PAT), which allows the mapping of multiple private IP addresses to one public IP address. Based on port number information, PAT matches the incoming traffic to the corresponding "hidden" client. In an enterprise context, and with the proliferation of unauthorized wired and wireless NAT routers, NAT can be used for re-distributing an Intranet or Internet connection or for deploying hidden devices that are not visible to the enterprise IT or under its oversight, thus causing a problem known as shadow IT. Thus, it is important to detect NAT devices in an intranet to prevent this particular problem. Previous methods in identifying NAT behavior were based on features extracted from traffic traces per flow. In this paper, we propose a method to identify NAT devices using a machine learning approach from aggregated flow features. The approach uses multiple statistical features in addition to source and destination IPs and port numbers, extracted from passively collected traffic data. We also use aggregated features extracted within multiple window sizes and feed them to a machine learning classifier to study the effect of timing on NAT detection. Our approach works completely passively and achieves an accuracy of 96.9% when all features are utilized.
2022-09-30
Dernayka, Iman, Chehab, Ali.  2021.  Blockchain Development Platforms: Performance Comparison. 2021 11th IFIP International Conference on New Technologies, Mobility and Security (NTMS). :1–6.
In this paper, two of the main Blockchain development platforms, Ethereum and EOS.IO are compared. The objective is to help developers select the most appropriate platform as the back-end Blockchain for their apps. A decentralized application was implemented on each of the platforms triggering basic operations and timing them. The simulations were performed on Microsoft’s Azure cloud, running up to 150 Blockchain nodes while recording the user response time, the CPU utilization, and the totally used memory in Mbytes. The results in this study show that although recognized as a major competitor to Ethereum, EOS.IO fails to outperform the Ethereum platform in this experiment, recording a very high response time in comparison to Ethereum.
Hutto, Kevin, Mooney, Vincent J..  2021.  Sensing with Random Encoding for Enhanced Security in Embedded Systems. 2021 10th Mediterranean Conference on Embedded Computing (MECO). :1–6.
Embedded systems in physically insecure environments are subject to additional security risk via capture by an adversary. A captured microchip device can be reverse engineered to recover internal buffer data that would otherwise be inaccessible through standard IO mechanisms. We consider an adversary who has sufficient ability to gain all internal bits and logic from a device at the time of capture as an unsolved threat. In this paper we present a novel sensing architecture that enhances embedded system security by randomly encoding sensed values. We randomly encode data at the time of sensing to minimize the amount of plaintext data present on a device in buffer memory. We encode using techniques that are unintelligible to an adversary even with full internal bit knowledge. The encoding is decipherable by a trusted home server, and we have provided an architecture to perform this decoding. Our experimental results show the proposed architecture meets timing requirements needed to perform communications with a satellite utilizing short-burst data, such as in remote sensing telemetry and tracking applications.
Robert Doebbert, Thomas, Krush, Dmytro, Cammin, Christoph, Jockram, Jonas, Heynicke, Ralf, Scholl, Gerd.  2021.  IO-Link Wireless Device Cryptographic Performance and Energy Efficiency. 2021 22nd IEEE International Conference on Industrial Technology (ICIT). 1:1106–1112.
In the context of the Industry 4.0 initiative, Cyber-Physical Production Systems (CPPS) or Cyber Manufacturing Systems (CMS) can be characterized as advanced networked mechatronic production systems gaining their added value by interaction with different systems using advanced communication technologies. Appropriate wired and wireless communication technologies and standards need to add timing in combination with security concepts to realize the potential improvements in the production process. One of these standards is IO-Link Wireless, which is used for sensor/actuator network operation. In this paper cryptographic performance and energy efficiency of an IO-Link Wireless Device are analyzed. The power consumption and the influence of the cryptographic operations on the trans-mission timing of the IO-Link Wireless protocol are exemplary measured employing a Phytec module based on a CC2650 system-on-chip (SoC) radio transceiver [2]. Confidentiality is considered in combination with the cryptographic performance as well as the energy efficiency. Different cryptographic algorithms are evaluated using the on chip hardware accelerator compared to a cryptographic software implementation.
2022-09-09
Perucca, A., Thai, T. T., Fiasca, F., Signorile, G., Formichella, V., Sesia, I., Levi, F..  2021.  Network and Software Architecture Improvements for a Highly Automated, Robust and Efficient Realization of the Italian National Time Scale. 2021 Joint Conference of the European Frequency and Time Forum and IEEE International Frequency Control Symposium (EFTF/IFCS). :1—4.
Recently, the informatics infrastructure of INRiM Time and Frequency Laboratory has been completely renewed with particular attention to network security and software architecture aspects, with the aims to improve the reliability, robustness and automation of the overall set-up. This upgraded infrastructure has allowed, since January 2020, a fully automated generation and monitoring of the Italian time scale UTC(IT), based on dedicated software developed in-house [1]. We focus in this work on the network and software aspects of our set-up, which enable a robust and reliable automatic time scale generation with continuous monitoring and minimal human intervention.
2022-07-13
Yakymenko, Igor, Kasianchuk, Mykhailo, Yatskiv, Vasyl, Shevchuk, Ruslan, Koval, Vasyl, Yatskiv, Solomiya.  2021.  Sustainability and Time Complexity Estimation of Сryptographic Algorithms Main Operations on Elliptic Curves. 2021 11th International Conference on Advanced Computer Information Technologies (ACIT). :494—498.
This paper presents the time complexity estimates for the methods of points exponentiation, which are basic for encrypting information flows in computer systems. As a result of numerical experiments, it is determined that the method of doubling-addition-subtraction has the lowest complexity. Mathematical models for determining the execution time of each considered algorithm for points exponentiation on elliptic curves were developed, which allowed to conduct in-depth analysis of their performance and resistance to special attacks, in particular timing analysis attack. The dependences of the cryptographic operations execution time on the key length and the sustainability of each method on the Hamming weight are investigated. It is proved that under certain conditions the highest sustainability of the system is achieved by the doubling-addition-subtraction algorithm. This allows to justify the choice of algorithm and its parameters for the implementation of cryptographic information security, which is resistant to special attacks.
Kolagatla, Venkata Reddy, J, Mervin, Darbar, Shabbir, Selvakumar, David, Saha, Sankha.  2021.  A Randomized Montgomery Powering Ladder Exponentiation for Side-Channel Attack Resilient RSA and Leakage Assessment. 2021 25th International Symposium on VLSI Design and Test (VDAT). :1—5.
This paper presents a randomized Montgomery Powering Ladder Modular Exponentiation (RMPLME) scheme for side channel attacks (SCA) resistant Rivest-Shamir-Adleman (RSA) and its leakage resilience analysis. This method randomizes the computation time of square-and-multiply operations for each exponent bit of the Montgomery Powering Ladder (MPL) based RSA exponentiation using various radices (Radix – 2, 22, and 24) based Montgomery Modular multipliers (MMM) randomly. The randomized computations of RMPLME generates non-uniform timing channels information and power traces thus protecting against SCA. In this work, we have developed and implemented a) an unmasked right-to-left Montgomery Modular Exponentiation (R-L MME), b) MPL exponentiation and c) the proposed RMPLME schemes for RSA decryption. All the three realizations have been assessed for side channel leakage using Welch’s t-test and analyzed for secured realizations based on degree of side channel information leakage. RMPLME scheme shows the least side-channel leakage and resilient against SPA, DPA, C-Safe Error, CPA and Timing Attacks.
2022-06-09
Khan, Maher, Babay, Amy.  2021.  Toward Intrusion Tolerance as a Service: Confidentiality in Partially Cloud-Based BFT Systems. 2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). :14–25.
Recent work on intrusion-tolerance has shown that resilience to sophisticated network attacks requires system replicas to be deployed across at least three geographically distributed sites. While commodity data centers offer an attractive solution for hosting these sites due to low cost and management overhead, their use raises significant confidentiality concerns: system operators may not want private data or proprietary algorithms exposed to servers outside their direct control. We present a new model for Byzantine Fault Tolerant replicated systems that moves toward “intrusion tolerance as a service”. Under this model, application logic and data are only exposed to servers hosted on the system operator's premises. Additional offsite servers hosted in data centers can support the needed resilience without executing application logic or accessing unencrypted state. We have implemented this approach in the open-source Spire system, and our evaluation shows that the performance overhead of providing confidentiality can be less than 4% in terms of latency.
2022-05-20
Chattopadhyay, Abhiroop, Valdes, Alfonso, Sauer, Peter W., Nuqui, Reynaldo.  2021.  A Localized Cyber Threat Mitigation Approach For Wide Area Control of FACTS. 2021 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm). :264–269.
We propose a localized oscillation amplitude monitoring (OAM) method for the mitigation of cyber threats directed at the wide area control (WAC) system used to coordinate control of Flexible AC Transmission Systems (FACTS) for power oscillation damping (POD) of active power flow on inter-area tie lines. The method involves monitoring the inter-area tie line active power oscillation amplitude over a sliding window. We use system instability - inferred from oscillation amplitudes growing instead of damping - as evidence of an indication of a malfunction in the WAC of FACTS, possibly indicative of a cyber attack. Monitoring the presence of such a growth allows us to determine whether any destabilizing behaviors appear after the WAC system engages to control the POD. If the WAC signal increases the oscillation amplitude over time, thereby diminishing the POD performance, the FACTS falls back to POD using local measurements. The proposed method does not require an expansive system-wide view of the network. We simulate replay, control integrity, and timing attacks for a test system and present results that demonstrate the performance of the OAM method for mitigation.
Chattopadhyay, Abhiroop, Valdes, Alfonso, Sauer, Peter W., Nuqui, Reynaldo.  2021.  A Cyber Threat Mitigation Approach For Wide Area Control of SVCs using Stability Monitoring. 2021 IEEE Madrid PowerTech. :1–6.
We propose a stability monitoring approach for the mitigation of cyber threats directed at the wide area control (WAC) system used for coordinated control of Flexible AC Transmission Systems (FACTS) used for power oscillation damping (POD) of active power flow on inter-area tie lines. The approach involves monitoring the modes of the active power oscillation on an inter-area tie line using the Matrix Pencil (MP) method. We use the stability characteristics of the observed modes as a proxy for the presence of destabilizing cyber threats. We monitor the system modes to determine whether any destabilizing modes appear after the WAC system engages to control the POD. If the WAC signal exacerbates the POD performance, the FACTS falls back to POD using local measurements. The proposed approach does not require an expansive system-wide view of the network. We simulate replay, control integrity, and timing attacks for a test system and present results that demonstrate the performance of the SM approach for mitigation.
2022-04-19
Al-Eidi, Shorouq, Darwish, Omar, Chen, Yuanzhu, Husari, Ghaith.  2021.  SnapCatch: Automatic Detection of Covert Timing Channels Using Image Processing and Machine Learning. IEEE Access. 9:177–191.
With the rapid growth of data exfiltration carried out by cyber attacks, Covert Timing Channels (CTC) have become an imminent network security risk that continues to grow in both sophistication and utilization. These types of channels utilize inter-arrival times to steal sensitive data from the targeted networks. CTC detection relies increasingly on machine learning techniques, which utilize statistical-based metrics to separate malicious (covert) traffic flows from the legitimate (overt) ones. However, given the efforts of cyber attacks to evade detection and the growing column of CTC, covert channels detection needs to improve in both performance and precision to detect and prevent CTCs and mitigate the reduction of the quality of service caused by the detection process. In this article, we present an innovative image-based solution for fully automated CTC detection and localization. Our approach is based on the observation that the covert channels generate traffic that can be converted to colored images. Leveraging this observation, our solution is designed to automatically detect and locate the malicious part (i.e., set of packets) within a traffic flow. By locating the covert parts within traffic flows, our approach reduces the drop of the quality of service caused by blocking the entire traffic flows in which covert channels are detected. We first convert traffic flows into colored images, and then we extract image-based features for detection covert traffic. We train a classifier using these features on a large data set of covert and overt traffic. This approach demonstrates a remarkable performance achieving a detection accuracy of 95.83% for cautious CTCs and a covert traffic accuracy of 97.83% for 8 bit covert messages, which is way beyond what the popular statistical-based solutions can achieve.
Conference Name: IEEE Access
Dani, Vidyalaxmi, Ramaiyan, Venkatesh, Jalihal, Devendra.  2021.  Covert Communication over Asynchronous Channels with Timing Advantage. 2021 IEEE Information Theory Workshop (ITW). :1–6.
We study a problem of covert communication over binary symmetric channels (BSC) in an asynchronous setup. Here, Alice seeks to communicate to Bob over a BSC while trying to be covert with respect to Willie, who observes any communication through possibly a different BSC. When Alice communicates, she transmits a message (using a codeword of length n) at a random time uniformly distributed in a window of size Aw slots. We assume that Bob has side information about the time of transmission leading to a reduced uncertainty of Ab slots for Bob, where \$A\_b$\backslash$lt A\_w\$. In this setup, we seek to characterize the limits of covert communication as a function of the timing advantage. When Aw is increasing exponentially in n, we characterize the covert capacity as a function of Aw and Ab. When Aw is increasing sub-exponentially in n, we characterize lower and upper bounds on achievable covert bits and show that positive covert rates are not feasible irrespective of timing advantage. Using numerical work, we illustrate our results for different network scenarios, and also highlight a tradeoff between timing advantage and channel advantage (between Bob and Willie).
Frolova, Daria, Kogos, Konstsntin, Epishkina, Anna.  2021.  Traffic Normalization for Covert Channel Protecting. 2021 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (ElConRus). :2330–2333.
Nowadays a huge amount of sensitive information is sending via packet data networks and its security doesn't provided properly. Very often information leakage causes huge damage to organizations. One of the mechanisms to cause information leakage when it transmits through a communication channel is to construct a covert channel. Everywhere used packet networks provide huge opportunities for covert channels creating, which often leads to leakage of critical data. Moreover, covert channels based on packet length modifying can function in a system even if traffic encryption is applied and there are some data transfer schemes that are difficult to detect. The purpose of the paper is to construct and examine a normalization protection tool against covert channels. We analyze full and partial normalization, propose estimation of the residual covert channel capacity in a case of counteracting and determine the best parameters of counteraction tool.
2022-02-24
Barthe, Gilles, Blazy, Sandrine, Hutin, Rémi, Pichardie, David.  2021.  Secure Compilation of Constant-Resource Programs. 2021 IEEE 34th Computer Security Foundations Symposium (CSF). :1–12.
Observational non-interference (ONI) is a generic information-flow policy for side-channel leakage. Informally, a program is ONI-secure if observing program leakage during execution does not reveal any information about secrets. Formally, ONI is parametrized by a leakage function l, and different instances of ONI can be recovered through different instantiations of l. One popular instance of ONI is the cryptographic constant-time (CCT) policy, which is widely used in cryptographic libraries to protect against timing and cache attacks. Informally, a program is CCT-secure if it does not branch on secrets and does not perform secret-dependent memory accesses. Another instance of ONI is the constant-resource (CR) policy, a relaxation of the CCT policy which is used in Amazon's s2n implementation of TLS and in several other security applications. Informally, a program is CR-secure if its cost (modelled by a tick operator over an arbitrary semi-group) does not depend on secrets.In this paper, we consider the problem of preserving ONI by compilation. Prior work on the preservation of the CCT policy develops proof techniques for showing that main compiler optimisations preserve the CCT policy. However, these proof techniques critically rely on the fact that the semi-group used for modelling leakage satisfies the property: l1+ l1' = l2+l2'$\Rightarrow$l1=l2$\wedge$ l1' = l2' Unfortunately, this non-cancelling property fails for the CR policy, because its underlying semi-group is ($\backslash$mathbbN, +) and it is currently not known how to extend existing techniques to policies that do not satisfy non-cancellation.We propose a methodology for proving the preservation of the CR policy during a program transformation. We present an implementation of some elementary compiler passes, and apply the methodology to prove the preservation of these passes. Our results have been mechanically verified using the Coq proof assistant.
2022-02-22
Tan, Qinyun, Xiao, Kun, He, Wen, Lei, Pinyuan, Chen, Lirong.  2021.  A Global Dynamic Load Balancing Mechanism with Low Latency for Micokernel Operating System. 2021 7th International Symposium on System and Software Reliability (ISSSR). :178—187.
As Internet of Things(IOT) devices become intelli-gent, more powerful computing capability is required. Multi-core processors are widely used in IoT devices because they provide more powerful computing capability while ensuring low power consumption. Therefore, it requires the operating system on IoT devices to support and optimize the scheduling algorithm for multi-core processors. Nowadays, microkernel-based operating systems, such as QNX Neutrino RTOS and HUAWEI Harmony OS, are widely used in IoT devices because of their real-time and security feature. However, research on multi-core scheduling for microkernel operating systems is relatively limited, especially for load balancing mechanisms. Related research is still mainly focused on the traditional monolithic operating systems, such as Linux. Therefore, this paper proposes a low-latency, high- performance, and high real-time centralized global dynamic multi-core load balancing method for the microkernel operating system. It has been implemented and tested on our own microkernel operating system named Mginkgo. The test results show that when there is load imbalance in the system, load balancing can be performed automatically so that all processors in the system can try to achieve the maximum throughput and resource utilization. And the latency brought by load balancing to the system is very low, about 4882 cycles (about 6.164us) triggered by new task creation and about 6596 cycles (about 8.328us) triggered by timing. In addition, we also tested the improvement of system throughput and CPU utilization. The results show that load balancing can improve the CPU utilization by 20% under the preset case, while the CPU utilization occupied by load balancing is negligibly low, about 0.0082%.
2022-02-09
Buccafurri, Francesco, Angelis, Vincenzo De, Francesca Idone, Maria, Labrini, Cecilia.  2021.  WIP: An Onion-Based Routing Protocol Strengthening Anonymity. 2021 IEEE 22nd International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM). :231–235.
Anonymous Communication Networks (ACNs) are networks in which, beyond data confidentiality, also traffic flow confidentiality is provided. The most popular routing approach for ACNs also used in practice is Onion. Onion is based on multiple encryption wrapping combined with the proxy mechanism (relay nodes). However, it offers neither sender anonymity nor recipient anonymity in a global passive adversary model, simply because the adversary can observe (at the first relay node) the traffic coming from the sender, and (at the last relay node) the traffic delivered to the recipient. This may also cause a loss of relationship anonymity if timing attacks are performed. This paper presents Onion-Ring, a routing protocol that improves anonymity of Onion in the global adversary model, by achieving sender anonymity and recipient anonymity, and thus relationship anonymity.