Biblio
There is an inevitable trade-off between spatial and spectral resolutions in optical remote sensing images. A number of data fusion techniques of multimodal images with different spatial and spectral characteristics have been developed to generate optical images with both spatial and spectral high resolution. Although some of the techniques take the spectral and spatial blurring process into account, there is no method that attempts to retrieve an optical image with both spatial and spectral high resolution, a spectral blurring filter and a spectral response simultaneously. In this paper, we propose a new framework of spatial resolution enhancement by a fusion of multiple optical images with different characteristics based on tensor decomposition. An optical image with both spatial and spectral high resolution, together with a spatial blurring filter and a spectral response, is generated via canonical polyadic (CP) decomposition of a set of tensors. Experimental results featured that relatively reasonable results were obtained by regularization based on nonnegativity and coupling.
An air-gapped network is a type of IT network that is separated from the Internet - physically - due to the sensitive information it stores. Even if such a network is compromised with a malware, the hermetic isolation from the Internet prevents an attacker from leaking out any data - thanks to the lack of connectivity. In this paper we show how attackers can covertly leak sensitive data from air-gapped networks via the row of status LEDs on networking equipment such as LAN switches and routers. Although it is known that some network equipment emanates optical signals correlated with the information being processed by the device (‘side-channel'), malware controlling the status LEDs to carry any type of data (‘covert-channel') has never studied before. Sensitive data can be covertly encoded over the blinking of the LEDs and received by remote cameras and optical sensors. A malicious code is executed in a compromised LAN switch or router allowing the attacker direct, low-level control of the LEDs. We provide the technical background on the internal architecture of switches and routers at both the hardware and software level which enables these attacks. We present different modulation and encoding schemas, along with a transmission protocol. We implement prototypes of the malware and discuss its design and implementation. We tested various receivers including remote cameras, security cameras, smartphone cameras, and optical sensors, and discuss detection and prevention countermeasures. Our experiments show that sensitive data can be covertly leaked via the status LEDs of switches and routers at bit rates of 1 bit/sec to more than 2000 bit/sec per LED.
The Center for Strategic and International Studies estimates the annual cost from cyber crime to be more than \$400 billion. Most notable is the recent digital identity thefts that compromised millions of accounts. These attacks emphasize the security problems of using clonable static information. One possible solution is the use of a physical device known as a Physically Unclonable Function (PUF). PUFs can be used to create encryption keys, generate random numbers, or authenticate devices. While the concept shows promise, current PUF implementations are inherently problematic: inconsistent behavior, expensive, susceptible to modeling attacks, and permanent. Therefore, we propose a new solution by which an unclonable, dynamic digital identity is created between two communication endpoints such as mobile devices. This Physically Unclonable Digital ID (PUDID) is created by injecting a data scrambling PUF device at the data origin point that corresponds to a unique and matching descrambler/hardware authentication at the receiving end. This device is designed using macroscopic, intentional anomalies, making them inexpensive to produce. PUDID is resistant to cryptanalysis due to the separation of the challenge response pair and a series of hash functions. PUDID is also unique in that by combining the PUF device identity with a dynamic human identity, we can create true two-factor authentication. We also propose an alternative solution that eliminates the need for a PUF mechanism altogether by combining tamper resistant capabilities with a series of hash functions. This tamper resistant device, referred to as a Quasi-PUDID (Q-PUDID), modifies input data, using a black-box mechanism, in an unpredictable way. By mimicking PUF attributes, Q-PUDID is able to avoid traditional PUF challenges thereby providing high-performing physical identity assurance with or without a low performing PUF mechanism. Three different application scenarios with mobile devices for PUDID and Q-PUDI- have been analyzed to show their unique advantages over traditional PUFs and outline the potential for placement in a host of applications.