Biblio

A recent proposed physical layer encryption technique uses an all-optical setup based on spatial light modulators to split two or more wavelength division multiplexed (WDM) signals in several spectral slices and to shuffle these slices. As a result, eavesdroppers aimed to recover information from a single target signal need to handle all the signals involved in the shuffling process. In this work, computer simulations are used to analyse the case where the shuffled signals propagate through different optical routes. From a security point of view, this is an interesting possibility because it obliges eavesdroppers to tap different optical fibres/ cables. On the other hand, each shuffled signal experiences different physical impairments and the deleterious consequences of these effects must be carefully investigated. Our results indicate that, in a metropolitan area network environment, penalties caused by attenuation and dispersion differences may be easily compensated with digital signal processing algorithms that are presently deployed.

Wireless networks offer great flexibility and ease of deployment for the rapid implementation of smart grids. However, these data network technologies are prone to security issues. Especially, the risk of eavesdropping attacks increases due to the inherent characteristics of the wireless medium. In this context, physical layer security can augment secrecy through appropriate coding and signal processing. In this paper we consider the use of faster-than-Nyquist signaling to introduce artificial noise in the wireless network segment of the smart grid; with the aim of reinforce the information security at the physical layer. The results show that the proposed scheme can significantly improves the secrecy rate of the channel. Guaranteeing, in coexistence with other security mechanisms and despite the presence of potential eavesdroppers, a reliable and secure flow of information for smart grids.

As chips become more and more connected, they are more exposed (both to network and to physical attacks). Therefore one shall ensure they enjoy a sufficient protection level. Security within chips is accordingly becoming a hot topic. Incident detection and reporting is one novel function expected from chips. In this talk, we explain why it is worthwhile to resort to Artificial Intelligence (AI) for security event handling. Drivers are the need to aggregate multiple and heterogeneous security sensors, the need to digest this information quickly to produce exploitable information, and so while maintaining a low false positive detection rate. Key features are adequate learning procedures and fast and secure classification accelerated by hardware. A challenge is to embed such security-oriented AI logic, while not compromising chip power budget and silicon area. This talk accounts for the opportunities permitted by the symbiotic encounter between chip security and AI.

In this paper a new physical layer security method is proposed against eavesdropping attacks. Our purpose is to demonstrate that performance of the legitimate receiver can be increased and performance of the eavesdropper can be decreased by matching between the roll of factors of root raised cosine filters in the transmitter and receiver. Through the matching between the roll of factors (a), a performance difference is generated between the legitimate receiver and the eavesdropper. By using three software defined radio nodes error vector magnitude of the legitimate receiver and the eavesdropper is measured according to roll of factors. Performance differences the receiver are demonstrated when the roll off factor is matched and mismatched.

The area of military operations is presently a peculiar, heterogenic environment providing the decision-makers with varied data and information on the potential or the real enemy. However the vast number and diversity of the available information does not facilitate the decision process. The achievement of information advantage in line with the rule: the first to notice, the first to understand and the first to act depends among other things on the proper information processing. In the theory of Electronic Warfare, the processing of information about the electronic objects of the enemy emitting electromagnetic energy is realized by Signals Intelligence. The fastest processing of information in the information system of Signals Intelligence is presently provided by cybernetic environment. The construction of an information processing system in the cybernetic environment of Signals Intelligence is thus a very complex task. The article presents theoretical basis of information processing in cybernetic environment of Signals Intelligence based on research carried out by the authors. The article can be described as the added value since it presents and clarifies a complex concept of cybernetic environment of Signal Intelligence. Moreover, it provides a new definition of information process as a system of operations on intelligence information and data. It also presents the stages of information process as well as the structure of information processing process. In the further part it shows the factors and elements of the cybernetic environment of Signals Intelligence isolated in the process of research. The document provides a perspective for the processing of information in the cybernetic environment of Signals Intelligence, it fills the gap in research on information processing in the cybernetic environment of Signals Intelligence as well as assures strong theoretical basis and provides an incentive for further research on the information processing in the cybernetic environment of Signals Intelligence.

In this paper, we propose a novel pseudo-random beamforming technique with beam selection for improving physical-layer security (PLS) in a downlink cellular network where consists of a base station (BS) with Ntantennas, NMSlegitimate mobile stations (MSs), and NEeavesdroppers. In the proposed technique, the BS generates multiple candidates of beamforming matrix each of which consists of orthogonal beamforming vectors in a pseudo-random manner. Each legitimate MS opportunistically feeds back the received signal-to-interference-and-noise ratio (SINR) value for all beamforming vectors to the BS. The BS transmits data to the legitimate MSs with the optimal beamforming matrix among multiple beam forming matrices that maximizes the secrecy sum-rate. Simulation results show that the proposed technique outperforms the conventional random beamforming technique in terms of the achievable secrecy sum-rate.

Assuring the integrity of biometric fingerprint templates in fingerprint databases is of paramount importance. Fingerprint templates contain a set of fingerprint minutiae which are various points of interest in a fingerprint. Most times, it is assumed that the stored biometric fingerprint templates are well protected and, as such, researchers are more concerned with improving/developing biometric systems that will not suffer from an unacceptable rate of false alarms and/or missed detections. The introduction of forensic techniques into biometrics for biometric template manipulation detection is of great importance and little research has been carried in this area. This paper investigates possible forensic techniques that could be used for stored biometric fingerprint templates tampering detection. A Support Vector Machine (SVM) classification approach is used for this task. The original and tampered templates are used to train the SVM classifier. The fingerprint datasets from the Biometrics Ideal Test (BIT) [13] are used for training and testing the classifier. Our proposed approach detects alterations with an accuracy of 90.5%.

ZUC stream cipher is the first stream cipher developed independently by Chinese cryptologists as an international standard. The fast implementation of encryption algorithm is an important issue in cryptography application. At present, the research on ZUC stream cipher is mainly based on hardware implementation, and there are many efficient hardware implementations of ZUC stream cipher, but there are few efficient software implementations at present. This paper presents an efficient software design and implementation of ZUC stream cipher. Firstly, we propose the delayed modular, sliding window, and S-box optimizations to reduce the computational cost without modifying the calculation result of ZUC stream cipher. Secondly, single instruction multiple data instructions, reducing the times of memory access, loop unrolling optimization and other code optimization methods can improve the speed of encryption and decryption. Finally, we design and implementation a genetic algorithm to find the optimal sequence of optimizations in compiler. Experiments show that compared with the implementation of ZUC stream cipher given in the official document, these methods can give 102% performance improvement.

In this work, an approach for the automatic analysis of people trajectories is presented, using a multi-camera and card reader system. Data is first extracted from surveillance cameras and card readers to create trajectories which are sequences of paths and activities. A distance model is proposed to compare sequences and calculate similarities. The popular unsupervised model One-Class Support Vector Machine (One-Class SVM) is used to train a detector. The proposed method classifies trajectories as normal or abnormal and can be used in two modes: off-line and real-time. Experiments are based on data simulation corresponding to an attack scenario proposed by a security expert. Results show that the proposed method successfully detects the abnormal sequences in the scenario with very low false alarm rate.

Sparse representation of signals based on redundant dictionary is widely used in array signal processing. In this paper, a redundant dictionary construction method via genetic algorithm (GA) is proposed for array signal processing. The problem is formulated as a dictionary selection problem where the dictionary entries are produced by discretizing the angle space. We apply the orthogonality of the entries to evaluate the dictionary according to the Restricted Isometry Property (RIP). GA is used to discretize the angle space which can make the dictionary more orthogonal. Simulation results show that the proposed method can obtain a better division of angle, improving the orthogonality of dictionary effectively, and is suitable for arbitrary observation space compared with commonly used equal angle division and equal sine division.

Photonic networks-on-chip (PNoCs) enable high bandwidth on-chip data transfers by using photonic waveguides capable of dense-wave-length-division-multiplexing (DWDM) for signal traversal and microring resonators (MRs) for signal modulation. A Hardware Trojan in a PNoC can manipulate the electrical driving circuit of its MRs to cause the MRs to snoop data from the neighboring wavelength channels in a shared photonic waveguide. This introduces a serious security threat. This paper presents a novel framework called SOTERIA† that utilizes process variation based authentication signatures along with architecture-level enhancements to protect data in PNoC architectures from snooping attacks. Evaluation results indicate that our approach can significantly enhance the hardware security in DWDM-based PNoCs with minimal overheads of up to 10.6% in average latency and of up to 13.3% in energy-delay-product (EDP).

Aiming at the defect that the decoder does not need to be initialized before decoding and the attackers can easily reconstruct the decoder structure, a new method of codec improvement is proposed. The improved decoder can restore the original information sequence correctly only when the initial state of the coder and decoder is the same. The simulation results show that the improved chaotic codec structure has better confidentiality than the original structure.

In the present paper, a networked control system under both cyber and physical attacks Is considered. An adapted formulation of the problem under physical attacks, data deception and false data injection attacks, is used for controller synthesis. Based on the classical fault tolerant detection (FTD) tools, a residual generator for attack/fault detection based on observers is proposed. An event-triggered and Bilinear Matrix Inequality (BMI) implementation is proposed in order to achieve novel and better security strategy. The purpose in using this implementation would be to reduce (limit) the total number of transmissions to only instances when the networked control system (NCS) needs attention. It is important to note that the main contribution of this paper is to establish the adequate event-triggered and BMI-based methodology so that the particular structure of the mixed attacked/faulty structure can be re-formulated within the classical FTD paradigm. Experimental results are given to illustrate the developed approach efficiency on a pilot three-tank system. The plant model is presented and the proposed control design is applied to the system.

As a plethora of wearable devices are being introduced, significant concerns exist on the privacy and security of personal data stored on these devices. Expanding on recent works of using electrocardiogram (ECG) as a modality for biometric authentication, in this work, we investigate the possibility of using personal ECG signals as the individually unique source for physical unclonable function (PUF), which eventually can be used as the key for encryption and decryption engines. We present new signal processing and machine learning algorithms that learn and extract maximally different ECG features for different individuals and minimally different ECG features for the same individual over time. Experimental results with a large 741-subject in-house ECG database show that the distributions of the intra-subject (same person) Hamming distance of extracted ECG features and the inter-subject Hamming distance have minimal overlap. 256-b random numbers generated from the ECG features of 648 (out of 741) subjects pass the NIST randomness tests.

This paper investigates the physical layer security in a multibeam satellite communication system, where each legitimate user is surrounded by one eavesdropper. First of all, an optimization problem is formulated to maximize the sum of achievable secrecy rate, while satisfying the on-board satellite transmit power constraint. Then, two transmit beamforming(BF) schemes, namely, the zero-forcing (ZF) and the signal-to-leakage-and-noise ratio (SLNR) BF algorithms are proposed to obtain the BF weight vectors as well as power allocation coefficients. Finally, simulation results are provided to verify the validity of the two proposed methods and demonstrate that the SLNR BF algorithm outperforms the ZF BF algorithm.

In this paper, a simulation model of digital intermediate frequency (IF) GPS signal is presented. This design is developed based on mathematical model representing the digitized IF GPS signal. In details, C/A code, navigation data and P code, and the noise models are configured some initial settings simultaneously. Simulation results show that the simulated signals share the same properties with real signals (e.g. C/A code correlation properties, and the spread spectrum). The simulated GPS IF signal data can work as input for various signal processing algorithm of GPS receivers, such as acquisition, tracking, carrier-to-noise ratio (C/No) estimation, and GPS spoofing signal generation. Particularly, the simulated GPS signal can conduct scenarios by adjust SNR values of the noise generator during simulation (e.g. signal outages, sudden changes of GPS signal power), which can be used as setup experiments of spoofing/jamming interference to UAVs for drone security applications.

The conventional physical-layer (PHY) security approaches, e.g., transmit beamforming and artificial noise (AN)-based design, may fail when the channels of legitimate user (LU) and eavesdropper (Eve) are close correlated. Due to the highly directional transmission feature of millimeter-wave (mmWave), this may occur in mmWave transmissions as the transmitter, Eve and LU are aligned in the same direction exactly. To handle the PHY security problem with directionally-aligned LU and Eve, we propose a novel frequency diverse array (FDA) beamforming approach to differentiating the LU and Eve. By intentionally introducing some frequency offsets across the antennas, the FDA beamforming generates an angle-range dependent beampattern. As a consequence, it can degrade the Eve's reception and thus achieve PHY security. In this paper, we maximize the secrecy rate by jointly optimizing the frequency offsets and the beamformer. This secrecy rate maximization (SRM) problem is hard to solve due to the tightly coupled variables. Nevertheless, we show that it can be reformulated into a form depending only on the frequency offsets. Building upon this reformulation, we identify some cases where the SRM problem can be optimally solved in closed form. Numerical results demonstrate the efficacy of FDA beamforming in achieving PHY security, even for aligned LU and Eve.

The importance of the task of countering the means of unauthorized access is to preserve the integrity of restricted access information circulating in computer networks determines the relevance of investigating perspective methods of cryptographic transformations, which are characterized by high speed and reliability of encryption. The methods of information security in the telecommunication system were researched based on integration of encryption processes and noise-immune coding. The method for data encryption based on generic polynomials of cyclic codes, gamut of the dynamic chaos sequence, and timer coding was proposed. The expediency of using timer coding for increasing the cryptographic strength of the encryption system and compensating for the redundancy of the verification elements was substantiated. The method for cryptographic transformation of data based on the gamma sequence was developed, which is formed by combining numbers from different sources of dynamical chaos generators. The efficiency criterion was introduced for the integrated information transformation method.

In this paper, an improved cooperative jamming (CJ) strategy is developed for physical layer (PHY) security in a multi-hop wireless communication system which employs beamforming in the last hop. Users are assigned to independent groups based on the merger-and-split rule in a coalition game. The secrecy capacity for a valid coalition is a non-convex optimization problem which cannot easily be solved. Therefore, restrictions are added to transform this into a convex problem, and this is solved to obtain a suboptimal closed-form solution for the secrecy capacity. Simulation results are presented which show that the proposed strategy outperforms other methods such as non-cooperation, relay cooperation, and previous CJ approaches in terms of the secrecy capacity. Further, it is shown that the proposed multi-hop solution is suitable for long distance communication systems.

This paper describes and verifies a method of implementing bit error rate (BER) calculation for FPGA-based physical layer security techniques for Software Defined Radio (SDR). Specifically, we describe an independent source signal processing architecture for an efficient calculation of BER for wireless communication modules across the transmitter and receiver nodes. The source components at the transmitter and the receiver both generate identical random bits independently from each other, allowing for the received data to be compared to the original bit stream to calculate BER completely on hardware. The described method is implemented on a Xilinx Virtex-6 ML605 FPGA and reduces processing time by more than four orders of magnitude less than hardware simulation techniques in regression testing and validation over billions of bits, shortening design turn around times and accelerating Physical layer based security development for wireless communication research. The described independent source approach utilizes a minimal amount of board resources, allowing it to be integrated seamlessly into SDR hardware designs. Experimental validation of the independent source based BER calculation is performed for an Orthogonal Frequency Division Multiplexing signal, and a comparison between different stages of hardware design for the execution time required for BER testing of a large number of bits is provided.

Delay and security are both highly concerned in the Internet of Things (IoT). In this paper, we set up a secure analytical framework for IoT networks to characterize the network delay performance and secrecy performance. Firstly, stochastic geometry and queueing theory are adopted to model the location of IoT devices and the temporal arrival of packets. Based on this model, a low-complexity secure on-off scheme is proposed to improve the network performance. Then, the delay performance and secrecy performance are evaluated in terms of packet delay and packet secrecy outage probability. It is demonstrated that the intensity of IoT devices arouse a tradeoff between the delay and security and the secure on-off scheme can improve the network delay performance and secrecy performance. Moreover, secrecy transmission rate is adopted to reflect the delay-security tradeoff. The analytical and simulation results show the effects of intensity of IoT devices and secure on-off scheme on the network delay performance and secrecy performance.

Honeynet is deployed to trap attackers and learn their behavior patterns and motivations. Conventional honeynet is implemented by dedicated hardware and software. It suffers from inflexibility, high CAPEX and OPEX. There have been several virtualized honeynet architectures to solve those problems. But they lack a standard operating environment and common architecture for dynamic scheduling and adaptive resource allocation. Software Defined Security (SDS) framework has a centralized control mechanism and intelligent decision making ability for different security functions. In this paper, we present a new intelligent honeynet architecture based on SDS framework. It implements security functions over Network Function Virtualization Infrastructure (NFVI). Under uniform and intelligent control, security functional modules can be dynamically deployed and collaborated to complete different tasks. It migrates resources according to the workloads of each honeypot and power off unused modules. Simulation results show that intelligent honeynet has a better performance in conserving resources and reducing energy consumption. The new architecture can fit the needs of future honeynet development and deployment.

In this study, we present WindTalker, a novel and practical keystroke inference framework that allows an attacker to infer the sensitive keystrokes on a mobile device through WiFi-based side-channel information. WindTalker is motivated from the observation that keystrokes on mobile devices will lead to different hand coverage and the finger motions, which will introduce a unique interference to the multi-path signals and can be reflected by the channel state information (CSI). The adversary can exploit the strong correlation between the CSI fluctuation and the keystrokes to infer the user's number input. WindTalker presents a novel approach to collect the target's CSI data by deploying a public WiFi hotspot. Compared with the previous keystroke inference approach, WindTalker neither deploys external devices close to the target device nor compromises the target device. Instead, it utilizes the public WiFi to collect user's CSI data, which is easy-to-deploy and difficult-to-detect. In addition, it jointly analyzes the traffic and the CSI to launch the keystroke inference only for the sensitive period where password entering occurs. WindTalker can be launched without the requirement of visually seeing the smart phone user's input process, backside motion, or installing any malware on the tablet. We implemented Windtalker on several mobile phones and performed a detailed case study to evaluate the practicality of the password inference towards Alipay, the largest mobile payment platform in the world. The evaluation results show that the attacker can recover the key with a high successful rate.

We develop and evaluate a data hiding method that enables smartphones to encrypt and embed sensitive information into carrier streams of sensor data. Our evaluation considers multiple handsets and a variety of data types, and we demonstrate that our method has a computational cost that allows real-time data hiding on smartphones with negligible distortion of the carrier stream. These characteristics make it suitable for smartphone applications involving privacy-sensitive data such as medical monitoring systems and digital forensics tools.

When filling out privacy-related forms in public places such as hospitals or clinics, people usually are not aware that the sound of their handwriting leaks personal information. In this paper, we explore the possibility of eavesdropping on handwriting via nearby mobile devices based on audio signal processing and machine learning. By presenting a proof-of-concept system, WritingHacker, we show the usage of mobile devices to collect the sound of victims' handwriting, and to extract handwriting-specific features for machine learning based analysis. WritingHacker focuses on the situation where the victim's handwriting follows certain print style. An attacker can keep a mobile device, such as a common smart-phone, touching the desk used by the victim to record the audio signals of handwriting. Then the system can provide a word-level estimate for the content of the handwriting. To reduce the impacts of various writing habits and writing locations, the system utilizes the methods of letter clustering and dictionary filtering. Our prototype system's experimental results show that the accuracy of word recognition reaches around 50% - 60% under certain conditions, which reveals the danger of privacy leakage through the sound of handwriting.