Biblio

Flow correlation can identify attackers who use anonymous networks or stepping stones. The current flow correlation scheme based on watermark can effectively trace the network traffic. But it is difficult to balance robustness and invisibility. This paper presents an innovative flow correlation scheme that guarantees invisibility. First, the scheme generates a two-dimensional feature matrix by segmenting the network flow. Then, features of frequency and time are extracted from the matrix and mapped into perceptual hash sequences. Finally, by comparing the hash sequence similarity to correlate the network flow, the scheme reduces the complexity of the correlation while ensuring the accuracy of the flow correlation. Experimental results show that our scheme is robust to jitter, packet insertion and loss.

The identification of spectrum opportunities is a pivotal requirement for efficient spectrum utilization in cognitive radio systems. Spectrum prediction offers a convenient means for revealing such opportunities based on the previously obtained occupancies. As spectrum occupancy states are correlated over time, spectrum prediction is often cast as a predictable time-series process using classical or deep learning-based models. However, this variety of methods exploits time-domain correlation and overlooks the existing correlation over frequency. In this paper, differently from previous works, we investigate a more realistic scenario by exploiting correlation over time and frequency through a 2D-long short-term memory (LSTM) model. Extensive experimental results show a performance improvement over conventional spectrum prediction methods in terms of accuracy and computational complexity. These observations are validated over the real-world spectrum measurements, assuming a frequency range between 832-862 MHz where most of the telecom operators in Turkey have private uplink bands.

The growing complexity of modern electronic systems often leads to the design of more sophisticated power delivery networks (PDNs). Similar to other system-level shared resources, the on-board PDN unintentionally introduces side channels across design layers and voltage domains, despite the fact that PDNs are not part of the functional design. Recent work have demonstrated that exploitation of the side channel can compromise the system security (i.e. information leakage and fault injection). In this work, we systematically investigate the PDN-based side channel as well as the countermeasures. To facilitate our goal, we develop PowerScout, a security-oriented PDN simulation framework that unifies the modeling of different PDN-based side-channel attacks. PowerScout performs fast nodal analysis of complex PDNs at the system level to quantitatively evaluate the severity of side-channel vulnerabilities. With the support of PowerScout, for the first time, we validate PDN side-channel attacks in literature through simulation results. Further, we are able to quantitatively measure the security impact of PDN parameters and configurations. For example, towards information leakage, removing near-chip capacitors can increase intra-chip information leakage by a maximum of 23.23dB at mid-frequency and inter-chip leakage by an average of 31.68dB at mid- and high-frequencies. Similarly, the optimal toggling frequency and duty cycle are derived to achieve fault injection attacks with higher success rate and more precise control.

Carrier-aided code tracking loop is widely used in satellite navigation receivers. This kind of loop structure can reduce code tracking noise by narrowing the bandwidth of code tracking loop. The performance of carrier-aided code tracking loop in receivers is affected by frequency deviation of reference clock source. This paper analyzes the influence of carrier frequency offset and sampling frequency offset on carrier-aided code tracking loop due to reference clock offset. The results show that large frequency offset can cause code tracking loop lose lock, code tracking loop is more sensitive to sampling frequency deviation and increasing the loop bandwidth can reduce the effects of frequency offset. This analysis provides reference for receiver tracking loop design.

A frequency domain (FD) time-reversal (TR) pre-coder is proposed to perform physical layer security (PLS) in single-input single-output (SISO) system using orthogonal frequency-division multiplexing (OFDM). To maximize the secrecy of the communication, the design of an artificial noise (AN) signal well-suited to the proposed FD TR-based OFDM SISO system is derived. This new scheme guarantees the secrecy of a communication toward a legitimate user when the channel state information (CSI) of a potential eavesdropper is not known. In particular, we derive an AN signal that does not corrupt the data transmission to the legitimate receiver but degrades the decoding performance of the eavesdropper. A closed-form approximation of the AN energy to inject is defined in order to maximize the secrecy rate (SR) of the communication. Simulation results are presented to demonstrate the security performance of the proposed secure FD TR SISO OFDM system.

The continuous change of communication frequency brings difficulties to the reconnaissance and prediction of non-cooperative communication. The core of this communication process is the frequency-hopping (FH) sequence with pseudo-random characteristics, which controls carrier frequency hopping. However, FH sequence is always generated by a certain model and is a kind of time sequence with certain regularity. Long Short-Term Memory (LSTM) neural network in deep learning has been proved to have strong ability to solve time series problems. Therefore, in this paper, we establish LSTM model to implement FH sequence prediction. The simulation results show that LSTM-based scheme can effectively predict frequency point by point based on historical HF frequency data. Further, we achieve frequency interval prediction based on frequency point prediction.

Cross-term interference exists in the WVD of multi-component signals in time-frequency analysis, and the STFT is limited by Heisenberg uncertainty criterion. For multicomponent signals under noisy background, this paper proposes an improved STFT-Wigner algorithm, which establishes a threshold based on the exponential multiplication result compared to the original algorithm, so as to weaken the cross term and reduce the impact of noise on the signal, and improve the time-frequency aggregation of the signal. Simulation results show that the improved algorithm has higher time-frequency aggregation than other methods. Similarly, for cross-term suppression, our method is superior to many other TF analysis methods in low signal-to-noise ratio (SNR) environment.

The classification of encrypted traffic has received increased attention by the research community in the cyber-security domains and network management domains. Classification of encrypted traffic can also expose privacy threats as the activities of an user can be detected and identified. This paper investigates the novel application of Time Frequency analysis to encrypted traffic classification. Features extracted from encrypted traffic are normalized and transformed to time series on which different time frequency transforms are applied. In particular, the constant-Q transform (CQT), the Continuous Wavelet Transform and the Wigner-Ville distribution are used. Then, different machine learning algorithms are applied to identify the different types of traffic. This approach is validated with the public ISCX VPN-nonVPN traffic dataset with time-based features extracted from the encrypted traffic. The results show the superior classification performance (evaluated using identification, precision and recall metrics) of the time frequency approach across different machine learning algorithms. Because analysis of encrypted traffic can also generate privacy threats, a technique to obfuscate the time based features and reduce the classification performance is also applied and successfully validated.

Hardware security has long been an important issue in the current IC design. In this paper, a hardware Trojan detection method based on frequency domain characteristics of power consumption is proposed. For some HTs, it is difficult to detect based on the time domain characteristics, these types of hardware Trojan can be analyzed in the frequency domain, and Mahalanobis distance is used to classify designs with or without HTs. The experimental results demonstrate that taking 10% distance as the criterion, the hardware Trojan detection results in the frequency domain have almost no failure cases in all the tested designs.

This work proposes a plausible detection scheme for Hardware Trojan (HT) detection in frequency domain analysis. Due to shrinking technology every node consumes low power values (in the range of $μ$W) which are difficult to manipulate for HT detection using conventional methods. The proposed method utilizes the time domain power signals which is converted to frequency domain that represents the implausible signals and analyzed. The precision of HT detection is found to be increased because of the magnified power values in frequency domain. This work uses ISCAS89 bench mark circuits for conducting experiments. In this, the wide range of power values that spans from 695 $μ$W to 22.3 $μ$W are observed in frequency domain whereas the respective powers in time domain have narrow span of 2.29 $μ$W to 0.783 $μ$W which is unconvincing. This work uses the wide span of power values to identify HT and observed that the mid-band of frequencies have larger footprints than the side bands. These methods intend to help the designers in easy identification of HT even of single gate events.