The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
With the progress of the network and technology, the perfect combination of mobile intelligent terminal and internet, people are increasingly dependent on intelligent terminals. So, it was very necessary of a model for assessing the security performance of mobile intelligent terminals, especially to establish the objective model of the security performance of mobile intelligent terminal. In this paper,...
In this paper we propose a scheme that unconditional secure transmission is used to implement information reconciliation in key generation. Unconditional secure transmission achieved by associating MIMO beamforming with security code can be safe and reliable. Theoretically, the reconciliation and privacy amplification phase can take advantage of the unconditional communication security to reconciling...
The reciprocity of the wireless and the randomness of channel characteristic is the basis of physical layer key generation technology based on the channel. The complete key generation technologies include five steps that channel probing, channel feature extraction, quantification, reconciliation and privacy application. There are many theories and simulation prove the feasibility of key extraction...
In this poster, we propose leveraging intercontroller communication between two or more controllers in Software Defined Networks (SDNs) to inform other controllers about potential attacks so that they can proactively apply a mitigation strategy. We demonstrate and measure the effectiveness of our method by running a series of tests in an emulated network. We analyze our test results in terms of reducing...
Attack graphs constitute a powerful security tool aimed at modelling the many ways in which an attacker may compromise different assets in a network. Despite their usefulness in several security-related activities (e.g. hardening, monitoring, forensics), the complexity of these graphs can massively grow as the network becomes denser and larger, thus defying their practical usability. In this presentation,...
This work presents a novel scheme which reinforces strength of encryption keys in low-power and low-rate wireless sensor networks (WSNs). The proposed algorithm utilizes pseudo-random features of physical layer (PHY) of the communication stack to enable time-evolution of network keys increasing their complexity and reliability. This scalable and light-weight scheme is suitable for large networks of...
In this paper, we investigate the cryptanalysis of stream ciphers, and evaluate the enhancement to security that can be gained when the ciphertext is error prone by analyzing specific attack algorithm. The stream ciphers that we investigate here have a keystream generator that is based on linear-feedback shift registers (LFSRs). In particular, we characterize the security of these ciphers when the...
We address security and trust in the context of a commercial IP camera. We take a hands-on approach, as we not only define abstract vulnerabilities, but we actually implement the attacks on a real camera. We then discuss the nature of the attacks and the root cause; we propose a formal model of trust that can be used to address the vulnerabilities by explicitly constraining compositionality for trust...
Data centers availability is mandatory and is conditioned by a quick response to failures and attacks thanks to efficient live forensics. However, this task is lately impossible to complete with classic systems because of encountered data rates and service diversity. Moreover, Software-Defined Networking (SDN) devices agility requirements prevent the use of Application Specific Integrated Circuits...
For over a decade now, cross-site request forgery (CSRF) has been persistently named one of the OWASP's top 10 Web vulnerabilities. Recently, a variant of CSRF — named cross-site framing attack (CSFA) — has also been identified. Both attacks are very simple to implement/execute while resulting in potentially devastating consequences for the victim. What distinguishes the two attacks is their ultimate...
The objective of the PKA encryption scheme is to complement, or replace, existing Public Key Infrastructures (PKI) [1]. In this scheme, the initialization step is based on the secure exchange of addressable cryptographic tables between the communicating parties. These tables are generated either with random numbers, or with arrays of addressable Physical Unclonable Function (PUFs). The subsequent...
Deception plays a critical role in many interactions in communication and network security. Game-theoretic models called “cheap talk signaling games” capture the dynamic and information-asymmetric nature of deceptive interactions. But signaling games inherently model undetectable deception. In this paper, we investigate a model of signaling games in which the receiver can detect deception with some...
The protection of content confidentiality as well as of access and pattern confidentiality of data moved to the cloud have been recently the subject of several investigations. The distributed shuffle index addresses these issues by randomly partitioning data among three independent cloud providers. In this paper, we describe the implementation of the distributed shuffle index in the high-performance...
Cloud Computing represents one of the most significant shifts in information technology and it enables to provide cloud-based security service such as Security-as-a-service (SECaaS). Improving of the cloud computing technologies, the traditional SIEM paradigm is able to shift to cloud-based security services. In this paper, we propose the SIEM architecture that can be deployed to the SECaaS platform...
Automatic Generation Control (AGC) is a key control system in the power grid. It is used to calculate the Area Control Error (ACE) based on frequency and tie-line power flow between balancing areas, and then adjust power generation to maintain the power system frequency in an acceptable range. However, attackers might inject malicious frequency or tie-line power flow measurements to mislead AGC to...
In modern train control systems, a moving train retrieves its location information through passive transponders called balises, which are placed on the sleepers of the track at regular intervals. When the train-borne antenna energizes them using tele-powering signals, balises backscatter preprogrammed telegrams, which carry information about the train's current location. Since the telegrams are static...
This paper proposes a simple non-iterative technique for detecting false data injection attacks on alternating current (AC) state estimators. The proposed method uses the nodal power injections and line power flows from the supervisory control and data acquisition (SCADA) system and voltage magnitudes and angles from phasor measurement units (PMUs) to the detect the false data injection attack. As...
Integrated with cloud computing technologies, a large-scale cyber-physical system (CPS) can outsource its extensive computations to a cloud, creating a cloud-enabled CPS (CE-CPS). However, outsourcing the computation to an untrusted cloud may expose the privacy of the data in the CPS. To this end, this paper presents a secure and practical mechanism to securely outsource the output feedback control...
As more components of Cyber-Physical Systems (CPSes) get interconnected, their protection becomes imperative. For instance, Networked CPSes (NCPSes) which consist of multiple CPSes have greater attack surfaces given the added communication layer among member CPSes, and the inter-dependency between their physical and cyber subsystems. In particular, an attack on one subsystem may affect both. While...
The interplay between an intrusion detection mechanism and a false data injection mechanism is investigated in this work in the context of an infinite horizon Linear Quadratic Gaussian Control System (LQG). A game theoretic framework is proposed between the attacker, who wishes to impair the operation of the control system while remaining stealthy, and the detector, who wishes to detect the presence...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.