A Novel Seed Based Random Interleaving for OFDM System and Its PHY Layer Security Implications

Wireless channels are characterized by multipath and fading that can often cause long burst of errors. Even though, to date, many very sophisticated error correcting codes have been designed, yet none can handle long burst of errors efficiently. An interleaver, a device that distributes a burst of errors, possibly caused by a deep fade, and makes them appear as simple random errors, therefore, proves to a very useful technique when used in conjunction with an efficient error correcting code. In this work, a novel near optimal seed based random interleaver is designed. An optimal interleaver scatters a given burst of errors uniformly over a fixed block of data - a property that is measured by so called ‘spread’. The design makes use of a unique seed based pseudo-random sequence generator or logistic map based chaotic sequence generator to scramble the given block of data. Since the proposed design is based on a seed based scrambler, the nature of input is irrelevant. Therefore, the proposed interleaver can interleave either the bits or the symbols or the packets or even the frames. Accordingly, in this work, we analyze the suitability of interleaver when introduced before or after the modulation in single carrier communication systems and show that interleaving the bits before modulation or interleaving the symbols after modulation has same advantage. We further show that, in an orthogonal frequency division multiplexing (OFDM) systems, the position of interleaver, whether before or after constellation mapper, has no significance, and is interchangeable. However, scrambling symbols is computationally less expensive than scrambling bits. For the purpose of analyzing the performance of the proposed seed based random interleaver, simulations are carried out in MATLAB®. Results show that our proposed seed based random interleaver has near optimal properties of ‘spread’ and ‘dispersion’. Furthermore, the proposed interleaver is evaluated in terms of bit error rate (BER) versus length of burst error in a single carrier system both before and after modulation. The proposed interleaver out-performs the built in RANDINTLV in MATLAB® when used in the same system. It shows that proposed interleaver can convert greater amount of burst errors into simple random errors than that of MATLAB® interleaver. The proposed interleaver is also tested in IEEE 802.16e based WiMAX system with Stanford University Interim (SUI) channels to compare the performance of average BER versus SNR for both pre modulation and post modulation interleaver. Results show that pre modulation interleaver and post modulation has same performance. There is also a side advantage of this seed based interleaver, in that it generates a variety of unique random-looking interleaving sequences. Only a receiver that has the knowledge of the input seed can generate this sequence and no one else. If the interleaving patterns are kept secure then it can possibly be used to introduce an extra layer of security at physical (PHY) layer. In that way, at PHY layer, one builds an additional entry barrier to break through and it comes with no extra cost. This property has been investigated by carrying out key sensitivity analysis to show that the attacks to guess key can be very futile, as difference at 4th decimal place in the initial condition can lead to entirely different scrambling

The need for polymorphic encryption algorithms: A review paper

Current symmetric ciphers including the Advanced Encryption Standard (AES) are deterministic and open. Using standard ciphers is necessary for interoperability. However, it gives the potential opponent significant leverage, as it facilitates all the knowledge and time he needs to design effective attacks. In this review paper, we highlight prominent contributions in the field of symmetric encryption. Furthermore, we shed light on some contributions that aim at mitigating potential threats when using standard symmetric ciphers. Furthermore, we highlight the need for more practical contributions in the direction of polymorphic or multishape ciphers

A Novel Seed Based Random Interleaving for OFDM System and Its PHY Layer Security Implications

Wireless channels are characterized by multipath and fading that can often cause long burst of errors. Even though, to date, many very sophisticated error correcting codes have been designed, yet none can handle long burst of errors efficiently. An interleaver, a device that distributes a burst of errors, possibly caused by a deep fade, and makes them appear as simple random errors, therefore, proves to a very useful technique when used in conjunction with an efficient error correcting code. In this work, a novel near optimal seed based random interleaver is designed. An optimal interleaver scatters a given burst of errors uniformly over a fixed block of data - a property that is measured by so called 'spread'. The design makes use of a unique seed based pseudo-random sequence generator or logistic map based chaotic sequence generator to scramble the given block of data. Since the proposed design is based on a seed based scrambler, the nature of input is irrelevant. Therefore, the proposed interleaver can interleave either the bits or the symbols or the packets or even the frames. Accordingly, in this work, we analyze the suitability of interleaver when introduced before or after the modulation in single carrier communication systems and show that interleaving the bits before modulation or interleaving the symbols after modulation has same advantage. We further show that, in an orthogonal frequency division multiplexing (OFDM) systems, the position of interleaver, whether before or after constellation mapper, has no significance, and is interchangeable. However, scrambling symbols is computationally less expensive than scrambling bits. For the purpose of analyzing the performance of the proposed seed based random interleaver, simulations are carried out in MA TLAB®. Results show that our proposed seed based random interleaver has near optimal properties of 'spread' and 'dispersion'. Furthermore, the proposed interleaver is evaluated in terms of bit error rate (BER) versus length of burst error in a single carrier system both before and after modulation. The proposed interleaver out-performs the built in RANDINTLV in MA TLAB® when used in the same system. It shows that proposed inter Ieaver can convert greater amount of burst errors into simple random errors than that of MA TLAB® interleaver. The proposed interleaver is also tested in IEEE 802.16e based WiMAX system with Stanford University Interim (SUI) channels to compare the performance of average BER versus SNR for both pre modulation and post modulation interleaver. Results show that pre modulation interleaver and post modulation has same performance. There is also a side advantage of this seed based interleaver, in that it generates a variety of unique random-looking interleaving sequences. Only a receiver that has the knowledge of the input seed can generate this sequence and no one else. If the interleaving patterns are kept secure then it can possibly be used to introduce an extra layer of security at physical (PHY) layer. In that way, at PHY layer, one builds an additional entry barrier to break through and it comes with no extra cost. This property has been investigated by carrying out key sensitivity analysis to show that the attacks to guess key can be very futile, as difference at 41 h decimal place in the initial condition can lead to entirely different scrambling

METODY ZAPEWNIENIA BEZPIECZEŃSTWA DANYCH W STANDARDACH MOBILNYCH

The analysis of mobile communication standards is carried out, the functional structure and interfaces of interaction between the structural elements of the cellular network are considered. To understand the principle of communication according to the GSM standard, a block diagram of a mobile switching center (MSC), base station equipment (BSS), control and service center (MCC), mobile stations (MS) is presented. The main algorithms for ensuring the confidentiality and security of mobile subscribers' data, in different types of standards, as well as the vulnerabilities of information flows are considered. In particular, the following dangerous types of attacks have been identified, to which mobile network subscribers are sensitive: sniffing; leakage of personal data; leakage of geolocation data; spoofing; remote capture of SIM-card, execution of arbitrary code (RCE); denial of service (DoS). It is established that the necessary function of the mobile network is the identification of subscribers, which is performed by IMSI, which is recorded in the SIM card of the subscriber and the HLR of the operator. To protect against spoofing, the network authenticates the subscriber before starting its service. In the case of subscriber identification, the subscriber and the network operator are protected from the effects of fraudulent access. In addition, the user must be protected from eavesdropping. This is achieved by encrypting the data transmitted over the radio interface. Thus, user authentication in UMTS, as well as in the GSM network, is carried out using encryption with a common key using the "hack-response" protocol (the authenticating party sends a random number to the authenticated party, which encrypts it according to a certain algorithm using a common key and returns the result back).Przeprowadzana jest analiza standardów komunikacji mobilnej, rozważana jest struktura funkcjonalna i interfejsy interakcji między elementami strukturalnymi sieci komórkowej. Aby zrozumieć zasadę komunikacji w standardzie GSM, przedstawiono schemat blokowy centrali ruchomej (MSC), wyposażenia stacji bazowej (BSS), centrum sterowania i obsługi (MCC), stacji ruchomych (MS). Rozważane są główne algorytmy zapewniające poufność i bezpieczeństwo danych abonentów telefonii komórkowej, w różnych typach standardów, a także podatności na przepływ informacji. W szczególności zidentyfikowano następujące niebezpieczne rodzaje ataków, na które podatni są abonenci sieci komórkowych: sniffing; wyciek danych osobowych; wyciek danych geolokalizacyjnych; podszywanie się; zdalne przechwytywanie karty SIM, wykonanie dowolnego kodu (RCE); odmowa usługi (DoS). Ustalono, że niezbędną funkcją sieci komórkowej jest identyfikacja abonentów, która jest realizowana przez IMSI, która jest zapisywana na karcie SIM abonenta i HLR operatora. Aby zabezpieczyć się przed podszywaniem się, sieć uwierzytelnia subskrybenta przed uruchomieniem usługi. W przypadku identyfikacji abonenta, abonent i operator sieci są chronieni przed skutkami nieuprawnionego dostępu. Ponadto użytkownik musi być chroniony przed podsłuchem. Osiąga się to poprzez szyfrowanie danych przesyłanych przez interfejs radiowy. Tak więc uwierzytelnianie użytkownika w UMTS, jak również w sieci GSM, odbywa się z wykorzystaniem szyfrowania wspólnym kluczem z wykorzystaniem protokołu „hack-response” (strona uwierzytelniająca wysyła do strony uwierzytelnianej losową liczbę, która ją szyfruje zgodnie z pewien algorytm używający wspólnego klucza i zwraca wynik z powrotem)

Crowdfunding Non-fungible Tokens on the Blockchain

Non-fungible tokens (NFTs) have been used as a way of rewarding content creators. Artists publish their works on the blockchain as NFTs, which they can then sell. The buyer of an NFT then holds ownership of a unique digital asset, which can be resold in much the same way that real-world art collectors might trade paintings. However, while a deal of effort has been spent on selling works of art on the blockchain, very little attention has been paid to using the blockchain as a means of fundraising to help finance the artist’s work in the first place. Additionally, while blockchains like Ethereum are ideal for smaller works of art, additional support is needed when the artwork is larger than is feasible to store on the blockchain. In this paper, we propose a fundraising mechanism that will help artists to gain financial support for their initiatives, and where the backers can receive a share of the profits in exchange for their support. We discuss our prototype implementation using the SpartanGold framework. We then discuss how this system could be expanded to support large NFTs with the 0Chain blockchain, and describe how we could provide support for ongoing storage of these NFTs

Fake Malware Generation Using HMM and GAN

In the past decade, the number of malware attacks have grown considerably and, more importantly, evolved. Many researchers have successfully integrated state-of-the-art machine learning techniques to combat this ever present and rising threat to information security. However, the lack of enough data to appropriately train these machine learning models is one big challenge that is still present. Generative modelling has proven to be very efficient at generating image-like synthesized data that can match the actual data distribution. In this paper, we aim to generate malware samples as opcode sequences and attempt to differentiate them from the real ones with the goal to build fake malware data that can be used to effectively train the machine learning models. We use and compare different Generative Adversarial Networks (GAN) algorithms and Hidden Markov Models (HMM) to generate such fake samples obtaining promising results

Security for networked smart healthcare systems: A systematic review

Background and Objectives Smart healthcare systems use technologies such as wearable devices, Internet of Medical Things and mobile internet technologies to dynamically access health information, connect patients to health professionals and health institutions, and to actively manage and respond intelligently to the medical ecosystem's needs. However, smart healthcare systems are affected by many challenges in their implementation and maintenance. Key among these are ensuring the security and privacy of patient health information. To address this challenge, several mitigation measures have been proposed and some have been implemented. Techniques that have been used include data encryption and biometric access. In addition, blockchain is an emerging security technology that is expected to address the security issues due to its distributed and decentralized architecture which is similar to that of smart healthcare systems. This study reviewed articles that identified security requirements and risks, proposed potential solutions, and explained the effectiveness of these solutions in addressing security problems in smart healthcare systems. Methods This review adhered to the Preferred Reporting Items for Systematic Reviews and Meta-analysis (PRISMA) guidelines and was framed using the Problem, Intervention, Comparator, and Outcome (PICO) approach to investigate and analyse the concepts of interest. However, the comparator is not applicable because this review focuses on the security measures available and in this case no comparable solutions were considered since the concept of smart healthcare systems is an emerging one and there are therefore, no existing security solutions that have been used before. The search strategy involved the identification of studies from several databases including the Cumulative Index of Nursing and Allied Health Literature (CINAL), Scopus, PubMed, Web of Science, Medline, Excerpta Medical database (EMBASE), Ebscohost and the Cochrane Library for articles that focused on the security for smart healthcare systems. The selection process involved removing duplicate studies, and excluding studies after reading the titles, abstracts, and full texts. Studies whose records could not be retrieved using a predefined selection criterion for inclusion and exclusion were excluded. The remaining articles were then screened for eligibility. A data extraction form was used to capture details of the screened studies after reading the full text. Of the searched databases, only three yielded results when the search strategy was applied, i.e., Scopus, Web of science and Medline, giving a total of 1742 articles. 436 duplicate studies were removed. Of the remaining articles, 801 were excluded after reading the title, after which 342 after were excluded after reading the abstract, leaving 163, of which 4 studies could not be retrieved. 159 articles were therefore screened for eligibility after reading the full text. Of these, 14 studies were included for detailed review using the formulated research questions and the PICO framework. Each of the 14 included articles presented a description of a smart healthcare system and identified the security requirements, risks and solutions to mitigate the risks. Each article also summarized the effectiveness of the proposed security solution. Results The key security requirements reported were data confidentiality, integrity and availability of data within the system, with authorisation and authentication used to support these key security requirements. The identified security risks include loss of data confidentiality due to eavesdropping in wireless communication mediums, authentication vulnerabilities in user devices and storage servers, data fabrication and message modification attacks during transmission as well as while the data is at rest in databases and other storage devices. The proposed mitigation measures included the use of biometric accessing devices; data encryption for protecting the confidentiality and integrity of data; blockchain technology to address confidentiality, integrity, and availability of data; network slicing techniques to provide isolation of patient health data in 5G mobile systems; and multi-factor authentication when accessing IoT devices, servers, and other components of the smart healthcare systems. The effectiveness of the proposed solutions was demonstrated through their ability to provide a high level of data security in smart healthcare systems. For example, proposed encryption algorithms demonstrated better energy efficiency, and improved operational speed; reduced computational overhead, better scalability, efficiency in data processing, and better ease of deployment. Conclusion This systematic review has shown that the use of blockchain technology, biometrics (fingerprints), data encryption techniques, multifactor authentication and network slicing in the case of 5G smart healthcare systems has the potential to alleviate possible security risks in smart healthcare systems. The benefits of these solutions include a high level of security and privacy for Electronic Health Records (EHRs) systems; improved speed of data transaction without the need for a decentralized third party, enabled by the use of blockchain. However, the proposed solutions do not address data protection in cases where an intruder has already accessed the system. This may be potential avenues for further research and inquiry