6,738 research outputs found
Practical security of continuous-variable quantum key distribution with reduced optical attenuation
In a practical CVQKD system, the optical attenuator can adjust the
Gaussian-modulated coherent states and the local oscillator signal to an
optimal value for guaranteeing the security of the system and optimizing the
performance of the system. However, the performance of the optical attenuator
may deteriorate due to the intentional and unintentional damage of the device.
In this paper, we investigate the practical security of a CVQKD system with
reduced optical attenuation. We find that the secret key rate of the system may
be overestimated based on the investigation of parameter estimation under the
effects of reduced optical attenuation. This opens a security loophole for Eve
to successfully perform an intercept-resend attack in a practical CVQKD system.
To close this loophole, we add an optical fuse at Alice's output port and
design a scheme to monitor the level of optical attenuation in real time, which
can make the secret key rate of the system evaluated precisely. The analysis
shows that these countermeasures can effectively resist this potential attack.Comment: 9 pages, 8 figure
Cyber-Physical Systems Security: a Systematic Mapping Study
Cyber-physical systems are integrations of computation, networking, and
physical processes. Due to the tight cyber-physical coupling and to the
potentially disrupting consequences of failures, security here is one of the
primary concerns. Our systematic mapping study sheds some light on how security
is actually addressed when dealing with cyber-physical systems. The provided
systematic map of 118 selected studies is based on, for instance, application
fields, various system components, related algorithms and models, attacks
characteristics and defense strategies. It presents a powerful comparison
framework for existing and future research on this hot topic, important for
both industry and academia.Comment: arXiv admin note: text overlap with arXiv:1205.5073 by other author
Can Predictive Filters Detect Gradually Ramping False Data Injection Attacks Against PMUs?
Intelligently designed false data injection (FDI) attacks have been shown to
be able to bypass the -test based bad data detector (BDD), resulting in
physical consequences (such as line overloads) in the power system. In this
paper, it is shown that if an attack is suddenly injected into the system, a
predictive filter with sufficient accuracy is able to detect it. However, an
attacker can gradually increase the magnitude of the attack to avoid detection,
and still cause damage to the system.Comment: 6 pages, 5 figures, submitted to SmartGridComm 201
Cyber-Security in Smart Grid: Survey and Challenges
Smart grid uses the power of information technology to intelligently deliver
energy to customers by using a two-way communication, and wisely meet the
environmental requirements by facilitating the integration of green
technologies. Although smart grid addresses several problems of the traditional
grid, it faces a number of security challenges. Because communication has been
incorporated into the electrical power with its inherent weaknesses, it has
exposed the system to numerous risks. Several research papers have discussed
these problems. However, most of them classified attacks based on
confidentiality, integrity, and availability, and they excluded attacks which
compromise other security criteria such as accountability. In addition, the
existed security countermeasures focus on countering some specific attacks or
protecting some specific components, but there is no global approach which
combines these solutions to secure the entire system. The purpose of this paper
is to provide a comprehensive overview of the relevant published works. First,
we review the security requirements. Then, we investigate in depth a number of
important cyber-attacks in smart grid to diagnose the potential vulnerabilities
along with their impact. In addition, we proposed a cyber security strategy as
a solution to address breaches, counter attacks, and deploy appropriate
countermeasures. Finally, we provide some future research directions
A GPS spoofing detection and classification correlator-based technique using the LASSO
This work proposes a global navigation satellite system (GNSS) spoofing
detection and classification technique for single antenna receivers. We
formulate an optimization problem at the baseband correlator domain by using
the Least Absolute Shrinkage and Selection Operator (LASSO). We model
correlator tap outputs of the received signal to form a dictionary of
triangle-shaped functions and leverage sparse signal processing to choose a
decomposition of shifted matching triangles from said dictionary. The optimal
solution of this minimization problem discriminates the presence of a potential
spoofing attack peak by observing a decomposition of two different code-phase
values (authentic and spoofed) in a sparse vector output. We use a threshold to
mitigate false alarms. Furthermore, we present a variation of the minimization
problem by enhancing the dictionary to a higher-resolution of shifted
triangles. The proposed technique can be implemented as an advanced
fine-acquisition monitoring tool to aid in the tracking loops for spoofing
mitigation. In our experiments, we are able to distinguish authentic and
spoofer peaks from synthetic data simulations and from a real dataset, namely,
the Texas Spoofing Test Battery (TEXBAT). The proposed method achieves 0.3%
detection error rate (DER) for a spoofer attack in nominal signal-to-noise
ratio (SNR) conditions for an authentic-over-spoofer power of 3 dB.Comment: IEEE Transactions on Aerospace and Electronic Systems, [Early
Access], Apr. 202
Audio-replay attack detection countermeasures
This paper presents the Speech Technology Center (STC) replay attack
detection systems proposed for Automatic Speaker Verification Spoofing and
Countermeasures Challenge 2017. In this study we focused on comparison of
different spoofing detection approaches. These were GMM based methods, high
level features extraction with simple classifier and deep learning frameworks.
Experiments performed on the development and evaluation parts of the challenge
dataset demonstrated stable efficiency of deep learning approaches in case of
changing acoustic conditions. At the same time SVM classifier with high level
features provided a substantial input in the efficiency of the resulting STC
systems according to the fusion systems results.Comment: 11 pages, 3 figures, accepted for Specom 201
Towards robust audio spoofing detection: a detailed comparison of traditional and learned features
Automatic speaker verification, like every other biometric system, is
vulnerable to spoofing attacks. Using only a few minutes of recorded voice of a
genuine client of a speaker verification system, attackers can develop a
variety of spoofing attacks that might trick such systems. Detecting these
attacks using the audio cues present in the recordings is an important
challenge. Most existing spoofing detection systems depend on knowing the used
spoofing technique. With this research, we aim at overcoming this limitation,
by examining robust audio features, both traditional and those learned through
an autoencoder, that are generalizable over different types of replay spoofing.
Furthermore, we provide a detailed account of all the steps necessary in
setting up state-of-the-art audio feature detection, pre-, and postprocessing,
such that the (non-audio expert) machine learning researcher can implement such
systems. Finally, we evaluate the performance of our robust replay speaker
detection system with a wide variety and different combinations of both
extracted and machine learned audio features on the `out in the wild' ASVspoof
2017 dataset. This dataset contains a variety of new spoofing configurations.
Since our focus is on examining which features will ensure robustness, we base
our system on a traditional Gaussian Mixture Model-Universal Background Model.
We then systematically investigate the relative contribution of each feature
set. The fused models, based on both the known audio features and the machine
learned features respectively, have a comparable performance with an Equal
Error Rate (EER) of 12. The final best performing model, which obtains an EER
of 10.8, is a hybrid model that contains both known and machine learned
features, thus revealing the importance of incorporating both types of features
when developing a robust spoofing prediction model
Quantum Hacking on Quantum Key Distribution using Homodyne Detection
Imperfect devices in commercial quantum key distribution systems open
security loopholes that an eavesdropper may exploit. An example of one such
imperfection is the wavelength dependent coupling ratio of the fiber beam
splitter. Utilizing this loophole, the eavesdropper can vary the transmittances
of the fiber beam splitter at the receiver's side by inserting lights with
wavelengths different from what is normally used. Here, we propose a wavelength
attack on a practical continuous-variable quantum key distribution system using
homodyne detection. By inserting light pulses at different wavelengths, this
attack allows the eavesdropper to bias the shot noise estimation even if it is
done in real time. Based on experimental data, we discuss the feasibility of
this attack and suggest a prevention scheme by improving the previously
proposed countermeasures.Comment: 8 pages, 3 figures. PRA accepte
Threats, Protection and Attribution of Cyber Attacks on Critical Infrastructures
As Critical National Infrastructures are becoming more vulnerable to cyber
attacks, their protection becomes a significant issue for any organization as
well as a nation. Moreover, the ability to attribute is a vital element of
avoiding impunity in cyberspace. In this article, we present main threats to
critical infrastructures along with protective measures that one nation can
take, and which are classified according to legal, technical, organizational,
capacity building, and cooperation aspects. Finally we provide an overview of
current methods and practices regarding cyber attribution and cyber peace
keepin
Architecture for Community-scale Critical Infrastructure Coordination for Security and Resilience
Our Critical Infrastructure (CI) systems are, by definition, critical to the
safe and proper functioning of society. Nearly all of these systems utilize
industrial Process Control Systems (PCS) to provide clean water, reliable
electricity, critical manufacturing, and many other services within our
communities - yet most of these PCS incorporate very little cyber-security
countermeasures. Cyber-attacks on CI are becoming an attractive target. While
many vendor solutions are starting to be deployed at CI sites, these solutions
are largely based on network monitoring for intrusion detection. As such, they
are not process-aware, nor do they account for inter dependencies among other
CI sites in their community. What is proposed is an architecture for
coordinating all CI within a community, which defines characteristics to
enhance its integration, its resilience to failure and attack, and its ultimate
acceptance by CI operators
- …