Practical security of continuous-variable quantum key distribution with reduced optical attenuation

In a practical CVQKD system, the optical attenuator can adjust the Gaussian-modulated coherent states and the local oscillator signal to an optimal value for guaranteeing the security of the system and optimizing the performance of the system. However, the performance of the optical attenuator may deteriorate due to the intentional and unintentional damage of the device. In this paper, we investigate the practical security of a CVQKD system with reduced optical attenuation. We find that the secret key rate of the system may be overestimated based on the investigation of parameter estimation under the effects of reduced optical attenuation. This opens a security loophole for Eve to successfully perform an intercept-resend attack in a practical CVQKD system. To close this loophole, we add an optical fuse at Alice's output port and design a scheme to monitor the level of optical attenuation in real time, which can make the secret key rate of the system evaluated precisely. The analysis shows that these countermeasures can effectively resist this potential attack.Comment: 9 pages, 8 figure

Cyber-Physical Systems Security: a Systematic Mapping Study

Cyber-physical systems are integrations of computation, networking, and physical processes. Due to the tight cyber-physical coupling and to the potentially disrupting consequences of failures, security here is one of the primary concerns. Our systematic mapping study sheds some light on how security is actually addressed when dealing with cyber-physical systems. The provided systematic map of 118 selected studies is based on, for instance, application fields, various system components, related algorithms and models, attacks characteristics and defense strategies. It presents a powerful comparison framework for existing and future research on this hot topic, important for both industry and academia.Comment: arXiv admin note: text overlap with arXiv:1205.5073 by other author

Can Predictive Filters Detect Gradually Ramping False Data Injection Attacks Against PMUs?

Intelligently designed false data injection (FDI) attacks have been shown to be able to bypass the $\chi^2$-test based bad data detector (BDD), resulting in physical consequences (such as line overloads) in the power system. In this paper, it is shown that if an attack is suddenly injected into the system, a predictive filter with sufficient accuracy is able to detect it. However, an attacker can gradually increase the magnitude of the attack to avoid detection, and still cause damage to the system.Comment: 6 pages, 5 figures, submitted to SmartGridComm 201

Cyber-Security in Smart Grid: Survey and Challenges

Smart grid uses the power of information technology to intelligently deliver energy to customers by using a two-way communication, and wisely meet the environmental requirements by facilitating the integration of green technologies. Although smart grid addresses several problems of the traditional grid, it faces a number of security challenges. Because communication has been incorporated into the electrical power with its inherent weaknesses, it has exposed the system to numerous risks. Several research papers have discussed these problems. However, most of them classified attacks based on confidentiality, integrity, and availability, and they excluded attacks which compromise other security criteria such as accountability. In addition, the existed security countermeasures focus on countering some specific attacks or protecting some specific components, but there is no global approach which combines these solutions to secure the entire system. The purpose of this paper is to provide a comprehensive overview of the relevant published works. First, we review the security requirements. Then, we investigate in depth a number of important cyber-attacks in smart grid to diagnose the potential vulnerabilities along with their impact. In addition, we proposed a cyber security strategy as a solution to address breaches, counter attacks, and deploy appropriate countermeasures. Finally, we provide some future research directions

A GPS spoofing detection and classification correlator-based technique using the LASSO

This work proposes a global navigation satellite system (GNSS) spoofing detection and classification technique for single antenna receivers. We formulate an optimization problem at the baseband correlator domain by using the Least Absolute Shrinkage and Selection Operator (LASSO). We model correlator tap outputs of the received signal to form a dictionary of triangle-shaped functions and leverage sparse signal processing to choose a decomposition of shifted matching triangles from said dictionary. The optimal solution of this minimization problem discriminates the presence of a potential spoofing attack peak by observing a decomposition of two different code-phase values (authentic and spoofed) in a sparse vector output. We use a threshold to mitigate false alarms. Furthermore, we present a variation of the minimization problem by enhancing the dictionary to a higher-resolution of shifted triangles. The proposed technique can be implemented as an advanced fine-acquisition monitoring tool to aid in the tracking loops for spoofing mitigation. In our experiments, we are able to distinguish authentic and spoofer peaks from synthetic data simulations and from a real dataset, namely, the Texas Spoofing Test Battery (TEXBAT). The proposed method achieves 0.3% detection error rate (DER) for a spoofer attack in nominal signal-to-noise ratio (SNR) conditions for an authentic-over-spoofer power of 3 dB.Comment: IEEE Transactions on Aerospace and Electronic Systems, [Early Access], Apr. 202

Audio-replay attack detection countermeasures

This paper presents the Speech Technology Center (STC) replay attack detection systems proposed for Automatic Speaker Verification Spoofing and Countermeasures Challenge 2017. In this study we focused on comparison of different spoofing detection approaches. These were GMM based methods, high level features extraction with simple classifier and deep learning frameworks. Experiments performed on the development and evaluation parts of the challenge dataset demonstrated stable efficiency of deep learning approaches in case of changing acoustic conditions. At the same time SVM classifier with high level features provided a substantial input in the efficiency of the resulting STC systems according to the fusion systems results.Comment: 11 pages, 3 figures, accepted for Specom 201

Towards robust audio spoofing detection: a detailed comparison of traditional and learned features

Automatic speaker verification, like every other biometric system, is vulnerable to spoofing attacks. Using only a few minutes of recorded voice of a genuine client of a speaker verification system, attackers can develop a variety of spoofing attacks that might trick such systems. Detecting these attacks using the audio cues present in the recordings is an important challenge. Most existing spoofing detection systems depend on knowing the used spoofing technique. With this research, we aim at overcoming this limitation, by examining robust audio features, both traditional and those learned through an autoencoder, that are generalizable over different types of replay spoofing. Furthermore, we provide a detailed account of all the steps necessary in setting up state-of-the-art audio feature detection, pre-, and postprocessing, such that the (non-audio expert) machine learning researcher can implement such systems. Finally, we evaluate the performance of our robust replay speaker detection system with a wide variety and different combinations of both extracted and machine learned audio features on the `out in the wild' ASVspoof 2017 dataset. This dataset contains a variety of new spoofing configurations. Since our focus is on examining which features will ensure robustness, we base our system on a traditional Gaussian Mixture Model-Universal Background Model. We then systematically investigate the relative contribution of each feature set. The fused models, based on both the known audio features and the machine learned features respectively, have a comparable performance with an Equal Error Rate (EER) of 12. The final best performing model, which obtains an EER of 10.8, is a hybrid model that contains both known and machine learned features, thus revealing the importance of incorporating both types of features when developing a robust spoofing prediction model

Quantum Hacking on Quantum Key Distribution using Homodyne Detection

Imperfect devices in commercial quantum key distribution systems open security loopholes that an eavesdropper may exploit. An example of one such imperfection is the wavelength dependent coupling ratio of the fiber beam splitter. Utilizing this loophole, the eavesdropper can vary the transmittances of the fiber beam splitter at the receiver's side by inserting lights with wavelengths different from what is normally used. Here, we propose a wavelength attack on a practical continuous-variable quantum key distribution system using homodyne detection. By inserting light pulses at different wavelengths, this attack allows the eavesdropper to bias the shot noise estimation even if it is done in real time. Based on experimental data, we discuss the feasibility of this attack and suggest a prevention scheme by improving the previously proposed countermeasures.Comment: 8 pages, 3 figures. PRA accepte

Threats, Protection and Attribution of Cyber Attacks on Critical Infrastructures

As Critical National Infrastructures are becoming more vulnerable to cyber attacks, their protection becomes a significant issue for any organization as well as a nation. Moreover, the ability to attribute is a vital element of avoiding impunity in cyberspace. In this article, we present main threats to critical infrastructures along with protective measures that one nation can take, and which are classified according to legal, technical, organizational, capacity building, and cooperation aspects. Finally we provide an overview of current methods and practices regarding cyber attribution and cyber peace keepin

Architecture for Community-scale Critical Infrastructure Coordination for Security and Resilience

Our Critical Infrastructure (CI) systems are, by definition, critical to the safe and proper functioning of society. Nearly all of these systems utilize industrial Process Control Systems (PCS) to provide clean water, reliable electricity, critical manufacturing, and many other services within our communities - yet most of these PCS incorporate very little cyber-security countermeasures. Cyber-attacks on CI are becoming an attractive target. While many vendor solutions are starting to be deployed at CI sites, these solutions are largely based on network monitoring for intrusion detection. As such, they are not process-aware, nor do they account for inter dependencies among other CI sites in their community. What is proposed is an architecture for coordinating all CI within a community, which defines characteristics to enhance its integration, its resilience to failure and attack, and its ultimate acceptance by CI operators