Asymmetric Leakage from Multiplier and Collision-Based Single-Shot Side-Channel Attack

The single-shot collision attack on RSA proposed by Hanley et al. is studied focusing on the difference between two operands of multiplier. It is shown that how leakage from integer multiplier and long-integer multiplication algorithm can be asymmetric between two operands. The asymmetric leakage is verified with experiments on FPGA and micro-controller platforms. Moreover, we show an experimental result in which success and failure of the attack is determined by the order of operands. Therefore, designing operand order can be a cost-effective countermeasure. Meanwhile we also show a case in which a particular countermeasure becomes ineffective when the asymmetric leakage is considered. In addition to the above main contribution, an extension of the attack by Hanley et al. using the signal-processing technique of Big Mac Attack is presented

RISK ASSESSMENT OF MALICIOUS ATTACKS AGAINST POWER SYSTEMS

The new scenarios of malicious attack prompt for their deeper consideration and mainly when critical systems are at stake. In this framework, infrastructural systems, including power systems, represent a possible target due to the huge impact they can have on society. Malicious attacks are different in their nature from other more traditional cause of threats to power system, since they embed a strategic interaction between the attacker and the defender (characteristics that cannot be found in natural events or systemic failures). This difference has not been systematically analyzed by the existent literature. In this respect, new approaches and tools are needed. This paper presents a mixed-strategy game-theory model able to capture the strategic interactions between malicious agents that may be willing to attack power systems and the system operators, with its related bodies, that are in charge of defending them. At the game equilibrium, the different strategies of the two players, in terms of attacking/protecting the critical elements of the systems, can be obtained. The information about the attack probability to various elements can be used to assess the risk associated with each of them, and the efficiency of defense resource allocation is evidenced in terms of the corresponding risk. Reference defense plans related to the online defense action and the defense action with a time delay can be obtained according to their respective various time constraints. Moreover, risk sensitivity to the defense/attack-resource variation is also analyzed. The model is applied to a standard IEEE RTS-96 test system for illustrative purpose and, on the basis of that system, some peculiar aspects of the malicious attacks are pointed ou

Autonomous Vehicles:The Cybersecurity Vulnerabilities and Countermeasures for Big Data Communication

The possible applications of communication based on big data have steadily increased in several industries, such as the autonomous vehicle industry, with a corresponding increase in security challenges, including cybersecurity vulnerabilities (CVs). The cybersecurity-related symmetry of big data communication systems used in autonomous vehicles may raise more vulnerabilities in the data communication process between these vehicles and IoT devices. The data involved in the CVs may be encrypted using an asymmetric and symmetric algorithm. Autonomous vehicles with proactive cybersecurity solutions, power-based cyberattacks, and dynamic countermeasures are the modern issues/developments with emerging technology and evolving attacks. Research on big data has been primarily focused on mitigating CVs and minimizing big data breaches using appropriate countermeasures known as security solutions. In the future, CVs in data communication between autonomous vehicles (DCAV), the weaknesses of autonomous vehicular networks (AVN), and cyber threats to network functions form the primary security issues in big data communication, AVN, and DCAV. Therefore, efficient countermeasure models and security algorithms are required to minimize CVs and data breaches. As a technique, policies and rules of CVs with proxy and demilitarized zone (DMZ) servers were combined to enhance the efficiency of the countermeasure. In this study, we propose an information security approach that depends on the increasing energy levels of attacks and CVs by identifying the energy levels of each attack. To show the results of the performance of our proposed countermeasure, CV and energy consumption are compared with different attacks. Thus, the countermeasures can secure big data communication and DCAV using security algorithms related to cybersecurity and effectively prevent CVs and big data breaches during data communication

Internet of Things-aided Smart Grid: Technologies, Architectures, Applications, Prototypes, and Future Research Directions

Traditional power grids are being transformed into Smart Grids (SGs) to address the issues in existing power system due to uni-directional information flow, energy wastage, growing energy demand, reliability and security. SGs offer bi-directional energy flow between service providers and consumers, involving power generation, transmission, distribution and utilization systems. SGs employ various devices for the monitoring, analysis and control of the grid, deployed at power plants, distribution centers and in consumers' premises in a very large number. Hence, an SG requires connectivity, automation and the tracking of such devices. This is achieved with the help of Internet of Things (IoT). IoT helps SG systems to support various network functions throughout the generation, transmission, distribution and consumption of energy by incorporating IoT devices (such as sensors, actuators and smart meters), as well as by providing the connectivity, automation and tracking for such devices. In this paper, we provide a comprehensive survey on IoT-aided SG systems, which includes the existing architectures, applications and prototypes of IoT-aided SG systems. This survey also highlights the open issues, challenges and future research directions for IoT-aided SG systems

Great East Japan Earthquake, JR East Mitigation Successes, and Lessons for California High-Speed Rail, MTI Report 12-37

California and Japan both experience frequent seismic activity, which is often damaging to infrastructure. Seismologists have developed systems for detecting and analyzing earthquakes in real-time. JR East has developed systems to mitigate the damage to their facilities and personnel, including an early earthquake detection system, retrofitting of existing facilities for seismic safety, development of more seismically resistant designs for new facilities, and earthquake response training and exercises for staff members. These systems demonstrated their value in the Great East Japan Earthquake of 2011 and have been further developed based on that experience. Researchers in California are developing an earthquake early warning system for the state, and the private sector has seismic sensors in place. These technologies could contribute to the safety of the California High-Speed Rail Authority’s developing system, which could emulate the best practices demonstrated in Japan in the construction of the Los Angeles-to-San Jose segment

Securing Our Future Homes: Smart Home Security Issues and Solutions

The Internet of Things, commonly known as IoT, is a new technology transforming businesses, individuals’ daily lives and the operation of entire countries. With more and more devices becoming equipped with IoT technology, smart homes are becoming increasingly popular. The components that make up a smart home are at risk for different types of attacks; therefore, security engineers are developing solutions to current problems and are predicting future types of attacks. This paper will analyze IoT smart home components, explain current security risks, and suggest possible solutions. According to “What is a Smart Home” (n.d.), a smart home is a home that always operates in consideration of security, energy, efficiency and convenience, whether anyone is home or not

Toward a sustainable cybersecurity ecosystem

© 2020 by the authors. Licensee MDPI, Basel, Switzerland. Cybersecurity issues constitute a key concern of today’s technology-based economies. Cybersecurity has become a core need for providing a sustainable and safe society to online users in cyberspace. Considering the rapid increase of technological implementations, it has turned into a global necessity in the attempt to adapt security countermeasures, whether direct or indirect, and prevent systems from cyberthreats. Identifying, characterizing, and classifying such threats and their sources is required for a sustainable cyber-ecosystem. This paper focuses on the cybersecurity of smart grids and the emerging trends such as using blockchain in the Internet of Things (IoT). The cybersecurity of emerging technologies such as smart cities is also discussed. In addition, associated solutions based on artificial intelligence and machine learning frameworks to prevent cyber-risks are also discussed. Our review will serve as a reference for policy-makers from the industry, government, and the cybersecurity research community