Security Analysis of Phasor Measurement Units in Smart Grid Communication Infrastructures

Phasor Measurement Units (PMUs), or synchrophasors, are rapidly being deployed in the smart grid with the goal of measuring phasor quantities concurrently from wide area distribution substations. By utilizing GPS receivers, PMUs can take a wide area snapshot of power systems. Thus, the possibility of blackouts in the smart grid, the next generation power grid, will be reduced. As the main enabler of Wide Area Measurement Systems (WAMS), PMUs transmit measured values to Phasor Data Concentrators (PDCs) by the synchrophasor standard IEEE C37.118. IEC 61850 and IEC 62351 are the communication protocols for the substation automation system and the security standard for the communication protocol of IEC 61850, respectively. According to the aforementioned communication and security protocols, as well as the implementation constraints of different platforms, HMAC-SHA1 was suggested by the TC 57 WG group in October 2009. The hash-based Message Authentication Code (MAC) is an algorithm for verifying both message integrity and authentication by using an iterative hash function and a supplied secret key. There are a variety of security attacks on the PMU communications infrastructure. Timing Side Channel Attack (SCA) is one of these possible attacks. In this thesis, timing side channel vulnerability against execution time of the HMAC-SHA1 authentication algorithm is studied. Both linear and negative binomial regression are used to model some security features of the stored key, e.g., its length and Hamming weight. The goal is to reveal secret-related information based on leakage models. The results would mitigate the cryptanalysis process of an attacker. Adviser: Yi Qia

Machine Learning Attacks on Optical Physical Unclonable Functions

Traditional security algorithms for authentication and encryption rely heavily on the digital storage of secret information (e.g. cryptographic key), which is vulnerable to copying and destruction. An attractive alternative to digital storage is the storage of this secret information in the intrinsic, unpredictable, and non-reproducible features of a physical object. Such devices are termed physical unclonable functions (PUFs), and recent research proves that PUFs can resolve the vulnerabilities associated with digital key storage while otherwise maintaining the same level of security as traditional methods. Modern cryptographic algorithms rest on the shoulders of this one-way principle in certain mathematical algorithms (e.g. RSA or Rabin functions). However, a key difference between PUFs and traditional one-way algorithms is that conventional algorithms can be duplicated. Here, we investigate a silicon photonic PUF a novel cryptographic device based on ultrafast and nonlinear optical interactions within an integrated silicon photonic cavity. This work reviews the important properties of this device including high complexity of light interaction with the material, unpredictability of the response and ultrafast generation of private information. We further explore the resistance of silicon photonic PUFs against numerical modeling attacks and demonstrate the influence of cavity’s inherent nonlinear optical properties on the success of such attacks. Finally, we demonstrate encrypted data storage and compare the results of decryption using a genuine silicon PUF device the “clone” generated by the numerical algorithm. Finally, we provide similar analysis of modeling attacks on another well-known type of optical PUF, called the optical scattering PUF (OSPUF). While not as compatible with integration as the silicon photonic PUF, the OSPUF system is known to be extremely strong and resistant to adversarial attacks. By attacking a simulated model of OSPUF, we attempt to present the underlying reasons behind the strong security of this given device and how this security scales with the OSPUFs physical parameters

Designing and generating prototype for E-Governance based election strategy using biometric authentication and smart card device

Not availabl

Protecting the infrastructure: 3rd Australian information warfare & security conference 2002

The conference is hosted by the We-B Centre (working with a-business) in the School of Management Information System, the School of Computer & Information Sciences at Edith Cowan University. This year\u27s conference is being held at the Sheraton Perth Hotel in Adelaide Terrace, Perth. Papers for this conference have been written by a wide range of academics and industry specialists. We have attracted participation from both national and international authors and organisations. The papers cover many topics, all within the field of information warfare and its applications, now and into the future. The papers have been grouped into six streams: • Networks • IWAR Strategy • Security • Risk Management • Social/Education • Infrastructur

Novel resource provisioning and lightweight security protocols for IoT edge networks

This Ph.D. thesis introduces a novel dynamic resource allocation framework tailored for Edge Computing (EC) in Internet of Things (IoT) networks, addressing the pressing challenges posed by resource limitations and escalating user demands. Edge-driven IoT networks, characterized by their reliance on locally available computational resources from a heterogeneous ensemble of devices such as sensors, vehicles, and mobile phones, present unique challenges. These resources, in contrast to their cloud counterparts, exhibit inherent variability in terms of processing power, distribution, and operating system diversity. Moreover, their connectivity is subject to fluctuations, including failures, intermittent connections, and unpredictable network entry and exit events, rendering the EC network inherently dynamic. The inadequacy of existing solutions to effectively manage the dynamic nature of resource availability at the edge underscores the necessity for a resource allocation framework capable of adapting to these dynamic conditions. To this end, we propose a dynamic resource allocation framework that dynamically assigns computational and network resources. This framework aims to minimize average service delays and achieve resource utilization balance at the edge. To realize this objective, two resource allocation models are developed using TensorFlow: a classification-based approach and a regression-based approach. Experimental results in dynamic environments demonstrate remarkable performance improvements, with the regression model achieving an 87% task completion rate within specified time constraints and the classification model achieving 56%. To underscore the practicality and efficiency of our proposed framework, two real-world use cases are explored. The first use case deals with the detection of spoofing attacks in autonomous vehicles (AVs) using Shadow Analyzer, a technique that identifies ghost object attacks with reduced 2D data derived from 3D point cloud information. The second use case focuses on the implementation of homomorphic encryption for secure communication, presenting a novel distributed approach to Fully Homomorphic Encryption (FHE)-based data processing. To validate the applicability and efficiency of our framework, extensive simulation experiments are conducted across various scenarios and operational conditions on a hardware testbed. These experiments yield promising results, establishing the viability of our dynamic resource allocation framework in addressing the dynamic challenges posed by resource availability at the edge in IoT networks

Journal of Telecommunications and Information Technology, 2019, nr 1

kwartalni

Dictionary of privacy, data protection and information security

The Dictionary of Privacy, Data Protection and Information Security explains the complex technical terms, legal concepts, privacy management techniques, conceptual matters and vocabulary that inform public debate about privacy. The revolutionary and pervasive influence of digital technology affects numerous disciplines and sectors of society, and concerns about its potential threats to privacy are growing. With over a thousand terms meticulously set out, described and cross-referenced, this Dictionary enables productive discussion by covering the full range of fields accessibly and comprehensively. In the ever-evolving debate surrounding privacy, this Dictionary takes a longer view, transcending the details of today''s problems, technology, and the law to examine the wider principles that underlie privacy discourse. Interdisciplinary in scope, this Dictionary is invaluable to students, scholars and researchers in law, technology and computing, cybersecurity, sociology, public policy and administration, and regulation. It is also a vital reference for diverse practitioners including data scientists, lawyers, policymakers and regulators

Physical Security of Cryptographic Algorithm Implementations

This thesis deals with physical attacks on implementations of cryptographic algorithms and countermeasures against these attacks. Physical attacks exploit properties of an implementation to recover secret cryptographic keys. Particularly vulnerable to physical attacks are embedded devices. In the area of side-channel analysis, this thesis addresses attacks that exploit observations of power consumption or electromagnetic leakage of the device and target symmetric cryptographic algorithms. First, this work proposes a new combination of two well-known attacks that is more efficient than each of the attacks individually. Second, this work studies attacks exploiting leakage induced by microprocessor cache mechanism, suggesting an algorithm that can recover the secret key in the presence of uncertainties in cache event detection from side-channel acquisitions. Third, practical side-channel attacks are discovered against the AES engine of the AVR XMEGA, a recent versatile microcontroller. In the area of fault analysis, this thesis extends existing attacks against the RSA digital signature algorithm implemented with the Chinese remainder theorem to a setting where parts of the signed message are unknown to the attacker. The new attacks are applicable in particular to several widely used standards in modern smart card applications. In the area of countermeasures, this work proposes a new algorithm for random delay generation in embedded software. The new algorithm is more efficient than the previously suggested algorithms since it introduces more uncertainty for the attacker with less performance overhead. The results presented in this thesis are practically validated in experiments with general-purpose 8-bit AVR and 32-bit ARM microcontrollers that are used in many embedded devices

Disruptive Technologies with Applications in Airline & Marine and Defense Industries

Disruptive Technologies With Applications in Airline, Marine, Defense Industries is our fifth textbook in a series covering the world of Unmanned Vehicle Systems Applications & Operations On Air, Sea, and Land. The authors have expanded their purview beyond UAS / CUAS / UUV systems that we have written extensively about in our previous four textbooks. Our new title shows our concern for the emergence of Disruptive Technologies and how they apply to the Airline, Marine and Defense industries. Emerging technologies are technologies whose development, practical applications, or both are still largely unrealized, such that they are figuratively emerging into prominence from a background of nonexistence or obscurity. A Disruptive technology is one that displaces an established technology and shakes up the industry or a ground-breaking product that creates a completely new industry.That is what our book is about. The authors think we have found technology trends that will replace the status quo or disrupt the conventional technology paradigms.The authors have collaborated to write some explosive chapters in Book 5:Advances in Automation & Human Machine Interface; Social Media as a Battleground in Information Warfare (IW); Robust cyber-security alterative / replacement for the popular Blockchain Algorithm and a clean solution for Ransomware; Advanced sensor technologies that are used by UUVs for munitions characterization, assessment, and classification and counter hostile use of UUVs against U.S. capital assets in the South China Seas. Challenged the status quo and debunked the climate change fraud with verifiable facts; Explodes our minds with nightmare technologies that if they come to fruition may do more harm than good; Propulsion and Fuels: Disruptive Technologies for Submersible Craft Including UUVs; Challenge the ammunition industry by grassroots use of recycled metals; Changing landscape of UAS regulations and drone privacy; and finally, Detailing Bioterrorism Risks, Biodefense, Biological Threat Agents, and the need for advanced sensors to detect these attacks.https://newprairiepress.org/ebooks/1038/thumbnail.jp