11,133 research outputs found
MATHEMATICAL MODEL OF THE SYSTEM OF ACTIVE PROTECTION AGAINST EAVESDROPPING OF SPEECH INFORMATION ON THE SCRAMBLER GENERATOR
The development of reliable systems for protecting speech information that can protect it from being intercepted by cybercriminals is a fundamental task of the security service of organizations and firms. For these purposes, active jamming systems are used at the border of the controlled area. The main element of such systems is noise generators. However, in many cases, “white” noise and its clones are used as interference, which makes it possible for an attacker to gain unauthorized access. The structure and mathematical model of a speech information protection system based on a scrambler-type noise generator is proposed. The transition in such systems of protection of speech information to this structure allows to abandon the outdated, ineffective in modern conditions, energy noise of speech information and move on to a more productive method – information (linguistic) masking. An analysis of the destructive effect of this type of interference shows its high resistance to modern methods of mathematical processing of digital phonograms (wavelet transform, correlation-spectral analysis, etc.), filtering interference, and dividing the voices of speakers. Studies of the mathematical model in the environment of Matlab 15 R2015a/Simulink show the high efficiency of such a protection system and a decrease in the signal-to-noise ratio with a residual speech intelligibility of 0.1 by 6...9 dBA. This leads to a decrease in noise in the room and beyond, which positively affects the bioacoustic characteristics of the premises, improves working conditions and staff productivity, and also reduces the unmasking performance of the objec
Physical-Layer Security with Multiuser Scheduling in Cognitive Radio Networks
In this paper, we consider a cognitive radio network that consists of one
cognitive base station (CBS) and multiple cognitive users (CUs) in the presence
of multiple eavesdroppers, where CUs transmit their data packets to CBS under a
primary user's quality of service (QoS) constraint while the eavesdroppers
attempt to intercept the cognitive transmissions from CUs to CBS. We
investigate the physical-layer security against eavesdropping attacks in the
cognitive radio network and propose the user scheduling scheme to achieve
multiuser diversity for improving the security level of cognitive transmissions
with a primary QoS constraint. Specifically, a cognitive user (CU) that
satisfies the primary QoS requirement and maximizes the achievable secrecy rate
of cognitive transmissions is scheduled to transmit its data packet. For the
comparison purpose, we also examine the traditional multiuser scheduling and
the artificial noise schemes. We analyze the achievable secrecy rate and
intercept probability of the traditional and proposed multiuser scheduling
schemes as well as the artificial noise scheme in Rayleigh fading environments.
Numerical results show that given a primary QoS constraint, the proposed
multiuser scheduling scheme generally outperforms the traditional multiuser
scheduling and the artificial noise schemes in terms of the achievable secrecy
rate and intercept probability. In addition, we derive the diversity order of
the proposed multiuser scheduling scheme through an asymptotic intercept
probability analysis and prove that the full diversity is obtained by using the
proposed multiuser scheduling.Comment: 12 pages. IEEE Transactions on Communications, 201
ZigBee/ZigBee PRO security assessment based on compromised cryptographic keys
Sensor networks have many applications in monitoring and controlling of environmental properties such as sound, acceleration, vibration and temperature. Due to limited
resources in computation capability, memory and energy, they are vulnerable to many kinds of attacks. The ZigBee specification based on the 802.15.4 standard, defines a set of layers specifically suited to sensor networks. These layers support secure messaging using symmetric cryptographic. This paper presents two different ways for grabbing the cryptographic key in ZigBee: remote attack and physical attack. It also surveys and categorizes some additional attacks which can be performed on ZigBee networks: eavesdropping, spoofing, replay and DoS attacks at different layers. From this analysis, it is shown that some vulnerabilities still in the existing security schema in ZigBee technology.Les xarxes de sensors tenen moltes aplicacions en el control i la monitorització de les propietats del medi ambient, com ara el so, l¿acceleració, la vibració i la temperatura. A causa dels limitats recursos en la capacitat de càlcul, la memòria i l'energia són vulnerables a molts tipus d'atacs. L'especificació ZigBee basada en l'estàndard 802.15.4, defineix un conjunt de capes, adaptada específicament per a xarxes de sensors. Aquestes capes suporten missatgeria segura mitjançant criptografia simètrica. Aquest article presenta dues formes diferents per agafar la clau de xifrat en ZigBee: atac a distància i atacs físics. També les enquesta i classifica alguns atacs addicionals que es poden realitzar en les xarxes ZigBee: espionatge, falsificació, reproducció i atacs DoS en les diferents capes. A partir d'aquesta anàlisi, es demostren algunes vulnerabilitats existents en l'esquema de seguretat en tecnologia ZigBee.Las redes de sensores tienen muchas aplicaciones en el control y la monitorización de las propiedades del medio ambiente, como el sonido, la aceleración, la vibración y la temperatura. Debido a los limitados recursos en la capacidad de cálculo, la memoria y la energía son vulnerables a muchos tipos de ataques. La especificación ZigBee basada en el estándar 802.15.4, define un conjunto de capas, adaptada específicamente para redes de sensores. Estas capas soportan mensajería segura mediante criptografía simétrica. Este artículo presenta dos formas diferentes para coger la clave de cifrado en ZigBee: ataque a distancia y ataques físicos. También las encuesta y clasifica algunos ataques adicionales que se pueden realizar en las redes ZigBee: espionaje, falsificación, reproducción y ataques DoS en las diferentes capas. A partir de este análisis, se demuestran algunas vulnerabilidades existentes en el esquema de seguridad en tecnología ZigBee
Attack Resilience and Recovery using Physical Challenge Response Authentication for Active Sensors Under Integrity Attacks
Embedded sensing systems are pervasively used in life- and security-critical
systems such as those found in airplanes, automobiles, and healthcare.
Traditional security mechanisms for these sensors focus on data encryption and
other post-processing techniques, but the sensors themselves often remain
vulnerable to attacks in the physical/analog domain. If an adversary
manipulates a physical/analog signal prior to digitization, no amount of
digital security mechanisms after the fact can help. Fortunately, nature
imposes fundamental constraints on how these analog signals can behave. This
work presents PyCRA, a physical challenge-response authentication scheme
designed to protect active sensing systems against physical attacks occurring
in the analog domain. PyCRA provides security for active sensors by continually
challenging the surrounding environment via random but deliberate physical
probes. By analyzing the responses to these probes, and by using the fact that
the adversary cannot change the underlying laws of physics, we provide an
authentication mechanism that not only detects malicious attacks but provides
resilience against them. We demonstrate the effectiveness of PyCRA through
several case studies using two sensing systems: (1) magnetic sensors like those
found wheel speed sensors in robotics and automotive, and (2) commercial RFID
tags used in many security-critical applications. Finally, we outline methods
and theoretical proofs for further enhancing the resilience of PyCRA to active
attacks by means of a confusion phase---a period of low signal to noise ratio
that makes it more difficult for an attacker to correctly identify and respond
to PyCRA's physical challenges. In doing so, we evaluate both the robustness
and the limitations of PyCRA, concluding by outlining practical considerations
as well as further applications for the proposed authentication mechanism.Comment: Shorter version appeared in ACM ACM Conference on Computer and
Communications (CCS) 201
Lightweight Mutual Authentication Protocol for Low Cost RFID Tags
Radio Frequency Identification (RFID) technology one of the most promising
technologies in the field of ubiquitous computing. Indeed, RFID technology may
well replace barcode technology. Although it offers many advantages over other
identification systems, there are also associated security risks that are not
easy to be addressed. When designing a real lightweight authentication protocol
for low cost RFID tags, a number of challenges arise due to the extremely
limited computational, storage and communication abilities of Low-cost RFID
tags. This paper proposes a real mutual authentication protocol for low cost
RFID tags. The proposed protocol prevents passive attacks as active attacks are
discounted when designing a protocol to meet the requirements of low cost RFID
tags. However the implementation of the protocol meets the limited abilities of
low cost RFID tags.Comment: 11 Pages, IJNS
- …