Optical TEMPEST

Research on optical TEMPEST has moved forward since 2002 when the first pair of papers on the subject emerged independently and from widely separated locations in the world within a week of each other. Since that time, vulnerabilities have evolved along with systems, and several new threat vectors have consequently appeared. Although the supply chain ecosystem of Ethernet has reduced the vulnerability of billions of devices through use of standardised PHY solutions, other recent trends including the Internet of Things (IoT) in both industrial settings and the general population, High Frequency Trading (HFT) in the financial sector, the European General Data Protection Regulation (GDPR), and inexpensive drones have made it relevant again for consideration in the design of new products for privacy. One of the general principles of security is that vulnerabilities, once fixed, sometimes do not stay that way.Comment: 6 pages, 2 figures; accepted to the International Symposium and Exhibition on Electromagnetic Compatibility (EMC Europe 2018), 27--30 August 2018, in Amsterdam, The Netherland

Powerline Communication in Home-Building Automation Systems

Domotics, Smart Home Systems, Ambient Intelligence are all terms that describe the intelligent cooperation of several different equipments to manage the home environment in an intelligent, safe and comfortable way. The same idea is also applicable to bigger constructions, and in that case it takes the name of Building Automation. Whatever term one wants to use, it refers to a multidisciplinary field that includes informatics, electronics, automation and telecommunication, and also touches fields like building constructions and architecture. In fact, during the process of designing a building, people have to consider appropriate spaces for the electric plant, and if the presence of a domotic system is planned, it is better to take it into account during the design phase, just to optimize spaces, the amount of used wires, the position of the modules and so on. There are really many home system producers in the world (Smart Home Systems, EIB-Konnex, Lonworks, Bticino, Vimar, Duemmegi, EasyDom Corporation, Futurware, Digital Cybermasters, Hills Home Systems, Intellihome etc, just to mention a few) , and their products differ from each others in many characteristics, such as functionality, dimension, weight, typology of installation, materials, net topology, power consumes, aesthetic appearance, communication protocol and communication mean. Regarding this last point, the majority of the domotic systems, especially in Europe, tend to use a dedicated bus cable to exchange data among modules, to make the communication link more robust and reliable. Lately, using radio communication is in fashion, but radio modules, respect to their equivalent standard ones, are more expensive, and in the bargain many people don’t want to use them due to the fear of radio signals (even if it were proved that they are completely harmless). Another communication mean, that is often not taken into account, is the powerline. In point of fact, using the installed poweline wires to send information is a very smart idea: there is no additional cost to install other dozens of meters of wires, there is not the necessity to break the walls and to do building works at home, there are no interferences with other devices (like in the radio communication case) or reflection problems (like in the infrared case), there is the possibility to put the modules in every place (it is sufficient to have an electrical socket in the nearness, or to use an extension cable), there is no need to have an extra power source (usually, in a bus cable domotic system, there is a direct voltage generated by a power supply and distribuited on the whole domotic net). Moreover, powerline communication (PLC, also called BPL in the USA, where the acronym stays for Broadband over Power Line, or NPL, Narroband over Power Line) is not only used in a home environment to create a virtual net among domotic modules, but is also used on the power distribution net to perform actions like reading the electricity meter, monitoring the power consumes and the state of a building, finding faults along the net, detecting illegal electricity usages and to solve the so-called last mile problem , that is the problem related to the final leg of delivering connectivity from a communications provider to a customer. In fact a cheap possibility to cover this final leg is using powerline communication. The intent of this work is therefore to illustrate, going into more details, advantages and disadvantages of the powerline communication systems (PLCS), to show the differences between PLCS for power distribution net and PLCS for home and building environments, to indagate the methods to send data over the powerline, to explain which are the automations that is possible to connect and to control in a powerline domotic system and to show some case studies tackled by the authors

Internet of Things-aided Smart Grid: Technologies, Architectures, Applications, Prototypes, and Future Research Directions

Traditional power grids are being transformed into Smart Grids (SGs) to address the issues in existing power system due to uni-directional information flow, energy wastage, growing energy demand, reliability and security. SGs offer bi-directional energy flow between service providers and consumers, involving power generation, transmission, distribution and utilization systems. SGs employ various devices for the monitoring, analysis and control of the grid, deployed at power plants, distribution centers and in consumers' premises in a very large number. Hence, an SG requires connectivity, automation and the tracking of such devices. This is achieved with the help of Internet of Things (IoT). IoT helps SG systems to support various network functions throughout the generation, transmission, distribution and consumption of energy by incorporating IoT devices (such as sensors, actuators and smart meters), as well as by providing the connectivity, automation and tracking for such devices. In this paper, we provide a comprehensive survey on IoT-aided SG systems, which includes the existing architectures, applications and prototypes of IoT-aided SG systems. This survey also highlights the open issues, challenges and future research directions for IoT-aided SG systems

Synesthesia: Detecting Screen Content via Remote Acoustic Side Channels

We show that subtle acoustic noises emanating from within computer screens can be used to detect the content displayed on the screens. This sound can be picked up by ordinary microphones built into webcams or screens, and is inadvertently transmitted to other parties, e.g., during a videoconference call or archived recordings. It can also be recorded by a smartphone or "smart speaker" placed on a desk next to the screen, or from as far as 10 meters away using a parabolic microphone. Empirically demonstrating various attack scenarios, we show how this channel can be used for real-time detection of on-screen text, or users' input into on-screen virtual keyboards. We also demonstrate how an attacker can analyze the audio received during video call (e.g., on Google Hangout) to infer whether the other side is browsing the web in lieu of watching the video call, and which web site is displayed on their screen

A taxonomy of cyber-physical threats and impact in the smart home

In the past, home automation was a small market for technology enthusiasts. Interconnectivity between devices was down to the owner’s technical skills and creativity, while security was non-existent or primitive, because cyber threats were also largely non-existent or primitive. This is not the case any more. The adoption of Internet of Things technologies, cloud computing, artificial intelligence and an increasingly wide range of sensing and actuation capabilities has led to smart homes that are more practical, but also genuinely attractive targets for cyber attacks. Here, we classify applicable cyber threats according to a novel taxonomy, focusing not only on the attack vectors that can be used, but also the potential impact on the systems and ultimately on the occupants and their domestic life. Utilising the taxonomy, we classify twenty five different smart home attacks, providing further examples of legitimate, yet vulnerable smart home configurations which can lead to second-order attack vectors. We then review existing smart home defence mechanisms and discuss open research problems

Analysis and evaluation of in-home networks based on HomePlug-AV power line communications

[ESP] No hace mucho tiempo, las redes in-home (también denominadas redes domésticas) únicamente se utilizaban para interconectar los diferentes ordenadores de una vivienda, de manera que pudieran compartir una impresora entre ellos. Hoy en día, sin embargo, esta definición es mucho más amplia debido a la gran cantidad de dispositivos existentes en la vivienda con capacidad de conectarse a una red para transmitir y recibir información. En una red in-home actual, podemos encontrar desde teléfonos móviles equipados con conectividad WI-FI a dispositivos NAS (Network Attached Storage), utilizados para almacenar información, imágenes o videos en red, que a su vez pueden ser transferidos a televisiones de alta definición u ordenadores. A la hora de instalar una red de comunicaciones en una vivienda, se persiguen principalmente dos objetivos, reducir el coste de instalación y conseguir una gran flexibilidad de cara a futuras ampliaciones. Una red basada en tecnología PLC (Power Line Communications) cumple estos requisitos ya que, al utilizar la infraestructura de cableado eléctrico existente en la vivienda, es muy sencilla y económica de instalar y ampliar. Dentro de la tecnología PLC existen diferentes estándares, siendo HomePlug-AV (HomePlug Audio-Video o simplemente HPAV) el más extendido en la actualidad para la instalación de redes domésticas. Este estándar permite alcanzar velocidades de transmisión de hasta 200Mbps a través de los cables de baja tensión de una vivienda convencional. El objetivo principal de esta tesis doctoral es aportar nuevas ideas que mejoren las prestaciones de las redes in-home basadas en la tecnología PLC, utilizando como base el estándar Homeplug-AV. Estas redes utilizan una arquitectura centralizada, en la que la mayor parte de la inteligencia de red está concentrada en un coordinador central (CCo, por sus siglas en inglés). Por lo tanto, la mayor parte de las modificaciones propuestas irán encaminadas a mejorar dicho dispositivo, que podrá llegar a convertirse en un gestor de red capaz de manejar conjuntamente interfaces de diferentes tecnologías. En primer lugar, se presenta un análisis detallado del comportamiento del estándar en diferentes situaciones que se pueden producir de manera común en una red doméstica. Este análisis se realizó tanto con dispositivos reales como mediante simulación. Para el segundo tipo de medidas, se diseñó un simulador de la tecnología HomePlug que implementa el nivel físico y el nivel MAC de la misma, junto con modelos de los servicios más utilizados en entornos domésticos. Este simulador se utilizó tanto para estas medidas iniciales como para evaluar las diferentes modificaciones del estándar propuestas posteriormente en este trabajo. Este análisis proporcionó dos resultados significativos. En primer lugar, se comprobó que al introducir un modelo real de nivel físico al protocolo CSMA/CA utilizado a nivel MAC se producían resultados muy diferentes a los presentados en los modelos publicados hasta ese momento. Por ello, se propuso un modelo matemático que incorporaba dichos efectos. En segundo lugar, se identificaron diferentes áreas de la tecnología que eran susceptibles de mejora. El resto de la tesis se centró entonces en la mejora de dichos puntos débiles. El primero de estos puntos débiles está relacionado con las transmisión de datos unicast. El medio PLC es selectivo en frecuencia y muy dependiente del tiempo y de la localización de las estaciones. Incluso es posible que, en un mismo enlace, la capacidad de los enlaces ascendente y descendente sea distinta. En estos entornos, la utilización del protocolo de transporte TCP presenta serios problemas, ya que define gran parte de sus parámetros en función del Round Trip time (RTT) del enlace. Como alternativa se pensó en los códigos Fountain. Este tipo de codificación de fuente permite realizar transmisiones fiables de datos sin necesidad de utilizar un canal de retorno, evitando de esta forma los problemas derivados de las asimetrías de la red. Se realizaron varios experimentos comparando ambas soluciones, y se comprobó que las prestaciones de este tipo de codificaciones superan al protocolo TCP a la hora de transmitir ficheros de manera fiable a través de las redes PLC. Además, los códigos Fountain también se utilizaron para el diseño de otra aplicación. Es muy común que en un escenario doméstico haya disponible más de una tecnología (Wi-Fi, Ethernet, PLC, etc). Tenemos por tanto que una aplicación capaz de integrar interfaces de diferentes tecnologías podría ser muy útil en estos entornos, ya que se podría conseguir un mayor ancho de banda, mayor tolerancia a errores, balanceo de carga, etc. El kernel de Linux dispone de un módulo denominado Bonding que permite agrupar diferentes interfaces Ethernet. Sin embargo, no está preparado para agrupar interfaces de diferentes tecnologías, y mucho menos para tecnologás de capacidad variable como es el caso de PLC o de las comunicaciones inalámbricas. Por ello, se realizó una modificación de dicho driver utilizando para ello los códigos Fountain, que solucionan los problemas que se pueden producir debido a las variaciones de capacidad. Por otra parte, con la actual versión del estándar HomePlug AV, las comunicaciones multicast presentan unas prestaciones muy pobres. Esto es debido a que, a pesar de que el canal PLC es broadcast, la naturaleza de la modulación OFDM (Ortogonal Frequency Division Multiplexing) que se utiliza a nivel físico es punto a punto. Esto hace que las transmisiones simultáneas a un grupo de receptores se traduzcan automáticamente en sucesivas transmisiones punto a punto a los diferentes miembros del grupo. Con esta técnica, la capacidad efectiva de transmisión multicast disminuye de manera muy importante a medida que aumenta el número de receptores. En este trabajo se han propuesto dos técnicas alternativas. La primera consiste en la utilización de un mapa de tonos común para todos los miembros del grupo multicast, asignado a estas comunicaciones los parámetros de modulación del cliente con las peores condiciones de canal. Este algoritmo ha sido tradicionalmente descartado en los sistemas OFDM por sus bajas prestaciones. Sin embargo, la correlación existente entre los diferentes canales de una red PLC hace que su comportamiento sea mucho mejor. Además, se propuso un segundo algoritmo que utilizaba técnicas de optimización para maximizar la tasa de comunicación multicast, obteniendo un mejor comportamiento cuando el número de clientes es elevado. Por último, en redes de capacidad física variable, como es el caso de las redes PLC, las técnicas cross-layer están despertando un gran interés. Este tipo de algoritmos están basado en la compartición de información entre diferentes capas de la estructura OSI para mejorar el comportamiento del sistema. En este trabajo se ha propuesto un algoritmo que modifica los parámetros del protocolo CSMA/CA de nivel MAC utilizando información de nivel físico y los requerimientos de QoS del servicio de niveles superiores. De esta forma se consigue dar prioridad en el acceso al medio a los clientes con problemas de QoS, mejorando de esta forma del comportamiento de la red. Este algoritmo ha sido evaluado mediante simulación en un escenario doméstico típico, comprobando que ofrece unos resultados muy prometedores. [ENG] Not very long time ago, in-home networks (also called domestic networks) were only used to share a printer between a number of computers. Nowadays, however, due to the huge amount of devices present at home with communication capabilities, this definition has become much wider. In a current in-home network we can find, from mobile phones with wireless connectivity, or NAS (Network Attached Storage) devices sharing multimedia content with high-definition televisions or computers. When installing a communications network in a home, two objectives are mainly pursued: Reducing cost and high flexibility in supporting future network requirements. A network based on Power Line Communications (PLC) technology is able to fulfill these objectives, since as it uses the low voltage wiring already available at home, it is very easy to install and expand, providing a cost-effective solution for home environments. There are different PLC standards, being HomePlug-AV (HomePlug Audio-Video, or simply HPAV) the most widely used nowadays. This standard is able to achieve transmission rates up to 200 Mpbs through the electrical wiring of a typical home. The main objective of this thesis is to provide new ideas to improve the performance of PLC technology based in-home networks, using as starting point the HPAV standard. A network based on this technology uses a centralized architecture, in which the most important part of the network intelligence is concentrated in a single device, the Central Coordinator (CCo). Hence, most of the modifications proposed in this work will try to improve this particular device, which can even become a multi-technology central manager, able to combine interfaces of different technologies to improve the network performance. Initially, it is presented a detailed analysis of HPAV performance in some scenarios typically found in a home environment. It was done through simulation and by experimentation using real devices. To obtain the former results, it was designed a HPAV simulator which implements the physical (PHY) and medium access control (MAC) layers of the standard, together with a traffic modeling module which implements the services most commonly found in a home network. This simulation tool was used both in these initial measurements and to evaluate the standard modifications that are proposed in this work. This analysis provides two main results. Firstly, it was found that when a real PHY model is used together with the CSMA/CA MAC protocol the simulation results were very different to those obtained with previously presented mathematical models of this protocol. Hence, it was proposed a new model that considers these effects. Next, some areas of the technology which could be improved were identified. The rest of the thesis was then centered around proposing solutions to these weaknesses. The first weakness solved is related to unicast data transmission. PLC medium is frequency selective and time variant, and it presents a remarkable variation among locations or depending on the connected loads. Even in a single link, the channel capacities between transmitter and receiver can be very asymmetric. In such environments, the use of TCP as transport protocol presents serious problems, since it defines some of its parameters according to the Round Trip Time (RTT). Alternatively, the use of Fountain codes for reliable data transmission in these environments was proposed. These codes allow to transmit information without a feedback channel, overcoming in this way the problems related to the variability of the channel. Different experiments were performed comparing both solutions, concluding that in PLC based networks the performance achieved by Fountain codes outperforms the results obtained with a TCP-based application. In addition, Fountain codes were also used for another application. In home environments, it is very common to find more than one available technology to deploy a network (Wi-Fi, Ethernet, PLC, etc). Therefore, an application that makes possible the aggregation of different interfaces would be very useful, as it will provide higher bandwidth, fault tolerance and load balancing. The Linux Kernel contains a driver (Bonding) which allows Ethernet interfaces aggregation. However, it is not prepared for asymmetric interfaces aggregation and even less for variable capacity technologies like PLC or Wi-Fi. In this work, it is presented a modification of this driver which uses Fountain codes to solve the problems that may arise when asymmetric interfaces are aggregated. On another note, multicast communications in the actual HPAV standard versions presents serious problems. This is because, although PLC medium is broadcast by nature, the Orthogonal Frequency Division Multiplexing (OFDM) modulation used at PHY layer is always point to point. Therefore, multicast communications are carried out as successive point-to-point transmissions to the different members of the group. This technique clearly degrades the performance of multicast services as the number of receivers increases. In this work, they have been proposed two alternative algorithms. The first one consists of using a common tone map for all the multicast group members. This tone map corresponds to the modulation parameters obtained for the client with the worst channel conditions. This algorithm has been traditionally discarded in OFDM systems because of its poor performance. However, in contrast to other technologies (like wireless for example), channel responses in a given PLC network exhibit significant correlation among them. This reduces the differences among the users, improving the performance of this algorithm. In addition, another technique which uses an optimization algorithm to maximize the multicast bit rate is also evaluated, obtaining that its use can be suitable when the number of multicast clients is high. Finally, due to the properties of PLC medium, cross-layer technique are eliciting a big interest. These algorithms are based in the information sharing between adjacent layers in the OSI model to improve the system behavior. In this work, it has been proposed an extension of the HPAV CSMA/CA algorithm which modifies the protocol parameters using PHY layer information and the QoS requirements of the upper-layer services. In this way, priority access to the channel can be provided to the nodes with QoS problems, improving the whole network performance. This algorithm has been evaluated through simulation in a typical home environment with very promising results.Universidad Politécnica de Cartagen

Query Rewriting by Contract under Privacy Constraints

In this paper we show how Query Rewriting rules and Containment checks of aggregate queries can be combined with Contract-based programming techniques. Based on the combination of both worlds, we are able to find new Query Rewriting rules for queries containing aggregate constraints. These rules can either be used to improve the overall system performance or, in our use case, to implement a privacy-aware way to process queries. By integrating them in our PArADISE framework, we can now process and rewrite all types of OLAP queries, including complex aggregate functions and group-by extensions. In our framework, we use the whole network structure, from data producing sensors up to cloud computers, to automatically deploy an edge computing subnetwork. On each edge node, so-called fragment queries of a genuine query are executed to filter and to aggregate data on resource restricted sensor nodes. As a result of integrating Contract-based programming approaches, we are now able to not only process less data but also to produce less data in the result. Thus, the privacy principle of data minimization is accomplished

Privacy-preserving techniques for computer and network forensics

Clients, administrators, and law enforcement personnel have many privacy concerns when it comes to network forensics. Clients would like to use network services in a freedom-friendly environment that protects their privacy and personal data. Administrators would like to monitor their network, and audit its behavior and functionality for debugging and statistical purposes (which could involve invading the privacy of its network users). Finally, members of law enforcement would like to track and identify any type of digital crimes that occur on the network, and charge the suspects with the appropriate crimes. Members of law enforcement could use some security back doors made available by network administrators, or other forensic tools, that could potentially invade the privacy of network users. In my dissertation, I will be identifying and implementing techniques that each of these entities could use to achieve their goals while preserving the privacy of users on the network. I will show a privacy-preserving implementation of network flow recording that can allow administrators to monitor and audit their network behavior and functionality for debugging and statistical purposes without having this data contain any private information about its users. This implementation is based on identity-based encryption and differential privacy. I will also be showing how law enforcement could use timing channel techniques to fingerprint anonymous servers that are running websites with illegal content and services. Finally I will show the results from a thought experiment about how network administrators can identify pattern-like software that is running on clients\u27 machines remotely without any administrative privileges. The goal of my work is to understand what privileges administrators or law enforcement need to achieve their goals, and the privacy issues inherent in this, and to develop technologies that help administrators and law enforcement achieve their goals while preserving the privacy of network users

Query Rewriting by Contract under Privacy Constraints

In this paper we show how Query Rewriting rules and Containment checks of aggregate queries can be combined with Contract-based programming techniques. Based on the combination of both worlds, we are able to find new Query Rewriting rules for queries containing aggregate constraints. These rules can either be used to improve the overall system performance or, in our use case, to implement a privacy-aware way to process queries. By integrating them in our PArADISE framework, we can now process and rewrite all types of OLAP queries, including complex aggregate functions and group-by extensions. In our framework, we use the whole network structure, from data producing sensors up to cloud computers, to automatically deploy an edge computing subnetwork. On each edge node, so-called fragment queries of a genuine query are executed to filter and to aggregate data on resource restricted sensor nodes. As a result of integrating Contract-based programming approaches, we are now able to not only process less data but also to produce less data in the result. Thus, the privacy principle of data minimization is accomplished