Scalability and Security Conflict for RFID Authentication Protocols

Many RFID authentication protocols have been proposed to preserve security and privacy. Nevertheless, most of these protocols are analyzed and it is shown that they can not provide security against some RFID attacks. Moreover, some of the secure ones are criticized, because they suffer from scalability at the reader/server side as in tag identification or authentication phase they require a linear search depending on number of tags in the system. Recently, new authentication protocols have been presented to solve scalability issue, i.e. they require constant time for tag identification with providing security. In this paper, we analyze two of these new RFID authentication protocols SSM (very recently proposed by Song and Mitchell) and LRMAP (proposed by Ha et al.) and to the best of our knowledge, they have received no attacks yet. These schemes take O(1) work to authenticate a tag and are designed to meet the privacy and security requirements. The common point of these protocols is that normal and abnormal states are defined for tags. In the normal state, server authenticates the tag in constant time, while in the abnormal state, occurs rarely, authentication is realized with linear search. We show that, however, these authentication protocols do not provide untraceability which is one of their design objectives. We also discover that the SSM protocol is vulnerable to a desynchronization attack, that prevents a legitimate reader/server from authenticating a legitimate tag. Furthermore, in the light of these attacks, we conclude that allowing tags to be in different states may give clue to an adversary in tracing the tags, although such a design is preferred to achieve scalability and efficiency at the server side

Gender Detection Based on Gait Data: A Deep Learning Approach With Synthetic Data Generation and Continuous Wavelet Transform

Smart devices equipped with various sensors enable the acquisition of users’ behavioral biometrics. These sensor data capture variations in users’ interactions with the devices, which can be analyzed to extract valuable information such as user activity, age group, and gender. In this study, we investigate the feasibility of using gait data for gender detection of users. To achieve this, we propose a novel gender detection scheme based on a deep learning approach, incorporating synthetic data generation and continuous wavelet transform (CWT). In this scheme, the real dataset is first divided into training and test datasets, and then synthetic data are intelligently generated using various techniques to augment the existing training data. Subsequently, CWT is used as the feature extraction module, and its outputs are fed into a deep learning model to detect the gender of users. Different deep learning models, including convolutional neural network (CNN) and long short-term memory (LSTM), are employed in classification. Consequently, we evaluate our proposed framework on different publicly available datasets. On the BOUN Sensor dataset, we obtain an accuracy of 94.83%, marking a substantial 6.5% enhancement over the prior highest rate of 88.33%. Additionally, we achieve 86.27% and 88.15% accuracy on the OU-ISIR Android and OU-ISIR Center IMUZ datasets, respectively. Our experimental results demonstrate that our proposed model achieves high detection rates and outperforms previous methods across all datasets

Statistical Measures: Promising Features for Time Series Based DDoS Attack Detection

Data availability should be guaranteed by a web service in order to satisfy customers. One of the main challenges of information security professionals is DDoS attack which affects the availability. By masquerading itself as a legitimate user, a DDoS attacker tries to overwhelm a server by sending a great number of useless packets that influences the quality of service (QoS) of the network. DDoS attack can result in a great damage to network services. Useless packets similar to normal ones are dispatched by the attacker which leaves the intrusion detection system impotent of detection. Transferring from conventional packet-based analysis methods to time series based (flow-based) algorithms would be a promising alternative to spot DDoS attacks. In this work, we extract four measures of periodicity, kurtosis, skewness and self-similarity of a time series and investigate the performance of these parameters in separating DDoS attack from normal traffic

A Salient Missing Link in RFID Security Protocols

In side channel analysis, an attacker utilizes some legitimate function queries in order to collect the corresponding responses of a cryptographic system while it is functioning in a normal mode. If those responses reveal some unwanted information about the secrecy or privacy, this leakage is called side channel information and these responses are called side channels. In this respect, careless deployments of "secure" RFID authentication protocols are not exceptions and subject to side channel attacks. Focusing on lightweight RFID security protocols; we examine the server responses for several RFID tags and realize that if the database querying is performed through a static process, the RFID system is subject to timing attacks that could easily jeopardize the system's untraceability criteria. We demonstrate our attack on some well-known protocols and outline a countermeasure by precisely describing the database query mechanism. Furthermore, we analyze the success probability of the attack in terms of the system parameters such as the number of tags, number of cryptographic operations that have to be carried out, and server's computational power.</p

Multiresolution alignment for multiple unsynchronized audio sequences using Sequential Monte Carlo samplers

With proliferation of smart devices such as smart phones, it is common that an event is recorded by multiple individuals creating several audio and video perspectives. Such user generated content is mostly unorganized (not synchronized). In this work, we consider the problem of aligning of multiple unsynchronized audio sequences and propose a multiresolution alignment algorithm using Sequential Monte Carlo samplers in a course to fine structure. The proposed method is evaluated with a real-life dataset from Jiku Mobile Video Datasets and has proven to be competitive with the baseline fingerprinting based alignment methods, with the proper choice of parameters. Keywords: Multiple audio alignment, Multiresolution alignment, Audio fingerprint, Bayesian inference, Sequential Monte Carlo samplers, Sequential alignmen