43 research outputs found
Centralized and Distributed Sparsification for Low-Complexity Message Passing Algorithm in C-RAN Architectures
Cloud radio access network (C-RAN) is a promising technology for
fifth-generation (5G) cellular systems. However the burden imposed by the huge
amount of data to be collected (in the uplink) from the radio remote heads
(RRHs) and processed at the base band unit (BBU) poses serious challenges. In
order to reduce the computation effort of minimum mean square error (MMSE)
receiver at the BBU the Gaussian message passing (MP) together with a suitable
sparsification of the channel matrix can be used. In this paper we propose two
sets of solutions, either centralized or distributed ones. In the centralized
solutions, we propose different approaches to sparsify the channel matrix, in
order to reduce the complexity of MP. However these approaches still require
that all signals reaching the RRH are conveyed to the BBU, therefore the
communication requirements among the backbone network devices are unaltered. In
the decentralized solutions instead we aim at reducing both the complexity of
MP at the BBU and the requirements on the RRHs-BBU communication links by
pre-processing the signals at the RRH and convey a reduced set of signals to
the BBU.Comment: Accepted for pubblication in IEEE VTC 201
Machine Learning For In-Region Location Verification In Wireless Networks
In-region location verification (IRLV) aims at verifying whether a user is
inside a region of interest (ROI). In wireless networks, IRLV can exploit the
features of the channel between the user and a set of trusted access points. In
practice, the channel feature statistics is not available and we resort to
machine learning (ML) solutions for IRLV. We first show that solutions based on
either neural networks (NNs) or support vector machines (SVMs) and typical loss
functions are Neyman-Pearson (N-P)-optimal at learning convergence for
sufficiently complex learning machines and large training datasets . Indeed,
for finite training, ML solutions are more accurate than the N-P test based on
estimated channel statistics. Then, as estimating channel features outside the
ROI may be difficult, we consider one-class classifiers, namely auto-encoders
NNs and one-class SVMs, which however are not equivalent to the generalized
likelihood ratio test (GLRT), typically replacing the N-P test in the one-class
problem. Numerical results support the results in realistic wireless networks,
with channel models including path-loss, shadowing, and fading
Location-Verification and Network Planning via Machine Learning Approaches
In-region location verification (IRLV) in wireless networks is the problem of
deciding if user equipment (UE) is transmitting from inside or outside a
specific physical region (e.g., a safe room). The decision process exploits the
features of the channel between the UE and a set of network access points
(APs). We propose a solution based on machine learning (ML) implemented by a
neural network (NN) trained with the channel features (in particular, noisy
attenuation values) collected by the APs for various positions both inside and
outside the specific region. The output is a decision on the UE position
(inside or outside the region). By seeing IRLV as an hypothesis testing
problem, we address the optimal positioning of the APs for minimizing either
the area under the curve (AUC) of the receiver operating characteristic (ROC)
or the cross entropy (CE) between the NN output and ground truth (available
during the training). In order to solve the minimization problem we propose a
twostage particle swarm optimization (PSO) algorithm. We show that for a long
training and a NN with enough neurons the proposed solution achieves the
performance of the Neyman-Pearson (N-P) lemma.Comment: Accepted for Workshop on Machine Learning for Communications, June 07
2019, Avignon, Franc
Hyperloop: A Cybersecurity Perspective
Hyperloop is among the most prominent future transportation systems. First
introduced by Elon Musk, Hyperloop concept involves novel technologies to allow
traveling at a maximum speed of 1220km/h, while guaranteeing sustainability.
Due to the system's performance requirements and the critical infrastructure it
represents, its safety and security need to be carefully considered. In
cyber-physical systems, cyberattacks could lead to safety issues with
catastrophic consequences, both on the population and the surrounding
environment. Therefore, the cybersecurity of all the components and links in
Hyperloop represents a fundamental challenge. To this day, no research
investigated the cyber security of the technology used for Hyperloop.
In this paper, we propose the first analysis of the cybersecurity challenges
raised by Hyperloop technology. We base our analysis on the related works on
Hyperloop, distilling the common features which will be likely to be present in
the system. Furthermore, we provide an analysis of possible directions on the
Hyperloop infrastructure management, together with their security concerns.
Finally, we discuss possible countermeasures and future directions for the
security of the future Hyperloop design.Comment: 9 pages, 4 figures, 1 tabl
EVScout2.0: Electric Vehicle Profiling Through Charging Profile
EVs (Electric Vehicles) represent a green alternative to traditional
fuel-powered vehicles. To enforce their widespread use, both the technical
development and the security of users shall be guaranteed. Privacy of users
represents one of the possible threats impairing EVs adoption. In particular,
recent works showed the feasibility of identifying EVs based on the current
exchanged during the charging phase. In fact, while the resource negotiation
phase runs over secure communication protocols, the signal exchanged during the
actual charging contains features peculiar to each EV. A suitable feature
extractor can hence associate such features to each EV, in what is commonly
known as profiling. In this paper, we propose EVScout2.0, an extended and
improved version of our previously proposed framework to profile EVs based on
their charging behavior. By exploiting the current and pilot signals exchanged
during the charging phase, our scheme is able to extract features peculiar for
each EV, allowing hence for their profiling. We implemented and tested
EVScout2.0 over a set of real-world measurements considering over 7500 charging
sessions from a total of 137 EVs. In particular, numerical results show the
superiority of EVScout2.0 with respect to the previous version. EVScout2.0 can
profile EVs, attaining a maximum of 0.88 recall and 0.88 precision. To the best
of the authors' knowledge, these results set a new benchmark for upcoming
privacy research for large datasets of EVs
QEVSEC: Quick Electric Vehicle SEcure Charging via Dynamic Wireless Power Transfer
Dynamic Wireless Power Transfer (DWPT) can be used for on-demand recharging
of Electric Vehicles (EV) while driving. However, DWPT raises numerous security
and privacy concerns. Recently, researchers demonstrated that DWPT systems are
vulnerable to adversarial attacks. In an EV charging scenario, an attacker can
prevent the authorized customer from charging, obtain a free charge by billing
a victim user and track a target vehicle. State-of-the-art authentication
schemes relying on centralized solutions are either vulnerable to various
attacks or have high computational complexity, making them unsuitable for a
dynamic scenario. In this paper, we propose Quick Electric Vehicle SEcure
Charging (QEVSEC), a novel, secure, and efficient authentication protocol for
the dynamic charging of EVs. Our idea for QEVSEC originates from multiple
vulnerabilities we found in the state-of-the-art protocol that allows tracking
of user activity and is susceptible to replay attacks. Based on these
observations, the proposed protocol solves these issues and achieves lower
computational complexity by using only primitive cryptographic operations in a
very short message exchange. QEVSEC provides scalability and a reduced cost in
each iteration, thus lowering the impact on the power needed from the grid.Comment: 6 pages, conferenc
LoVe is in the Air -- Location Verification of ADS-B Signals using Distributed Public Sensors
The Automatic Dependant Surveillance-Broadcast (ADS-B) message scheme was
designed without any authentication or encryption of messages in place. It is
therefore easily possible to attack it, e.g., by injecting spoofed messages or
modifying the transmitted Global Navigation Satellite System (GNSS)
coordinates. In order to verify the integrity of the received information,
various methods have been suggested, such as multilateration, the use of Kalman
filters, group certification, and many others. However, solutions based on
modifications of the standard may be difficult and too slow to be implemented
due to legal and regulatory issues. A vantage far less explored is the location
verification using public sensor data. In this paper, we propose LoVe, a
lightweight message verification approach that uses a geospatial indexing
scheme to evaluate the trustworthiness of publicly deployed sensors and the
ADS-B messages they receive. With LoVe, new messages can be evaluated with
respect to the plausibility of their reported coordinates in a location
privacy-preserving manner, while using a data-driven and lightweight approach.
By testing our approach on two open datasets, we show that LoVe achieves very
low false positive rates (between 0 and 0.00106) and very low false negative
rates (between 0.00065 and 0.00334) while providing a real-time compatible
approach that scales well even with a large sensor set. Compared to currently
existing approaches, LoVe neither requires a large number of sensors, nor for
messages to be recorded by as many sensors as possible simultaneously in order
to verify location claims. Furthermore, it can be directly applied to currently
deployed systems thus being backward compatible
Beware of Pickpockets: A Practical Attack against Blocking Cards
peer reviewedToday, we rely on contactless smart cards to perform several critical operations (e.g., payments and accessing buildings). Attacking smart cards can have severe consequences, such as losing money or leaking sensitive information. Although the security protections embedded in smart cards have evolved over the years, those with weak security properties are still commonly used. Among the different solutions, blocking cards are affordable devices to protect smart cards. These devices are placed close to the smart cards, generating a noisy jamming signal or shielding them. Whereas vendors claim the reliability of their blocking cards, no previous study has ever focused on evaluating their effectiveness. In this paper, we shed light on the security threats on smart cards in the presence of blocking cards, showing the possibility of being bypassed by an attacker. We analyze blocking cards by inspecting their emitted signal and assessing a vulnerability in their internal design.We propose a novel attack that bypasses the jamming signal emitted by a blocking card and reads the content of the smart card. We evaluate the effectiveness of 11 blocking cards when protecting a MIFARE Ultralight smart card and a MIFARE Classic card. Of these 11 cards, we managed to bypass 8 of them and successfully dump the content of a smart card despite the presence of the blocking card. Our findings highlight that the noise type implemented by the blocking cards highly affects the protection level achieved by them. Based on this observation, we propose a countermeasure that may lead to the design of effective blocking cards. To further improve security, we released the tool we developed to inspect the spectrum emitted by blocking cards and set up our attack