34 research outputs found
Satellite-Based Communications Security: A Survey of Threats, Solutions, and Research Challenges
Satellite-based Communication systems are gaining renewed momentum in
Industry and Academia, thanks to innovative services introduced by leading tech
companies and the promising impact they can deliver towards the global
connectivity objective tackled by early 6G initiatives. On the one hand, the
emergence of new manufacturing processes and radio technologies promises to
reduce service costs while guaranteeing outstanding communication latency,
available bandwidth, flexibility, and coverage range. On the other hand,
cybersecurity techniques and solutions applied in SATCOM links should be
updated to reflect the substantial advancements in attacker capabilities
characterizing the last two decades. However, business urgency and
opportunities are leading operators towards challenging system trade-offs,
resulting in an increased attack surface and a general relaxation of the
available security services. In this paper, we tackle the cited problems and
present a comprehensive survey on the link-layer security threats, solutions,
and challenges faced when deploying and operating SATCOM systems.Specifically,
we classify the literature on security for SATCOM systems into two main
branches, i.e., physical-layer security and cryptography schemes.Then, we
further identify specific research domains for each of the identified branches,
focusing on dedicated security issues, including, e.g., physical-layer
confidentiality, anti-jamming schemes, anti-spoofing strategies, and
quantum-based key distribution schemes. For each of the above domains, we
highlight the most essential techniques, peculiarities, advantages,
disadvantages, lessons learned, and future directions.Finally, we also identify
emerging research topics whose additional investigation by Academia and
Industry could further attract researchers and investors, ultimately unleashing
the full potential behind ubiquitous satellite communications.Comment: 72 page
MAGNETO: Fingerprinting USB Flash Drives via Unintentional Magnetic Emissions
Universal Serial Bus (USB) Flash Drives are nowadays one of the most
convenient and diffused means to transfer files, especially when no Internet
connection is available. However, USB flash drives are also one of the most
common attack vectors used to gain unauthorized access to host devices. For
instance, it is possible to replace a USB drive so that when the USB key is
connected, it would install passwords stealing tools, root-kit software, and
other disrupting malware. In such a way, an attacker can steal sensitive
information via the USB-connected devices, as well as inject any kind of
malicious software into the host.
To thwart the above-cited raising threats, we propose MAGNETO, an efficient,
non-interactive, and privacy-preserving framework to verify the authenticity of
a USB flash drive, rooted in the analysis of its unintentional magnetic
emissions. We show that the magnetic emissions radiated during boot operations
on a specific host are unique for each device, and sufficient to uniquely
fingerprint both the brand and the model of the USB flash drive, or the
specific USB device, depending on the used equipment. Our investigation on 59
different USB flash drives---belonging to 17 brands, including the top brands
purchased on Amazon in mid-2019---, reveals a minimum classification accuracy
of 98.2% in the identification of both brand and model, accompanied by a
negligible time and computational overhead. MAGNETO can also identify the
specific USB Flash drive, with a minimum classification accuracy of 91.2%.
Overall, MAGNETO proves that unintentional magnetic emissions can be considered
as a viable and reliable means to fingerprint read-only USB flash drives.
Finally, future research directions in this domain are also discussed.Comment: Accepted for publication in ACM Transactions on Embedded Computing
Systems (TECS) in September 202
Challenges of Radio Frequency Fingerprinting: From Data Collection to Deployment
Radio Frequency Fingerprinting (RFF) techniques promise to authenticate
wireless devices at the physical layer based on inherent hardware imperfections
introduced during manufacturing. Such RF transmitter imperfections are
reflected into over-the-air signals, allowing receivers to accurately identify
the RF transmitting source. Recent advances in Machine Learning, particularly
in Deep Learning (DL), have improved the ability of RFF systems to extract and
learn complex features that make up the device-specific fingerprint. However,
integrating DL techniques with RFF and operating the system in real-world
scenarios presents numerous challenges. This article identifies and analyzes
these challenges while considering the three reference phases of any DL-based
RFF system: (i) data collection and preprocessing, (ii) training, and finally,
(iii) deployment. Our investigation points out the current open problems that
prevent real deployment of RFF while discussing promising future directions,
thus paving the way for further research in the area.Comment: 7 pages, 1 table, and 4 figure