The System That Cried Wolf: Sensor Security Analysis of Wide-area Smoke Detectors for Critical Infrastructure

Fire alarm and signaling systems are a networked system of fire detectors, fire control units, automated fire extinguishers, and fire notification appliances. Malfunction of these safety-critical cyber-physical systems may lead to chaotic evacuations, property damages, and even loss of human life. Therefore, reliability is one of the most crucial factors for fire detectors. Indeed, even a single report of a fire cannot be ignored considering the importance of early fire detection and suppression. In this paper, we show that wide-area smoke detectors, which are globally installed in critical infrastructures such as airports, sports facilities, and auditoriums, have significant vulnerabilities in terms of reliability; one can remotely and stealthily induce false fire alarms and suppress real fire alarms with a minimal attacker capability using simple equipment. The practicality and generalizability of these vulnerabilities has been assessed based on the demonstration of two types of sensor attacks on two commercial-off-the-shelf optical beam smoke detectors from different manufacturers. Further, the practical considerations of building stealthy attack equipment has been analyzed, and an extensive survey of almost all optical beam smoke detectors on the market has been conducted. In addition, we show that the current standards of the fire alarm network connecting the detector and a control unit exacerbate the problem, making it impossible or very difficult to mitigate the threats we found. Finally, we discuss hardware and software-based possible countermeasures for both wide-area smoke detectors and the fire alarm network; the effectiveness of one of the countermeasures is experimentally evaluated

On Stein's Identity and Near-Optimal Estimation in High-dimensional Index Models

We consider estimating the parametric components of semi-parametric multiple index models in a high-dimensional and non-Gaussian setting. Such models form a rich class of non-linear models with applications to signal processing, machine learning and statistics. Our estimators leverage the score function based first and second-order Stein's identities and do not require the covariates to satisfy Gaussian or elliptical symmetry assumptions common in the literature. Moreover, to handle score functions and responses that are heavy-tailed, our estimators are constructed via carefully thresholding their empirical counterparts. We show that our estimator achieves near-optimal statistical rate of convergence in several settings. We supplement our theoretical results via simulation experiments that confirm the theory

DolphinAtack: Inaudible Voice Commands

Speech recognition (SR) systems such as Siri or Google Now have become an increasingly popular human-computer interaction method, and have turned various systems into voice controllable systems(VCS). Prior work on attacking VCS shows that the hidden voice commands that are incomprehensible to people can control the systems. Hidden voice commands, though hidden, are nonetheless audible. In this work, we design a completely inaudible attack, DolphinAttack, that modulates voice commands on ultrasonic carriers (e.g., f > 20 kHz) to achieve inaudibility. By leveraging the nonlinearity of the microphone circuits, the modulated low frequency audio commands can be successfully demodulated, recovered, and more importantly interpreted by the speech recognition systems. We validate DolphinAttack on popular speech recognition systems, including Siri, Google Now, Samsung S Voice, Huawei HiVoice, Cortana and Alexa. By injecting a sequence of inaudible voice commands, we show a few proof-of-concept attacks, which include activating Siri to initiate a FaceTime call on iPhone, activating Google Now to switch the phone to the airplane mode, and even manipulating the navigation system in an Audi automobile. We propose hardware and software defense solutions. We validate that it is feasible to detect DolphinAttack by classifying the audios using supported vector machine (SVM), and suggest to re-design voice controllable systems to be resilient to inaudible voice command attacks.Comment: 15 pages, 17 figure

Sleep Duration, Sleep Quality, and the Development of Nonalcoholic Fatty Liver Disease:A Cohort Study

INTRODUCTION: The longitudinal relationship between sleep duration, sleep quality, and the risk of nonalcoholic fatty liver disease (NAFLD) is unknown. We aimed to examine the association between sleep duration, sleep quality, and NAFLD development.METHODS: Using the Pittsburgh Sleep Quality Index, sleep duration and quality were evaluated for 143,306 NAFLD-free Korean adults with a mean age of 36.6 years, who were followed for an average of 4.0 years. Hepatic steatosis (HS) was assessed using ultrasonography and liver fibrosis by the fibrosis-4 index (FIB-4) or the NAFLD fibrosis score. Flexible parametric proportional hazard models were used to determine the hazard ratios (HRs) and 95% confidence intervals.RESULTS: There were 27,817 subjects with incident HS, of whom 1,471 had incident HS plus intermediate/high FIB-4. Multivariable-adjusted HRs (95% confidence intervals) for incident HS comparing sleep durations of ≤5, 6, 8, and ≥ 9 hours with 7 hours were 1.19 (1.14-1.23), 1.07 (1.04-1.10), 0.98 (0.94-1.02), and 0.95 (0.87-1.03), respectively. The corresponding HRs for incident HS plus intermediate/high FIB-4 were 1.30 (1.11-1.54), 1.14 (1.01-1.29), 1.11 (0.93-1.33), and 1.08 (0.71-1.63). The association between sleep duration and HS plus intermediate/high FIB-4 was inverse in individuals with good sleep quality but tended to be U-shaped in those with poor sleep quality. The results were similar if FIB-4 was replaced by the NAFLD fibrosis score.DISCUSSION: In young adults, short sleep duration was independently associated with an increased risk of incident NAFLD with or without intermediate/high fibrosis score, suggesting a role for inadequate sleep quantity in NAFLD risk and severity.</p

Decrease in sleep duration and poor sleep quality over time is associated with an increased risk of incident non-alcoholic fatty liver disease

The impact of changes in sleep duration and sleep quality over time on the risk of nonalcoholic fatty liver disease (NAFLD) is not known. We investigated whether changes in sleep duration and in sleep quality between baseline and follow-up are associated with the risk of developing incident NAFLD. The cohort study included 86,530 Korean adults without NAFLD and with a low fibrosis score at baseline. The median follow-up was 3.6 years. Sleep duration and quality were assessed using the Pittsburgh Sleep Quality Index. Hepatic steatosis (HS) and liver fibrosis were assessed using ultrasonography and the fibrosis-4 index (FIB-4). Cox proportional hazard models were used to determine hazard ratios (HRs) and 95% confidence intervals (Cis). A total of 12,127 subjects with incident HS and 559 with incident HS plus intermediate/high FIB-4 was identified. Comparing the decrease in sleep duration of &gt;1 h, with stable sleep duration, the multivariate-adjusted HR (95% CIs) for incident HS was 1.24 (1.15–1.35). The corresponding HRs for incident HS plus intermediate/high FIB-4 was 1.58 (1.10–2.29). Comparing persistently poor sleep quality with persistently good sleep quality, the multivariate-adjusted HR for incident HS was 1.13 (95% CI, 1.05–1.20). A decrease in sleep duration or poor sleep quality over time was associated with an increased risk of incident NAFLD, underscoring an important potential role for good sleep in preventing NAFLD risk.</p

Mode Suppressed TEM Cell Design for High Frequency IC Measurements

TEM cells or GTEM cells can be used to evaluate the radiated emissions of integrated circuits (ICs). The applicable frequency bandwidth of a TEM cell is limited due to the resonances of higher order modes. This paper describes how a TEM cell can be modified to extend the frequency range without changing the test topology. Several methods are proposed and implemented to suppress the higher order modes. The magnetic field coupling and electric field coupling are evaluated for the new design. The frequency bandwidth of the modified TEM cell is extended from original 1 GHz to 2.5 GHz

Depression and increased risk of nonalcoholic fatty liver disease in individuals with obesity

Aims: the longitudinal relationship between depression and the risk of nonalcoholic fatty liver disease (NAFLD) is uncertain. We examined: a) the association between depressive symptoms and incident hepatic steatosis (HS), both with and without liver fibrosis; and b) the influence of obesity on this association. Methods: cohort of 142,005 Korean adults with neither HS nor excessive alcohol consumption at baseline were followed for up to 8.9 years. The validated Center for Epidemiologic Studies-Depression score (CES-D) was assessed at baseline, and subjects were categorized as non-depressed (a CES-D &lt;8, reference) or depression (CES-D ≥16). HS was diagnosed by ultrasonography. Liver fibrosis was assessed by the fibrosis-4 index (FIB-4). Parametric proportional hazards models were used to estimate the adjusted hazard ratios (aHRs) and 95% confidence intervals (CIs). Results: during a median follow-up of 4.0 years, 27,810 people with incident HS and 134 with incident HS plus high FIB-4 were identified. Compared with the non-depressed category, the aHR (95% CIs) for incident HS was 1.24 (1.15-1.34) for CES-D ≥16 among obese individuals, and 1.00 (0.95-1.05) for CES-D ≥16 among non-obese individuals (P for interaction with obesity &lt;0.001). The aHR (95% CIs) for developing HS plus high FIB-4 was 3.41 (1.33-8.74) for CES-D≥16 among obese individuals, and 1.22 (0.60-2.47) for CES-D≥16 among non-obese individuals (P for interaction =0.201). Conclusions: depression was associated with an increased risk of incident HS and HS plus high probability of advanced fibrosis, especially among obese individuals

IoTSan: Fortifying the Safety of IoT Systems

Today's IoT systems include event-driven smart applications (apps) that interact with sensors and actuators. A problem specific to IoT systems is that buggy apps, unforeseen bad app interactions, or device/communication failures, can cause unsafe and dangerous physical states. Detecting flaws that lead to such states, requires a holistic view of installed apps, component devices, their configurations, and more importantly, how they interact. In this paper, we design IoTSan, a novel practical system that uses model checking as a building block to reveal "interaction-level" flaws by identifying events that can lead the system to unsafe states. In building IoTSan, we design novel techniques tailored to IoT systems, to alleviate the state explosion associated with model checking. IoTSan also automatically translates IoT apps into a format amenable to model checking. Finally, to understand the root cause of a detected vulnerability, we design an attribution mechanism to identify problematic and potentially malicious apps. We evaluate IoTSan on the Samsung SmartThings platform. From 76 manually configured systems, IoTSan detects 147 vulnerabilities. We also evaluate IoTSan with malicious SmartThings apps from a previous effort. IoTSan detects the potential safety violations and also effectively attributes these apps as malicious.Comment: Proc. of the 14th ACM CoNEXT, 201