Distributed Platooning Control of Automated Vehicles Subject to Replay Attacks Based on Proportional Integral Observers

Secure platooning control plays an important role in enhancing the cooperative driving safety of automated vehicles subject to various security vulnerabilities.This paper focuses on the distributed secure control issue of automated vehicles affected by replay attacks.A proportional-integral-observer(PIO)with predetermined forgetting parameters is first constructed to acquire the dynamical information of vehicles.Then,a time-varying parameter and two positive scalars are employed to describe the temporal behavior of replay attacks.In light of such a scheme and the common properties of Laplace matrices,the closed-loop system with PIO-based controllers is transformed into a switched and time-delayed one.Furthermore,some sufficient conditions are derived to achieve the desired platooning performance by the view of the Lyapunov stability theory.The controller gains are analytically determined by resorting to the solution of certain matrix inequalities only dependent on maximum and minimum eigenvalues of communication topologies.Finally,a simulation example is provided to illustrate the effectiveness of the proposed control strategy.

Resilience Against Replay Attacks:A Distributed Model Predictive Control Scheme for Networked Multi-Agent Systems

In this paper,a resilient distributed control scheme against replay attacks for multi-agent networked systems subject to input and state constraints is proposed.The methodological starting point relies on a smart use of predictive arguments with a twofold aim:1)Promptly detect malicious agent behaviors affecting normal system operations;2)Apply specific control actions,based on predictive ideas,for mitigating as much as possible undesirable domino effects resulting from adversary operations.Specifically,the multi-agent system is topologically described by a leader-follower digraph characterized by a unique leader and set-theoretic receding horizon control ideas are exploited to develop a distributed algorithm capable to instantaneously recognize the attacked agent.Finally,numerical simulations are carried out to show benefits and effectiveness of the proposed approach.

A Zonotopic-Based Watermarking Design to Detect Replay Attacks

This paper suggests the use of zonotopes for the design of watermark signals.The proposed approach exploits the recent analogy found between stochastic and zonotopic-based estimators to propose a deterministic counterpart to current approaches that study the replay attack in the context of stationary Gaussian processes.In this regard,the zonotopic analogous case where the control loop is closed based on the estimates of a zonotopic Kalman filter(ZKF)is analyzed.This formulation allows to propose a new performance metric that is related to the Frobenius norm of the prediction zonotope.Hence,the steadystate operation of the system can be related with the size of the minimal Robust Positive Invariant set of the estimation error.Furthermore,analogous expressions concerning the impact that a zonotopic/Gaussian watermark signal has on the system operation are derived.Finally,a novel zonotopically bounded watermark signal that ensures the attack detection by causing the residual vector to exit the healthy residual set during the replay phase of the attack is introduced.The proposed approach is illustrated in simulation using a quadruple-tank process.

Secure control for discrete-time hidden Markov jump systems subject to replay attacks via output feedback

This paper investigates the static output feedback secure control problem for discrete-time hidden Markov jump systems against replay attacks. The main purpose is to realise that closed-loopsystems are stochastically stable with or without replay attacks. Firstly, the tampered sensorsunder replay attacks can be identified via the proposed detection method. Then, an asynchronousstatic output feedback controller is designed, which can eliminate the negative impactcaused by replay attacks in view of the detection results. Based on the linear matrix inequalitytechnique, some sufficient conditions which ensure the closed-loop systems are stochasticallystable and meet a given H∞ performance are established. Finally, a numerical example and apractical example are given to verify the effectiveness and superiority of the proposed method.

An Innovative Approach Using TKN-Cryptology for Identifying the Replay Assault

Various organizations store data online rather than on physical servers.As the number of user’s data stored in cloud servers increases,the attack rate to access data from cloud servers also increases.Different researchers worked on different algorithms to protect cloud data from replay attacks.None of the papers used a technique that simultaneously detects a full-message and partial-message replay attack.This study presents the development of a TKN(Text,Key and Name)cryptographic algorithm aimed at protecting data from replay attacks.The program employs distinct ways to encrypt plain text[P],a user-defined Key[K],and a Secret Code[N].The novelty of the TKN cryptographic algorithm is that the bit value of each text is linked to another value with the help of the proposed algorithm,and the length of the cipher text obtained is twice the length of the original text.In the scenario that an attacker executes a replay attack on the cloud server,engages in cryptanalysis,or manipulates any data,it will result in automated modification of all associated values inside the backend.This mechanism has the benefit of enhancing the detectability of replay attacks.Nevertheless,the attacker cannot access data not included in any of the papers,regardless of how effective the attack strategy is.At the end of paper,the proposed algorithm’s novelty will be compared with different algorithms,and it will be discussed how far the proposed algorithm is better than all other algorithms.

Robust Facial Biometric Authentication System Using Pupillary Light Reflex for Liveness Detection of Facial Images

Pupil dynamics are the important characteristics of face spoofing detection.The face recognition system is one of the most used biometrics for authenticating individual identity.The main threats to the facial recognition system are different types of presentation attacks like print attacks,3D mask attacks,replay attacks,etc.The proposed model uses pupil characteristics for liveness detection during the authentication process.The pupillary light reflex is an involuntary reaction controlling the pupil’s diameter at different light intensities.The proposed framework consists of two-phase methodologies.In the first phase,the pupil’s diameter is calculated by applying stimulus(light)in one eye of the subject and calculating the constriction of the pupil size on both eyes in different video frames.The above measurement is converted into feature space using Kohn and Clynes model-defined parameters.The Support Vector Machine is used to classify legitimate subjects when the diameter change is normal(or when the eye is alive)or illegitimate subjects when there is no change or abnormal oscillations of pupil behavior due to the presence of printed photograph,video,or 3D mask of the subject in front of the camera.In the second phase,we perform the facial recognition process.Scale-invariant feature transform(SIFT)is used to find the features from the facial images,with each feature having a size of a 128-dimensional vector.These features are scale,rotation,and orientation invariant and are used for recognizing facial images.The brute force matching algorithm is used for matching features of two different images.The threshold value we considered is 0.08 for good matches.To analyze the performance of the framework,we tested our model in two Face antispoofing datasets named Replay attack datasets and CASIA-SURF datasets,which were used because they contain the videos of the subjects in each sample having three modalities(RGB,IR,Depth).The CASIA-SURF datasets showed an 89.9%Equal Error Rate,while the Replay Attack datasets showed a 92.1%Equal Error Rate.

A W-EAP Algorithm for IEC 61850 Protocol against DoS/Replay Attack

Substation automation system uses IEC 61850 protocol for the data transmission between different equipment manufacturers. However, the IEC 61850 protocol lacks an authentication security mechanism, which will make the communication face four threats: eavesdropping, interception, forgery, and alteration. In order to verify the IEC 61850 protocol communication problems, we used the simulation software to build the main operating equipment in the IEC 61850 network environment of the communication system. We verified IEC 61850 transmission protocol security defects, under DoS attack and Reply attack. In order to enhance security agreement, an improved algorithm was proposed based on identity authentication (W-EAP, Whitelist Based ECC & AES Protocol). Experimental results showed that the method can enhance the ability to resist attacks.

A Solution to the Anonymity of the Mobile Subscriber

The user anonymity mechanism provided in GSM and UMTS network is analyzed,and a new approach to solve the anonymity of mobile subscriber is proposed in this paper.Using the ciphering algorithm with a dynamic key and a static key,the method allows mobile subscribers to connect network with user anonymity,and it can be seamlessly integrated with the existing authentication algorithms.The analyses reveal that the proposed scheme can provide the integrity protection of messages,prevent the replay attacks,and be implemented easily.

New Approach to WLAN Security with Synchronized Pseudo Random

Wireless transmission is becoming increasing ubiquitous, but there is a big black hole in the security of this kind of network. Although IEEE 802.11 provides an optional Wired Equivalent Privacy (WEP) to implement the authentication and confidentiality, it leaves a lot of vulnerabilities and threats. This paper proposes a protocol called SPRNG for wireless data-link layer security. SPRNG is based on the sender and receiver who generate in a synchronized way a pseudo-random number sequence. In each transmission, the sender and receiver use a pair of random numbers, one for data frame authentication, and the other for encryption key. The random numbers are used as 'one-time passwords' for sender authentication and as fresh encryption keys for each frame. SPRNG is designed to be compatible with the existing 802.11 products. Like WEP, the current 802.11 security protocol, SPRNG uses a symmetric key as its seed. SPRNG has already been simulated and tested in experiment, it shows that SPRNG has stronger Security than WEP because it reveals little information for attackers. The key problem of SPRNG, synchronization loss problem, is also presented. Though motivated by wireless security, SPRNG is generic for many other applications, especially in the point to point communication.

Comments on Enhanced Yoking Proof Protocols for Radio Frequency Identification Tags and Tag Groups

A radio frequency identification (RFID) yoking proof scheme can generate proofs of simultaneous presence of two tags in the range of a specified reader so that an off-line verifier can verify the proofs later. This proof has found several interesting applications. However, many existing RFID yoking schemes are vulnerable to replay attacks. To overcome the weaknesses, Cho et al. proposed a new RFID yoking proof protocol and a new grouping protocol. Unfortunately, Cho et al.'s schemes are still vulnerable to replay attacks. In this paper, in addition to demonstrating weaknesses, we further discuss the rationale behind these weaknesses to provide a guide line for designing secure RFID yoking schemes. Based on the guide line, we propose a new RFID yoking scheme and a new RFID grouping scheme. Performance evaluation shows that our scheme outperforms its counterparts.