The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from ...The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from the victim and 2) exfiltrate data from compromised machines. Attack strategies of this nature on the greater power grid and building infrastructure levels have been shown to be a serious threat. This project further explores this concept of a novel attack vector by creating a new type of penetration testing tool: an USB power adapter capable of remote monitoring of device power consumption and communicating through powerline communications.展开更多
Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immedi...Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immediate deployment due to their requirement for modification of virtualization structure, we adopt dynamic migration, an inherent mechanism of the cloud platform, as a general defense against this kind of threats. To this end, we first set up a unified practical information leakage model which shows the factors affecting side channels and describes the way they influence the damage due to side-channel attacks. Since migration is adopted to limit the time duration of co-residency, we envision this defense as an optimization problem by setting up an Integer Linear Programming(ILP) to calculate optimal migration strategy, which is intractable due to high computational complexity. Therefore, we approximate the ILP with a baseline genetic algorithm, which is further improved for its optimality and scalability. Experimental results show that our migration-based defense can not only provide excellent security guarantees and affordable performance cost in both theoretical simulation and practical cloud environment, but also achieve better optimality and scalability than previous countermeasures.展开更多
An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNA...An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNAF) algorithm is proposed to secure ECC scalar multiplication from these attacks. This algorithm adopts the fractional window method and probabilistic SPA scheme to reconfigure the pre-computed table, and it allows designers to make a dynamic configuration on pre-computed table. And then, it is enhanced to resist SPA, DPA, RPA and ZPA attacks by using the random masking method. Compared with the WBRIP and EBRIP methods, our proposals has the lowest total computation cost and reduce the shake phenomenon due to sharp fluctuation on computation performance.展开更多
This paper characterizes the joint effects of plant uncertainty,Denial-of-Service(DoS)attacks,and fading channel on the stabilization problem of networked control systems(NCSs).It is assumed that the controller remote...This paper characterizes the joint effects of plant uncertainty,Denial-of-Service(DoS)attacks,and fading channel on the stabilization problem of networked control systems(NCSs).It is assumed that the controller remotely controls the plant and the control input is transmitted over a fading channel.Meanwhile,considering the sustained attack cycle and frequency of DoS attacks are random,the packet-loss caused by DoS attacks is modelled by a Markov process.The sampled-data NCS is transformed into a stochastic form with Markov jump and uncertain parameter.Then,based on Lyapunov functional method,linear matrix inequality(LMI)-based sufficient conditions are presented to ensure the stability of uncertain NCSs.The main contribution of this article lies in the construction of NCSs based on DoS attacks into Markov jump system(MJS)and the joint consideration of fading channel and plant uncertainty.展开更多
Cloud computing involves remote server deployments with public net-work infrastructures that allow clients to access computational resources.Virtual Machines(VMs)are supplied on requests and launched without interacti...Cloud computing involves remote server deployments with public net-work infrastructures that allow clients to access computational resources.Virtual Machines(VMs)are supplied on requests and launched without interactions from service providers.Intruders can target these servers and establish malicious con-nections on VMs for carrying out attacks on other clustered VMs.The existing system has issues with execution time and false-positive rates.Hence,the overall system performance is degraded considerably.The proposed approach is designed to eliminate Cross-VM side attacks and VM escape and hide the server’s position so that the opponent cannot track the target server beyond a certain point.Every request is passed from source to destination via one broadcast domain to confuse the opponent and avoid them from tracking the server’s position.Allocation of SECURITY Resources accepts a safety game in a simple format as input andfinds the best coverage vector for the opponent using a Stackelberg Equilibrium(SSE)technique.A Mixed Integer Linear Programming(MILP)framework is used in the algorithm.The VM challenge is reduced by afirewall-based controlling mechanism combining behavior-based detection and signature-based virus detection.The pro-posed method is focused on detecting malware attacks effectively and providing better security for the VMs.Finally,the experimental results indicate that the pro-posed security method is efficient.It consumes minimum execution time,better false positive rate,accuracy,and memory usage than the conventional approach.展开更多
Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequen...Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequence of bit-strings representing the scalar k, characterized by the fact that all bit-strings are different from zero; this property will ensure a uniform computation behavior for the algorithm, and thus will make it secure against simple power analysis attacks (SPA). With other randomization techniques, the proposed countermeasures do not penalize the computation time. The proposed scheme is more efficient than MOEller's one, its cost being about 5% to 10% smaller than MOEller's one.展开更多
The different realistic propagation channels are faced frequently the multipath fading environments. The main goal of this system design (cognitive radio network) is to improve the efficiency of spectrum access on a n...The different realistic propagation channels are faced frequently the multipath fading environments. The main goal of this system design (cognitive radio network) is to improve the efficiency of spectrum access on a non-interfering basis. This system achieves high utilization for the limited spectrum in order to fulfill needs for all users’ demands which are considered as a problem in wireless communications due to rapidly increasing in wireless applications and service. This system is exposed to attack due to the vulnerabilities existence in this system. So, the main outcome of this paper is to investigate the performance of the cooperative sensing in cognitive radio networks under malicious attacks over different channel impairments, and to illustrate the most suitable individual probability of detection in real faded channel by using Nakagami model. This paper illustrates the effectiveness of the attacks and fading on the performance of spectrum sensing process.展开更多
Nowadays the modular multiplications in many kinds of smartcards are utilized Montgomery's algorithm modular multiplier, so traditional SPA to RSA becomes invalid. An improved attack method is proposed based on SP...Nowadays the modular multiplications in many kinds of smartcards are utilized Montgomery's algorithm modular multiplier, so traditional SPA to RSA becomes invalid. An improved attack method is proposed based on SPA which just depends on the fact that there exist some subtle differences in each loop during the operation of cd mod n. At same time, compared with the traditional SPA, it doesn't need to select the clear text or some known message. Using this method, attacks can easy to discover the mode of RSA implementation and extract the bits of decryption key just based on a few collected traces. From the real attack test on several main kinds of smartcard, the private keys of RSA stored inside can be analyzed successfully.展开更多
Based on the structure of the side channel attacks (SCAs) to RSA cryptosystem can resist the fault attack and combine with the randomization method for the message and secret exponent, a new implementation scheme of...Based on the structure of the side channel attacks (SCAs) to RSA cryptosystem can resist the fault attack and combine with the randomization method for the message and secret exponent, a new implementation scheme of CRT-based (the Chinese remained theorem) RSA is proposed. The proposed scheme can prevent simple power analysis (SPA), differential power analysis (DPA) and time attack, and is compatible with the existing RSA-CRT cryptosystem as well. In addition, an improvement for resisting fault attack is proposed, which can reduce extra computation time.展开更多
The security of Internet of Things(IoT)is a challenging task for researchers due to plethora of IoT networks.Side Channel Attacks(SCA)are one of the major concerns.The prime objective of SCA is to acquire the informat...The security of Internet of Things(IoT)is a challenging task for researchers due to plethora of IoT networks.Side Channel Attacks(SCA)are one of the major concerns.The prime objective of SCA is to acquire the information by observing the power consumption,electromagnetic(EM)field,timing analysis,and acoustics of the device.Later,the attackers perform statistical functions to recover the key.Advanced Encryption Standard(AES)algorithm has proved to be a good security solution for constrained IoT devices.This paper implements a simulation model which is used to modify theAES algorithm using logicalmasking properties.This invariant of the AES algorithm hides the array of bits during substitution byte transformation of AES.This model is used against SCAand particularly Power Analysis Attacks(PAAs).Simulation model is designed on MATLAB simulator.Results will give better solution by hiding power profiles of the IoT devices against PAAs.In future,the lightweight AES algorithm with false key mechanisms and power reduction techniques such as wave dynamic differential logic(WDDL)will be used to safeguard IoT devices against side channel attacks by using Arduino and field programmable gate array(FPGA).展开更多
目前已有文献给出了uBlock分组密码算法的侧信道防护方案,但是这些方案不仅延迟较高,难以适用于低延迟高吞吐场景,而且在毛刺探测模型下缺乏可证明安全性.针对这一问题,本文给出了在毛刺探测模型下具有可证明安全性的uBlock算法的低延...目前已有文献给出了uBlock分组密码算法的侧信道防护方案,但是这些方案不仅延迟较高,难以适用于低延迟高吞吐场景,而且在毛刺探测模型下缺乏可证明安全性.针对这一问题,本文给出了在毛刺探测模型下具有可证明安全性的uBlock算法的低延迟门限实现方案.此外,我们引入了Changing of the Guards技术来避免防护方案在执行过程中需要额外随机数.对于防护方案的安全性,我们用自动化评估工具SILVER验证了S盒的毛刺探测安全性,并用泄露评估技术TVLA(Test Vector Leakage Assessment)验证了防护方案的整个电路的安全性.最后,我们用Design Compiler工具对防护方案的性能消耗情况进行了评估.评估结果显示,与序列化实现方式的uBlock防护方案相比,我们的防护方案的延迟能够减少约95%.展开更多
文摘The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from the victim and 2) exfiltrate data from compromised machines. Attack strategies of this nature on the greater power grid and building infrastructure levels have been shown to be a serious threat. This project further explores this concept of a novel attack vector by creating a new type of penetration testing tool: an USB power adapter capable of remote monitoring of device power consumption and communicating through powerline communications.
基金supported by the National Key Research and Development Program of China (2018YFB0804004)the Foundation of the National Natural Science Foundation of China (61602509)+1 种基金the Foundation for Innovative Research Groups of the National Natural Science Foundation of China (61521003)the Key Technologies Research and Development Program of Henan Province of China (172102210615)
文摘Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immediate deployment due to their requirement for modification of virtualization structure, we adopt dynamic migration, an inherent mechanism of the cloud platform, as a general defense against this kind of threats. To this end, we first set up a unified practical information leakage model which shows the factors affecting side channels and describes the way they influence the damage due to side-channel attacks. Since migration is adopted to limit the time duration of co-residency, we envision this defense as an optimization problem by setting up an Integer Linear Programming(ILP) to calculate optimal migration strategy, which is intractable due to high computational complexity. Therefore, we approximate the ILP with a baseline genetic algorithm, which is further improved for its optimality and scalability. Experimental results show that our migration-based defense can not only provide excellent security guarantees and affordable performance cost in both theoretical simulation and practical cloud environment, but also achieve better optimality and scalability than previous countermeasures.
基金supported by the National Natural Science Foundation of China(60373109)Ministry of Science and Technologyof China and the National Commercial Cryptography Application Technology Architecture and Application DemonstrationProject(2008BAA22B02).
文摘An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNAF) algorithm is proposed to secure ECC scalar multiplication from these attacks. This algorithm adopts the fractional window method and probabilistic SPA scheme to reconfigure the pre-computed table, and it allows designers to make a dynamic configuration on pre-computed table. And then, it is enhanced to resist SPA, DPA, RPA and ZPA attacks by using the random masking method. Compared with the WBRIP and EBRIP methods, our proposals has the lowest total computation cost and reduce the shake phenomenon due to sharp fluctuation on computation performance.
基金supported in part by the National Natural Science Foundation of China(Nos.62173206,62103229)the China Postdoctoral Science Foundation(Nos.2021M691849,2021M692024)+1 种基金the Natural Science Foundation of Shandong Province(Nos.ZR2021ZD13,ZR2021QF026)the National Key R&D Program of China(No.2021YFE0193900)。
文摘This paper characterizes the joint effects of plant uncertainty,Denial-of-Service(DoS)attacks,and fading channel on the stabilization problem of networked control systems(NCSs).It is assumed that the controller remotely controls the plant and the control input is transmitted over a fading channel.Meanwhile,considering the sustained attack cycle and frequency of DoS attacks are random,the packet-loss caused by DoS attacks is modelled by a Markov process.The sampled-data NCS is transformed into a stochastic form with Markov jump and uncertain parameter.Then,based on Lyapunov functional method,linear matrix inequality(LMI)-based sufficient conditions are presented to ensure the stability of uncertain NCSs.The main contribution of this article lies in the construction of NCSs based on DoS attacks into Markov jump system(MJS)and the joint consideration of fading channel and plant uncertainty.
文摘Cloud computing involves remote server deployments with public net-work infrastructures that allow clients to access computational resources.Virtual Machines(VMs)are supplied on requests and launched without interactions from service providers.Intruders can target these servers and establish malicious con-nections on VMs for carrying out attacks on other clustered VMs.The existing system has issues with execution time and false-positive rates.Hence,the overall system performance is degraded considerably.The proposed approach is designed to eliminate Cross-VM side attacks and VM escape and hide the server’s position so that the opponent cannot track the target server beyond a certain point.Every request is passed from source to destination via one broadcast domain to confuse the opponent and avoid them from tracking the server’s position.Allocation of SECURITY Resources accepts a safety game in a simple format as input andfinds the best coverage vector for the opponent using a Stackelberg Equilibrium(SSE)technique.A Mixed Integer Linear Programming(MILP)framework is used in the algorithm.The VM challenge is reduced by afirewall-based controlling mechanism combining behavior-based detection and signature-based virus detection.The pro-posed method is focused on detecting malware attacks effectively and providing better security for the VMs.Finally,the experimental results indicate that the pro-posed security method is efficient.It consumes minimum execution time,better false positive rate,accuracy,and memory usage than the conventional approach.
基金Supported by the National Natural ScienceFoundation of China (60473029)
文摘Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequence of bit-strings representing the scalar k, characterized by the fact that all bit-strings are different from zero; this property will ensure a uniform computation behavior for the algorithm, and thus will make it secure against simple power analysis attacks (SPA). With other randomization techniques, the proposed countermeasures do not penalize the computation time. The proposed scheme is more efficient than MOEller's one, its cost being about 5% to 10% smaller than MOEller's one.
文摘The different realistic propagation channels are faced frequently the multipath fading environments. The main goal of this system design (cognitive radio network) is to improve the efficiency of spectrum access on a non-interfering basis. This system achieves high utilization for the limited spectrum in order to fulfill needs for all users’ demands which are considered as a problem in wireless communications due to rapidly increasing in wireless applications and service. This system is exposed to attack due to the vulnerabilities existence in this system. So, the main outcome of this paper is to investigate the performance of the cooperative sensing in cognitive radio networks under malicious attacks over different channel impairments, and to illustrate the most suitable individual probability of detection in real faded channel by using Nakagami model. This paper illustrates the effectiveness of the attacks and fading on the performance of spectrum sensing process.
基金supported by the fundamental Research Funds for the Central University under Grant 2013JBM006
文摘Nowadays the modular multiplications in many kinds of smartcards are utilized Montgomery's algorithm modular multiplier, so traditional SPA to RSA becomes invalid. An improved attack method is proposed based on SPA which just depends on the fact that there exist some subtle differences in each loop during the operation of cd mod n. At same time, compared with the traditional SPA, it doesn't need to select the clear text or some known message. Using this method, attacks can easy to discover the mode of RSA implementation and extract the bits of decryption key just based on a few collected traces. From the real attack test on several main kinds of smartcard, the private keys of RSA stored inside can be analyzed successfully.
基金Project supported by the National Natural Science Foundation of China (Grant No.60573031)the Foundation of the National Laboratory for Modern Communications (Grant No.51436060205JW0305)
文摘Based on the structure of the side channel attacks (SCAs) to RSA cryptosystem can resist the fault attack and combine with the randomization method for the message and secret exponent, a new implementation scheme of CRT-based (the Chinese remained theorem) RSA is proposed. The proposed scheme can prevent simple power analysis (SPA), differential power analysis (DPA) and time attack, and is compatible with the existing RSA-CRT cryptosystem as well. In addition, an improvement for resisting fault attack is proposed, which can reduce extra computation time.
文摘The security of Internet of Things(IoT)is a challenging task for researchers due to plethora of IoT networks.Side Channel Attacks(SCA)are one of the major concerns.The prime objective of SCA is to acquire the information by observing the power consumption,electromagnetic(EM)field,timing analysis,and acoustics of the device.Later,the attackers perform statistical functions to recover the key.Advanced Encryption Standard(AES)algorithm has proved to be a good security solution for constrained IoT devices.This paper implements a simulation model which is used to modify theAES algorithm using logicalmasking properties.This invariant of the AES algorithm hides the array of bits during substitution byte transformation of AES.This model is used against SCAand particularly Power Analysis Attacks(PAAs).Simulation model is designed on MATLAB simulator.Results will give better solution by hiding power profiles of the IoT devices against PAAs.In future,the lightweight AES algorithm with false key mechanisms and power reduction techniques such as wave dynamic differential logic(WDDL)will be used to safeguard IoT devices against side channel attacks by using Arduino and field programmable gate array(FPGA).
文摘目前已有文献给出了uBlock分组密码算法的侧信道防护方案,但是这些方案不仅延迟较高,难以适用于低延迟高吞吐场景,而且在毛刺探测模型下缺乏可证明安全性.针对这一问题,本文给出了在毛刺探测模型下具有可证明安全性的uBlock算法的低延迟门限实现方案.此外,我们引入了Changing of the Guards技术来避免防护方案在执行过程中需要额外随机数.对于防护方案的安全性,我们用自动化评估工具SILVER验证了S盒的毛刺探测安全性,并用泄露评估技术TVLA(Test Vector Leakage Assessment)验证了防护方案的整个电路的安全性.最后,我们用Design Compiler工具对防护方案的性能消耗情况进行了评估.评估结果显示,与序列化实现方式的uBlock防护方案相比,我们的防护方案的延迟能够减少约95%.