Intrusion Detection System for PS-Poll DoS Attack in 802.11 Networks Using Real Time Discrete Event System

Wi-Fi devices have limited battery life because of which conserving battery life is imperative. The 802.11 Wi-Fi standard provides power management feature that allows stations(STAs) to enter into sleep state to preserve energy without any frame losses. After the STA wakes up, it sends a null data or PS-Poll frame to retrieve frame(s) buffered by the access point(AP), if any during its sleep period. An attacker can launch a power save denial of service(PS-DoS) attack on the sleeping STA(s) by transmitting a spoofed null data or PS-Poll frame(s) to retrieve the buffered frame(s) of the sleeping STA(s) from the AP causing frame losses for the targeted STA(s). Current approaches to prevent or detect the PS-DoS attack require encryption,change in protocol or installation of proprietary hardware. These solutions suffer from expensive setup, maintenance, scalability and deployment issues. The PS-DoS attack does not differ in semantics or statistics under normal and attack circumstances.So signature and anomaly based intrusion detection system(IDS) are unfit to detect the PS-DoS attack. In this paper we propose a timed IDS based on real time discrete event system(RTDES) for detecting PS-DoS attack. The proposed DES based IDS overcomes the drawbacks of existing systems and detects the PS-DoS attack with high accuracy and detection rate. The correctness of the RTDES based IDS is proved by experimenting all possible attack scenarios.

Further Analysis of Block Ciphers against Timing Attacks

Timing attacks break a cryptosystem by time measurement to recover keys. Most available countermeasures protect block ciphers based on the safety of modules. This paper gives a complete definition of timing attacks and studies the vulnerability of operations and modules on timing attacks. We present a method to transfer the security of the algorithm to that of secure operations by reduction. As a result, we hopefully tend to reconcile the provable security notions and modem cryptography with real-world implementations of block ciphers.

Hybrid-triggered consensus for multi-agent systems with time-delays,uncertain switching topologies, and stochastic cyber-attacks

We propose a new approach to discuss the consensus problem of multi-agent systems with time-varying delayed control inputs, switching topologies, and stochastic cyber-attacks under hybrid-triggered mechanism.A Bernoulli variable is used to describe the hybrid-triggered scheme, which is introduced to alleviate the burden of the network.The mathematical model of the closed-loop control system is established by taking the influences of time-varying delayed control inputs,switching topologies, and stochastic cyber-attacks into account under the hybrid-triggered scheme.A theorem as the main result is given to make the system consistent based on the theory of Lyapunov stability and linear matrix inequality.Markov jumps with uncertain rates of transitions are applied to describe the switch of topologies.Finally, a simulation example demonstrates the feasibility of the theory in this paper.

Timing Attack Analysis on AA_βCryptosystem

Timing attack is an attack on the implementation of a cryptographic primitive. The attack collects leaked secret data via certain implementation techniques either on software or hardware. This paper provides an analysis of a theoretical timing attack on the AAβ algorithm. The attack discussed in this paper gives avenues for secure implementation of AAβ against timing attacks. The simulation of the attack is important to provide invulnerability features for the algorithm in order to be implemented and embedded on applications. At the end of the attack, a method to overcome it will be introduced and it is called AAβ blinding.

Information Theoretic Distinguishers for Timing Attacks with Partial Profiles: Solving the Empty Bin Issue

In any side-channel attack, it is desirable to exploit all the available leakage data to compute the distinguisher’s values. The profiling phase is essential to obtain an accurate leakage model, yet it may not be exhaustive. As a result, information theoretic distinguishers may come up on previously unseen data, a phenomenon yielding empty bins. A strict application of the maximum likelihood method yields a distinguisher that is not even sound. Ignoring empty bins reestablishes soundness, but seriously limits its performance in terms of success rate. The purpose of this paper is to remedy this situation. In this research, we propose six different techniques to improve the performance of information theoretic distinguishers. We study them thoroughly by applying them to timing attacks, both with synthetic and real leakages. Namely, we compare them in terms of success rate, and show that their performance depends on the amount of profiling, and can be explained by a bias-variance analysis. The result of our work is that there exist use-cases, especially when measurements are noisy, where our novel information theoretic distinguishers (typically the soft-drop distinguisher) perform the best compared to known side-channel distinguishers, despite the empty bin situation.

A Novel Technique for Detection of Time Delay Switch Attack on Load Frequency Control

In this paper, we focus on the estimation of time delays caused by adversaries in the sensing loop (SL). Based on the literature review, time delay switch (TDS) attacks could make any control system, in particular a power control system, unstable. Therefore, future smart grids will have to use advanced methods to provide better situational awareness of power grid states keeping smart grids reliable and safe from TDS attacks. Here, we introduce a simple method for preventing time delay switch attack on networked control systems. The method relies on an estimator that will estimate and track time delays introduced by an adversary. Knowing the maximum tolerable time delay of the plant’s optimal controller for which the plant remains stable, a time-delay detector issues an alarm signal when the estimated time delay is larger than the minimum one and directs the system to alarm state. In an alarm state, the plant operates under the control of an emergency controller that is local to the plant and remains in this mode until the networked control system state is restored. This method is an inexpensive and simple way to guarantee that an industrial control system remains stable and secure.

Modified Adhoc On-Demand Distance Vector for Trust Evaluation And Attack Detection

Recently,Wireless Sensor Network(WSN)becomes most potential technologies for providing improved services to several data gathering and track-ing applications.Because of the wireless medium,multi-hop communication,absence of physical protectivity,and accumulated traffic,WSN is highly vulner-able to security concerns.Therefore,this study explores a specific type of DoS attack identified as a selective forwarding attack where the misbehaving node in the network drops packet on a selective basis.It is challenging to determine if packet loss is caused by a collision in the medium access path,poor channel quality,or a selective forwarding assault.Identifying misbehaving nodes at the earliest opportunity is an acceptable solution for performing secure routing in such networks.As a result,in this study effort,we present a unique Modified Ad Hoc On-Demand Distance Vector(AODV)Routing protocol depending upon the One time password(OTP)method that employs the RSA algorithm.Finally,a trust evaluation process determines which approach is the most optimal.Accord-ing to the simulationfindings of the suggested routing protocol and comparison with existing routing protocols provided in this article,the proposed work is both efficient and cost-effective.

计及DoS攻击和通信时滞的电力系统负荷频率控制

针对电力系统通信网络中存在的时滞和DoS攻击现象,本文提出了基于采样特性的电力系统离散负荷频率控制方案。首先,计及电力系统负荷波动的情况,在多区域电力系统负荷频率控制系统(LFC)模型的基础上,将通信网络中DoS攻击的危害量化为采样信号连续丢失数,并分别考虑通信网络中通信时滞和输出信号采样特性,建立包含输出状态反馈控制器的电力系统LFC模型。其次,基于此模型,利用含有控制命令更新周期、DoS攻击导致的最大采样信号连续丢失数、通信时滞、H_(∞)稳定指标的双边闭环Lyapunov泛函、LMI技术,提出LFC系统满足一定H_(∞)指标的稳定准则,并给出离散状态输出反馈LFC控制器的设计及求解方法。最后,本文以单区域和双区域LFC系统为例进行了仿真验证。结果表明:与已有文献方法相比,本文方法在保持系统H_(∞)渐近稳定前提下,能够容忍更大的通信时滞,且结果的保守性更低;同时可以看出本文所设计的控制器在保证H_(∞)稳定性能的基础上,对一定能量限制的DoS攻击具有弹性的防御性能。因此本文方案的有效性和优越性得到了验证。

盐渍土环境下考虑耐久性损伤的输电塔风振时程分析

长期服役于盐渍土环境下的输电塔耐久性损伤较为严重,当其材料力学性能退化到一定程度时,在强风作用下,输电塔可能会发生破坏,危害线路的安全运行。基于±800kV天中线特高压直流输电工程直线塔,考虑基础钢筋锈蚀、基础混凝土侵蚀、输电塔杆塔钢材锈蚀以及基础箍筋的约束效应,在ABAQUS有限元软件中建立塔-线-基础耦合模型,研究不同风攻角和材料耐久性损伤对塔身动力响应的影响。结果表明:90°风攻角下塔身顺风向位移最大,为最不利风向基本工况;90°风攻角下输电塔塔顶顺风向位移响应贡献主要以背景分量为主,但共振分量也有一定贡献,主要以输电塔1阶振型频率为主,且随着服役时间的增加,振型频率逐渐降低,相应响应的贡献程度逐渐提高;相同风荷载作用下,随着服役时间的增加,塔身位移逐渐增大,相同服役时间下,随着塔身高度的增加,塔身位移响应峰值增长速度变快,结构振动更加明显,材料耐久性损伤对输电塔的位移响应影响较大。

氯盐与硫酸盐复合侵蚀下钢筋混凝土锈裂行为

为评估海洋、盐湖等环境中钢筋混凝土结构耐久性,通过试验与理论相结合探究氯盐与硫酸盐复合侵蚀下钢筋混凝土锈裂特性。通电腐蚀5%(质量分数)NaCl、5%NaCl+5%Na_(2)SO_(4)溶液中钢筋混凝土试件,对比分析混凝土表观形貌、钢筋锈蚀特征。设计伴随的混凝土腐蚀试验,类比保护层腐蚀劣化,分析混凝土力学性能。结果表明:硫酸盐的存在改变胀裂前混凝土形貌,使得单一氯盐侵蚀下的“白须”消失,表面粉化并出现盐结晶,延长胀裂时间;复合侵蚀下钢筋锈蚀率低于单一氯盐侵蚀,二者均显著低于法拉第定律理论值;锈胀裂缝宽度与钢筋锈蚀率线性相关,硫酸盐的存在增大裂缝随钢筋锈蚀发展的速率;通电环境中,受腐蚀混凝土的抗压强度先升高后降低,劈裂抗拉强度不断降低。提出受腐蚀混凝土的抗拉强度演化经验公式。在经典锈胀模型的基础上考虑锈蚀产物对裂缝的填充作用,并将硫酸盐的影响考虑至混凝土抗拉强度、钢筋腐蚀电流密度中,建立复合侵蚀下钢筋混凝土胀裂时间预测模型,并验证了模型的有效性。

视场角限制下的攻击时间和角度三维矢量制导律设计

为了提高导弹精确打击目标的能力,控制攻击时间和攻击角度三维制导问题在实际应用中具有重要的意义。针对这一问题,本文基于三维矢量制导模型提出了一种视场角约束下的攻击时间和攻击角度控制律。首先,通过将平面矢量制导律扩展至三维空间,提出了一种三维矢量攻击角度约束制导律;其次,在上述制导指令的拦截分量中引入剩余时间偏置项,设计了一种在视场角约束下的三维矢量制导律,并进行了稳定性分析。保证导弹能在视场角约束的条件下,以期望的攻击时间和角度击中目标,并且误差均小于0.01;最后,通过数值模拟验证了所设计制导律的正确性和有效性。

基于局部扰动的时间序列预测对抗攻击

时间序列预测模型已广泛应用于日常生活中的各个行业,针对这些预测模型的对抗攻击关系到各行业数据的安全性.目前,时间序列的对抗攻击多在全局范围内进行大规模扰动,导致对抗样本易被感知.同时,对抗攻击的效果会随着扰动幅度的降低而明显下降.因此,如何在生成不易察觉的对抗样本的同时保持较好的攻击效果,是当前时间序列预测对抗攻击领域亟需解决的问题之一.首先提出一种基于滑动窗口的局部扰动策略,缩小对抗样本的扰动区间;其次,使用差分进化算法寻找最优攻击点位,并结合分段函数分割扰动区间,进一步降低扰动范围,完成半白盒攻击.和已有的对抗攻击方法在多个不同深度模型上的对比实验表明,所提出的方法能够生成不易感知的对抗样本,并有效改变模型的预测趋势,在股票交易、电力消耗、太阳黑子观测和气温预测这4个具有挑战性的任务中均取得了较好的攻击效果.

处理器时间侧信道攻防技术综述

现代处理器优化机制众多,设计人员在追求性能提升时,往往忽略背后的安全风险。时间侧信道攻击因其影响面广且隐蔽性好已成为最主要的安全威胁之一。随着瞬态执行攻击的出现,时间侧信道攻击的能力被进一步扩展,计算系统的安全基础被动摇。为此,处理器厂商及安全人员提出了大量防御机制。这些机制具有不同的防护能力及性能开销。与此同时,新的瞬态执行漏洞和隐蔽信道也不断被发现,已提出的防御机制被不断突破。围绕处理器时间侧信道攻防技术的博弈日益激烈。本文从基本攻击原理出发,对现有时间侧信道攻击进行了归纳总结,并在此基础上进一步分析了相关防御机制的保护能力和性能瓶颈,从而梳理出时间侧信道攻防技术的发展趋势,为未来软硬件系统开发和安全技术探索提供参考。

基于落角和时间约束的巡飞弹末端协同打击策略

为解决集群巡飞弹末制导阶段协同定向打击问题,提出了一种具有落角约束的巡飞弹末端协同打击策略。基于小偏差方法,推导了一种具有落角约束的偏置比例制导律,以解决纵向平面定向打击问题。结合所提制导方案,推导了综合考虑比例控制项和角度控制项剩余时间估计方法。在侧向平面内,设计了一种具有时变系数且不存在除零奇异问题的时间控制偏置项,以解决时间控制问题。此外,以剩余时间为协调变量,利用双层协同架构来解决多枚巡飞弹协同定向打击问题。仿真结果验证了该协同制导策略良好的落角控制和协同打击性能。

硫酸盐侵蚀环境下水泥基胶砂试件抗折抗蚀系数计算模型

针对硫酸盐侵蚀环境下10 mm×10 mm×60 mm规格的水泥基胶砂试件因试验材料及环境的微小变化引起数据离散的问题,开展硫酸盐侵蚀环境下水泥基胶砂试件抗折抗蚀系数计算模型研究。综合考虑水胶比、掺合料掺量、硫酸盐浓度等因素,提出用状态时变参数来表征其时变影响,推导并建立水泥基胶砂试件抗折抗蚀系数计算模型。通过浸泡抗侵蚀试验(K法)分别测试不同水胶比、粉煤灰掺量、硫酸盐浓度以及侵蚀龄期下的水泥基胶砂试件抗折强度并计算抗蚀系数,同时对相关文献的抗蚀系数进行预测。结果表明:模型计算值与试验实测值综合平均误差为3.1%,两值之间无显著差异且模型预测为无偏估计;模型计算值与相关文献实测值的综合平均误差为6.5%。该模型具有良好的适用性及普适性,可为内陆干旱地区混凝土抗硫酸盐侵蚀性能研究提供参考。

基于GSCPN的硬件木马攻击建模与安全性分析

针对硬件木马(hardware trojan,HT)的研究主要集中在HT设计和防御的具体策略,缺乏面向HT攻击的系统安全性量化评估模型的问题,提出了基于广义随机着色petri网(generalized stochastic coloring petri net,GSCPN)的HT攻击和安全评估模型。基于单个基本单元的HT攻击行为和状态之间的时序关系,构建了单个基本单元的HT攻击GSCPN模型,根据系统工作状态下基本单元的通信依赖关系,给出了构建系统HT攻击GSCPN模型的通用方法。求解了与GSCPN模型同构的马尔可夫链的解析解,以及采用蒙特卡罗模拟方法的仿真解,二者的误差仅为0.00183,验证了所提方法建模的准确性。通过案例分析了不同场景下系统的安全性,实验结果表明,木马攻击强度、木马恢复时间和任务执行时间均对安全性有不同程度的影响。

无人机集群对地攻击时空协同控制策略

针对三维战场环境下无人机集群协同对地打击问题,提出了一种基于预设时间收敛的无人机集群时空协同控制方法.首先,对无人机集群对地攻击任务场景及其相关要素进行了分析,并建立了无人机集群、地面运动目标和攻击问题模型.在问题建模的基础上,考虑无人机集群的时空协同策略,设计三维空间无人机集群对地攻击的时空协同控制律.所提出的时空协同控制律能够控制无人机集群在指定的时间内到达期望的攻击位置,实现对地面运动目标的时空协同攻击.通过基于李雅普诺夫函数的理论分析,证明了所提出的控制律能够在预设时间条件下使攻击位置误差变量渐进稳定.仿真结果表明,在地面运动目标转弯运动的情况下,所提出的协同控制律能够实现无人机集群的时空协同,在指定的时间内完成对地面运动目标的多角度协同攻击.

基于安全态势监测模型的泛在终端种类攻击自动识别研究

以提升泛在终端种类攻击自动识别精度为目的,研究基于安全态势监测模型的泛在终端种类攻击自动识别方法。对初始数据序列实施等时距处理,依照累加数列所表现出的反“S”形摆动特征,通过灰色Verhulst模型确定泛在终端风险值。将支持向量机的参数与分类精度分别作为改进粒子群算法的粒子和目标函数,通过全局搜索过程确定支持向量机的最优参数,构建多分类识别模型,将泛在终端风险值作为输入,利用识别模型自动识别泛在终端攻击类型。实验分析结果显示该方法攻击类型查准率为97.81%,DCP值最高达到0.0063%。

基于三步迭代滤波器的缓变型时间同步攻击防护方案

针对卫星接收机可能遭受转发式欺骗干扰而造成缓变型时间同步攻击的情形,提出了基于三步迭代滤波器的攻击防护方案.该方案首先引入缓变型时间同步攻击模型和缓变型时间同步攻击感知模型,并利用三步迭代滤波器估计缓变型时间同步攻击感知模型的时钟偏差与时钟漂移,最后依据构建的纠偏模型对钟差与钟漂进行校正.仿真实验结果表明,该方案能在1 s内及时检测出缓变型时间同步攻击,并进行有效抑制,有效降低时间同步攻击对授时精度的影响.