Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immedi...Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immediate deployment due to their requirement for modification of virtualization structure, we adopt dynamic migration, an inherent mechanism of the cloud platform, as a general defense against this kind of threats. To this end, we first set up a unified practical information leakage model which shows the factors affecting side channels and describes the way they influence the damage due to side-channel attacks. Since migration is adopted to limit the time duration of co-residency, we envision this defense as an optimization problem by setting up an Integer Linear Programming(ILP) to calculate optimal migration strategy, which is intractable due to high computational complexity. Therefore, we approximate the ILP with a baseline genetic algorithm, which is further improved for its optimality and scalability. Experimental results show that our migration-based defense can not only provide excellent security guarantees and affordable performance cost in both theoretical simulation and practical cloud environment, but also achieve better optimality and scalability than previous countermeasures.展开更多
Quantum key distribution(QKD),rooted in quantum mechanics,offers information-theoretic security.However,practi-cal systems open security threats due to imperfections,notably bright-light blinding attacks targeting sin...Quantum key distribution(QKD),rooted in quantum mechanics,offers information-theoretic security.However,practi-cal systems open security threats due to imperfections,notably bright-light blinding attacks targeting single-photon detectors.Here,we propose a concise,robust defense strategy for protecting single-photon detectors in QKD systems against blinding attacks.Our strategy uses a dual approach:detecting the bias current of the avalanche photodiode(APD)to defend against con-tinuous-wave blinding attacks,and monitoring the avalanche amplitude to protect against pulsed blinding attacks.By integrat-ing these two branches,the proposed solution effectively identifies and mitigates a wide range of bright light injection attempts,significantly enhancing the resilience of QKD systems against various bright-light blinding attacks.This method forti-fies the safeguards of quantum communications and offers a crucial contribution to the field of quantum information security.展开更多
Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequen...Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequence of bit-strings representing the scalar k, characterized by the fact that all bit-strings are different from zero; this property will ensure a uniform computation behavior for the algorithm, and thus will make it secure against simple power analysis attacks (SPA). With other randomization techniques, the proposed countermeasures do not penalize the computation time. The proposed scheme is more efficient than MOEller's one, its cost being about 5% to 10% smaller than MOEller's one.展开更多
Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement i...Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement is usually not met.In this paper,an attack algorithm based on collaborative learning is proposed.The algorithm only needs to use a small number of labeled power traces to cooperate with the unlabeled power trace to realize the attack to cryptographic device.By experimenting with the DPA contest V4 dataset,the results show that the algorithm can improve the accuracy by about 20%compared with the pure supervised learning in the case of using only 10 labeled power traces.展开更多
As a database that allows data to be stored in XML format, XML database suffers from some similar attacks as traditional relational database does. These attacks include injection attack by XQuey function in applicatio...As a database that allows data to be stored in XML format, XML database suffers from some similar attacks as traditional relational database does. These attacks include injection attack by XQuey function in application software. These include BaseX, eXist and MarkLogic. In order to defeat these attacks, countermeasures are proposed.展开更多
One of the significant challenges that smart grid networks face is cyber-security. Several studies have been conducted to highlight those security challenges. However, the majority of these surveys classify attacks ba...One of the significant challenges that smart grid networks face is cyber-security. Several studies have been conducted to highlight those security challenges. However, the majority of these surveys classify attacks based on the security requirements, confidentiality, integrity, and availability, without taking into consideration the accountability requirement. In this survey paper, we provide a classification of attacks based on the OSI model and discuss in more detail the cyber-attacks that can target the different layers of smart grid networks communication. We also propose new classifications for the detection and countermeasure techniques and describe existing techniques under each category. Finally, we discuss challenges and future research directions.展开更多
Ethernet-based Passive Optical Network(EPON) is considered a very promising solution for the first mile problem of the next generation networks.Due to its particular characteristic of shared media structure,EPON suffe...Ethernet-based Passive Optical Network(EPON) is considered a very promising solution for the first mile problem of the next generation networks.Due to its particular characteristic of shared media structure,EPON suffers many security vulnerabilities. Communication security must be guaranteed when EPON is applied in practice.This paper gives a general introduction to the EPON system,analyzes the potential threats and attacks pertaining to the EPON system,and presents effective countermea-sures against these threats and attacks with emphasis on the authentication protocols and key distribution.展开更多
In a practical quantum key distribution(QKD) system, imperfect equipment, especially the single-photon detector,can be eavesdropped on by a blinding attack. However, the original blinding attack may be discovered by...In a practical quantum key distribution(QKD) system, imperfect equipment, especially the single-photon detector,can be eavesdropped on by a blinding attack. However, the original blinding attack may be discovered by directly detecting the current. In this paper, we propose a probabilistic blinding attack model, where Eve probabilistically applies a blinding attack without being caught by using only an existing intuitive countermeasure. More precisely, our countermeasure solves the problem of how to define the bound in the limitation of precision of current detection, and then we prove security of the practical system by considering the current parameter. Meanwhile, we discuss the bound of the quantum bit error rate(QBER) introduced by Eve, by which Eve can acquire information without the countermeasure.展开更多
Side-channel attacks have recently progressed into software-induced attacks.In particular,a rowhammer attack,which exploits the characteristics of dynamic random access memory(DRAM),can quickly and continuously access...Side-channel attacks have recently progressed into software-induced attacks.In particular,a rowhammer attack,which exploits the characteristics of dynamic random access memory(DRAM),can quickly and continuously access the cells as the cell density of DRAM increases,thereby generating a disturbance error affecting the neighboring cells,resulting in bit flips.Although a rowhammer attack is a highly sophisticated attack in which disturbance errors are deliberately generated into data bits,it has been reported that it can be exploited on various platforms such as mobile devices,web browsers,and virtual machines.Furthermore,there have been studies on bypassing the defense measures of DRAM manufacturers and the like to respond to rowhammer attacks.A rowhammer attack can control user access and compromise the integrity of sensitive data with attacks such as a privilege escalation and an alteration of the encryption keys.In an attempt to mitigate a rowhammer attack,various hardware-and software-based mitigation techniques are being studied,but there are limitations in that the research methods do not detect the rowhammer attack in advance,causing overhead or degradation of the system performance.Therefore,in this study,a rowhammer attack detection technique is proposed by extracting common features of rowhammer attack files through a static analysis of rowhammer attack codes.展开更多
This paper presents the attack tree modeling technique of quantifying cyber-attacks on a hypothetical school network system. Attack trees are constructed by decomposing the path in the network system where attacks are...This paper presents the attack tree modeling technique of quantifying cyber-attacks on a hypothetical school network system. Attack trees are constructed by decomposing the path in the network system where attacks are plausible. Considered for the network system are two possible network attack paths. One network path represents an attack through the Internet, and the other represents an attack through the Wireless Access Points (WAPs) in the school network. The probabilities of success of the events, that is, 1) the attack payoff, and 2) the commitment of the attacker to infiltrate the network are estimated for the leaf nodes. These are used to calculate the Returns on Attacks (ROAs) at the Root Nodes. For Phase I, the “As Is” network, the ROA values for both attack paths, are higher than 7 (8.00 and 9.35 respectively), which are high values and unacceptable operationally. In Phase II, countermeasures are implemented, and the two attack trees reevaluated. The probabilities of success of the events, the attack payoff and the commitment of the attacker are then re-estimated. Also, the Returns on Attacks (ROAs) for the Root Nodes are re-assessed after executing the countermeasures. For one attack tree, the ROA value of the Root Node was reduced to 4.83 from 8.0, while, for the other attack tree, the ROA value of the Root Node changed to 3.30 from 9.35. ROA values of 4.83 and 3.30 are acceptable as they fall within the medium value range. The efficacy of this method whereby, attack trees are deployed to mitigate computer network risks, as well as using it to assess the vulnerability of computer networks is quantitatively substantiated.展开更多
Mobile Ad hoc NETworks (MANETs), characterized by the free move of mobile nodes are more vulnerable to the trivial Denial-of-Service (DoS) attacks such as replay attacks. A replay attacker performs this attack at anyt...Mobile Ad hoc NETworks (MANETs), characterized by the free move of mobile nodes are more vulnerable to the trivial Denial-of-Service (DoS) attacks such as replay attacks. A replay attacker performs this attack at anytime and anywhere in the network by interception and retransmission of the valid signed messages. Consequently, the MANET performance is severally degraded by the overhead produced by the redundant valid messages. In this paper, we propose an enhancement of timestamp discrepancy used to validate a signed message and consequently limiting the impact of a replay attack. Our proposed timestamp concept estimates approximately the time where the message is received and validated by the received node. This estimation is based on the existing parameters defined at the 802.11 MAC layer.展开更多
The coordinated Bayesian optimization algorithm(CBOA) is proposed according to the characteristics of the function independence,conformity and supplementary between the electronic countermeasure(ECM) and the firep...The coordinated Bayesian optimization algorithm(CBOA) is proposed according to the characteristics of the function independence,conformity and supplementary between the electronic countermeasure(ECM) and the firepower attack systems.The selection criteria are combinations of probabilities of individual fitness and coordinated degree and can select choiceness individual to construct Bayesian network that manifest population evolution by producing the new chromosome.Thus the CBOA cannot only guarantee the effective pattern coordinated decision-making mechanism between the populations,but also maintain the population multiplicity,and enhance the algorithm performance.The simulation result confirms the algorithm validity.展开更多
A side-channel attack(SCA)-resistant AES S-box implementation is proposed,which is an improvement from the power-aware hiding(PAH)S-box but with higher security and a smaller area.We use the composite field approach a...A side-channel attack(SCA)-resistant AES S-box implementation is proposed,which is an improvement from the power-aware hiding(PAH)S-box but with higher security and a smaller area.We use the composite field approach and apply the PAH method to the inversion in the nonlinear kernel and a masking method to the other parts.In addition,a delaymatched enable control technique is used to suppress glitches in the masked parts.The evaluation results show that its area is contracted to 63.3%of the full PAH S-box,and its power-delay product is much lower than that of the masking implementation.The leakage assessment using simulation power traces concludes that it has no detectable leakage under t-test and that it at least can thwart the moment-correlation analysis using 665000 noiseless traces.展开更多
Protocol tunneling is widely used to add security and/or privacy to Internet applications. Recent research has exposed side channel vulnerabilities that leak information about tunneled protocols. We first discuss the ...Protocol tunneling is widely used to add security and/or privacy to Internet applications. Recent research has exposed side channel vulnerabilities that leak information about tunneled protocols. We first discuss the timing side channels that have been found in protocol tunneling tools. We then show how to infer Hidden Markov models (HMMs) of network protocols from timing data and use the HMMs to detect when protocols are active. Unlike previous work, the HMM approach we present requires no a priori knowledge of the protocol. To illustrate the utility of this approach, we detect the use of English or Italian in interactive SSH sessions. For this example application, keystroke-timing data associates inter-packet delays with keystrokes. We first use clustering to extract discrete information from continuous timing data. We use discrete symbols to infer a HMM model, and finally use statistical tests to determine if the observed timing is consistent with the language typing statistics. In our tests, if the correct window size is used, fewer than 2% of data windows are incorrectly identified. Experimental verification shows that on-line detection of language use in interactive encrypted protocol tunnels is reliable. We compare maximum likelihood and statistical hypothesis testing for detecting protocol tunneling. We also discuss how this approach is useful in monitoring mix networks like The Onion Router (Tor).展开更多
The cache-based covert channel is one of the common vulnerabilities exploited in the Spectre attacks.Current mitigation strategies focus on blocking the eviction-based channel by using a random/encrypted mapping funct...The cache-based covert channel is one of the common vulnerabilities exploited in the Spectre attacks.Current mitigation strategies focus on blocking the eviction-based channel by using a random/encrypted mapping function to translate memory address to the cache address,while the updated-based channel is still vulnerable.In addition,some mitigation strategies are also costly as it needs software and hardware modifications.In this paper,our objective is to devise low-cost,comprehensive-protection techniques for mitigating the Spectre attacks.We proposed a novel cache structure,named EBCache,which focuses on the RISC-V processor and applies the address encryption and blacklist to resist the Spectre attacks.The addresses encryption mechanism increases the difficulty of pruning a minimal eviction set.The blacklist mechanism makes the updated cache lines loaded by the malicious updates invisible.Our experiments demonstrated that the EBCache can prevent malicious modifications.The EBCache,however,reduces the processor’s performance by about 23%but involves only a low-cost modification in the hardware.展开更多
Timing attack is an attack on the implementation of a cryptographic primitive. The attack collects leaked secret data via certain implementation techniques either on software or hardware. This paper provides an analys...Timing attack is an attack on the implementation of a cryptographic primitive. The attack collects leaked secret data via certain implementation techniques either on software or hardware. This paper provides an analysis of a theoretical timing attack on the AAβ algorithm. The attack discussed in this paper gives avenues for secure implementation of AAβ against timing attacks. The simulation of the attack is important to provide invulnerability features for the algorithm in order to be implemented and embedded on applications. At the end of the attack, a method to overcome it will be introduced and it is called AAβ blinding.展开更多
传统的文本生成对抗方法主要采用位置置换、字符替换等方式,耗费时间较长且效果较差。针对以上问题,该文提出一种基于改进蚁群算法的对抗样本生成模型IGAS(Improved ant colony algorithm to Generate Adversarial Sample),利用蚁群算...传统的文本生成对抗方法主要采用位置置换、字符替换等方式,耗费时间较长且效果较差。针对以上问题,该文提出一种基于改进蚁群算法的对抗样本生成模型IGAS(Improved ant colony algorithm to Generate Adversarial Sample),利用蚁群算法的特点生成对抗样本,并利用类形字进行优化。首先,构建城市节点群,利用样本中的词构建城市节点群;然后对原始输入样本,利用改进的蚁群算法生成对抗样本;再针对生成结果,通过构建的中日类形字典进行字符替换,生成最终的对抗样本;最后在黑盒模式下进行对抗样本攻击实验。实验在情感分类、对话摘要生成、因果关系抽取等多种领域验证了该方法的有效性。展开更多
There has been a growing interest in the sidechannel analysis(SCA)field based on deep learning(DL)technology.Various DL network or model has been developed to improve the efficiency of SCA.However,few studies have inv...There has been a growing interest in the sidechannel analysis(SCA)field based on deep learning(DL)technology.Various DL network or model has been developed to improve the efficiency of SCA.However,few studies have investigated the impact of the different models on attack results and the exact relationship between power consumption traces and intermediate values.Based on the convolutional neural network and the autoencoder,this paper proposes a Template Analysis Pre-trained DL Classification model named TAPDC which contains three sub-networks.The TAPDC model detects the periodicity of power trace,relating power to the intermediate values and mining the deeper features by the multi-layer convolutional net.We implement the TAPDC model and compare it with two classical models in a fair experiment.The evaluative results show that the TAPDC model with autoencoder and deep convolution feature extraction structure in SCA can more effectively extract information from power consumption trace.Also,Using the classifier layer,this model links power information to the probability of intermediate value.It completes the conversion from power trace to intermediate values and greatly improves the efficiency of the power attack.展开更多
基金supported by the National Key Research and Development Program of China (2018YFB0804004)the Foundation of the National Natural Science Foundation of China (61602509)+1 种基金the Foundation for Innovative Research Groups of the National Natural Science Foundation of China (61521003)the Key Technologies Research and Development Program of Henan Province of China (172102210615)
文摘Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immediate deployment due to their requirement for modification of virtualization structure, we adopt dynamic migration, an inherent mechanism of the cloud platform, as a general defense against this kind of threats. To this end, we first set up a unified practical information leakage model which shows the factors affecting side channels and describes the way they influence the damage due to side-channel attacks. Since migration is adopted to limit the time duration of co-residency, we envision this defense as an optimization problem by setting up an Integer Linear Programming(ILP) to calculate optimal migration strategy, which is intractable due to high computational complexity. Therefore, we approximate the ILP with a baseline genetic algorithm, which is further improved for its optimality and scalability. Experimental results show that our migration-based defense can not only provide excellent security guarantees and affordable performance cost in both theoretical simulation and practical cloud environment, but also achieve better optimality and scalability than previous countermeasures.
基金This work was supported by the Major Scientific and Technological Special Project of Anhui Province(202103a13010004)the Major Scientific and Technological Special Project of Hefei City(2021DX007)+1 种基金the Key R&D Plan of Shandong Province(2020CXGC010105)the China Postdoctoral Science Foundation(2021M700315).
文摘Quantum key distribution(QKD),rooted in quantum mechanics,offers information-theoretic security.However,practi-cal systems open security threats due to imperfections,notably bright-light blinding attacks targeting single-photon detectors.Here,we propose a concise,robust defense strategy for protecting single-photon detectors in QKD systems against blinding attacks.Our strategy uses a dual approach:detecting the bias current of the avalanche photodiode(APD)to defend against con-tinuous-wave blinding attacks,and monitoring the avalanche amplitude to protect against pulsed blinding attacks.By integrat-ing these two branches,the proposed solution effectively identifies and mitigates a wide range of bright light injection attempts,significantly enhancing the resilience of QKD systems against various bright-light blinding attacks.This method forti-fies the safeguards of quantum communications and offers a crucial contribution to the field of quantum information security.
基金Supported by the National Natural ScienceFoundation of China (60473029)
文摘Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequence of bit-strings representing the scalar k, characterized by the fact that all bit-strings are different from zero; this property will ensure a uniform computation behavior for the algorithm, and thus will make it secure against simple power analysis attacks (SPA). With other randomization techniques, the proposed countermeasures do not penalize the computation time. The proposed scheme is more efficient than MOEller's one, its cost being about 5% to 10% smaller than MOEller's one.
文摘Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement is usually not met.In this paper,an attack algorithm based on collaborative learning is proposed.The algorithm only needs to use a small number of labeled power traces to cooperate with the unlabeled power trace to realize the attack to cryptographic device.By experimenting with the DPA contest V4 dataset,the results show that the algorithm can improve the accuracy by about 20%compared with the pure supervised learning in the case of using only 10 labeled power traces.
文摘As a database that allows data to be stored in XML format, XML database suffers from some similar attacks as traditional relational database does. These attacks include injection attack by XQuey function in application software. These include BaseX, eXist and MarkLogic. In order to defeat these attacks, countermeasures are proposed.
文摘One of the significant challenges that smart grid networks face is cyber-security. Several studies have been conducted to highlight those security challenges. However, the majority of these surveys classify attacks based on the security requirements, confidentiality, integrity, and availability, without taking into consideration the accountability requirement. In this survey paper, we provide a classification of attacks based on the OSI model and discuss in more detail the cyber-attacks that can target the different layers of smart grid networks communication. We also propose new classifications for the detection and countermeasure techniques and describe existing techniques under each category. Finally, we discuss challenges and future research directions.
文摘Ethernet-based Passive Optical Network(EPON) is considered a very promising solution for the first mile problem of the next generation networks.Due to its particular characteristic of shared media structure,EPON suffers many security vulnerabilities. Communication security must be guaranteed when EPON is applied in practice.This paper gives a general introduction to the EPON system,analyzes the potential threats and attacks pertaining to the EPON system,and presents effective countermea-sures against these threats and attacks with emphasis on the authentication protocols and key distribution.
基金Project supported by the National Basic Research Program of China(Grant Nos.2011CBA00200 and 2011CB921200)the National Natural Science Foundation of China(Grant Nos.61475148,61201239,61205118,and 11304397)the China Postdoctoral Science Foundation(Grant No.2013M540514)
文摘In a practical quantum key distribution(QKD) system, imperfect equipment, especially the single-photon detector,can be eavesdropped on by a blinding attack. However, the original blinding attack may be discovered by directly detecting the current. In this paper, we propose a probabilistic blinding attack model, where Eve probabilistically applies a blinding attack without being caught by using only an existing intuitive countermeasure. More precisely, our countermeasure solves the problem of how to define the bound in the limitation of precision of current detection, and then we prove security of the practical system by considering the current parameter. Meanwhile, we discuss the bound of the quantum bit error rate(QBER) introduced by Eve, by which Eve can acquire information without the countermeasure.
基金supported by a National Research Foundation of Korea(NRF)Grant funded by the Korean government(MSIT)(No.NRF-2017R1E1A1A01075110).
文摘Side-channel attacks have recently progressed into software-induced attacks.In particular,a rowhammer attack,which exploits the characteristics of dynamic random access memory(DRAM),can quickly and continuously access the cells as the cell density of DRAM increases,thereby generating a disturbance error affecting the neighboring cells,resulting in bit flips.Although a rowhammer attack is a highly sophisticated attack in which disturbance errors are deliberately generated into data bits,it has been reported that it can be exploited on various platforms such as mobile devices,web browsers,and virtual machines.Furthermore,there have been studies on bypassing the defense measures of DRAM manufacturers and the like to respond to rowhammer attacks.A rowhammer attack can control user access and compromise the integrity of sensitive data with attacks such as a privilege escalation and an alteration of the encryption keys.In an attempt to mitigate a rowhammer attack,various hardware-and software-based mitigation techniques are being studied,but there are limitations in that the research methods do not detect the rowhammer attack in advance,causing overhead or degradation of the system performance.Therefore,in this study,a rowhammer attack detection technique is proposed by extracting common features of rowhammer attack files through a static analysis of rowhammer attack codes.
文摘This paper presents the attack tree modeling technique of quantifying cyber-attacks on a hypothetical school network system. Attack trees are constructed by decomposing the path in the network system where attacks are plausible. Considered for the network system are two possible network attack paths. One network path represents an attack through the Internet, and the other represents an attack through the Wireless Access Points (WAPs) in the school network. The probabilities of success of the events, that is, 1) the attack payoff, and 2) the commitment of the attacker to infiltrate the network are estimated for the leaf nodes. These are used to calculate the Returns on Attacks (ROAs) at the Root Nodes. For Phase I, the “As Is” network, the ROA values for both attack paths, are higher than 7 (8.00 and 9.35 respectively), which are high values and unacceptable operationally. In Phase II, countermeasures are implemented, and the two attack trees reevaluated. The probabilities of success of the events, the attack payoff and the commitment of the attacker are then re-estimated. Also, the Returns on Attacks (ROAs) for the Root Nodes are re-assessed after executing the countermeasures. For one attack tree, the ROA value of the Root Node was reduced to 4.83 from 8.0, while, for the other attack tree, the ROA value of the Root Node changed to 3.30 from 9.35. ROA values of 4.83 and 3.30 are acceptable as they fall within the medium value range. The efficacy of this method whereby, attack trees are deployed to mitigate computer network risks, as well as using it to assess the vulnerability of computer networks is quantitatively substantiated.
文摘Mobile Ad hoc NETworks (MANETs), characterized by the free move of mobile nodes are more vulnerable to the trivial Denial-of-Service (DoS) attacks such as replay attacks. A replay attacker performs this attack at anytime and anywhere in the network by interception and retransmission of the valid signed messages. Consequently, the MANET performance is severally degraded by the overhead produced by the redundant valid messages. In this paper, we propose an enhancement of timestamp discrepancy used to validate a signed message and consequently limiting the impact of a replay attack. Our proposed timestamp concept estimates approximately the time where the message is received and validated by the received node. This estimation is based on the existing parameters defined at the 802.11 MAC layer.
基金supported by the National Natural Science Foundation of China (10377014)the Innovation Foundation of Northwestern Polytechnical university (2007KJ01027)
文摘The coordinated Bayesian optimization algorithm(CBOA) is proposed according to the characteristics of the function independence,conformity and supplementary between the electronic countermeasure(ECM) and the firepower attack systems.The selection criteria are combinations of probabilities of individual fitness and coordinated degree and can select choiceness individual to construct Bayesian network that manifest population evolution by producing the new chromosome.Thus the CBOA cannot only guarantee the effective pattern coordinated decision-making mechanism between the populations,but also maintain the population multiplicity,and enhance the algorithm performance.The simulation result confirms the algorithm validity.
基金This work was supported by the National Science and Technology Major Project of China(2017ZX01030301).
文摘A side-channel attack(SCA)-resistant AES S-box implementation is proposed,which is an improvement from the power-aware hiding(PAH)S-box but with higher security and a smaller area.We use the composite field approach and apply the PAH method to the inversion in the nonlinear kernel and a masking method to the other parts.In addition,a delaymatched enable control technique is used to suppress glitches in the masked parts.The evaluation results show that its area is contracted to 63.3%of the full PAH S-box,and its power-delay product is much lower than that of the masking implementation.The leakage assessment using simulation power traces concludes that it has no detectable leakage under t-test and that it at least can thwart the moment-correlation analysis using 665000 noiseless traces.
文摘Protocol tunneling is widely used to add security and/or privacy to Internet applications. Recent research has exposed side channel vulnerabilities that leak information about tunneled protocols. We first discuss the timing side channels that have been found in protocol tunneling tools. We then show how to infer Hidden Markov models (HMMs) of network protocols from timing data and use the HMMs to detect when protocols are active. Unlike previous work, the HMM approach we present requires no a priori knowledge of the protocol. To illustrate the utility of this approach, we detect the use of English or Italian in interactive SSH sessions. For this example application, keystroke-timing data associates inter-packet delays with keystrokes. We first use clustering to extract discrete information from continuous timing data. We use discrete symbols to infer a HMM model, and finally use statistical tests to determine if the observed timing is consistent with the language typing statistics. In our tests, if the correct window size is used, fewer than 2% of data windows are incorrectly identified. Experimental verification shows that on-line detection of language use in interactive encrypted protocol tunnels is reliable. We compare maximum likelihood and statistical hypothesis testing for detecting protocol tunneling. We also discuss how this approach is useful in monitoring mix networks like The Onion Router (Tor).
基金This work was supported in part by the China Ministry of Science and Technology under Grant 2015GA600002。
文摘The cache-based covert channel is one of the common vulnerabilities exploited in the Spectre attacks.Current mitigation strategies focus on blocking the eviction-based channel by using a random/encrypted mapping function to translate memory address to the cache address,while the updated-based channel is still vulnerable.In addition,some mitigation strategies are also costly as it needs software and hardware modifications.In this paper,our objective is to devise low-cost,comprehensive-protection techniques for mitigating the Spectre attacks.We proposed a novel cache structure,named EBCache,which focuses on the RISC-V processor and applies the address encryption and blacklist to resist the Spectre attacks.The addresses encryption mechanism increases the difficulty of pruning a minimal eviction set.The blacklist mechanism makes the updated cache lines loaded by the malicious updates invisible.Our experiments demonstrated that the EBCache can prevent malicious modifications.The EBCache,however,reduces the processor’s performance by about 23%but involves only a low-cost modification in the hardware.
文摘Timing attack is an attack on the implementation of a cryptographic primitive. The attack collects leaked secret data via certain implementation techniques either on software or hardware. This paper provides an analysis of a theoretical timing attack on the AAβ algorithm. The attack discussed in this paper gives avenues for secure implementation of AAβ against timing attacks. The simulation of the attack is important to provide invulnerability features for the algorithm in order to be implemented and embedded on applications. At the end of the attack, a method to overcome it will be introduced and it is called AAβ blinding.
文摘传统的文本生成对抗方法主要采用位置置换、字符替换等方式,耗费时间较长且效果较差。针对以上问题,该文提出一种基于改进蚁群算法的对抗样本生成模型IGAS(Improved ant colony algorithm to Generate Adversarial Sample),利用蚁群算法的特点生成对抗样本,并利用类形字进行优化。首先,构建城市节点群,利用样本中的词构建城市节点群;然后对原始输入样本,利用改进的蚁群算法生成对抗样本;再针对生成结果,通过构建的中日类形字典进行字符替换,生成最终的对抗样本;最后在黑盒模式下进行对抗样本攻击实验。实验在情感分类、对话摘要生成、因果关系抽取等多种领域验证了该方法的有效性。
基金This research was supported by the National Natural Science Foundation of China(Grant No.61572174)Hunan Province Special Funds of Central Government for Guiding Local Science and Technology Development(2018CT5001)+4 种基金Hunan Provincial Natural Science Foundation of China(2019JJ60004)the Scientific Research Fund of Hunan Provincial Education Department with(19A072)Subject group construction project of Hengyang Normal University(18XKQ02)Application-oriented Special Disciplines,Double First-Class University Project of Hunan Province(Xiangjiaotong[2018]469)the Science and Technology Plan Project of Hunan Province(2016TP1020).
文摘There has been a growing interest in the sidechannel analysis(SCA)field based on deep learning(DL)technology.Various DL network or model has been developed to improve the efficiency of SCA.However,few studies have investigated the impact of the different models on attack results and the exact relationship between power consumption traces and intermediate values.Based on the convolutional neural network and the autoencoder,this paper proposes a Template Analysis Pre-trained DL Classification model named TAPDC which contains three sub-networks.The TAPDC model detects the periodicity of power trace,relating power to the intermediate values and mining the deeper features by the multi-layer convolutional net.We implement the TAPDC model and compare it with two classical models in a fair experiment.The evaluative results show that the TAPDC model with autoencoder and deep convolution feature extraction structure in SCA can more effectively extract information from power consumption trace.Also,Using the classifier layer,this model links power information to the probability of intermediate value.It completes the conversion from power trace to intermediate values and greatly improves the efficiency of the power attack.