Biblio

Found 934 results

Filters: Keyword is Internet of Things  [Clear All Filters]
2021-05-13
Lit, Yanyan, Kim, Sara, Sy, Eric.  2021.  A Survey on Amazon Alexa Attack Surfaces. 2021 IEEE 18th Annual Consumer Communications Networking Conference (CCNC). :1–7.
Since being launched in 2014, Alexa, Amazon's versatile cloud-based voice service, is now active in over 100 million households worldwide [1]. Alexa's user-friendly, personalized vocal experience offers customers a more natural way of interacting with cutting-edge technology by allowing the ability to directly dictate commands to the assistant. Now in the present year, the Alexa service is more accessible than ever, available on hundreds of millions of devices from not only Amazon but third-party device manufacturers. Unfortunately, that success has also been the source of concern and controversy. The success of Alexa is based on its effortless usability, but in turn, that has led to a lack of sufficient security. This paper surveys various attacks against Amazon Alexa ecosystem including attacks against the frontend voice capturing and the cloud backend voice command recognition and processing. Overall, we have identified six attack surfaces covering the lifecycle of Alexa voice interaction that spans several stages including voice data collection, transmission, processing and storage. We also discuss the potential mitigation solutions for each attack surface to better improve Alexa or other voice assistants in terms of security and privacy.
2021-09-21
Wang, Yuzheng, Jimenez, Beatriz Y., Arnold, David P..  2020.  \$100-\textbackslashtextbackslashmu\textbackslashtextbackslashmathrmm\$-Thick High-Energy-Density Electroplated CoPt Permanent Magnets. 2020 IEEE 33rd International Conference on Micro Electro Mechanical Systems (MEMS). :558–561.
This paper reports electroplated CoPt permanent magnets samples yielding thicknesses up to 100 μm, deposition rates up to 35 μm/h, coercivities up to 1000 kA/m (1.25 T), remanences up to 0.8 T, and energy products up to 77 kJ/m3. The impact of electroplating bath temperature and glycine additives are systematically studied. Compared to prior work, these microfabricated magnets not only exhibit up to 10X increase in thickness without sacrificing magnetic performance, but also improve the areal magnetic energy density by 2X. Using a thick removeable SU-8 mold, these high-performing thick-film magnets are intended for magnetic microactuators, magnetic field sensors, energy conversion devices, and more.
2020-12-21
Yang, B., Liu, F., Yuan, L., Zhang, Y..  2020.  6LoWPAN Protocol Based Infrared Sensor Network Human Target Locating System. 2020 15th IEEE Conference on Industrial Electronics and Applications (ICIEA). :1773–1779.
This paper proposes an infrared sensor human target locating system for the Internet of Things. In this design, the wireless sensor network is designed and developed to detect human targets by using 6LoWPAN protocol and pyroelectric infrared (PIR) sensors. Based on the detection data acquired by multiple sensor nodes, K-means++ clustering algorithm combined with cost function is applied to complete human target location in a 10m×10m detection area. The experimental results indicate the human locating system works well and the user can view the location information on the terminal devices.
2021-03-01
Tran, Q. T., Tran, D. D., Doan, D., Nguyen, M. S..  2020.  An Approach of BLE Mesh Network For Smart Home Application. 2020 International Conference on Advanced Computing and Applications (ACOMP). :170–174.
Internet of Things (IoT) now has extremely wide applications in many areas of life such as urban management, environmental management, smart shopping, and smart home. Because of the wide range of application fields, the IoT infrastructures are built differently. To make an IoT system indoor with high efficiency and more convenience, a case study for smart home security using Bluetooth Mesh approach is introduced. By using Bluetooth Mesh technology in home security, the user can open the door everywhere inside their house. The system work in a flexible way since it can extend the working range of network. In addition, the system can monitor the state of both the lock and any node in network by using a gateway to transfer data to cloud and enable a website-based interface.
2021-09-16
Almohri, Hussain M. J., Watson, Layne T., Evans, David.  2020.  An Attack-Resilient Architecture for the Internet of Things. IEEE Transactions on Information Forensics and Security. 15:3940–3954.
With current IoT architectures, once a single device in a network is compromised, it can be used to disrupt the behavior of other devices on the same network. Even though system administrators can secure critical devices in the network using best practices and state-of-the-art technology, a single vulnerable device can undermine the security of the entire network. The goal of this work is to limit the ability of an attacker to exploit a vulnerable device on an IoT network and fabricate deceitful messages to co-opt other devices. The approach is to limit attackers by using device proxies that are used to retransmit and control network communications. We present an architecture that prevents deceitful messages generated by compromised devices from affecting the rest of the network. The design assumes a centralized and trustworthy machine that can observe the behavior of all devices on the network. The central machine collects application layer data, as opposed to low-level network traffic, from each IoT device. The collected data is used to train models that capture the normal behavior of each individual IoT device. The normal behavioral data is then used to monitor the IoT devices and detect anomalous behavior. This paper reports on our experiments using both a binary classifier and a density-based clustering algorithm to model benign IoT device behavior with a realistic test-bed, designed to capture normal behavior in an IoT-monitored environment. Results from the IoT testbed show that both the classifier and the clustering algorithms are promising and encourage the use of application-level data for detecting compromised IoT devices.
Conference Name: IEEE Transactions on Information Forensics and Security
2021-05-13
Whaiduzzaman, Md, Oliullah, Khondokar, Mahi, Md. Julkar Nayeen, Barros, Alistair.  2020.  AUASF: An Anonymous Users Authentication Scheme for Fog-IoT Environment. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1—7.
Authentication is a challenging and emerging issue for Fog-IoT security paradigms. The fog nodes toward large-scale end-users offer various interacted IoT services. The authentication process usually involves expressing users' personal information such as username, email, and password to the Authentication Server (AS). However, users are not intended to express their identities or information over the fog or cloud servers. Hence, we have proposed an Anonymous User Authentication Scheme for Fog-IoT (AUASF) to keep the anonymity existence of the IoT users and detect the intruders. To provide anonymity, the user can send encrypted credentials such as username, email, and mobile number through the Cloud Service Provider (CSP) for registration. IoT user receives the response with a default password and a secret Id from the CSP. After that, the IoT user submits the default password for first-time access to Fog Service Provider (FSP). The FSP assigns a One Time Password (OTP) to each user for further access. The developed scheme is equipped with hash functions, symmetric encryptions, and decryptions for security perceptions across fog that serves better than the existing anonymity schemes.
2021-06-01
Chinchawade, Amit Jaykumar, Lamba, Onkar Singh.  2020.  Authentication Schemes and Security Issues in Internet Of Everything (IOE) Systems. 2020 12th International Conference on Computational Intelligence and Communication Networks (CICN). :342–345.
Nowadays, Internet Of Everything (IOE) has demanded for a wide range of applications areas. IOE is started to replaces an Internet Of things (IOT). IOE is a combination of massive number of computing elements and sensors, people, processes and data through the Internet infrastructure. Device to Device communication and interfacing of Wireless Sensor network with IOE can makes any system as a Smart System. With the increased the use of Internet and Internet connected devices has opportunities for hackers to launch attacks on unprecedented scale and impact. The IOE can serve the varied security in the various sectors like manufacturing, agriculture, smart grid, payments, IoT gateways, healthcare and industrial ecosystems. To secure connections among people, process, data, and things, is a major challenge in Internet of Everything.. This paper focuses on various security Issues and Authentication Schemes in the IOE systems.
2021-06-24
Połap, Dawid, Srivastava, Gautam, Jolfaei, Alireza, Parizi, Reza M..  2020.  Blockchain Technology and Neural Networks for the Internet of Medical Things. IEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). :508–513.
In today's technological climate, users require fast automation and digitization of results for large amounts of data at record speeds. Especially in the field of medicine, where each patient is often asked to undergo many different examinations within one diagnosis or treatment. Each examination can help in the diagnosis or prediction of further disease progression. Furthermore, all produced data from these examinations must be stored somewhere and available to various medical practitioners for analysis who may be in geographically diverse locations. The current medical climate leans towards remote patient monitoring and AI-assisted diagnosis. To make this possible, medical data should ideally be secured and made accessible to many medical practitioners, which makes them prone to malicious entities. Medical information has inherent value to malicious entities due to its privacy-sensitive nature in a variety of ways. Furthermore, if access to data is distributively made available to AI algorithms (particularly neural networks) for further analysis/diagnosis, the danger to the data may increase (e.g., model poisoning with fake data introduction). In this paper, we propose a federated learning approach that uses decentralized learning with blockchain-based security and a proposition that accompanies that training intelligent systems using distributed and locally-stored data for the use of all patients. Our work in progress hopes to contribute to the latest trend of the Internet of Medical Things security and privacy.
2021-02-01
Kfoury, E. F., Khoury, D., AlSabeh, A., Gomez, J., Crichigno, J., Bou-Harb, E..  2020.  A Blockchain-based Method for Decentralizing the ACME Protocol to Enhance Trust in PKI. 2020 43rd International Conference on Telecommunications and Signal Processing (TSP). :461–465.
Blockchain technology is the cornerstone of digital trust and systems' decentralization. The necessity of eliminating trust in computing systems has triggered researchers to investigate the applicability of Blockchain to decentralize the conventional security models. Specifically, researchers continuously aim at minimizing trust in the well-known Public Key Infrastructure (PKI) model which currently requires a trusted Certificate Authority (CA) to sign digital certificates. Recently, the Automated Certificate Management Environment (ACME) was standardized as a certificate issuance automation protocol. It minimizes the human interaction by enabling certificates to be automatically requested, verified, and installed on servers. ACME only solved the automation issue, but the trust concerns remain as a trusted CA is required. In this paper we propose decentralizing the ACME protocol by using the Blockchain technology to enhance the current trust issues of the existing PKI model and to eliminate the need for a trusted CA. The system was implemented and tested on Ethereum Blockchain, and the results showed that the system is feasible in terms of cost, speed, and applicability on a wide range of devices including Internet of Things (IoT) devices.
2021-09-07
Fernando, Praveen, Wei, Jin.  2020.  Blockchain-Powered Software Defined Network-Enabled Networking Infrastructure for Cloud Management. 2020 IEEE 17th Annual Consumer Communications Networking Conference (CCNC). :1–6.
Cloud architecture has become a valuable solution for different applications, such as big data analytics, due to its high degree of availability, scalability and strategic value. However, there still remain challenges in managing cloud architecture, in areas such as cloud security. In this paper, we exploit software-defined networking (SDN) and blockchain technologies to secure cloud management platforms from a networking perspective. We develop a blockchain-powered SDN-enabled networking infrastructure in which the integration between blockchain-based security and autonomy management layer and multi-controller SDN networking layer is defined to enhance the integrity of the control and management messages. Furthermore, our proposed networking infrastructure also enables the autonomous bandwidth provisioning to enhance the availability of cloud architecture. In the simulation section, we evaluate the performance of our proposed blockchain-powered SDN-enabled networking infrastructure by considering different scenarios.
2021-07-27
Westphall, J., Loffi, L., Westphall, C. M., Martina, J. Everson.  2020.  CoAP + DTLS: A Comprehensive Overview of Cryptographic Performance on an IOT Scenario. 2020 IEEE Sensors Applications Symposium (SAS). :1—6.
Internet of things (IoT) and Fog computing applications deal with sensitive data and need security tools to be protected against attackers. CoAP (Constrained Application Protocol), combined with DTLS (Datagram Transport Layer Security), provides security to IoT/Fog applications. However, processing times need to be considered when using this combination due to IoT/Fog environment constraints. Our work presents a CoAP with DTLS application and analyzes the performance of Raspberry Pi 3 during DTLS handshakes, data encryption and data decryption with the most relevant cipher suites. The performance of confirmable and non-confirmable CoAP POST requests is also measured and discussed in our work. We discovered that cipher suites that use RSA as an authentication method on handshake are slightly faster than cipher suites that use ECDSA, while symmetric key encryption with AES256(128)GCM are 40% faster than AES256(128) default modes. Our study also suggests CoAP modifications to obtain higher efficiency, and it might help future IoT/Fog application developers to understand CoAP and DTLS union, providing an application example and performance metrics.
2021-09-07
Zhang, Xing, Cui, Xiaotong, Cheng, Kefei, Zhang, Liang.  2020.  A Convolutional Encoder Network for Intrusion Detection in Controller Area Networks. 2020 16th International Conference on Computational Intelligence and Security (CIS). :366–369.
Integrated with various electronic control units (ECUs), vehicles are becoming more intelligent with the assistance of essential connections. However, the interaction with the outside world raises great concerns on cyber-attacks. As a main standard for in-vehicle network, Controller Area Network (CAN) does not have any built-in security mechanisms to guarantee a secure communication. This increases risks of denial of service, remote control attacks by an attacker, posing serious threats to underlying vehicles, property and human lives. As a result, it is urgent to develop an effective in-vehicle network intrusion detection system (IDS) for better security. In this paper, we propose a Feature-based Sliding Window (FSW) to extract the feature of CAN Data Field and CAN IDs. Then we construct a convolutional encoder network (CEN) to detect network intrusion of CAN networks. The proposed FSW-CEN method is evaluated on real-world datasets. The experimental results show that compared to traditional data processing methods and convolutional neural networks, our method is able to detect attacks with a higher accuracy in terms of detection accuracy and false negative rate.
2021-08-11
Hossain, Md. Sajjad, Bushra Islam, Fabliha, Ifeanyi Nwakanma, Cosmas, Min Lee, Jae, Kim, Dong-Seong.  2020.  Decentralized Latency-aware Edge Node Grouping with Fault Tolerance for Internet of Battlefield Things. 2020 International Conference on Information and Communication Technology Convergence (ICTC). :420–423.
In this paper, our objective is to focus on the recent trend of military fields where they brought Internet of Things (IoT) to have better impact on the battlefield by improving the effectiveness and this is called Internet of Battlefield Things(IoBT). Due to the requirements of high computing capability and minimum response time with minimum fault tolerance this paper proposed a decentralized IoBT architecture. The proposed method can increase the reliability in the battlefield environment by searching the reliable nodes among all the edge nodes in the environment, and by adding the fault tolerance in the edge nodes will increase the effectiveness of overall battlefield scenario. This suggested fault tolerance approach is worth for decentralized mode to handle the issue of latency requirements and maintaining the task reliability of the battlefield. Our experimental results ensure the effectiveness of the proposed approach as well as enjoy the requirements of latency-aware military field while ensuring the overall reliability of the network.
2021-03-15
Toma, A., Krayani, A., Marcenaro, L., Gao, Y., Regazzoni, C. S..  2020.  Deep Learning for Spectrum Anomaly Detection in Cognitive mmWave Radios. 2020 IEEE 31st Annual International Symposium on Personal, Indoor and Mobile Radio Communications. :1–7.
Millimeter Wave (mmWave) band can be a solution to serve the vast number of Internet of Things (IoT) and Vehicle to Everything (V2X) devices. In this context, Cognitive Radio (CR) is capable of managing the mmWave spectrum sharing efficiently. However, Cognitive mmWave Radios are vulnerable to malicious users due to the complex dynamic radio environment and the shared access medium. This indicates the necessity to implement techniques able to detect precisely any anomalous behaviour in the spectrum to build secure and efficient radios. In this work, we propose a comparison framework between deep generative models: Conditional Generative Adversarial Network (C-GAN), Auxiliary Classifier Generative Adversarial Network (AC-GAN), and Variational Auto Encoder (VAE) used to detect anomalies inside the dynamic radio spectrum. For the sake of the evaluation, a real mmWave dataset is used, and results show that all of the models achieve high probability in detecting spectrum anomalies. Especially, AC-GAN that outperforms C-GAN and VAE in terms of accuracy and probability of detection.
2021-07-07
Wang, Guodong, Tian, Dongbo, Gu, Fengqiang, Li, Jia, Lu, Yang.  2020.  Design of Terminal Security Access Scheme based on Trusted Computing in Ubiquitous Electric Internet of Things. 2020 IEEE 9th Joint International Information Technology and Artificial Intelligence Conference (ITAIC). 9:188–192.
In the Ubiquitous Electric Internet of Things (UEIoT), the terminals are very easy to be accessed and attacked by attackers due to the lack of effective monitoring and safe isolation methods. Therefore, in the implementation of UEIoT, the security protection of terminals is particularly important. Therefore, this paper proposes a dual-system design scheme for terminal active immunity based on trusted computing. In this scheme, the terminal node in UEIoT is composed of two parts: computing part and trusted protection part. The computing component and the trusted protection component are logically independent of each other, forming a trusted computing active immune dual-system structure with both computing and protection functions. The Trusted Network Connection extends the trusted state of the terminal to the network, thus providing a solution for terminal secure access in the UEIoT.
2021-08-11
Morales-Caporal, Roberto, Reyes-Galaviz, Adrián S., Federico Casco-Vásquez, J., Martínez-Hernández, Haydee P..  2020.  Development and Implementation of a Relay Switch Based on WiFi Technology. 2020 17th International Conference on Electrical Engineering, Computing Science and Automatic Control (CCE). :1—6.
This article presents the design and development of a relay switch (RS) to handle electrical loads up to 20A using WiFi technology. The hardware design and the implementation methodology are explained, both for the power supply and for the wireless communication that are embedded in the same small printed circuit board. In the same way, the design of the implemented firmware to operate the developed RS is shown. An ESP-12E module is used to achieve wireless communication of the RS, which can be manipulated through a web page using an MQTT protocol or via and iOS or Arduino app. The developed RS presents at least three differentiators in relation to other similar devices on the market: it can handle a higher electrical load, has a design in accordance with national and international security standards and can use different cybersecurity strategies for wireless communication with the purpose of safe and reliable use. Experimental results using a lamp and a single-phase motor as electrical loads demonstrate an excellent performance and reliability of the developed relay switch.
2021-01-11
Cheng, Z., Beshley, M., Beshley, H., Kochan, O., Urikova, O..  2020.  Development of Deep Packet Inspection System for Network Traffic Analysis and Intrusion Detection. 2020 IEEE 15th International Conference on Advanced Trends in Radioelectronics, Telecommunications and Computer Engineering (TCSET). :877–881.
One of the most important issues in the development of the Internet of Things (IoT) is network security. The deep packet inspection (DPI) is a promising technology that helps to detection and protection against network attacks. The DPI software system for IoT is developed in this paper. The system for monitoring and analyzing IoT traffic to detect anomalies and identify attacks based on Hurst parameter is proposed. This system makes it possible to determine the Hurst flow parameter at different intervals of observation. This system can be installed on a network provider to use more effectively the bandwidth.
2021-02-16
Wang, Y., Kjerstad, E., Belisario, B..  2020.  A Dynamic Analysis Security Testing Infrastructure for Internet of Things. 2020 Sixth International Conference on Mobile And Secure Services (MobiSecServ). :1—6.
IoT devices such as Google Home and Amazon Echo provide great convenience to our lives. Many of these IoT devices collect data including Personal Identifiable Information such as names, phone numbers, and addresses and thus IoT security is important. However, conducting security analysis on IoT devices is challenging due to the variety, the volume of the devices, and the special skills required for hardware and software analysis. In this research, we create and demonstrate a dynamic analysis security testing infrastructure for capturing network traffic from IoT devices. The network traffic is automatically mirrored to a server for live traffic monitoring and offline data analysis. Using the dynamic analysis security testing infrastructure, we conduct extensive security analysis on network traffic from Google Home and Amazon Echo. Our testing results indicate that Google Home enforces tighter security controls than Amazon Echo while both Google and Amazon devices provide the desired security level to protect user data in general. The dynamic analysis security testing infrastructure presented in the paper can be utilized to conduct similar security analysis on any IoT devices.
2021-09-21
Azhari, Budi, Yazid, Edwar, Devi, Merry Indahsari.  2020.  Dynamic Inductance Simulation of a Linear Permanent Magnet Generator Under Different Magnet Configurations. 2020 International Conference on Sustainable Energy Engineering and Application (ICSEEA). :1–8.
Recently, some innovations have been applied to the linear permanent magnet generator (LPMG). They are including the introduction of high-remanence rare-earth magnets and the use of different magnet configurations. However, these actions also affect the flow and distribution of the magnetic flux. Under the load condition, the load current will also generate reverse flux. The flux resultant then affects the coil parameters; the significant one is the coil inductance. Since it is influential to the output voltage and output power profiles, the impact study of the permanent magnet settings under load condition is essential. Hence this paper presents the inductance profile study of the LMPG with different magnet configurations. After presenting the initial designs, several magnet settings including the material and configuration were varied. Finite element magnetic simulation and analytical calculations were then performed to obtain the inductance profile of the LPMG. The results show that the inductance value varies with change in load current and magnet position. The different magnet materials (SmCo 30 and N35) do not significantly affect the inductance. Meanwhile, different magnet configuration (radial, axial, halbach) results in different inductance trends.
Wang, Meng, Zhao, Shengsheng, Zhang, Xiaolong, Huang, Changwei, Zhu, Yi.  2020.  Effect of La addition on structural, magnetic and optical properties of multiferroic YFeO3 nanopowders fabricated by low-temperature solid-state reaction method. 2020 6th International Conference on Mechanical Engineering and Automation Science (ICMEAS). :242–246.
Nanosize multiferroic La-doped YFeO3 powders are harvested via a low-temperature solid-state reaction method. X-ray diffraction (XRD), scanning electron microscopy (SEM) and Raman spectra analysis reveal that with La addition, YFeO3 powders are successfully fabricated at a lower temperature with the size below 60 nm, and a refined structure is obtained. Magnetic hysteresis loop illustrates ferromagnetic behavior of YFeO3 nano particles can be enhanced with La addition. The maximum and remnant magnetization of the powders are about 4.03 and 1.22 emu/g, respectively. It is shown that the optical band gap is around 2.25 eV, proving that La doped YFeO3 nano particles can strongly absorb visible light. Both magnetic and optical properties are greatly enhanced with La addition, proving its potential application in magnetic and optical field.
2021-01-18
Bentahar, A., Meraoumia, A., Bendjenna, H., Chitroub, S., Zeroual, A..  2020.  Fuzzy Extractor-Based Key Agreement for Internet of Things. 020 1st International Conference on Communications, Control Systems and Signal Processing (CCSSP). :25–29.
The emergence of the Internet of Things with its constraints obliges researchers in this field to find light and accurate solutions to secure the data exchange. This document presents secure authentication using biometrics coupled with an effective key agreement scheme to save time and energy. In our scheme, the agreed key is used to encrypt transmission data between different IoT actors. While the fuzzy extractor based on the fuzzy vault principle, is used as authentication and as key agreement scheme. Besides, our system incorporates the Reed Solomon and Hamming codes to give some tolerance to errors. The experimental results have been discussed according to several recognition rates and computation times. Indeed, the recognition rate results have been compared to other works to validate our system. Also, we clarify how our system resists to specific transmission attacks without affecting lightness and accuracy.
2020-12-21
Portaluri, G., Giordano, S..  2020.  Gambling on fairness: a fair scheduler for IIoT communications based on the shell game. 2020 IEEE 25th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD). :1–6.
The Industrial Internet of Things (IIoT) paradigm represents nowadays the cornerstone of the industrial automation since it has introduced new features and services for different environments and has granted the connection of industrial machine sensors and actuators both to local processing and to the Internet. One of the most advanced network protocol stack for IoT-IIoT networks that have been developed is 6LoWPAN which supports IPv6 on top of Low-power Wireless Personal Area Networks (LoWPANs). 6LoWPAN is usually coupled with the IEEE 802.15.4 low-bitrate and low-energy MAC protocol that relies on the time-slotted channel hopping (TSCH) technique. In TSCH networks, a coordinator node synchronizes all end-devices and specifies whether (and when) they can transmit or not in order to improve their energy efficiency. In this scenario, the scheduling strategy adopted by the coordinator plays a crucial role that impacts dramatically on the network performance. In this paper, we present a novel scheduling strategy for time-slot allocation in IIoT communications which aims at the improvement of the overall network fairness. The proposed strategy mimics the well-known shell game turning the totally unfair mechanics of this game into a fair scheduling strategy. We compare our proposal with three allocation strategies, and we evaluate the fairness of each scheduler showing that our allocator outperforms the others.
2021-02-15
Karthikeyan, S. Paramasivam, El-Razouk, H..  2020.  Horizontal Correlation Analysis of Elliptic Curve Diffie Hellman. 2020 3rd International Conference on Information and Computer Technologies (ICICT). :511–519.
The world is facing a new revolutionary technology transition, Internet of things (IoT). IoT systems requires secure connectivity of distributed entities, including in-field sensors. For such external devices, Side Channel Analysis poses a potential threat as it does not require complete knowledge about the crypto algorithm. In this work, we perform Horizontal Correlation Power Analysis (HCPA) which is a type of Side Channel Analysis (SCA) over the Elliptic Curve Diffie Hellman (ECDH) key exchange protocol. ChipWhisperer (CW) by NewAE Technologies is an open source toolchain which is utilized to perform the HCPA by using CW toolchain. To best of our knowledge, this is the first attempt to implemented ECDH on Artix-7 FPGA for HCPA. We compare our correlation results with the results from AES -128 bits provided by CW. Our point of attack is the Double and Add algorithm which is used to perform Scalar multiplication in ECC. We obtain a maximum correlation of 7% for the key guess using the HCPA. We also discuss about the possible cause for lower correlation and few potentials ways to improve it. In Addition to HCPA we also perform Simple Power Analysis (SPA) (visual) for ECDH, to guess the trailing zeros in the 128-bit secret key for different power traces.
2021-09-07
Sunny, Jerin, Sankaran, Sriram, Saraswat, Vishal.  2020.  A Hybrid Approach for Fast Anomaly Detection in Controller Area Networks. 2020 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS). :1–6.
Recent advancements in the field of in-vehicle network and wireless communication, has been steadily progressing. Also, the advent of technologies such as Vehicular Adhoc Networks (VANET) and Intelligent Transportation System (ITS), has transformed modern automobiles into a sophisticated cyber-physical system rather than just a isolated mechanical device. Modern automobiles rely on many electronic control units communicating over the Controller Area Network (CAN) bus. Although protecting the car's external interfaces is an vital part of preventing attacks, detecting malicious activity on the CAN bus is an effective second line of defense against attacks. This paper proposes a hybrid anomaly detection system for CAN bus based on patterns of recurring messages and time interval of messages. The proposed method does not require modifications in CAN bus. The proposed system is evaluated on real CAN bus traffic with simulated attack scenarios. Results obtained show that our proposed system achieved a good detection rate with fast response times.
2021-08-11
Xi, Bowei, Kamhoua, Charles A..  2020.  A Hypergame‐Based Defense Strategy Toward Cyber Deception in Internet of Battlefield Things (IoBT). Modeling and Design of Secure Internet of Things. :59–77.
In this chapter, we develop a defense strategy to secure Internet of Battlefield Things (IoBT) based on a hypergame employing deceptive techniques. The hypergame is played multiple rounds. At each round, the adversary updates its perception of the attack graph and chooses the next node to compromise. The defender updates its perceived list of compromised nodes and actively feeds false signals to the adversary to create deception. The hypergame developed in this chapter provides an important theoretical framework for us to model how a cyberattack spreads on a network and the interaction between the adversary and the defender. It also provides quantitative metrics such as the time it takes the adversary to explore the network and compromise the target nodes. Based on these metrics, the defender can reboot the network devices and reset the network topology in time to clean up all potentially compromised devices and to protect the critical nodes. The hypergame provides useful guidance on how to create cyber deceptions so that the adversary cannot obtain information about the correct network topology and can be deterred from reaching the target critical nodes on a military network while it is in service.