Visible to the public Pollution Attacks 2015Conflict Detection Enabled

SoS Newsletter- Advanced Book Block


SoS Logo

Pollution Attacks



Reliance on caching allows an adversary to perform attacks that are very effective and relatively easy to implement to disrupt cache location—cache pollution. Research on cache pollution attacks—where the adversary’s goal is to disrupt cache locality to increase link utilization and cache misses for honest consumers—is relevant to the Science of Security hard problems of resiliency, composability, and metrics. The work cited here was presented in 2015.

A. Esfahani, G. Mantas, J. Rodriguez, A. Nascimento, and J. C. Neves, “A Null Space-Based MAC Scheme Against Pollution Attacks to Random Linear Network Coding,” Communication Workshop (ICCW), 2015 IEEE International Conference on, London, 2015, pp. 1521-1526. doi:10.1109/ICCW.2015.7247395
Abstract: Network Coding has significantly shown the achievable throughput and robustness in wireless Networks. However, network coding-enabled networks are susceptible to pollution attacks where a small number of polluted messages will propagate due to recoding and corrupt bunches of legitimate messages. Several lightweight Homomorphic Message Authentication Code (HMAC) schemes have been proposed for protecting the transmitted data against pollution attacks; however, most of them are not appropriate for wireless networks or cannot resist tag pollution attacks. In this paper, we present a computationally efficient null space-based homomorphic MAC scheme, for network coding-enabled wireless networks. The proposed scheme makes use of two types of tags (i.e., MACs and D-MACs) to provide resistance against data pollution and tag pollution attacks. Furthermore, we demonstrate that due to its lightweight nature, our proposed scheme incurs a minimal complexity compared to other related schemes.
Keywords: access protocols; network coding; random codes; security of data; homomorphic message authentication code scheme; network coding-enabled wireless networks; null space-based MAC scheme; pollution attacks; random linear network coding; wireless networks; Conferences; Mathematical model; Network coding; Peer-to-peer computing; Pollution; Protocols; Wireless networks; data pollution attack; homomorphic message authentication code; security; tag pollution attack (ID#: 16-10349)


Tao Shang, Fuhua Huang, Tianli Peng, and Jianwei Liu, “A Deep Detection Scheme Against Pollution Attacks in Wireless Inter-flow Network Coding,” Communication Systems and Network Technologies (CSNT), 2015 Fifth International Conference on, Gwalior, 2015, pp. 102-106. doi:10.1109/CSNT.2015.239
Abstract: Wireless inter-flow network coding can improve the performance of multi-source unicast communication in multihop wireless networks. However, it encounters with serious security threat of pollution attack. In this paper, by combining signature and arbitration in wireless inter-flow network coding, we propose a deep detection scheme to locate malicious nodes after detecting pollution attacks. Firstly, we design a digital signature scheme which is uncorrelated with field size to detect pollution attacks and locate malicious nodes within one hop. Secondly, we design an arbitration scheme based on trusted node to solve the hard problem of locating malicious nodes beyond one hop, which results from the coding operation of inter-flow network coding. Analysis results indicate that the detection scheme is able to defend against all four types of pollution attacks thoroughly with better performance.
Keywords: digital signatures; network coding; pollution; radio networks; signal detection; arbitration scheme design; deep detection scheme; digital signature scheme design; malicious node location; multihop wireless network; multisource unicast communication performance improvement; pollution attacks; wireless interflow network coding; Communication system security; Decoding; Encoding; Network coding; Pollution; Wireless networks; inter-flow; detection (ID#: 16-10350)


Zhiwei Xu, Bo Chen, Ninghan Wang, Yujun Zhang, and Zhongcheng Li, “ELDA: Towards Efficient and Lightweight Detection of Cache Pollution Attacks in NDN,” Local Computer Networks (LCN), 2015 IEEE 40th Conference on, Clearwater Beach, FL, 2015, pp. 82-90. doi:10.1109/LCN.2015.7366286
Abstract: As a promising architectural design for future Internet, named data networking (NDN) relies on in-network caching to efficiently deliver name-based content. However, the in-network caching is vulnerable to cache pollution attacks (CPA), which can reduce cache hits by violating cache locality and significantly degrade the overall performance of NDN. To defend against CPA attacks, the most effective way is to first detect the attacks and then throttle them. Since the CPA attack itself has already imposed a huge burden on victims, to avoid exhausting the remaining resources on the victims for detection purpose, we expect a lightweight detection solution. We thus propose ELDA, an Efficient and Lightweight Detection scheme against cache pollution Attacks, in which we design a Lightweight Flajolet-Martin (LFM) sketch to monitor the interest traffic. Our analysis and simulations demonstrate that, by consuming a few computation and memory resources, ELDA can effectively and efficiently detect CPA attacks.
Keywords: Internet; cache storage; computer network security; content management; telecommunication traffic; CPA attack detection; ELDA; LFM sketch; NDN; architectural design; cache hit reduction; cache locality; cache pollution attack detection; in-network caching; lightweight Flajolet-Martin sketch; memory resources; name-based content delivery; named data networking; traffic monitoring; Estimation; Indexes; Integrated circuits; Named Data Networking; cache pollution attack; network traffic monitoring (ID#: 16-10351)


Wei Tong and Sheng Zhong, “Resource Allocation in Pollution Attack and Defense: A Game-Theoretic Perspective,” Communications (ICC), 2015 IEEE International Conference on, London, 2015, pp. 3057-3062. doi:10.1109/ICC.2015.7248793
Abstract: Pollution attacks can cause severe damages in network coding systems. Many approaches have been proposed to defend against pollution attacks. However, the current approaches implicitly assume that the defender has adequate resources to defend against pollution attacks. When the resources of the defender are limited, they provide no information for the defender to allocate the resources to get better defense performance. In this paper, we consider the case that the defender’s resources are limited and study how the defender allocates resources to defend against pollution attacks. We first propose a two-player strategic game to model the interactions between the defender and the attacker. Then, two algorithms are proposed to find the best response strategy for the defender. Finally, we conducted extensive simulations to evaluate the proposed algorithms. The results demonstrate that our algorithms can significantly improve the utility of the defender, with reasonable computation time.
Keywords: game theory; network coding; radiocommunication; resource allocation; telecommunication security; defender resources; network coding systems; pollution attack; two-player strategic game; Games; Pollution (ID#: 16-10352)


I. Demirdogen, L. Li, and C. Chigan, “FEC Driven Network Coding Based Pollution Attack Defense in Cognitive Radio Networks,” Wireless Communications and Networking Conference Workshops (WCNCW), 2015 IEEE, New Orleans, LA, 2015, pp. 259-268. doi:10.1109/WCNCW.2015.7122564
Abstract: Relay featured cognitive radio network scenario is considered in the absence of direct link between secondary user (SU) and secondary base station (S-BS). Being a realistic deployment use case scenario, relay node can be subjected to pollution attacks. Forward error correction (FEC) driven network coding (NC) method is employed as a defense mechanism in this paper. By using the proposed methods, pollution attack is efficiently defended. Bit error rate (BER) measurements are used to quantify network reliability. Furthermore, in the absence of any attack, the proposed method can efficiently contribute to network performance by improving BER. Simulation results underline our mechanism is superior to existing FEC driven NC methods such as low density parity check (LDPC).
Keywords: cognitive radio; error statistics; forward error correction; network coding; parity check codes; relay networks (telecommunication); telecommunication network reliability; telecommunication security; BER; FEC driven network coding based pollution attack defense; LDPC; bit error rate measurements; forward error correction; low density parity check; network performance; network reliability quantification; relay featured cognitive radio network scenario; secondary base station; secondary user; Bit error rate; Conferences; Forward error correction; Network coding; Pollution; Relays; Reliability (ID#: 16-10353)


Wentao Huang, Ting Wang, Xin Hu, Jiyong Jang, and T. Salonidis, “Rateless and Pollution-Attack-Resilient Network Coding,” Information Theory (ISIT), 2015 IEEE International Symposium on, Hong Kong, 2015, pp. 2623-2627. doi:10.1109/ISIT.2015.7282931
Abstract: Consider the problem of reliable multicast over a network in the presence of adversarial errors. In contrast to traditional network error correction codes designed for a given network capacity and a given number of errors, we study an arguably more realistic setting that prior knowledge on the network and adversary parameters is not available. For this setting we propose efficient and throughput-optimal error correction schemes, provided that the source and terminals share randomness that is secret form the adversary. We discuss an application of cryptographic pseudorandom generators to efficiently produce the secret randomness, provided that a short key is shared between the source and terminals. Finally we present a secure key distribution scheme for our network setting.
Keywords: cryptography; error correction; multicast communication; network coding; random number generation; telecommunication network reliability; telecommunication security; adversarial errors; cryptographic pseudorandom generators; pollution-attack-resilient network coding; rateless network coding; reliable multicast problem; secret randomness; secure key distribution scheme; short key sharing; throughput-optimal error correction schemes; Decoding; Encoding; Error correction codes; Generators; Network coding; Reliability; Transforms (ID#: 16-10354)


A. Esfahani, G. Mantas, V. Monteiro, K. Ramantasy, E. Datsikay, and J. Rodriguez, “Analysis of a Homomorphic MAC-Based Scheme Against Tag Pollution in RLNC-Enabled Wireless Networks,” Computer Aided Modelling and Design of Communication Links and Networks (CAMAD), 2015 IEEE 20th International Workshop on, Guildford, 2015, pp. 156-160. doi:10.1109/CAMAD.2015.7390500
Abstract: Network Coding-enabled wireless networks are vulnerable to data pollution attacks where adversary nodes inject into the network polluted (i.e. corrupted) packets that prevent the destination nodes from decoding correctly. Even a small proportion of pollution can quickly propagate into other packets via re-coding, occurred at the intermediate nodes, and lead to resource waste. Therefore, during the past few years, several solutions have been proposed to provide resistance against data pollution attacks. One of the most well-known solutions is Homomorphic Message Authentication Code (HMAC). However, HMAC is susceptible to a new type of pollution attacks, called tag pollution attacks, in which a malicious node randomly modifies MAC tags appended at the end of the transmitted packets. To address this issue, we have recently proposed an HMAC-based scheme making use of two types of MAC tags to provide resistance against both data pollution attacks and tag pollution attacks. In this paper, we steer our focus on improving the resistance of our proposed scheme against tag pollution attacks by decreasing the number of MACs. Finally, we analyze the impact of the total number of MACs on the bandwidth overhead of the proposed scheme.
Keywords: decoding; linear codes; message authentication; network coding; radio networks; random codes; telecommunication security; RLNC-enabled wireless network; data pollution attack; decoding; homomorphic MAC-based scheme; homomorphic message authentication code; network coding-enabled wireless network; random linear network coding; tag pollution attack; Bandwidth; Computational modeling; Computers; Conferences; Pollution; Resistance; Wireless networks; Network coding (ID#: 16-10355)


Xinran Li, Fang-Wei Fu, Xiufeng Zhao, and Guangxia Wang, “Two Improved Homomorphic MAC Schemes in Network Coding,” Fuzzy Systems and Knowledge Discovery (FSKD), 2015 12th International Conference on, Zhangjiajie, 2015, pp. 2214-2219. doi:10.1109/FSKD.2015.7382296
Abstract: Network coding provides the advantage of maximizing the usage of network resources, but the natural properties of network coding also make the pollution attack more threatening. Much work on resisting pollution attacks is through homomorphic MACs. But majority have same security parameter 1/q. In this paper, we present two ways to construct homomorphic MAC which improve the performance of previous schemes. The security parameters of our MACs are 1/ql1 and 1/ql2, respectively. Besides the higher security, our MAC schemes have lower computational complexity.
Keywords: access protocols; computational complexity; network coding; homomorphic MAC schemes; network resources; Computational complexity; Electronics packaging; Encoding; Games; Network coding; Pollution; Security; Homomorphic MACs; attack game; pollution attacks (ID#: 16-10356)


K. Gadkari, M. L. Weikum, D. Massey, and C. Papadopoulos, “Pragmatic Router FIB Caching,” IFIP Networking Conference (IFIP Networking), 2015, Toulouse, 2015, pp. 1-9. doi:10.1109/IFIPNetworking.2015.7145296
Abstract: Several recent studies have shown that router FIB caching offers excellent hit rates with cache sizes that are an order of magnitude smaller than the original forwarding table. However, hit rate alone is not sufficient - other performance metrics such as memory accesses, robustness to cache attacks, queuing delays from cache misses etc., should be considered before declaring FIB caching viable. In this paper, we tackle several pragmatic questions about FIB caching. We characterize cache performance in terms of memory accesses and delay due to cache misses. We study cache robustness to pollution attacks and show that an attacker must sustain packet rates higher than the link capacity to evict the most popular prefixes. We show that caching was robust, even during a recent flare of NTP attacks. We carry out a longitudinal study of cache hit rates over four years and show the hit rate is unchanged over that duration. We characterize cache misses to determine which services are impacted by FIB caching. We conclude that FIB caching is viable by several metrics, not just impressive hit rates.
Keywords: Internet; computer network security; telecommunication network routing; NTP attacks; cache attacks; cache hit rates; memory accesses; original forwarding table; packet rates; pollution attacks; pragmatic router FIB caching; queuing delays; Delays; Hardware; Memory management; Robustness; Routing; Standards (ID#: 16-10357)


A. Fiandrotti, R. Gaeta, and M. Grangetto, “Pollution-Resilient Peer-to-Peer Video Streaming with Band Codes,” Multimedia and Expo (ICME), 2015 IEEE International Conference on, Turin, 2015, pp. 1-6. doi: 10.1109/ICME.2015.7177408
Abstract: Band Codes (BC) have been recently proposed as a solution for controlled-complexity random Network Coding (NC) in mobile applications, where energy consumption is a major concern. In this paper, we investigate the potential of BC in a peer-to-peer video streaming scenario where malicious and honest nodes coexists. Malicious nodes launch the so called pollution attack by randomly modifying the content of the coded packets they forward to downstream nodes, preventing honest nodes from correctly recovering the video stream. Whereas in much of the related literature this type of attack is addressed by identifying and isolating the malicious nodes, in this work we propose to address it by adaptively adjusting the coding scheme so to introduce resilience against pollution propagation. We experimentally show the impact of a pollution attack in a defenseless system and in a system where the coding parameters of BC are adaptively modulated following the discovery of polluted packets in the network. We observe that just by tuning the coding parameters, it is possible to reduce the impact of a pollution attack and restore the quality of the video communication.
Keywords: mobile radio; network coding; peer-to-peer computing; power consumption; telecommunication power management; video communication; video streaming; band codes; coded packets; coding parameters; controlled-complexity random network coding; downstream nodes; energy consumption; honest nodes; malicious nodes; mobile applications; polluted packets; pollution attack; pollution-resilient peer-to-peer video streaming; Bandwidth; Decoding; Encoding; Payloads; Peer-to-peer computing; Pollution; Streaming media; Network Coding; Peer-to-peer; Video streaming (ID#: 16-10358)


W. Arthur, B. Mehne, R. Das, and T. Austin, “Getting in Control of Your Control Flow with Control-Data Isolation,” Code Generation and Optimization (CGO), 2015 IEEE/ACM International Symposium on, San Francisco, CA, 2015, pp. 79-90. doi: 10.1109/CGO.2015.7054189
Abstract: Computer security has become a central focus in the information age. Though enormous effort has been expended on ensuring secure computation, software exploitation remains a serious threat. The software attack surface provides many avenues for hijacking; however, most exploits ultimately rely on the successful execution of a control-flow attack. This pervasive diversion of control flow is made possible by the pollution of control flow structure with attacker-injected runtime data. Many control-flow attacks persist because the root of the problem remains: runtime data is allowed to enter the program counter. In this paper, we propose a novel approach: Control-Data Isolation. Our approach provides protection by going to the root of the problem and removing all of the operations that inject runtime data into program control. While previous work relies on CFG edge checking and labeling, these techniques remain vulnerable to attacks such as heap spray, read, or GOT attacks and in some cases suffer high overheads. Rather than addressing control-flow attacks by layering additional complexity, our work takes a subtractive approach; subtracting the primary cause of contemporary control-flow attacks. We demonstrate that control-data isolation can assure the integrity of the programmer’s CFG at runtime, while incurring average performance overheads of less than 7% for a wide range of benchmarks.
Keywords: computer crime; program control structures; CFG integrity; average performance overheads; computer security; contemporary control flow attacks; control-data isolation; hijacking; information age; program control; program counter; secure computation; software exploitation; software vulnerabilities; subtractive approach; Data models; Libraries; Process control; Radiation detectors; Runtime; Security; Software (ID#: 16-10359)


M. R. Ahmed, M. Aseeri, M. S. Kaiser, N. Z. Zenia, and Z. I. Chowdhury, “A Novel Algorithm for Malicious Attack Detection in UWSN,” Electrical Engineering and Information Communication Technology (ICEEICT), 2015 International Conference on, Dhaka, 2015, pp. 1-6. doi:10.1109/ICEEICT.2015.7307516
Abstract: Information transmission in the marine scenario utilizing wireless communications is unique method that empowering the technology for the evolution of imminent marine-surveillance systems and sensory networks. Under-water wireless sensor network (UWSN) in one of the auspicious technology for marine observation. The applications of underwater sensing has several domain that range from oil industry to aquaculture. Some of the UWSN applications include device checking, monitoring and control of pollution in the water, underwater ecosystems monitoring, forecasting of natural disasters and disturbances, exploration and survey missions, as well as study of oceanic life. Nodes in UWSN are normally low cost, low power. Considering the characteristics and the nature of applications, security of UWSN is one of the critical issue and had drawn significant attention to the researchers. In order to have a functional UWSN to extract the authentic data safeguarding and protection mechanisms are crucial. Malicious node attacks has accomplished as one of the most challenging attacks to UWSN. Several research has been conducted to protect UWSN from malicious attacks but majority of the works depend on either training data set or a previously defined threshold. Without an established security infrastructure a UWSN required to detect the malicious attacks is a complication and challenge. In this paper, we used evidential evaluation utilizing Dempster-Shafer theory (DST) of combined multiple evidences to identify the malicious attacks in a UWSN. Moreover, it gives a numerical procedure for fusing together multiple pieces of facts from an untrustworthy and unreliable neighbor with a higher degree of conflict reliability.
Keywords: inference mechanisms; underwater acoustic communication; wireless sensor networks; DST; Dempster-Shafer theory; UWSN; conflict reliability; evidential evaluation; information transmission; malicious attack detection; underwater wireless sensor network; wireless communications; Authentication; Computer architecture; Cryptography; Reliability; Wireless communication; Wireless sensor networks; Yttrium; Dempster-Shafer Theory; Malicious attacks; Protection; Security; Underwater Wireless Sensor Network (UWSN) (ID#: 16-10360)


E. G. AbdAllah, M. Zulkernine, and H. S. Hassanein, “Detection and Prevention of Malicious Requests in ICN Routing and Caching,” Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing (CIT/IUCC/DASC/PICOM), 2015 IEEE International Conference on, Liverpool, 2015, pp. 1741-1748. doi:10.1109/CIT/IUCC/DASC/PICOM.2015.262
Abstract: Information Centric Networking (ICN) is a new communication paradigm for the upcoming Next Generation Internet (NGI). ICN is an open environment that depends on in-network caching and focuses on contents rather than infrastructures or end-points as in current Internet architectures. These ICN attributes make ICN architectures subject to different types of routing and caching attacks. An attacker sends malicious requests that can cause Distributed Denial of Service (DDoS), cache pollution, and privacy violation of ICN architectures. In this paper, we propose a solution that detects and prevents these malicious requests in ICN routing and caching. This solution allows ICN routers to differentiate between legitimate and attack behaviours in the detection phase based on threshold values. In the prevention phase, ICN routers are able to take actions against these attacks. Our experiments show that the proposed solution effectively mitigates routing and caching attacks in ICN.
Keywords: Internet; computer network security; next generation networks; telecommunication network routing; DDoS; ICN architectures; ICN caching; ICN routing; Internet architectures; NGI; attack behaviours; cache pollution; caching attacks; detection phase; distributed denial of service; information centric networking; in network caching; malicious requests detection; malicious requests prevention; next generation Internet; privacy violation; routing attacks; Computer architecture; Computer crime; Pollution; Privacy; Routing; Time factors; ICN routing and caching attacks; Information centric networking (ID#: 16-10361)


L. Jalali, Minh-Son Dao, R. Jain, and K. Zettsu, “Complex Asthma Risk Factor Recognition from Heterogeneous Data Streams,” Multimedia & Expo Workshops (ICMEW), 2015 IEEE International Conference on, Turin, 2015, pp. 1-6. doi: 10.1109/ICMEW.2015.7169780
Abstract: There are many studies regarding the relationships between environmental factors, particularly air pollution, and asthma exacerbation. Most of these studies ignore the potential confounding effects of a sequence of these factors with a specific time lag between them and asthma outbreaks. In this paper we present a new method for identifying consequential relations in the form of complex patterns between environmental factors and asthma attacks. Temporal structure and order relation between these data and their effect on asthma exacerbation comprise complex patterns called asthma risk factors. By extracting such patterns we create a risk prediction model that is important both for an asthmatic patient and public health. For experimental evaluations, we have collected pollution and meteorological data in Tokyo city and found 32 complex risk factor patterns that might result in asthma outbreaks. The experimental results show that extracted model has 71.15% precision.
Keywords: air pollution; data handling; diseases; environmental science computing; health care; lung; pattern recognition; risk analysis; Japan; Tokyo City; asthma attacks; asthma exacerbation; asthma outbreak; asthmatic patient; complex asthma risk factor recognition; complex risk factor pattern; data order relation; data temporal structure; environmental factors; heterogeneous data stream; meteorological data; pollution data; public health; risk prediction model; Air pollution; Automata; Correlation; Market research; Meteorology; Pattern recognition; asthma attacks; environmental factors; pattern recognition (ID#: 16-10362)


Minh-Son Dao, K. Zettsu, S. Pongpaichet, L. Jalali, and R. Jain, “Exploring Spatio-Temporal-Theme Correlation Between Physical and Social Streaming Data for Event Detection and Pattern Interpretation From Heterogeneous Sensors,” Big Data (Big Data), 2015 IEEE International Conference on, Santa Clara, CA, 2015, pp. 2690-2699. doi: 10.1109/BigData.2015.7364069
Abstract: In this paper, we introduce a new method that explores spatio-temporal-theme correlations between physical and social streaming data for event detection and pattern interpretation from heterogeneous sensors. Particularly, we employ a basic two-phase framework in pattern recognition (i.e. feature extraction and detection) with the novel improvement that concerns the use of semantic information acquired from social sensors to automatically label the low-level features extracted from physical sensors. Moreover, by symbolizing the trend component of time-series data, the proposed method has an ability to interpret event’s patterns to help users get insights of how events happen. Differentiating from conventional supervised learning methods whose training data are labeled manually and in an off-line mode, the proposed method can collect labels for training data automatically and in an on-line mode. Moreover, after running for a certain time, a training stage can run parallel with the detecting stage when an event model is totally built. After that, the training stage continues learning to increase the accuracy of the event model by nonstop collecting new samples with labels from streaming data. The problem of environmental factors and particularly air pollution impacts on asthma exacerbation is considered for evaluating the proposed method. The experimental results show that the proposed method can probably detect the prevalence of asthma risks in a specific spatio-temporal context as well as help users understand how a change in the surrounding environment (e.g. weather condition and air pollution) can influence their health (e.g. asthma attack) by interpreting detected event’s patterns.
Keywords: data mining; feature extraction; air pollution; asthma exacerbation; environmental factors; event detection; heterogeneous sensors; low-level feature extraction; pattern interpretation; pattern recognition; physical sensors; physical streaming data; social streaming data; spatio-temporal context; spatio-temporal-theme correlation; time-series data; training stage; two-phase framework; Correlation; Data mining; Feature extraction; Market research; Semantics; Sensor phenomena and characterization; Data Mining; Event Detection; Health Care; Pattern Interpretation; Spatio-Temporal-Theme Correlation (ID#: 16-10363)


A. Laszka, Y. Vorobeychik, and X. Koutsoukos, “Resilient Observation Selection in Adversarial Settings,” Decision and Control (CDC), 2015 IEEE 54th Annual Conference on, Osaka, Japan, 2015, pp. 7416-7421. doi:10.1109/CDC.2015.7403391
Abstract: Monitoring large areas using sensors is fundamental in a number of applications, including electric power grid, traffic networks, and sensor-based pollution control systems. However, the number of sensors that can be deployed is often limited by financial or technological constraints. This problem is further complicated by the presence of strategic adversaries, who may disable some of the deployed sensors in order to impair the operator’s ability to make predictions. Assuming that the operator employs a Gaussian-process-based regression model, we formulate the problem of attack-resilient sensor placement as the problem of selecting a subset from a set of possible observations, with the goal of minimizing the uncertainty of predictions. We show that both finding an optimal resilient subset and finding an optimal attack against a given subset are NP-hard problems. Since both the design and the attack problems are computationally complex, we propose efficient heuristic algorithms for solving them and present theoretical approximability results. Finally, we show that the proposed algorithms perform exceptionally well in practice using numerical results based on real-world datasets.
Keywords: Approximation algorithms; Computer crime; Gaussian processes; Random variables; Sensors; Uncertainty; Yttrium (ID#: 16-10364)


Z. Hu, Y. Wang, X. Tian, X. Yang, D. Meng, and R. Fan, “False Data Injection Attacks Identification for Smart Grids,” Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE), 2015 Third International Conference on, Beirut, 2015, pp. 139-143. doi:10.1109/TAEECE.2015.7113615
Abstract: False Data Injection Attacks (FDIA) in Smart Grid is considered to be the most threatening cyber-physics attack. According to the variety of measurement categories in power system, a new method for false data detection and identification is presented. The main emphasis of our research is that we have equivalent measurement transformation instead of traditional weighted least squares state estimation in the process of SE and identify false data by the residual researching method. In this paper, one FDIA attack case in IEEE 14 bus system is designed by exploiting the MATLAB to test the effectiveness of the algorithm. Using this method the false data can be effectively dealt with.
Keywords: IEEE standards power system security; security of data; smart power grids; FDIA; IEEE 14 bus system; SE; cyberphysical attack threatening; equivalent measurement transformation; false data injection attack identification; power system; residual researching method; smart grid; Current measurement; Pollution measurement; Power measurement; Power systems; State estimation; Transmission line measurements; Weight measurement;  false data detection and identification; false data injection attacks (ID#: 16-10365)


K. F. Alotaibi, M. M. Hamidi, M. Talebi, Jinsheng Xu, and A. Homaifar, “Using Spy Node to Identify Cyber-Attack in Power Systems as a Novel Approach,” Electro/Information Technology (EIT), 2015 IEEE International Conference on, Dekalb, IL, 2015, pp. 581-586. doi:10.1109/EIT.2015.7293401
Abstract: Cyber-security of power systems is of vital importance in this decade and the attackers attempt to manipulate the data and inject malicious data in state variables to divert state of the system. Cyber-attack utilizes the information of the system to generate the attacking vector in order to elude the malicious data tests. The proposed novel approach intends to change the information of the system being exploited by the adversary through adding virtual buses to the network referred as spy nodes. These nodes, including extra measurements fed to the attacker, are able to change the perceived topology of the network on which the attacker depends. Candidate places of the spy nodes are determined by using spanning tree algorithm. Excluding the spy data and using the proposed criteria, malicious data is detected. Results were verified by simulating IEEE 9-bus standard system for several times. Furthermore the method detects the malicious data when the value of spy data changes.
Keywords: power system security; trees (mathematics); IEEE 9-bus standard system; cyber-attack identification; cyber-security; data manipulation; malicious data injection; perceived network topology; power systems; spanning tree algorithm; spy nodes; virtual buses; Pollution measurement; Power measurement; SCADA systems; State estimation; Substations; Transmission line measurements; Malicious data injection; SCADA; Spy node; cyber security; cyber-attack; state estimation (ID#: 16-10366)


M. Varchola, M. Drutarovsky, M. Repka, and P. Zajac, “Side Channel Attack on Multiprecision Multiplier Used in Protected ECDSA Implementation,” 2015 International Conference on ReConFigurable Computing and FPGAs (ReConFig), Mexico City, 2015, pp. 1-6. doi: 10.1109/ReConFig.2015.7393359
Abstract: When considering Elliptic Curve Cryptography (ECC) implementations, countermeasures against side channel attacks are primarily focused on elliptic curve arithmetic. On the other hand, Elliptic Curve Digital Signature Algorithm (ECDSA) implementation also uses a modular multiplication of a private key d<;sub>A<;/sub>, and publicly known random parameter r. The side channel leakage of the multiplication rd<;sub>A<;/sub> can reveal the private key, especially in systems with narrow-width data-path used for multiprecision arithmetic. The proposed countermeasure is based on the different order of arithmetic operations, masking the critical multiplication by a random ephemeral key k<;sup>-1<;sup>. In this work, we demonstrate a special variant of collision attack against the protected ECDSA signature computation. The collision attack exploits the leakage from multiprecision integer multiplier, which is a building block of several published scalable FPGA-enabled ECC crypto-processors. Our concrete experimental results were obtained from hardware DISIPA platform based on Altera Cyclone III FPGA.
Keywords: field programmable gate arrays; private key cryptography; Altera Cyclone III FPGA; ECDSA signature computation; arithmetic operations; building block; collision attack; countermeasures; critical multiplication; elliptic curve arithmetic; elliptic curve cryptography; elliptic curve digital signature algorithm; hardware DISIPA platform; modular multiplication; multiprecision arithmetic; multiprecision integer multiplier; multiprecision multiplier; narrow-width data-path; private key; publicly known random parameter; random ephemeral key; scalable FPGA-enabled ECC crypto-processors; side channel attacks; side channel leakage; Digital signatures; Elliptic curve cryptography; Field programmable gate arrays; Pollution measurement; Power demand; Power measurement (ID#: 16-10367)


Wang Jianqiao, Chen Cailian, and Guan Xinping, “An Overlapping Distributed State Estimation and Detection Method in Smart Grids,” Wireless Communications & Signal Processing (WCSP), 2015 International Conference on, Nanjing, 2015, pp. 1-5. doi:10.1109/WCSP.2015.7341180
Abstract: This paper proposes a novel distributed state estimation and detection algorithm in smart grids. By decomposing a whole power system into several overlapping interconnected areas, the centralized state estimation algorithm turns into a distributed state estimation algorithm. And by iteratively exchanging information with neighboring areas, the result of distributed state estimation can reach convergence and each subsystem can derive the states of the entire power system. When an attacker injects false data into measurements in any area, the neighboring honest areas can quickly detect this abnormality and decrease the mutual weights of their exchanging information between the suspicious area. When all the estimated state vectors converge, each control area can determine whether its neighboring area is intruded or not by using information from shared buses. The proposed approach not only proposes a distributed state estimation structure but also a detection method which has the capacity to detects false data injection (FDI) attacks. The performance of proposed algorithm is demonstrated on the IEEE 14-bus system.
Keywords: power system interconnection; power system state estimation; smart power grids; vectors; FDI attacks; IEEE 14-bus system; centralized state estimation algorithm; detection method; distributed state estimation; false data injection attacks; interconnected areas; smart grids; state vectors; Convergence; Pollution measurement; Power grids; State estimation; Transmission line measurements (ID#: 16-10368)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.