Visible to the public Biblio

Found 3593 results

Filters: Keyword is Human Behavior  [Clear All Filters]
2021-01-25
Valocký, F., Puchalik, M., Orgon, M..  2020.  Implementing Asymmetric Cryptography in High-Speed Data Transmission over Power Line. 2020 11th IEEE Annual Ubiquitous Computing, Electronics Mobile Communication Conference (UEMCON). :0849–0854.
The article presents a proposal for implementing asymmetric cryptography, specifically the elliptic curves for the protection of high-speed data transmission in a corporate network created on the platform of PLC (Power Line Communications). The solution uses an open-source software library OpenSSL. As part of the design, an experimental workplace was set up, a DHCP and FTP server was established. The possibility of encryption with the selected own elliptic curve from the OpenSSL library was tested so that key pairs (public and private keys) were generated using a software tool. A shared secret was created between communication participants and subsequently, data encryption and decryption were performed.
Boas, Y. d S. V., Rocha, D. S., Barros, C. E. de, Martina, J. E..  2020.  SRVB cryptosystem: another attempt to revive Knapsack-based public-key encryption schemes. 2020 27th International Conference on Telecommunications (ICT). :1–6.
Public-key cryptography is a ubiquitous buildingblock of modern telecommunication technology. Among the most historically important, the knapsack-based encryption schemes, from the early years of public-key cryptography, performed particularly well in computational resources (time and memory), and mathematical and algorithmic simplicity. Although effective cryptanalyses readily curtailed their widespread adoption to several different attempts, the possibility of actual usage of knapsack-based asymmetric encryption schemes remains unsettled. This paper aims to present a novel construction that offers consistent security improvements on knapsack-based cryptography. We propose two improvements upon the original knapsack cryptosystem that address the most important types of attacks: the Diophantine approximationsbased attacks and the lattice problems oracle attacks. The proposed defences demonstrably preclude the types of attacks mentioned above, thus contributing to revive knapsack schemes or settle the matter negatively. Finally, we present the http://t3infosecurity.com/nepsecNep.Sec, a contest that is offering a prize for breaking our proposed cryptosystem.
Abbas, M. S., Mahdi, S. S., Hussien, S. A..  2020.  Security Improvement of Cloud Data Using Hybrid Cryptography and Steganography. 2020 International Conference on Computer Science and Software Engineering (CSASE). :123–127.
One of the significant advancements in information technology is Cloud computing, but the security issue of data storage is a big problem in the cloud environment. That is why a system is proposed in this paper for improving the security of cloud data using encryption, information concealment, and hashing functions. In the data encryption phase, we implemented hybrid encryption using the algorithm of AES symmetric encryption and the algorithm of RSA asymmetric encryption. Next, the encrypted data will be hidden in an image using LSB algorithm. In the data validation phase, we use the SHA hashing algorithm. Also, in our suggestion, we compress the data using the LZW algorithm before hiding it in the image. Thus, it allows hiding as much data as possible. By using information concealment technology and mixed encryption, we can achieve strong data security. In this paper, PSNR and SSIM values were calculated in addition to the graph to evaluate the image masking performance before and after applying the compression process. The results showed that PSNR values of stego-image are better for compressed data compared to data before compression.
Kabir, N., Kamal, S..  2020.  Secure Mobile Sensor Data Transfer using Asymmetric Cryptography Algorithms. 2020 International Conference on Cyber Warfare and Security (ICCWS). :1–6.
Mobile sensors are playing a vital role in various applications of a normal day life. Key size in securing data is an important issue to highlight in mobile sensor data transfer between a smart device and a data storage component. Such key size may affect memory storage and processing power of a mobile device. Therefore, we proposed a secure mobile sensor data transfer protocol called secure sensor protocol (SSP). SSP is based on Elliptic Curve Cryptography (ECC), which generates small size key in contrast to conventional asymmetric algorithms like RSA and Diffie Hellman. SSP receive values from light sensor and magnetic flux meter of a smart device. SSP encrypts mobile sensor data using ECC and afterwards it stores cipher information in MySQL database to receive remote data access. We compared the performance of the ECC with other existing asymmetric cryptography algorithms in terms of secure mobile sensor data transfer based on data encryption and decryption time, key size and encoded data size. In-addition, SSP shows better results than other cryptography algorithms in terms of secure mobile sensor data transfer.
Thinn, A. A., Thwin, M. M. S..  2020.  A Hybrid Solution for Confidential Data Transfer Using PKI, Modified AES Algorithm and Image as a Secret Key. 2020 IEEE Conference on Computer Applications(ICCA). :1–4.
Nowadays the provision of online services by government or business organizations has become a standard and necessary operation. Transferring data including the confidential or sensitive information via Internet or insecure network and exchange of them is also increased day by day. As a result, confidential information leakage and cyber threats are also heightened. Confidential information trading became one of the most profitable businesses. Encrypting the data is a solution to secure the data from being exposed. In this paper, we would like to propose a solution for the secure transfer of data using symmetric encryption, asymmetric encryption technologies and Key Generation Server as a mixed hybrid solution. A Symmetric encryption, modified AES algorithm, is used to encrypt data. Digital certificate is used both for data encryption and digital signing to assure data integrity. Key generation server is used to generate the second secret key from the publicly recognized information of a person and this key is used as a second secret key in the modified AES. The proposed hybrid solution can be utilized in any applications that require high confidentiality, integrity of data and non-repudiation.
ManJiang, D., Kai, C., ZengXi, W., LiPeng, Z..  2020.  Design of a Cloud Storage Security Encryption Algorithm for Power Bidding System. 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). 1:1875–1879.
To solve the problem of poor security and performance caused by traditional encryption algorithm in the cloud data storage of power bidding system, we proposes a hybrid encryption method based on symmetric encryption and asymmetric encryption. In this method, firstly, the plaintext upload file is divided into several blocks according to the proportion, then the large file block is encrypted by symmetrical encryption algorithm AES to ensure the encryption performance, and then the small file block and AES key are encrypted by asymmetric encryption algorithm ECC to ensure the file encryption strength and the security of key transmission. Finally, the ciphertext file is generated and stored in the cloud storage environment to prevent sensitive files Pieces from being stolen and destroyed. The experimental results show that the hybrid encryption method can improve the anti-attack ability of cloud storage files, ensure the security of file storage, and have high efficiency of file upload and download.
Mazlisham, M. H., Adnan, S. F. Syed, Isa, M. A. Mat, Mahad, Z., Asbullah, M. A..  2020.  Analysis of Rabin-P and RSA-OAEP Encryption Scheme on Microprocessor Platform. 2020 IEEE 10th Symposium on Computer Applications Industrial Electronics (ISCAIE). :292–296.
This paper presents an analysis of Rabin-P encryption scheme on microprocessor platform in term of runtime and energy consumption. A microprocessor is one of the devices utilized in the Internet of Things (IoT) structure. Therefore, in this work, the microprocessor selected is the Raspberry Pi that is powered with a smaller version of the Linux operating system for embedded devices, the Raspbian OS. A comparative analysis is then conducted for Rabin-p and RSA-OAEP cryptosystem in the Raspberry Pi setup. A conclusion can be made that Rabin-p performs faster in comparison to the RSA-OAEP cryptosystem in the microprocessor platform. Rabin-p can improve decryption efficiency by using only one modular exponentiation while produces a unique message after the decryption process.
Abusukhon, A., AlZu’bi, S..  2020.  New Direction of Cryptography: A Review on Text-to-Image Encryption Algorithms Based on RGB Color Value. 2020 Seventh International Conference on Software Defined Systems (SDS). :235–239.
Data encryption techniques are important for answering the question: How secure is the Internet for sending sensitive data. Keeping data secure while they are sent through the global network is a difficult task. This is because many hackers are fishing these data in order to get some benefits. The researchers have developed various types of encryption algorithms to protect data from attackers. These algorithms are mainly classified into two categories namely symmetric and asymmetric encryption algorithms. This survey sheds light on the recent work carried out on encrypting a text into an image based on the RGB color value and held a comparison between them based on various factors evolved from the literature.
Kumar, S., Singh, B. K., Akshita, Pundir, S., Batra, S., Joshi, R..  2020.  A survey on Symmetric and Asymmetric Key based Image Encryption. 2nd International Conference on Data, Engineering and Applications (IDEA). :1–5.
Image Encryption is a technique where an algorithm along with a set of characters called key encrypts the data into cipher text. The cipher text can be converted back into plaintext by decryption. This technique is employed for the security of data such that confidentiality, integrity and authenticity of data is maintained. In today's era security of information has become a crucial task, unauthorized access and use of data has become a noticeable issue. To provide the security required, there are several algorithms to suit the purposes. While the use and transferring of images has become easy and faster due to technological advancements especially wireless sensor network, image destruction and illegitimate use has become a potential threat. Different transfer mediums and various uses of images require different and appropriately suiting encryption approaches. Hence, in this paper we discuss the types of image encryption techniques. We have also discussed several encryption algorithms, their advantages and suitability.
Swetha, K., Kalyan, S. P., Pavan, V., Roshini, A..  2020.  A Modified Tiny Asymmetric Encryption for Secure Ftp to Network. 2020 6th International Conference on Advanced Computing and Communication Systems (ICACCS). :1176–1180.
The target of this venture is to give the protected correspondence among the associated frameworks in the system. It gives the vital validation to the record moving in the system transmission. It comprises of 3 modules in particular encryption and unscrambling module, secret key verification to the information that needs to transmit through system. In this system, File Transfer Protocol can be used to execute Server-client innovation and the document can be scrambled and unscrambled by sending the end client through attachment programming of the end client.
Issa, H., Tar, J. K..  2020.  Tackling Actuator Saturation in Fixed Point Iteration-based Adaptive Control. 2020 IEEE 14th International Symposium on Applied Computational Intelligence and Informatics (SACI). :000221–000226.
The limited output of various drives means a challenge in controller design whenever the acceleration need of the "nominal trajectory to be tracked" temporarily exceeds the abilities of the saturated control system. The prevailing control design methods can tackle this problem either in a single theoretical step or in two consecutive steps. In this latter case in the first step the design happens without taking into account the actuator constraints, then apply a saturation compensator if the phenomenon of windup is observed. In the Fixed Point Iteration- based Adaptive Control (FPIAC) that has been developed as an alternative of the Lyapunov function-based approach the actuator saturation causes problems in its both elementary levels: in the kinematic/kinetic level where the desired acceleration is calculated, and in the iterative process that compensates the effects of modeling errors of the dynamic system under control and that of the external disturbances. The here presented approach tackles this problem in both levels by relatively simple considerations. To illustrate the method's efficiency simulation investigations were done in the FPIAC control of a modification of the van der Pol oscillator to which an additional strongly nonlinear term was added.
Zhang, Z., Zhang, Q., Liu, T., Pang, Z., Cui, B., Jin, S., Liu, K..  2020.  Data-driven Stealthy Actuator Attack against Cyber-Physical Systems. 2020 39th Chinese Control Conference (CCC). :4395–4399.
This paper studies the data-driven stealthy actuator attack against cyber-physical systems. The objective of the attacker is to add a certain bias to the output while keeping the detection rate of the χ2 detector less than a certain value. With the historical input and output data, the parameters of the system are estimated and the attack signal is the solution of a convex optimization problem constructed with the estimated parameters. The extension to the case of arbitrary detectors is also discussed. A numerical example is given to verify the effectiveness of the attack.
Merouane, E. M., Escudero, C., Sicard, F., Zamai, E..  2020.  Aging Attacks against Electro-Mechanical Actuators from Control Signal Manipulation. 2020 IEEE International Conference on Industrial Technology (ICIT). :133–138.
The progress made in terms of controller technologies with the introduction of remotely-accessibility capacity in the digital controllers has opened the door to new cybersecurity threats on the Industrial Control Systems (ICSs). Among them, some aim at damaging the ICS's physical system. In this paper, a corrupted controller emitting a non-legitimate Pulse Width Modulation control signal to an Electro-Mechanical Actuator (EMA) is considered. The attacker's capabilities for accelerating the EMA's aging by inducing Partial Discharges (PDs) are investigated. A simplified model is considered for highlighting the influence of the carrier frequency of the control signal over the amplitude and the repetition of the PDs involved in the EMA's aging.
Niu, L., Ramasubramanian, B., Clark, A., Bushnell, L., Poovendran, R..  2020.  Control Synthesis for Cyber-Physical Systems to Satisfy Metric Interval Temporal Logic Objectives under Timing and Actuator Attacks*. 2020 ACM/IEEE 11th International Conference on Cyber-Physical Systems (ICCPS). :162–173.
This paper studies the synthesis of controllers for cyber-physical systems (CPSs) that are required to carry out complex tasks that are time-sensitive, in the presence of an adversary. The task is specified as a formula in metric interval temporal logic (MITL). The adversary is assumed to have the ability to tamper with the control input to the CPS and also manipulate timing information perceived by the CPS. In order to model the interaction between the CPS and the adversary, and also the effect of these two classes of attacks, we define an entity called a durational stochastic game (DSG). DSGs probabilistically capture transitions between states in the environment, and also the time taken for these transitions. With the policy of the defender represented as a finite state controller (FSC), we present a value-iteration based algorithm that computes an FSC that maximizes the probability of satisfying the MITL specification under the two classes of attacks. A numerical case-study on a signalized traffic network is presented to illustrate our results.
Giraldo, J., Kafash, S. H., Ruths, J., Cárdenas, A. A..  2020.  DARIA: Designing Actuators to Resist Arbitrary Attacks Against Cyber-Physical Systems. 2020 IEEE European Symposium on Security and Privacy (EuroS P). :339–353.
In the past decade we have seen an active research community proposing attacks and defenses to Cyber-Physical Systems (CPS). Most of these attacks and defenses have been heuristic in nature, limiting the attacker to a set of predefined operations, and proposing defenses with unclear security guarantees. In this paper, we propose a generic adversary model that can capture any type of attack (our attacker is not constrained to follow specific attacks such as replay, delay, or bias) and use it to design security mechanisms with provable security guarantees. In particular, we propose a new secure design paradigm we call DARIA: Designing Actuators to Resist arbItrary Attacks. The main idea behind DARIA is the design of physical limits to actuators in order to prevent attackers from arbitrarily manipulating the system, irrespective of their point of attack (sensors or actuators) or the specific attack algorithm (bias, replay, delays, etc.). As far as we are aware, we are the first research team to propose the design of physical limits to actuators in a control loop in order to keep the system secure against attacks. We demonstrate the generality of our proposal on simulations of vehicular platooning and industrial processes.
Marasco, E. O., Quaglia, F..  2020.  AuthentiCAN: a Protocol for Improved Security over CAN. 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4). :533–538.
The continuous progress of electronic equipments has influenced car manufacturers, leading to the integration of the latest infotainment technologies and providing connection to external devices, such as mobile phones. Modern cars work with ECUs (Electronic Control Units) that handle user interactions and sensor data, by also sending information to actuators using simple, reliable and efficient networks with fast protocols, like CAN (Controller Area Network). This is the most used vehicular protocol, which allows interconnecting different ECUs, making them interact in a synergic manner. On the down side, there is a security risk related to the exposition of malicious ECU's frames-possibly generated by compromised devices-which can lead to the possibility to remote control all the car equipments (like brakes and others) by an attacker. We propose a solution to this problem, designing an authentication and encryption system above CAN, called AuthentiCAN. Our proposal is tailored for the evolution of CAN called CAN-FD, and avoids the possibility for an attacker to inject malicious frames that are not discarded by the destination ECUs. Also, we avoid the possibility for an attacker to learn the interactions that occur across ECUs, with the objective of maliciously replaying messages-which would lead the actuator's logic to be no longer compliant with the actual data sources. We also present a simulation study of our solution, where we provide an assessment of its overhead, e.g. in terms of reduction of the throughput of data-unit transfer over CAN-FD, caused by the added security features.
Lanotte, R., Merro, M., Munteanu, A..  2020.  Runtime Enforcement for Control System Security. 2020 IEEE 33rd Computer Security Foundations Symposium (CSF). :246–261.
With the explosion of Industry 4.0, industrial facilities and critical infrastructures are transforming into “smart” systems that dynamically adapt to external events. The result is an ecosystem of heterogeneous physical and cyber components, such as programmable logic controllers, which are more and more exposed to cyber-physical attacks, i.e., security breaches in cyberspace that adversely affect the physical processes at the core of industrial control systems. We apply runtime enforcement techniques, based on an ad-hoc sub-class of Ligatti et al.'s edit automata, to enforce specification compliance in networks of potentially compromised controllers, formalised in Hennessy and Regan's Timed Process Language. We define a synthesis algorithm that, given an alphabet P of observable actions and an enforceable regular expression e capturing a timed property for controllers, returns a monitor that enforces the property e during the execution of any (potentially corrupted) controller with alphabet P and complying with the property e. Our monitors correct and suppress incorrect actions coming from corrupted controllers and emit actions in full autonomy when the controller under scrutiny is not able to do so in a correct manner. Besides classical properties, such as transparency and soundness, the proposed enforcement ensures non-obvious properties, such as polynomial complexity of the synthesis, deadlock- and diverge-freedom of monitored controllers, together with scalability when dealing with networks of controllers.
Dangal, P., Bloom, G..  2020.  Towards Industrial Security Through Real-time Analytics. 2020 IEEE 23rd International Symposium on Real-Time Distributed Computing (ISORC). :156–157.
Industrial control system (ICS) denotes a system consisting of actuators, control stations, and network that manages processes and functions in an industrial setting. The ICS community faces two major problems to keep pace with the broader trends of Industry 4.0: (1) a data rich, information poor (DRIP) syndrome, and (2) risk of financial and safety harms due to security breaches. In this paper, we propose a private cloud in the loop ICS architecture for real-time analytics that can bridge the gap between low data utilization and security hardening.
Rizki, R. P., Hamidi, E. A. Z., Kamelia, L., Sururie, R. W..  2020.  Image Processing Technique for Smart Home Security Based On the Principal Component Analysis (PCA) Methods. 2020 6th International Conference on Wireless and Telematics (ICWT). :1–4.
Smart home is one application of the pervasive computing branch of science. Three categories of smart homes, namely comfort, healthcare, and security. The security system is a part of smart home technology that is very important because the intensity of crime is increasing, especially in residential areas. The system will detect the face by the webcam camera if the user enters the correct password. Face recognition will be processed by the Raspberry pi 3 microcontroller with the Principal Component Analysis method using OpenCV and Python software which has outputs, namely actuators in the form of a solenoid lock door and buzzer. The test results show that the webcam can perform face detection when the password input is successful, then the buzzer actuator can turn on when the database does not match the data taken by the webcam or the test data and the solenoid door lock actuator can run if the database matches the test data taken by the sensor. webcam. The mean response time of face detection is 1.35 seconds.
Gracy, S., Milošević, J., Sandberg, H..  2020.  Actuator Security Index for Structured Systems. 2020 American Control Conference (ACC). :2993–2998.
Given a network with a set of vulnerable actuators (and sensors), the security index of an actuator equals the minimum number of sensors and actuators that needs to be compromised so as to conduct a perfectly undetectable attack using the said actuator. This paper deals with the problem of computing actuator security indices for discrete-time LTI network systems, using a structured systems framework. We show that the actuator security index is generic, that is for almost all realizations the actuator security index remains the same. We refer to such an index as generic security index (generic index) of an actuator. Given that the security index quantifies the vulnerability of a network, the generic index is quite valuable for large scale energy systems. Our second contribution is to provide graph-theoretic conditions for computing the generic index. The said conditions are in terms of existence of linkings on appropriately-defined directed (sub)graphs. Based on these conditions, we present an algorithm for computing the generic index.
Shuncheng, L., Jiajia, X., Jin, C., Jian, C., Lin, D., Lu, W..  2020.  Research on the Calibration Influence Factors of UHF Partial Discharge Detector. 2020 5th International Conference on Smart Grid and Electrical Automation (ICSGEA). :34—41.

Ultra high frequency (UHF) partial discharge detection technology has been widely used in on-line monitoring of electrical equipment, for the influence factors of UHF signal's transfer function is complicated, the calibration of UHF method is still not realized until now. In order to study the calibration influence factors of UHF partial discharge (PD) detector, the discharge mechanism of typical PD defects is analyzed, and use a PD UHF signal simulator with multiple adjustable parameters to simulate types of PD UHF signals of electrical equipment, then performed the relative experimental research in propagation characteristics and Sensor characteristics of UHF signals. It is concluded that the calibration reliability has big differences between UHF signal energy and discharge capacity of different discharge source. The calibration curve of corona discharge and suspended discharge which can representation the severity of equipment insulation defect more accurate, and the calibration curve of internal air gap discharge and dielectric surface discharge is poorer. The distance of UHF signal energy decays to stable period become smaller with increase of frequency, and the decay of UHF signal energy is irrelevant to its frequencies when the measuring angle is changing. The frequency range of measuring UHF signal depends on effective frequency range of measurement sensor, moreover, the gain and standing-wave ratio of sensor and the energy of the received signal manifested same change trend. Therefore, in order to calibration the UHF signal, it is necessary to comprehensive consideration the specific discharge type and measuring condition. The results provide the favorable reference for a further study to build the calibration system of UHF measuring method, and to promote the effective application of UHF method in sensor characteristic fault diagnosis and insulation evaluation of electrical equipment.

Sehatbakhsh, N., Yilmaz, B. B., Zajic, A., Prvulovic, M..  2020.  A New Side-Channel Vulnerability on Modern Computers by Exploiting Electromagnetic Emanations from the Power Management Unit. 2020 IEEE International Symposium on High Performance Computer Architecture (HPCA). :123—138.

This paper presents a new micro-architectural vulnerability on the power management units of modern computers which creates an electromagnetic-based side-channel. The key observations that enable us to discover this sidechannel are: 1) in an effort to manage and minimize power consumption, modern microprocessors have a number of possible operating modes (power states) in which various sub-systems of the processor are powered down, 2) for some of the transitions between power states, the processor also changes the operating mode of the voltage regulator module (VRM) that supplies power to the affected sub-system, and 3) the electromagnetic (EM) emanations from the VRM are heavily dependent on its operating mode. As a result, these state-dependent EM emanations create a side-channel which can potentially reveal sensitive information about the current state of the processor and, more importantly, the programs currently being executed. To demonstrate the feasibility of exploiting this vulnerability, we create a covert channel by utilizing the changes in the processor's power states. We show how such a covert channel can be leveraged to exfiltrate sensitive information from a secured and completely isolated (air-gapped) laptop system by placing a compact, inexpensive receiver in proximity to that system. To further show the severity of this attack, we also demonstrate how such a covert channel can be established when the target and the receiver are several meters away from each other, including scenarios where the receiver and the target are separated by a wall. Compared to the state-of-the-art, the proposed covert channel has \textbackslashtextgreater3x higher bit-rate. Finally, to demonstrate that this new vulnerability is not limited to being used as a covert channel, we demonstrate how it can be used for attacks such as keystroke logging.

Zhan, Z., Zhang, Z., Koutsoukos, X..  2020.  BitJabber: The World’s Fastest Electromagnetic Covert Channel. 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). :35—45.

An air-gapped computer is physically isolated from unsecured networks to guarantee effective protection against data exfiltration. Due to air gaps, unauthorized data transfer seems impossible over legitimate communication channels, but in reality many so-called physical covert channels can be constructed to allow data exfiltration across the air gaps. Most of such covert channels are very slow and often require certain strict conditions to work (e.g., no physical obstacles between the sender and the receiver). In this paper, we introduce a new physical covert channel named BitJabber that is extremely fast and strong enough to even penetrate concrete walls. We show that this covert channel can be easily created by an unprivileged sender running on a victim’s computer. Specifically, the sender constructs the channel by using only memory accesses to modulate the electromagnetic (EM) signals generated by the DRAM clock. While possessing a very high bandwidth (up to 300,000 bps), this new covert channel is also very reliable (less than 1% error rate). More importantly, this covert channel can enable data exfiltration from an air-gapped computer enclosed in a room with thick concrete walls up to 15 cm.

Zhang, J., Ji, X., Xu, W., Chen, Y.-C., Tang, Y., Qu, G..  2020.  MagView: A Distributed Magnetic Covert Channel via Video Encoding and Decoding. IEEE INFOCOM 2020 - IEEE Conference on Computer Communications. :357—366.

Air-gapped networks achieve security by using the physical isolation to keep the computers and network from the Internet. However, magnetic covert channels based on CPU utilization have been proposed to help secret data to escape the Faraday-cage and the air-gap. Despite the success of such cover channels, they suffer from the high risk of being detected by the transmitter computer and the challenge of installing malware into such a computer. In this paper, we propose MagView, a distributed magnetic cover channel, where sensitive information is embedded in other data such as video and can be transmitted over the air-gapped internal network. When any computer uses the data such as playing the video, the sensitive information will leak through the magnetic covert channel. The "separation" of information embedding and leaking, combined with the fact that the covert channel can be created on any computer, overcomes these limitations. We demonstrate that CPU utilization for video decoding can be effectively controlled by changing the video frame type and reducing the quantization parameter without video quality degradation. We prototype MagView and achieve up to 8.9 bps throughput with BER as low as 0.0057. Experiments under different environment are conducted to show the robustness of MagView. Limitations and possible countermeasures are also discussed.

Oesch, S., Bridges, R., Smith, J., Beaver, J., Goodall, J., Huffer, K., Miles, C., Scofield, D..  2020.  An Assessment of the Usability of Machine Learning Based Tools for the Security Operations Center. 2020 International Conferences on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) and IEEE Congress on Cybermatics (Cybermatics). :634—641.

Gartner, a large research and advisory company, anticipates that by 2024 80% of security operation centers (SOCs) will use machine learning (ML) based solutions to enhance their operations.11https://www.ciodive.com/news/how-data-science-tools-can-lighten-the-load-for-cybersecurity-teams/572209/ In light of such widespread adoption, it is vital for the research community to identify and address usability concerns. This work presents the results of the first in situ usability assessment of ML-based tools. With the support of the US Navy, we leveraged the national cyber range-a large, air-gapped cyber testbed equipped with state-of-the-art network and user emulation capabilities-to study six US Naval SOC analysts' usage of two tools. Our analysis identified several serious usability issues, including multiple violations of established usability heuristics for user interface design. We also discovered that analysts lacked a clear mental model of how these tools generate scores, resulting in mistrust \$a\$ and/or misuse of the tools themselves. Surprisingly, we found no correlation between analysts' level of education or years of experience and their performance with either tool, suggesting that other factors such as prior background knowledge or personality play a significant role in ML-based tool usage. Our findings demonstrate that ML-based security tool vendors must put a renewed focus on working with analysts, both experienced and inexperienced, to ensure that their systems are usable and useful in real-world security operations settings.