Visible to the public Biblio

Found 845 results

Filters: Keyword is compositionality  [Clear All Filters]
2020-08-03
Shu-fen, NIU, Bo-bin, WANG, You-chen, WANG, Jin-feng, WANG, Jing-min, CHEN.  2019.  Efficient and Secure Proxy re-signature Message Authentication Scheme in Vehicular Ad Hoc Network. 2019 IEEE 3rd Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC). :1652–1656.

In order to solve privacy protection problem in the Internet of Vehicles environment, a message authentication scheme based on proxy re-signature is proposed using elliptic curves, which realizes privacy protection by transforming the vehicle's signature of the message into the roadside unit's signature of the same message through the trusted center. And through the trusted center traceability, to achieve the condition of privacy protection, and the use of batch verification technology, greatly improve the efficiency of authentication. It is proved that the scheme satisfies unforgeability in ECDLP hard problem in the random oracle model. The efficiency analysis shows that the scheme meets the security and efficiency requirements of the Internet of Vehicles and has certain practical significance.

Prasad, Mahendra, Tripathi, Sachin, Dahal, Keshav.  2019.  Wormhole attack detection in ad hoc network using machine learning technique. 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1–7.

In this paper, we explore the use of machine learning technique for wormhole attack detection in ad hoc network. This work has categorized into three major tasks. One of our tasks is a simulation of wormhole attack in an ad hoc network environment with multiple wormhole tunnels. A next task is the characterization of packet attributes that lead to feature selection. Consequently, we perform data generation and data collection operation that provide large volume dataset. The final task is applied to machine learning technique for wormhole attack detection. Prior to this, a wormhole attack has detected using traditional approaches. In those, a Multirate-DelPHI is shown best results as detection rate is 90%, and the false alarm rate is 20%. We conduct experiments and illustrate that our method performs better resulting in all statistical parameters such as detection rate is 93.12% and false alarm rate is 5.3%. Furthermore, we have also shown results on various statistical parameters such as Precision, F-measure, MCC, and Accuracy.

Arthi, A., Aravindhan, K..  2019.  Enhancing the Performance Analysis of LWA Protocol Key Agreement in Vehicular Ad hoc Network. 2019 5th International Conference on Advanced Computing Communication Systems (ICACCS). :1070–1074.

Road accidents are challenging threat in the present scenario. In India there are 5, 01,423 road accidents in 2015. A day 400 hundred deaths are forcing to India to take car safety sincerely. The common cause for road accidents is driver's distraction. In current world the people are dominated by the tablet PC and other hand held devices. The VANET technology is a vehicle-to-vehicle communication; here the main challenge will be to deliver qualified communication during mobility. The paper proposes a standard new restricted lightweight authentication protocol utilizing key agreement theme for VANETs. Inside the planned topic, it has three sorts of validations: 1) V2V 2) V2CH; and 3) CH and RSU. Aside from this authentication, the planned topic conjointly keeps up mystery keys between RSUs for the safe communication. Thorough informal security analysis demonstrates the planned subject is skilled to guard different malicious attack. In addition, the NS2 Simulation exhibits the possibility of the proposed plan in VANET background.

Gopalakrishnan, S., Rajesh, A..  2019.  Cluster based Intrusion Detection System for Mobile Ad-hoc Network. 2019 Fifth International Conference on Science Technology Engineering and Mathematics (ICONSTEM). 1:11–15.

Mobile Ad-hoc network is decentralized and composed of various individual devices for communicating with each other. Its distributed nature and infrastructure deficiency are the way for various attacks in the network. On implementing Intrusion detection systems (IDS) in ad-hoc node securities were enhanced by means of auditing and monitoring process. This system is composed with clustering protocols which are highly effective in finding the intrusions with minimal computation cost on power and overhead. The existing protocols were linked with the routes, which are not prominent in detecting intrusions. The poor route structure and route renewal affect the cluster hardly. By which the cluster are unstable and results in maximization processing along with network traffics. Generally, the ad hoc networks are structured with battery and rely on power limitation. It needs an active monitoring node for detecting and responding quickly against the intrusions. It can be attained only if the clusters are strong with extensive sustaining capability. Whenever the cluster changes the routes also change and the prominent processing of achieving intrusion detection will not be possible. This raises the need of enhanced clustering algorithm which solved these drawbacks and ensures the network securities in all manner. We proposed CBIDP (cluster based Intrusion detection planning) an effective clustering algorithm which is ahead of the existing routing protocol. It is persistently irrespective of routes which monitor the intrusion perfectly. This simplified clustering methodology achieves high detecting rates on intrusion with low processing as well as memory overhead. As it is irrespective of the routes, it also overcomes the other drawbacks like traffics, connections and node mobility on the network. The individual nodes in the network are not operative on finding the intrusion or malicious node, it can be achieved by collaborating the clustering with the system.

POLAT, Hüseyin, POLAT, Onur, SÖĞÜT, Esra, ERDEM, O. Ayhan.  2019.  Performance Analysis of Between Software Defined Wireless Network and Mobile Ad Hoc Network Under DoS Attack. 2019 3rd International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT). :1–5.

The traditional network used today is unable to meet the increasing needs of technology in terms of management, scaling, and performance criteria. Major developments in information and communication technologies show that the traditional network structure is quite lacking in meeting the current requirements. In order to solve these problems, Software Defined Network (SDN) is capable of responding as it, is flexible, easier to manage and offers a new structure. Software Defined Networks have many advantages over traditional network structure. However, it also brings along many security threats due to its new architecture. For example, the DoS attack, which overloads the controller's processing and communication capacity in the SDN structure, is a significant threat. Mobile Ad Hoc Network (MANET), which is one of the wireless network technologies, is different from SDN technology. MANET is exposed to various attacks such as DoS due to its security vulnerabilities. The aim of the study is to reveal the security problems in SDN structure presented with a new understanding. This is based on the currently used network structures such as MANET. The study consists of two parts. First, DoS attacks against the SDN controller were performed. Different SDN controllers were used for more accurate results. Second, MANET was established and DoS attacks against this network were performed. Different MANET routing protocols were used for more accurate results. According to the scenario, attacks were performed and the performance values of the networks were tested. The reason for using two different networks in this study is to compare the performance values of these networks at the time of attack. According to the test results, both networks were adversely affected by the attacks. It was observed that network performance decreased in MANET structure but there was no network interruption. The SDN controller becomes dysfunctional and collapses as a result of the attack. While the innovations offered by the SDN structure are expected to provide solutions to many problems in traditional networks, there are still many vulnerabilities for network security.

Seetharaman, R., Subramaniam, L.Harihara, Ramanathan, S..  2019.  Mobile Ad Hoc Network for Security Enhancement. 2019 2nd International Conference on Power and Embedded Drive Control (ICPEDC). :279–282.

This project enhances the security in which Ad Hoc On-Demand Distance Vector (AODV) routing protocol for MANETs with the game theoretical approach. This is achieved by using public key and private key for encryption and decryption processes. Proactive and reactive method is implemented in the proposed system. Reactive method is done in identification process but in proactive method is used to identify the nodes and also block the hackers node, then change the direction of data transmission to good nodes. This application can be used in military, research, confidential and emergency circumferences.

Yang, Xiaodong, Liu, Rui, Wang, Meiding, Chen, Guilan.  2019.  Identity-Based Aggregate Signature Scheme in Vehicle Ad-hoc Network. 2019 4th International Conference on Mechanical, Control and Computer Engineering (ICMCCE). :1046–10463.

Vehicle ad-hoc network (VANET) is the main driving force to alleviate traffic congestion and accelerate the construction of intelligent transportation. However, the rapid growth of the number of vehicles makes the construction of the safety system of the vehicle network facing multiple tests. This paper proposes an identity-based aggregate signature scheme to protect the privacy of vehicle identity, receive messages in time and authenticate quickly in VANET. The scheme uses aggregate signature algorithm to aggregate the signatures of multiple users into one signature, and joins the idea of batch authentication to complete the authentication of multiple vehicular units, thereby improving the verification efficiency. In addition, the pseudoidentity of vehicles is used to achieve the purpose of vehicle anonymity and privacy protection. Finally, the secure storage of message signatures is effectively realized by using reliable cloud storage technology. Compared with similar schemes, this paper improves authentication efficiency while ensuring security, and has lower storage overhead.

Maxa, Jean-Aimé, Ben Mahmoud, Mohamed Slim, Larrieu, Nicolas.  2019.  Performance evaluation of a new secure routing protocol for UAV Ad hoc Network. 2019 IEEE/AIAA 38th Digital Avionics Systems Conference (DASC). :1–10.

UAANET (UAV Ad hoc Network) is defined as an autonomous system made of swarm of UAVs (Unmanned Aerial Vehicle) and GCS (Ground Control Station). Compared to other types of MANET (Mobile Ad hoc network), UAANET have some unique features and bring several challenges. One of them is the design of routing protocol. It must be efficient for creating routes between nodes and dynamically adjusting to the rapidly changing topology. It must also be secure to protect the integrity of the network against malicious attackers. In this paper, we will present the architecture and the performance evaluation (based on both real-life experimental and emulation studies) of a secure routing protocol called SUAP (Secure UAV Ad hoc routing Protocol). SUAP ensures routing services between nodes to exchange real-time traffic and also guarantees message authentication and integrity to protect the network integrity. Additional security mechanisms were added to detect Wormhole attacks. Wormhole attacks represent a high level of risk for UAV ad hoc network and this is the reason why we choose to focus on this specific multi node attack. Through performance evaluation campaign, our results show that SUAP ensures the expected security services against different types of attacks while providing an acceptable quality of service for real-time data exchanges.

Islam, Noman.  2019.  A Secure Service Discovery Scheme for Mobile ad hoc Network using Artificial Deep Neural Network. 2019 International Conference on Frontiers of Information Technology (FIT). :133–1335.

In this paper, an agent-based cross-layer secure service discovery scheme has been presented. Service discovery in MANET is a critical task and it presents numerous security challenges. These threats can compromise the availability, privacy and integrity of service discovery process and infrastructure. This paper highlights various security challenges prevalent to service discovery in MANET. Then, in order to address these security challenges, the paper proposes a cross-layer, agent based secure service discovery scheme for MANET based on deep neural network. The software agents will monitor the intrusive activities in the network based on an Intrusion Detection System (IDS). The service discovery operation is performed based on periodic dissemination of service, routing and security information. The QoS provisioning is achieved by encapsulating QoS information in the periodic advertisements done by service providers. The proposed approach has been implemented in JIST/ SWANS simulator. The results show that proposed approach provides improved security, scalability, latency, packet delivery ratio and service discovery success ratio, for various simulation scenarios.

2020-07-30
Bays, Jason, Karabiyik, Umit.  2019.  Forensic Analysis of Third Party Location Applications in Android and iOS. IEEE INFOCOM 2019 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). :1—6.
Location sharing applications are becoming increasingly common. These applications allow users to share their own locations and view contacts’ current locations on a map. Location applications are commonly used by friends and family members to view Global Positioning System (GPS) location of an individual, but valuable forensic evidence may exist in this data when stored locally on smartphones. This paper aims to discover forensic artifacts from two popular third-party location sharing applications on iOS and Android devices. Industry standard mobile forensic suites are utilized to discover if any locally stored data could be used to assist investigations reliant on knowing the past location of a suspect. Security issues raised regarding the artifacts found during our analysis is also discussed.
Srisopha, Kamonphop, Phonsom, Chukiat, Lin, Keng, Boehm, Barry.  2019.  Same App, Different Countries: A Preliminary User Reviews Study on Most Downloaded iOS Apps. 2019 IEEE International Conference on Software Maintenance and Evolution (ICSME). :76—80.
Prior work on mobile app reviews has demonstrated that user reviews contain a wealth of information and are seen as a potential source of requirements. However, most of the studies done in this area mainly focused on mining and analyzing user reviews from the US App Store, leaving reviews of users from other countries unexplored. In this paper, we seek to understand if the perception of the same apps between users from other countries and that from the US differs through analyzing user reviews. We retrieve 300,643 user reviews of the 15 most downloaded iOS apps of 2018, published directly by Apple, from nine English-speaking countries over the course of 5 months. We manually classify 3,358 reviews into several software quality and improvement factors. We leverage a random forest based algorithm to identify factors that can be used to differentiate reviews between the US and other countries. Our preliminary results show that all countries have some factors that are proportionally inconsistent with the US.
He, Yongzhong, Zhao, Xiaojuan, Wang, Chao.  2019.  Privacy Mining of Large-scale Mobile Usage Data. 2019 IEEE International Conference on Power, Intelligent Computing and Systems (ICPICS). :81—86.
While enjoying the convenience brought by mobile phones, users have been exposed to high risk of private information leakage. It is known that many applications on mobile devices read private data and send them to remote servers. However how, when and in what scale the private data are leaked are not investigated systematically in the real-world scenario. In this paper, a framework is proposed to analyze the usage data from mobile devices and the traffic data from the mobile network and make a comprehensive privacy leakage detection and privacy inference mining on a large scale of realworld mobile data. Firstly, this paper sets up a training dataset and trains a privacy detection model on mobile traffic data. Then classical machine learning tools are used to discover private usage patterns. Based on our experiments and data analysis, it is found that i) a large number of private information is transmitted in plaintext, and even passwords are transmitted in plaintext by some applications, ii) more privacy types are leaked in Android than iOS, while GPS location is the most leaked privacy in both Android and iOS system, iii) the usage pattern is related to mobile device price. Through our experiments and analysis, it can be concluded that mobile privacy leakage is pervasive and serious.
Lorenzo, Fernando, McDonald, J. Todd, Andel, Todd R., Glisson, William B., Russ, Samuel.  2019.  Evaluating Side Channel Resilience in iPhone 5c Unlock Scenarios. 2019 SoutheastCon. :1—7.
iOS is one of the most secure operating systems based on policies created and enforced by Apple. Though not impervious or free from vulnerabilities, iOS has remained resilient to many attacks partially based on lower market share of devices, but primarily because of tight controls placed on iOS development and application deployment. Locked iOS devices pose a specific hard problem for both law enforcement and corporate IT dealing with malicious insiders or intrusion scenarios. The need to recover forensic data from locked iOS devices has been of public interest for some time. In this paper, we describe a case study analysis of the iPhone 5c model and our attempts to use electromagnetic (EM) fault-injection as a side channel means to unlock the device. Based on our study, we report on our unsuccessful attempts in unlocking a locked iPhone 5c using this side channel-based approach. As a contribution, we provide initial analysis of the iPhone 5c processor's spectral mapping under different states, a brief survey of published techniques related to iPhone unlock scenarios, and a set of lessons learned and recommended best practices for other researchers who are interested in future EM-based iOS studies.
Liu, Junqiu, Wang, Fei, Zhao, Shuang, Wang, Xin, Chen, Shuhui.  2019.  iMonitor, An APP-Level Traffic Monitoring and Labeling System for iOS Devices. 2019 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). :211—218.
In this paper, we propose the first traffic monitoring and labeling system for iOS devices, named iMonitor, which not just captures mobile network traffic in .pcap files, but also provides comprehensive APP-related and user-related information of captured packets. Through further analysis, one can obtain the exact APP or device where each packet comes from. The labeled traffic can be used in many research areas for mobile security, such as privacy leakage detection and user profiling. Given the implementation methodology of NetworkExtension framework of iOS 9+, APP labels of iMonitor are reliable enough so that labeled traffic can be regarded as training data for any traffic classification methods. Evaluations on real iPhones demonstrate that iMonitor has no notable impact upon user experience even with slight packet latency. Also, the experiment result supports our motivation that mobile traffic monitoring for iOS is absolutely necessary, as traffic generated by different OSes like Android and iOS are different and unreplaceable in researches.
Kellner, Ansgar, Horlboge, Micha, Rieck, Konrad, Wressnegger, Christian.  2019.  False Sense of Security: A Study on the Effectivity of Jailbreak Detection in Banking Apps. 2019 IEEE European Symposium on Security and Privacy (EuroS P). :1—14.
People increasingly rely on mobile devices for banking transactions or two-factor authentication (2FA) and thus trust in the security provided by the underlying operating system. Simultaneously, jailbreaks gain tremendous popularity among regular users for customizing their devices. In this paper, we show that both do not go well together: Jailbreaks remove vital security mechanisms, which are necessary to ensure a trusted environment that allows to protect sensitive data, such as login credentials and transaction numbers (TANs). We find that all but one banking app, available in the iOS App Store, can be fully compromised by trivial means without reverse-engineering, manipulating the app, or other sophisticated attacks. Even worse, 44% of the banking apps do not even try to detect jailbreaks, revealing the prevalent, errant trust in the operating system's security. This study assesses the current state of security of banking apps and pleads for more advanced defensive measures for protecting user data.
2020-07-27
Dangiwa, Bello Ahmed, Kumar, Smitha S.  2018.  A Business Card Reader Application for iOS devices based on Tesseract. 2018 International Conference on Signal Processing and Information Security (ICSPIS). :1–4.
As the accessibility of high-resolution smartphone camera has increased and an improved computational speed, it is now convenient to build Business Card Readers on mobile phones. The project aims to design and develop a Business Card Reader (BCR) Application for iOS devices, using an open-source OCR Engine - Tesseract. The system accuracy was tested and evaluated using a dataset of 55 digital business cards obtained from an online repository. The accuracy result of the system was up to 74% in terms of both text recognition and data detection. A comparative analysis was carried out against a commercial business card reader application and our application performed vastly reasonable.
Liu, Xianyu, Zheng, Min, Pan, Aimin, Lu, Quan.  2018.  Hardening the Core: Understanding and Detection of XNU Kernel Vulnerabilities. 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W). :10–13.
The occurrence of security vulnerabilities in kernel, especially for macOS/iOS kernel XNU, has increased rapidly in recent years. Naturally, concerns were raised due to the high risks they would lead to, which in general are much more serious than common application vulnerabilities. However, discovering XNU kernel vulnerabilities is always very challenging, and the main approach in practice is still manual analysis, which obviously is not a scalable method. In this paper, we perform an in-depth empirical study on the 406 published XNU kernel vulnerabilities to identify distinguishing characteristics of them and then leverage the features to guide our vulnerability detection, i.e., locating suspicious functions. To further improve the efficiency of vulnerability detection, we present KInspector, a new and lightweight framework to detect XNU kernel vulnerabilities by leveraging feedback-based fuzzing techniques. We thoroughly evaluate our approach on XNU with various versions, and the results turn out to be quite promising: 21 N/0-day vulnerabilities have been discovered in our experiments.
Sudozai, M. A. K., Saleem, Shahzad.  2018.  Profiling of secure chat and calling apps from encrypted traffic. 2018 15th International Bhurban Conference on Applied Sciences and Technology (IBCAST). :502–508.
Increased use of secure chat and voice/ video apps has transformed the social life. While the benefits and facilitations are seemingly limitless, so are the asscoiacted vulnerabilities and threats. Besides ensuring confidentiality requirements for common users, known facts of non-readable contents over the network make these apps more attractive for criminals. Though access to contents of cryptograhically secure sessions is not possible, network forensics of secure apps can provide interesting information which can be of great help during criminal invetigations. In this paper, we presented a novel framework of profiling the secure chat and voice/ video calling apps which can be employed to extract hidden patterns about the app, information of involved parties, activities of chatting, voice/ video calls, status indications and notifications while having no information of communication protocol of the app and its security architecture. Signatures of any secure app can be developed though our framework and can become base of a large scale solution. Our methodology is considered very important for different cases of criminal investigations and bussiness intelligence solutions for service provider networks. Our results are applicable to any mobile platform of iOS, android and windows.
Pandey, Ashutosh, Khan, Rijwan, Srivastava, Akhilesh Kumar.  2018.  Challenges in Automation of Test Cases for Mobile Payment Apps. 2018 4th International Conference on Computational Intelligence Communication Technology (CICT). :1–4.
Software Engineering is a field of new challenges every day. With every passing day, new technologies emerge. There was an era of web Applications, but the time has changed and most of the web Applications are available as Mobile Applications as well. The Mobile Applications are either android based or iOS based. To deliver error free, secure and reliable Application, it is necessary to test the Applications properly. Software testing is a phase of software development life cycle, where we test an Application in all aspects. Nowadays different type of tools are available for testing an Application automatically but still we have too many challenges for applying test cases on a given Application. In this paper the authors will discuss the challenges of automation of test cases for a Mobile based payment Application.
Galuppo, Raúl Ignacio, Luna, Carlos, Betarte, Gustavo.  2018.  Security in iOS and Android: A Comparative Analysis. 2018 37th International Conference of the Chilean Computer Science Society (SCCC). :1–8.
This paper presents a detailed analysis of some relevant security features of iOS and Android -the two most popular operating systems for mobile devices- from the perspective of user privacy. In particular, permissions that can be modified at run time on these platforms are analyzed. Additionally, a framework is introduced for permission analysis, a hybrid mobile application that can run on both iOS and Android. The framework, which can be extended, places special emphasis on the relationship between the user's privacy and the permission system.
Gorodnichev, Mikhail G., Kochupalov, Alexander E., Gematudinov, Rinat A..  2018.  Asynchronous Rendering of Texts in iOS Applications. 2018 IEEE International Conference "Quality Management, Transport and Information Security, Information Technologies" (IT QM IS). :643–645.
This article is devoted to new asynchronous methods for rendering text information in mobile applications for iOS operating system.
Adetunji, Akinbobola Oluwaseun, Butakov, Sergey, Zavarsky, Pavol.  2018.  Automated Security Configuration Checklist for Apple iOS Devices Using SCAP v1.2. 2018 International Conference on Platform Technology and Service (PlatCon). :1–6.
The security content automation includes configurations of large number of systems, installation of patches securely, verification of security-related configuration settings, compliance with security policies and regulatory requirements, and ability to respond quickly when new threats are discovered [1]. Although humans are important in information security management, humans sometimes introduce errors and inconsistencies in an organization due to manual nature of their tasks [2]. Security Content Automation Protocol was developed by the U.S. NIST to automate information security management tasks such as vulnerability and patch management, and to achieve continuous monitoring of security configurations in an organization. In this paper, SCAP is employed to develop an automated security configuration checklist for use in verifying Apple iOS device configuration against the defined security baseline to enforce policy compliance in an enterprise.
Dar, Muneer Ahmad, Nisar Bukhari, Syed, Khan, Ummer Iqbal.  2018.  Evaluation of Security and Privacy of Smartphone Users. 2018 Fourth International Conference on Advances in Electrical, Electronics, Information, Communication and Bio-Informatics (AEEICB). :1–4.
The growing use of smart phones has also given opportunity to the intruders to create malicious apps thereby the security and privacy concerns of a novice user has also grown. This research focuses on the privacy concerns of a user who unknowingly installs a malicious apps created by the programmer. In this paper we created an attack scenario and created an app capable of compromising the privacy of the users. After accepting all the permissions by the user while installing the app, the app allows us to track the live location of the Android device and continuously sends the GPS coordinates to the server. This spying app is also capable of sending the call log details of the user. This paper evaluates two leading smart phone operating systems- Android and IOS to find out the flexibility provided by the two operating systems to their programmers to create the malicious apps.
2020-07-16
Gariano, John, Djordjevic, Ivan B..  2019.  Covert Communications-Based Information Reconciliation for Quantum Key Distribution Protocols. 2019 21st International Conference on Transparent Optical Networks (ICTON). :1—5.

The rate at which a secure key can be generated in a quantum key distribution (QKD) protocol is limited by the channel loss and the quantum bit-error rate (QBER). Increases to the QBER can stem from detector noise, channel noise, or the presence of an eavesdropper, Eve. Eve is capable of obtaining information of the unsecure key by performing an attack on the quantum channel or by listening to all discussion performed via a noiseless public channel. Conventionally a QKD protocol will perform the information reconciliation over the authenticated public channel, revealing the parity bits used to correct for any quantum bit errors. In this invited paper, the possibility of limiting the information revealed to Eve during the information reconciliation is considered. Using a covert communication channel for the transmission of the parity bits, secure key rates are possible at much higher QBERs. This is demonstrated through the simulation of a polarization based QKD system implementing the BB84 protocol, showing significant improvement of the SKRs over the conventional QKD protocols.

Kadampot, Ishaque Ashar, Tahmasbi, Mehrdad, Bloch, Matthieu R.  2019.  Codes for Covert Communication over Additive White Gaussian Noise Channels. 2019 IEEE International Symposium on Information Theory (ISIT). :977—981.

We propose a coding scheme for covert communication over additive white Gaussian noise channels, which extends a previous construction for discrete memoryless channels. We first show how sparse signaling with On-Off keying fails to achieve the covert capacity but that a modification allowing the use of binary phase-shift keying for "on" symbols recovers the loss. We then construct a modified pulse-position modulation scheme that, combined with multilevel coding, can achieve the covert capacity with low-complexity error-control codes. The main contribution of this work is to reconcile the tension between diffuse and sparse signaling suggested by earlier information-theoretic results.