This paper presents a computationally efficient real-time trajectory planning framework for typical unmanned combat aerial vehicle (UCAV) performing autonomous air-to-surface (A/S) attack. It combines the benefits...This paper presents a computationally efficient real-time trajectory planning framework for typical unmanned combat aerial vehicle (UCAV) performing autonomous air-to-surface (A/S) attack. It combines the benefits of inverse dynamics optimization method and receding horizon optimal control technique. Firstly, the ground attack trajectory planning problem is mathematically formulated as a receding horizon optimal control problem (RHC-OCP). In particular, an approximate elliptic launch acceptable region (LAR) model is proposed to model the critical weapon delivery constraints. Secondly, a planning algorithm based on inverse dynamics optimization, which has high computational efficiency and good convergence properties, is developed to solve the RHCOCP in real-time. Thirdly, in order to improve robustness and adaptivity in a dynamic and uncer- tain environment, a two-degree-of-freedom (2-DOF) receding horizon control architecture is introduced and a regular real-time update strategy is proposed as well, and the real-time feedback can be achieved and the not-converged situations can be handled. Finally, numerical simulations demon- strate the efficiency of this framework, and the results also show that the presented technique is well suited for real-time implementation in dynamic and uncertain environment.展开更多
We propose a new approach to discuss the consensus problem of multi-agent systems with time-varying delayed control inputs, switching topologies, and stochastic cyber-attacks under hybrid-triggered mechanism.A Bernoul...We propose a new approach to discuss the consensus problem of multi-agent systems with time-varying delayed control inputs, switching topologies, and stochastic cyber-attacks under hybrid-triggered mechanism.A Bernoulli variable is used to describe the hybrid-triggered scheme, which is introduced to alleviate the burden of the network.The mathematical model of the closed-loop control system is established by taking the influences of time-varying delayed control inputs,switching topologies, and stochastic cyber-attacks into account under the hybrid-triggered scheme.A theorem as the main result is given to make the system consistent based on the theory of Lyapunov stability and linear matrix inequality.Markov jumps with uncertain rates of transitions are applied to describe the switch of topologies.Finally, a simulation example demonstrates the feasibility of the theory in this paper.展开更多
Wi-Fi devices have limited battery life because of which conserving battery life is imperative. The 802.11 Wi-Fi standard provides power management feature that allows stations(STAs) to enter into sleep state to prese...Wi-Fi devices have limited battery life because of which conserving battery life is imperative. The 802.11 Wi-Fi standard provides power management feature that allows stations(STAs) to enter into sleep state to preserve energy without any frame losses. After the STA wakes up, it sends a null data or PS-Poll frame to retrieve frame(s) buffered by the access point(AP), if any during its sleep period. An attacker can launch a power save denial of service(PS-DoS) attack on the sleeping STA(s) by transmitting a spoofed null data or PS-Poll frame(s) to retrieve the buffered frame(s) of the sleeping STA(s) from the AP causing frame losses for the targeted STA(s). Current approaches to prevent or detect the PS-DoS attack require encryption,change in protocol or installation of proprietary hardware. These solutions suffer from expensive setup, maintenance, scalability and deployment issues. The PS-DoS attack does not differ in semantics or statistics under normal and attack circumstances.So signature and anomaly based intrusion detection system(IDS) are unfit to detect the PS-DoS attack. In this paper we propose a timed IDS based on real time discrete event system(RTDES) for detecting PS-DoS attack. The proposed DES based IDS overcomes the drawbacks of existing systems and detects the PS-DoS attack with high accuracy and detection rate. The correctness of the RTDES based IDS is proved by experimenting all possible attack scenarios.展开更多
In this paper, we focus on the estimation of time delays caused by adversaries in the sensing loop (SL). Based on the literature review, time delay switch (TDS) attacks could make any control system, in particular a p...In this paper, we focus on the estimation of time delays caused by adversaries in the sensing loop (SL). Based on the literature review, time delay switch (TDS) attacks could make any control system, in particular a power control system, unstable. Therefore, future smart grids will have to use advanced methods to provide better situational awareness of power grid states keeping smart grids reliable and safe from TDS attacks. Here, we introduce a simple method for preventing time delay switch attack on networked control systems. The method relies on an estimator that will estimate and track time delays introduced by an adversary. Knowing the maximum tolerable time delay of the plant’s optimal controller for which the plant remains stable, a time-delay detector issues an alarm signal when the estimated time delay is larger than the minimum one and directs the system to alarm state. In an alarm state, the plant operates under the control of an emergency controller that is local to the plant and remains in this mode until the networked control system state is restored. This method is an inexpensive and simple way to guarantee that an industrial control system remains stable and secure.展开更多
Guidance problems with flight time constraints are considered in this article. A new virtual leader scheme is used for design of guidance laws with time constraints. The core idea of this scheme is to adopt a virtual ...Guidance problems with flight time constraints are considered in this article. A new virtual leader scheme is used for design of guidance laws with time constraints. The core idea of this scheme is to adopt a virtual leader for real missiles to convert a guidance problem with time constraints to a nonlinear tracking problem,thereby making it possible to settle the problem with a variety of control methods. A novel time-constrained guidance (TCG) law, which can control the flight time of missiles to a prescribed time,is designed by using the virtual leader scheme and stability method. The TCG law is a combination of the well-known proportional navigation guidance(PNG) law and the feedback of flight time error. What' s more, this law is free of singularities and hence yields better performances in comparison with optimal guidance laws with time constraints. Nonlinear simulations demonstrate the effectiveness of the proposed law.展开更多
This paper analyses the issue of impact time control of super-cavitation weapons impact fixed targets which mainly refer to the ships or submarines who lost power, but still have combat capability. Control over impact...This paper analyses the issue of impact time control of super-cavitation weapons impact fixed targets which mainly refer to the ships or submarines who lost power, but still have combat capability. Control over impact time constraints of guidance law(ITCG) is derived by using sliding mode control(SMC) and Lyapunov stability theorem. The expected impact time is realized by using the notion of attack process and estimated time-to-go to design sliding mode surface(SMS). ITCG contains equivalent and discontinuous guidance laws, once state variables arrive at SMS,the equivalent guidance law keeps the state variables on SMS,then the discontinuous guidance law enforces state variables to move and reach SMS. The singularity problem of ITCG is also analyzed. Theoretical analysis and numerical simulation results are given to test the effectiveness of ITCG designed in this paper.展开更多
As wireless sensor networks (WSN) are deployed in fire monitoring, object tracking applications, security emerges as a central requirement. A case that Sybil node illegitimately reports messages to the master node w...As wireless sensor networks (WSN) are deployed in fire monitoring, object tracking applications, security emerges as a central requirement. A case that Sybil node illegitimately reports messages to the master node with multiple non-existent identities (ID) will cause harmful effects on decision-making or resource allocation in these applications. In this paper, we present an efficient and lightweight solution for Sybil attack detection based on the time difference of arrival (TDOA) between the source node and beacon nodes. This solution can detect the existence of Sybil attacks, and locate the Sybil nodes. We demonstrate efficiency of the solution through experiments. The experiments show that this solution can detect all Sybil attack cases without missing.展开更多
Cooperative guidance problems of multiple missiles are considered in this article. A cooperative guidance scheme, where coordination algorithms and local guidance laws are combined together, is proposed. This scheme a...Cooperative guidance problems of multiple missiles are considered in this article. A cooperative guidance scheme, where coordination algorithms and local guidance laws are combined together, is proposed. This scheme actually builds up a hierarchical cooperative guidance architecture, which may provide a general solution to the multimissile cooperative guidance problems. In the case of salvo attacks which require missiles to hit the target simultaneously, both centralized and distributed coordination algorithms are derived based on the impact-time-control guidance (ITCG) law. Numerical simulations are performed to demonstrate the effectiveness of the proposed approaches.展开更多
Timing attacks break a cryptosystem by time measurement to recover keys. Most available countermeasures protect block ciphers based on the safety of modules. This paper gives a complete definition of timing attacks an...Timing attacks break a cryptosystem by time measurement to recover keys. Most available countermeasures protect block ciphers based on the safety of modules. This paper gives a complete definition of timing attacks and studies the vulnerability of operations and modules on timing attacks. We present a method to transfer the security of the algorithm to that of secure operations by reduction. As a result, we hopefully tend to reconcile the provable security notions and modem cryptography with real-world implementations of block ciphers.展开更多
In any side-channel attack, it is desirable to exploit all the available leakage data to compute the distinguisher’s values. The profiling phase is essential to obtain an accurate leakage model, yet it may not be exh...In any side-channel attack, it is desirable to exploit all the available leakage data to compute the distinguisher’s values. The profiling phase is essential to obtain an accurate leakage model, yet it may not be exhaustive. As a result, information theoretic distinguishers may come up on previously unseen data, a phenomenon yielding empty bins. A strict application of the maximum likelihood method yields a distinguisher that is not even sound. Ignoring empty bins reestablishes soundness, but seriously limits its performance in terms of success rate. The purpose of this paper is to remedy this situation. In this research, we propose six different techniques to improve the performance of information theoretic distinguishers. We study t</span></span><span style="font-family:Verdana;"><span style="font-family:Verdana;"><span style="font-family:Verdana;">hem thoroughly by applying them to timing attacks, both with synthetic and real leakages. Namely, we compare them in terms of success rate, and show that their performance depends on the amount of profiling, and can be explained by a bias-variance analysis. The result of our work is that there exist use-cases, especially when measurements are noisy, where our novel information theoretic distinguishers (typically the soft-drop distinguisher) perform the best compared to known side-channel distinguishers, despite the empty bin situation.展开更多
Networked Control Systems (NCSs) have been implemented in several different industries. The integration with advanced communication networks and computing techniques allows for the enhancement of efficiency of industr...Networked Control Systems (NCSs) have been implemented in several different industries. The integration with advanced communication networks and computing techniques allows for the enhancement of efficiency of industrial control systems. Despite all the advantages that NCSs bring to industry, they remain at risk to a spectrum of physical and cyber-attacks. In this paper, we elaborate on security vulnerabilities of NCSs, and examine how these vulnerabilities may be exploited when attacks occur. A general model of NCS designed with three different controllers, i.e., proportional-integral-derivative (PID) controllers, Model Predictive control (MPC) and Emotional Learning Controller (ELC) are studied. Then three different types of attacks are applied to evaluate the system performance. For the case study, a networked pacemaker system using the Zeeman nonlinear heart model (ZHM) as the plant combined with the above-mentioned controllers to test the system performance when under attacks. The results show that with Emotional Learning Controller (ELC), the pacemaker is able to track the ECG signal with high fidelity even under different attack scenarios.展开更多
Timing attack is an attack on the implementation of a cryptographic primitive. The attack collects leaked secret data via certain implementation techniques either on software or hardware. This paper provides an analys...Timing attack is an attack on the implementation of a cryptographic primitive. The attack collects leaked secret data via certain implementation techniques either on software or hardware. This paper provides an analysis of a theoretical timing attack on the AAβ algorithm. The attack discussed in this paper gives avenues for secure implementation of AAβ against timing attacks. The simulation of the attack is important to provide invulnerability features for the algorithm in order to be implemented and embedded on applications. At the end of the attack, a method to overcome it will be introduced and it is called AAβ blinding.展开更多
基金supported by the National Defense Foundation of China(No.403060103)
文摘This paper presents a computationally efficient real-time trajectory planning framework for typical unmanned combat aerial vehicle (UCAV) performing autonomous air-to-surface (A/S) attack. It combines the benefits of inverse dynamics optimization method and receding horizon optimal control technique. Firstly, the ground attack trajectory planning problem is mathematically formulated as a receding horizon optimal control problem (RHC-OCP). In particular, an approximate elliptic launch acceptable region (LAR) model is proposed to model the critical weapon delivery constraints. Secondly, a planning algorithm based on inverse dynamics optimization, which has high computational efficiency and good convergence properties, is developed to solve the RHCOCP in real-time. Thirdly, in order to improve robustness and adaptivity in a dynamic and uncer- tain environment, a two-degree-of-freedom (2-DOF) receding horizon control architecture is introduced and a regular real-time update strategy is proposed as well, and the real-time feedback can be achieved and the not-converged situations can be handled. Finally, numerical simulations demon- strate the efficiency of this framework, and the results also show that the presented technique is well suited for real-time implementation in dynamic and uncertain environment.
基金Project supported by the National Natural Science Foundation of China(Grant Nos.61074159 and 61703286)
文摘We propose a new approach to discuss the consensus problem of multi-agent systems with time-varying delayed control inputs, switching topologies, and stochastic cyber-attacks under hybrid-triggered mechanism.A Bernoulli variable is used to describe the hybrid-triggered scheme, which is introduced to alleviate the burden of the network.The mathematical model of the closed-loop control system is established by taking the influences of time-varying delayed control inputs,switching topologies, and stochastic cyber-attacks into account under the hybrid-triggered scheme.A theorem as the main result is given to make the system consistent based on the theory of Lyapunov stability and linear matrix inequality.Markov jumps with uncertain rates of transitions are applied to describe the switch of topologies.Finally, a simulation example demonstrates the feasibility of the theory in this paper.
基金supported by TATA Consultancy Servies(TCS)Research Fellowship Program,India
文摘Wi-Fi devices have limited battery life because of which conserving battery life is imperative. The 802.11 Wi-Fi standard provides power management feature that allows stations(STAs) to enter into sleep state to preserve energy without any frame losses. After the STA wakes up, it sends a null data or PS-Poll frame to retrieve frame(s) buffered by the access point(AP), if any during its sleep period. An attacker can launch a power save denial of service(PS-DoS) attack on the sleeping STA(s) by transmitting a spoofed null data or PS-Poll frame(s) to retrieve the buffered frame(s) of the sleeping STA(s) from the AP causing frame losses for the targeted STA(s). Current approaches to prevent or detect the PS-DoS attack require encryption,change in protocol or installation of proprietary hardware. These solutions suffer from expensive setup, maintenance, scalability and deployment issues. The PS-DoS attack does not differ in semantics or statistics under normal and attack circumstances.So signature and anomaly based intrusion detection system(IDS) are unfit to detect the PS-DoS attack. In this paper we propose a timed IDS based on real time discrete event system(RTDES) for detecting PS-DoS attack. The proposed DES based IDS overcomes the drawbacks of existing systems and detects the PS-DoS attack with high accuracy and detection rate. The correctness of the RTDES based IDS is proved by experimenting all possible attack scenarios.
文摘In this paper, we focus on the estimation of time delays caused by adversaries in the sensing loop (SL). Based on the literature review, time delay switch (TDS) attacks could make any control system, in particular a power control system, unstable. Therefore, future smart grids will have to use advanced methods to provide better situational awareness of power grid states keeping smart grids reliable and safe from TDS attacks. Here, we introduce a simple method for preventing time delay switch attack on networked control systems. The method relies on an estimator that will estimate and track time delays introduced by an adversary. Knowing the maximum tolerable time delay of the plant’s optimal controller for which the plant remains stable, a time-delay detector issues an alarm signal when the estimated time delay is larger than the minimum one and directs the system to alarm state. In an alarm state, the plant operates under the control of an emergency controller that is local to the plant and remains in this mode until the networked control system state is restored. This method is an inexpensive and simple way to guarantee that an industrial control system remains stable and secure.
基金National Natural Science Foundation of China(60674103,60975073)National High-tech Research and Develop-ment Program of China (2006AA04Z260)+1 种基金Research Foundation forDoctoral Program of Higher Education of China (20091102110006 )Aeronautical Science Foundation of China(2008ZC13011)
文摘Guidance problems with flight time constraints are considered in this article. A new virtual leader scheme is used for design of guidance laws with time constraints. The core idea of this scheme is to adopt a virtual leader for real missiles to convert a guidance problem with time constraints to a nonlinear tracking problem,thereby making it possible to settle the problem with a variety of control methods. A novel time-constrained guidance (TCG) law, which can control the flight time of missiles to a prescribed time,is designed by using the virtual leader scheme and stability method. The TCG law is a combination of the well-known proportional navigation guidance(PNG) law and the feedback of flight time error. What' s more, this law is free of singularities and hence yields better performances in comparison with optimal guidance laws with time constraints. Nonlinear simulations demonstrate the effectiveness of the proposed law.
基金supported by the National Natural Science Foundation of China(5137917651679201)
文摘This paper analyses the issue of impact time control of super-cavitation weapons impact fixed targets which mainly refer to the ships or submarines who lost power, but still have combat capability. Control over impact time constraints of guidance law(ITCG) is derived by using sliding mode control(SMC) and Lyapunov stability theorem. The expected impact time is realized by using the notion of attack process and estimated time-to-go to design sliding mode surface(SMS). ITCG contains equivalent and discontinuous guidance laws, once state variables arrive at SMS,the equivalent guidance law keeps the state variables on SMS,then the discontinuous guidance law enforces state variables to move and reach SMS. The singularity problem of ITCG is also analyzed. Theoretical analysis and numerical simulation results are given to test the effectiveness of ITCG designed in this paper.
基金the Specialized Research Foundation for the Doctoral Program of Higher Education(Grant No.20050248043)
文摘As wireless sensor networks (WSN) are deployed in fire monitoring, object tracking applications, security emerges as a central requirement. A case that Sybil node illegitimately reports messages to the master node with multiple non-existent identities (ID) will cause harmful effects on decision-making or resource allocation in these applications. In this paper, we present an efficient and lightweight solution for Sybil attack detection based on the time difference of arrival (TDOA) between the source node and beacon nodes. This solution can detect the existence of Sybil attacks, and locate the Sybil nodes. We demonstrate efficiency of the solution through experiments. The experiments show that this solution can detect all Sybil attack cases without missing.
基金Foundation items: National Natural Science Foundation of China (60674103) Aeronautical Science Foundation of China (2006ZC51026)
文摘Cooperative guidance problems of multiple missiles are considered in this article. A cooperative guidance scheme, where coordination algorithms and local guidance laws are combined together, is proposed. This scheme actually builds up a hierarchical cooperative guidance architecture, which may provide a general solution to the multimissile cooperative guidance problems. In the case of salvo attacks which require missiles to hit the target simultaneously, both centralized and distributed coordination algorithms are derived based on the impact-time-control guidance (ITCG) law. Numerical simulations are performed to demonstrate the effectiveness of the proposed approaches.
基金Supported by the National Natural Science Foun-dation of China(60573031) the Foundation of National Laboratoryfor Modern Communications(51436060205J W0305) the Founda-tion of Senior Visiting Scholarship of Fudan University
文摘Timing attacks break a cryptosystem by time measurement to recover keys. Most available countermeasures protect block ciphers based on the safety of modules. This paper gives a complete definition of timing attacks and studies the vulnerability of operations and modules on timing attacks. We present a method to transfer the security of the algorithm to that of secure operations by reduction. As a result, we hopefully tend to reconcile the provable security notions and modem cryptography with real-world implementations of block ciphers.
文摘In any side-channel attack, it is desirable to exploit all the available leakage data to compute the distinguisher’s values. The profiling phase is essential to obtain an accurate leakage model, yet it may not be exhaustive. As a result, information theoretic distinguishers may come up on previously unseen data, a phenomenon yielding empty bins. A strict application of the maximum likelihood method yields a distinguisher that is not even sound. Ignoring empty bins reestablishes soundness, but seriously limits its performance in terms of success rate. The purpose of this paper is to remedy this situation. In this research, we propose six different techniques to improve the performance of information theoretic distinguishers. We study t</span></span><span style="font-family:Verdana;"><span style="font-family:Verdana;"><span style="font-family:Verdana;">hem thoroughly by applying them to timing attacks, both with synthetic and real leakages. Namely, we compare them in terms of success rate, and show that their performance depends on the amount of profiling, and can be explained by a bias-variance analysis. The result of our work is that there exist use-cases, especially when measurements are noisy, where our novel information theoretic distinguishers (typically the soft-drop distinguisher) perform the best compared to known side-channel distinguishers, despite the empty bin situation.
文摘Networked Control Systems (NCSs) have been implemented in several different industries. The integration with advanced communication networks and computing techniques allows for the enhancement of efficiency of industrial control systems. Despite all the advantages that NCSs bring to industry, they remain at risk to a spectrum of physical and cyber-attacks. In this paper, we elaborate on security vulnerabilities of NCSs, and examine how these vulnerabilities may be exploited when attacks occur. A general model of NCS designed with three different controllers, i.e., proportional-integral-derivative (PID) controllers, Model Predictive control (MPC) and Emotional Learning Controller (ELC) are studied. Then three different types of attacks are applied to evaluate the system performance. For the case study, a networked pacemaker system using the Zeeman nonlinear heart model (ZHM) as the plant combined with the above-mentioned controllers to test the system performance when under attacks. The results show that with Emotional Learning Controller (ELC), the pacemaker is able to track the ECG signal with high fidelity even under different attack scenarios.
基金Aeknowledgements: This paper was supported by the National Natural Science Foundation of China (No. 60772082), the Natural Science Foundation of Hebei Province. China (No. 08M010), the Science Research Foundation of Ordnance Engineering The author gratefully acknowledges DENG Gao-ming for discussions which inspired this research, LI Hua for his advice, and the (anonymous) referees for their suggestions.
文摘Timing attack is an attack on the implementation of a cryptographic primitive. The attack collects leaked secret data via certain implementation techniques either on software or hardware. This paper provides an analysis of a theoretical timing attack on the AAβ algorithm. The attack discussed in this paper gives avenues for secure implementation of AAβ against timing attacks. The simulation of the attack is important to provide invulnerability features for the algorithm in order to be implemented and embedded on applications. At the end of the attack, a method to overcome it will be introduced and it is called AAβ blinding.
