The adoption of deep learning-based side-channel analysis(DL-SCA)is crucial for leak detection in secure products.Many previous studies have applied this method to break targets protected with countermeasures.Despite ...The adoption of deep learning-based side-channel analysis(DL-SCA)is crucial for leak detection in secure products.Many previous studies have applied this method to break targets protected with countermeasures.Despite the increasing number of studies,the problem of model overfitting.Recent research mainly focuses on exploring hyperparameters and network architectures,while offering limited insights into the effects of external factors on side-channel attacks,such as the number and type of models.This paper proposes a Side-channel Analysis method based on a Stacking ensemble,called Stacking-SCA.In our method,multiple models are deeply integrated.Through the extended application of base models and the meta-model,Stacking-SCA effectively improves the output class probabilities of the model,leading to better generalization.Furthermore,this method shows that the attack performance is sensitive to changes in the number of models.Next,five independent subsets are extracted from the original ASCAD database as multi-segment datasets,which are mutually independent.This method shows how these subsets are used as inputs for Stacking-SCA to enhance its attack convergence.The experimental results show that Stacking-SCA outperforms the current state-of-the-art results on several considered datasets,significantly reducing the number of attack traces required to achieve a guessing entropy of 1.Additionally,different hyperparameter sizes are adjusted to further validate the robustness of the method.展开更多
Recently,several PC oracle based side-channel attacks have been proposed against Kyber.However,most of them focus on unprotected implementations and masking is considered as a counter-measure.In this study,we extend P...Recently,several PC oracle based side-channel attacks have been proposed against Kyber.However,most of them focus on unprotected implementations and masking is considered as a counter-measure.In this study,we extend PC oracle based side-channel attacks to the second-order scenario and successfully conduct key-recovery attacks on the first-order masked Kyber.Firstly,we analyze the potential joint information leakage.Inspired by the binary PC oracle based attack proposed by Qin et al.at Asiacrypt 2021,we identify the 1-bit leakage scenario in the masked Keccak implementation.Moreover,we modify the ciphertexts construction described by Tanaka et al.at CHES 2023,extending the leakage scenario from 1-bit to 32-bit.With the assistance of TVLA,we validate these leakages through experiments.Secondly,for these two scenarios,we construct a binary PC oracle based on t-test and a multiple-valued PC oracle based on neural networks.Furthermore,we conduct practical side-channel attacks on masked Kyber by utilizing our oracles,with the implementation running on an ARM Cortex-M4 microcontroller.The demonstrated attacks require a minimum of 15788 and 648 traces to fully recover the key of Kyber768 in the 1-bit leakage scenario and the 32-bit leakage scenario,respectively.Our analysis may also be extended to attack other post-quantum schemes that use the same masked hash function.Finally,we apply the shuffling strategy to the first-order masked imple-mentation of the Kyber and perform leakage tests.Experimental results show that the combination strategy of shuffling and masking can effectively resist our proposed attacks.展开更多
The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from ...The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from the victim and 2) exfiltrate data from compromised machines. Attack strategies of this nature on the greater power grid and building infrastructure levels have been shown to be a serious threat. This project further explores this concept of a novel attack vector by creating a new type of penetration testing tool: an USB power adapter capable of remote monitoring of device power consumption and communicating through powerline communications.展开更多
A side-channel attack(SCA)-resistant AES S-box implementation is proposed,which is an improvement from the power-aware hiding(PAH)S-box but with higher security and a smaller area.We use the composite field approach a...A side-channel attack(SCA)-resistant AES S-box implementation is proposed,which is an improvement from the power-aware hiding(PAH)S-box but with higher security and a smaller area.We use the composite field approach and apply the PAH method to the inversion in the nonlinear kernel and a masking method to the other parts.In addition,a delaymatched enable control technique is used to suppress glitches in the masked parts.The evaluation results show that its area is contracted to 63.3%of the full PAH S-box,and its power-delay product is much lower than that of the masking implementation.The leakage assessment using simulation power traces concludes that it has no detectable leakage under t-test and that it at least can thwart the moment-correlation analysis using 665000 noiseless traces.展开更多
Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequen...Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequence of bit-strings representing the scalar k, characterized by the fact that all bit-strings are different from zero; this property will ensure a uniform computation behavior for the algorithm, and thus will make it secure against simple power analysis attacks (SPA). With other randomization techniques, the proposed countermeasures do not penalize the computation time. The proposed scheme is more efficient than MOEller's one, its cost being about 5% to 10% smaller than MOEller's one.展开更多
An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNA...An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNAF) algorithm is proposed to secure ECC scalar multiplication from these attacks. This algorithm adopts the fractional window method and probabilistic SPA scheme to reconfigure the pre-computed table, and it allows designers to make a dynamic configuration on pre-computed table. And then, it is enhanced to resist SPA, DPA, RPA and ZPA attacks by using the random masking method. Compared with the WBRIP and EBRIP methods, our proposals has the lowest total computation cost and reduce the shake phenomenon due to sharp fluctuation on computation performance.展开更多
Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immedi...Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immediate deployment due to their requirement for modification of virtualization structure, we adopt dynamic migration, an inherent mechanism of the cloud platform, as a general defense against this kind of threats. To this end, we first set up a unified practical information leakage model which shows the factors affecting side channels and describes the way they influence the damage due to side-channel attacks. Since migration is adopted to limit the time duration of co-residency, we envision this defense as an optimization problem by setting up an Integer Linear Programming(ILP) to calculate optimal migration strategy, which is intractable due to high computational complexity. Therefore, we approximate the ILP with a baseline genetic algorithm, which is further improved for its optimality and scalability. Experimental results show that our migration-based defense can not only provide excellent security guarantees and affordable performance cost in both theoretical simulation and practical cloud environment, but also achieve better optimality and scalability than previous countermeasures.展开更多
Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement i...Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement is usually not met.In this paper,an attack algorithm based on collaborative learning is proposed.The algorithm only needs to use a small number of labeled power traces to cooperate with the unlabeled power trace to realize the attack to cryptographic device.By experimenting with the DPA contest V4 dataset,the results show that the algorithm can improve the accuracy by about 20%compared with the pure supervised learning in the case of using only 10 labeled power traces.展开更多
Mobile devices within Fifth Generation(5G)networks,typically equipped with Android systems,serve as a bridge to connect digital gadgets such as global positioning system,mobile devices,and wireless routers,which are v...Mobile devices within Fifth Generation(5G)networks,typically equipped with Android systems,serve as a bridge to connect digital gadgets such as global positioning system,mobile devices,and wireless routers,which are vital in facilitating end-user communication requirements.However,the security of Android systems has been challenged by the sensitive data involved,leading to vulnerabilities in mobile devices used in 5G networks.These vulnerabilities expose mobile devices to cyber-attacks,primarily resulting from security gaps.Zero-permission apps in Android can exploit these channels to access sensitive information,including user identities,login credentials,and geolocation data.One such attack leverages“zero-permission”sensors like accelerometers and gyroscopes,enabling attackers to gather information about the smartphone’s user.This underscores the importance of fortifying mobile devices against potential future attacks.Our research focuses on a new recurrent neural network prediction model,which has proved highly effective for detecting sidechannel attacks in mobile devices in 5G networks.We conducted state-of-the-art comparative studies to validate our experimental approach.The results demonstrate that even a small amount of training data can accurately recognize 37.5%of previously unseen user-typed words.Moreover,our tap detection mechanism achieves a 92%accuracy rate,a crucial factor for text inference.These findings have significant practical implications,as they reinforce mobile device security in 5G networks,enhancing user privacy,and data protection.展开更多
Fault attacks have emerged as an increasingly effective approach for integrated circuit security attacks due to their short execution time and minimal data requirement.However,the lack of a unified leakage model remai...Fault attacks have emerged as an increasingly effective approach for integrated circuit security attacks due to their short execution time and minimal data requirement.However,the lack of a unified leakage model remains a critical challenge,as existing methods often rely on algorithm-specific details or prior knowledge of plaintexts and intermediate values.This paper proposes the Fault Probability Model based on Hamming Weight(FPHW)to address this.This novel statistical framework quantifies fault attacks by solely analyzing the statistical response of the target device,eliminating the need for attack algorithm details or implementation specifics.Building on this model,a Fault Injection Attack method based on Mutual Information(FPMIA)is introduced,which recovers keys by leveraging the mutual information between measured fault probability traces and simulated leakage derived from Hamming weight,reducing data requirements by at least 44%compared to the existing Mutual Information Analysis method while achieving a high correlation coefficient of 0.9403 between measured and modeled fault probabilities.Experimental validation on an AES-128 implementation via a Microcontroller Unit demonstrates that FPHW accurately captures the data dependence of fault probability and FPMIA achieves efficient key recovery with robust noise tolerance,establishing a unified and efficient framework that surpasses traditional methods in terms of generality,data efficiency,and practical applicability.展开更多
Incremental search provides real-time suggestions as users type their queries.However,recent studies demonstrate that its encrypted search traffic can disclose privacy-sensitive data through side channels.Specifically...Incremental search provides real-time suggestions as users type their queries.However,recent studies demonstrate that its encrypted search traffic can disclose privacy-sensitive data through side channels.Specifically,attackers can derive information about user keystrokes from observable traffic features,like packet sizes,timings,and directions,thereby inferring the victim's entered search query.This vulnerability is known as a remote keystroke inference attack.While various attacks leveraging different traffic features have been developed,accompanied by obfuscation-based countermeasures,there is still a lack of overall and in-depth understanding regarding these attacks and defenses.To fill this gap,we conduct the first comprehensive evaluation of existing remote keystroke inference attacks and defenses.We carry out extensive experiments on five well-known incremental search websites.all listed in Alexa's top 50,to evaluate and compare their realworld performance.The results demonstrate that attacks utilizing multidimensional request features pose the greatest risk to user privacy,and random padding is currently considered the optimal defense balancing both efficacy and resource demands.Our work sheds light on the real-world implications of remote keystroke inference attacks and provides developers with guidelines to enhance privacy protection strategies.展开更多
This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method...This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method is employed to achieve secure control by estimating the system's state in real time.Secondly,by combining a memory-based adaptive eventtriggered mechanism with neural networks,the paper aims to approximate the nonlinear terms in the networked system and efficiently conserve system resources.Finally,based on a two-degree-of-freedom model of a vehicle affected by crosswinds,this paper constructs a multi-unmanned ground vehicle(Multi-UGV)system to validate the effectiveness of the proposed method.Simulation results show that the proposed control strategy can effectively handle external disturbances such as crosswinds in practical applications,ensuring the stability and reliable operation of the Multi-UGV system.展开更多
The rapid proliferation of electric vehicle(EV)charging infrastructure introduces critical cybersecurity vulnerabilities to power grids system.This study presents an innovative anomaly detection framework for EV charg...The rapid proliferation of electric vehicle(EV)charging infrastructure introduces critical cybersecurity vulnerabilities to power grids system.This study presents an innovative anomaly detection framework for EV charging stations,addressing the unique challenges posed by third-party aggregation platforms.Our approach integrates node equations-based on the parameter identification with a novel deep learning model,xDeepCIN,to detect abnormal data reporting indicative of aggregation attacks.We employ a graph-theoretic approach to model EV charging networks and utilize Markov Chain Monte Carlo techniques for accurate parameter estimation.The xDeepCIN model,incorporating a Compressed Interaction Network,has the ability to capture complex feature interactions in sparse,high-dimensional charging data.Experimental results on both proprietary and public datasets demonstrate significant improvements in anomaly detection performance,with F1-scores increasing by up to 32.3%for specific anomaly types compared to traditional methods,such as wide&deep and DeepFM(Factorization-Machine).Our framework exhibits robust scalability,effectively handling networks ranging from 8 to 85 charging points.Furthermore,we achieve real-time monitoring capabilities,with parameter identification completing within seconds for networks up to 1000 nodes.This research contributes to enhancing the security and reliability of renewable energy systems against evolving cyber threats,offering a comprehensive solution for safeguarding the rapidly expanding EV charging infrastructure.展开更多
Watermarking is embedding visible or invisible data within media to verify its authenticity or protect copyright.The watermark is embedded in significant spatial or frequency features of the media to make it more resi...Watermarking is embedding visible or invisible data within media to verify its authenticity or protect copyright.The watermark is embedded in significant spatial or frequency features of the media to make it more resistant to intentional or unintentional modification.Some of these features are important perceptual features according to the human visual system(HVS),which means that the embedded watermark should be imperceptible in these features.Therefore,both the designers of watermarking algorithms and potential attackers must consider these perceptual features when carrying out their actions.The two roles will be considered in this paper when designing a robust watermarking algorithm against the most harmful attacks,like volumetric scaling,histogram equalization,and non-conventional watermarking attacks like the Denoising Convolution Neural Network(DnCNN),which must be considered in watermarking algorithm design due to its rising role in the state-of-the-art attacks.The DnCNN is initialized and trained using watermarked image samples created by our proposed Covert and Severe Attacks Resistant Watermarking Algorithm(CSRWA)to prove its robustness.For this algorithm to satisfy the robustness and imperceptibility tradeoff,implementing the Dither Modulation(DM)algorithm is boosted by utilizing the Just Noticeable Distortion(JND)principle to get an improved performance in this sense.Sensitivity,luminance,inter and intra-block contrast are used to adjust the JND values.展开更多
Unsteady aerodynamic characteristics at high angles of attack are of great importance to the design and development of advanced fighter aircraft, which are characterized by post-stall maneuverability with multiple Deg...Unsteady aerodynamic characteristics at high angles of attack are of great importance to the design and development of advanced fighter aircraft, which are characterized by post-stall maneuverability with multiple Degrees-of-Freedom(multi-DOF) and complex flow field structure.In this paper, a special kind of cable-driven parallel mechanism is firstly utilized as a new suspension method to conduct unsteady dynamic wind tunnel tests at high angles of attack, thereby providing experimental aerodynamic data. These tests include a wide range of multi-DOF coupled oscillatory motions with various amplitudes and frequencies. Then, for aerodynamic modeling and analysis, a novel data-driven Feature-Level Attention Recurrent neural network(FLAR) is proposed. This model incorporates a specially designed feature-level attention module that focuses on the state variables affecting the aerodynamic coefficients, thereby enhancing the physical interpretability of the aerodynamic model. Subsequently, spin maneuver simulations, using a mathematical model as the baseline, are conducted to validate the effectiveness of the FLAR. Finally, the results on wind tunnel data reveal that the FLAR accurately predicts aerodynamic coefficients, and observations through the visualization of attention scores identify the key state variables that affect the aerodynamic coefficients. It is concluded that the proposed FLAR enhances the interpretability of the aerodynamic model while achieving good prediction accuracy and generalization capability for multi-DOF coupling motion at high angles of attack.展开更多
The paper presents experimental investigation results of crack pattern change in cement pastes caused by external sulfate attack(ESA).To visualize the formation and development of cracks in cement pastes under ESA,an ...The paper presents experimental investigation results of crack pattern change in cement pastes caused by external sulfate attack(ESA).To visualize the formation and development of cracks in cement pastes under ESA,an X-ray computed tomography(X-ray CT)was used,i e,the tomography system of Zeiss Xradia 510 versa.The results indicate that X-CT can monitor the development process and distribution characteristics of the internal cracks of cement pastes under ESA with attack time.In addition,the C3A content in the cement significantly affects the damage mode of cement paste specimens during sulfate erosion.The damage of ordinary Portland cement(OPC)pastes subjected to sulfate attack with high C3A content are severe,while the damage of sulfate resistant Portland cement(SRPC)pastes is much smaller than that of OPC pastes.Furthermore,a quadratic function describes the correlation between the crack volume fraction and development depth for two cement pastes immermed in sulfate solution.展开更多
To improve the vertical axis wind turbine(VAWT)design,the angle of attack(AOA)and airfoil data must be treated correctly.The present paper develops a method for determining AOA on a VAWT based on computational fluid d...To improve the vertical axis wind turbine(VAWT)design,the angle of attack(AOA)and airfoil data must be treated correctly.The present paper develops a method for determining AOA on a VAWT based on computational fluid dynamics(CFD)analysis.First,a CFD analysis of a two-bladed VAWT equipped with a NACA 0012 airfoil is conducted.The thrust and power coefficients are validated through experiments.Second,the blade force and velocity data at monitoring points are collected.The AOA at different azimuth angles is determined by removing the blade self-induction at the monitoring point.Then,the lift and drag coefficients as a function of AOA are extracted.Results show that this method is independent of the monitoring points selection located at certain distance to the blades and the extracted dynamic stall hysteresis is more precise than the one with the“usual”method without considering the self-induction from bound vortices.展开更多
Previous studies have shown that deep learning is very effective in detecting known attacks.However,when facing unknown attacks,models such as Deep Neural Networks(DNN)combined with Long Short-Term Memory(LSTM),Convol...Previous studies have shown that deep learning is very effective in detecting known attacks.However,when facing unknown attacks,models such as Deep Neural Networks(DNN)combined with Long Short-Term Memory(LSTM),Convolutional Neural Networks(CNN)combined with LSTM,and so on are built by simple stacking,which has the problems of feature loss,low efficiency,and low accuracy.Therefore,this paper proposes an autonomous detectionmodel for Distributed Denial of Service attacks,Multi-Scale Convolutional Neural Network-Bidirectional Gated Recurrent Units-Single Headed Attention(MSCNN-BiGRU-SHA),which is based on a Multistrategy Integrated Zebra Optimization Algorithm(MI-ZOA).The model undergoes training and testing with the CICDDoS2019 dataset,and its performance is evaluated on a new GINKS2023 dataset.The hyperparameters for Conv_filter and GRU_unit are optimized using the Multi-strategy Integrated Zebra Optimization Algorithm(MIZOA).The experimental results show that the test accuracy of the MSCNN-BiGRU-SHA model based on the MIZOA proposed in this paper is as high as 0.9971 in the CICDDoS 2019 dataset.The evaluation accuracy of the new dataset GINKS2023 created in this paper is 0.9386.Compared to the MSCNN-BiGRU-SHA model based on the Zebra Optimization Algorithm(ZOA),the detection accuracy on the GINKS2023 dataset has improved by 5.81%,precisionhas increasedby 1.35%,the recallhas improvedby 9%,and theF1scorehas increasedby 5.55%.Compared to the MSCNN-BiGRU-SHA models developed using Grid Search,Random Search,and Bayesian Optimization,the MSCNN-BiGRU-SHA model optimized with the MI-ZOA exhibits better performance in terms of accuracy,precision,recall,and F1 score.展开更多
As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. Ther...As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.展开更多
This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional m...This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional methods by considering both denial-of-service(DoS)and false data injection(FDI)attacks simultaneously.Additionally,the stability conditions for the system under these hybrid attacks are established.It is technically challenging to design the control strategy by predicting attacker actions based on Stcakelberg game to ensure the system stability under hybrid attacks.Another technical difficulty lies in establishing the conditions for mean-square asymptotic stability due to the complexity of the attack scenarios Finally,simulations on an unstable batch reactor system under hybrid attacks demonstrate the effectiveness of the proposed strategy.展开更多
基金supported by the Hunan Provincial Natural Science Foundation of China(2022JJ30103)“the 14th Five-Year Plan”Key Disciplines and Application-Oriented Special Disciplines of Hunan Province(Xiangjiaotong[2022]351)the Science and Technology Innovation Program of Hunan Province(2016TP1020).
文摘The adoption of deep learning-based side-channel analysis(DL-SCA)is crucial for leak detection in secure products.Many previous studies have applied this method to break targets protected with countermeasures.Despite the increasing number of studies,the problem of model overfitting.Recent research mainly focuses on exploring hyperparameters and network architectures,while offering limited insights into the effects of external factors on side-channel attacks,such as the number and type of models.This paper proposes a Side-channel Analysis method based on a Stacking ensemble,called Stacking-SCA.In our method,multiple models are deeply integrated.Through the extended application of base models and the meta-model,Stacking-SCA effectively improves the output class probabilities of the model,leading to better generalization.Furthermore,this method shows that the attack performance is sensitive to changes in the number of models.Next,five independent subsets are extracted from the original ASCAD database as multi-segment datasets,which are mutually independent.This method shows how these subsets are used as inputs for Stacking-SCA to enhance its attack convergence.The experimental results show that Stacking-SCA outperforms the current state-of-the-art results on several considered datasets,significantly reducing the number of attack traces required to achieve a guessing entropy of 1.Additionally,different hyperparameter sizes are adjusted to further validate the robustness of the method.
基金National Natural Science Foundation of China(62472397)Innovation Program for Quantum Science and Technology(2021ZD0302902)。
文摘Recently,several PC oracle based side-channel attacks have been proposed against Kyber.However,most of them focus on unprotected implementations and masking is considered as a counter-measure.In this study,we extend PC oracle based side-channel attacks to the second-order scenario and successfully conduct key-recovery attacks on the first-order masked Kyber.Firstly,we analyze the potential joint information leakage.Inspired by the binary PC oracle based attack proposed by Qin et al.at Asiacrypt 2021,we identify the 1-bit leakage scenario in the masked Keccak implementation.Moreover,we modify the ciphertexts construction described by Tanaka et al.at CHES 2023,extending the leakage scenario from 1-bit to 32-bit.With the assistance of TVLA,we validate these leakages through experiments.Secondly,for these two scenarios,we construct a binary PC oracle based on t-test and a multiple-valued PC oracle based on neural networks.Furthermore,we conduct practical side-channel attacks on masked Kyber by utilizing our oracles,with the implementation running on an ARM Cortex-M4 microcontroller.The demonstrated attacks require a minimum of 15788 and 648 traces to fully recover the key of Kyber768 in the 1-bit leakage scenario and the 32-bit leakage scenario,respectively.Our analysis may also be extended to attack other post-quantum schemes that use the same masked hash function.Finally,we apply the shuffling strategy to the first-order masked imple-mentation of the Kyber and perform leakage tests.Experimental results show that the combination strategy of shuffling and masking can effectively resist our proposed attacks.
文摘The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from the victim and 2) exfiltrate data from compromised machines. Attack strategies of this nature on the greater power grid and building infrastructure levels have been shown to be a serious threat. This project further explores this concept of a novel attack vector by creating a new type of penetration testing tool: an USB power adapter capable of remote monitoring of device power consumption and communicating through powerline communications.
基金This work was supported by the National Science and Technology Major Project of China(2017ZX01030301).
文摘A side-channel attack(SCA)-resistant AES S-box implementation is proposed,which is an improvement from the power-aware hiding(PAH)S-box but with higher security and a smaller area.We use the composite field approach and apply the PAH method to the inversion in the nonlinear kernel and a masking method to the other parts.In addition,a delaymatched enable control technique is used to suppress glitches in the masked parts.The evaluation results show that its area is contracted to 63.3%of the full PAH S-box,and its power-delay product is much lower than that of the masking implementation.The leakage assessment using simulation power traces concludes that it has no detectable leakage under t-test and that it at least can thwart the moment-correlation analysis using 665000 noiseless traces.
基金Supported by the National Natural ScienceFoundation of China (60473029)
文摘Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequence of bit-strings representing the scalar k, characterized by the fact that all bit-strings are different from zero; this property will ensure a uniform computation behavior for the algorithm, and thus will make it secure against simple power analysis attacks (SPA). With other randomization techniques, the proposed countermeasures do not penalize the computation time. The proposed scheme is more efficient than MOEller's one, its cost being about 5% to 10% smaller than MOEller's one.
基金supported by the National Natural Science Foundation of China(60373109)Ministry of Science and Technologyof China and the National Commercial Cryptography Application Technology Architecture and Application DemonstrationProject(2008BAA22B02).
文摘An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNAF) algorithm is proposed to secure ECC scalar multiplication from these attacks. This algorithm adopts the fractional window method and probabilistic SPA scheme to reconfigure the pre-computed table, and it allows designers to make a dynamic configuration on pre-computed table. And then, it is enhanced to resist SPA, DPA, RPA and ZPA attacks by using the random masking method. Compared with the WBRIP and EBRIP methods, our proposals has the lowest total computation cost and reduce the shake phenomenon due to sharp fluctuation on computation performance.
基金supported by the National Key Research and Development Program of China (2018YFB0804004)the Foundation of the National Natural Science Foundation of China (61602509)+1 种基金the Foundation for Innovative Research Groups of the National Natural Science Foundation of China (61521003)the Key Technologies Research and Development Program of Henan Province of China (172102210615)
文摘Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immediate deployment due to their requirement for modification of virtualization structure, we adopt dynamic migration, an inherent mechanism of the cloud platform, as a general defense against this kind of threats. To this end, we first set up a unified practical information leakage model which shows the factors affecting side channels and describes the way they influence the damage due to side-channel attacks. Since migration is adopted to limit the time duration of co-residency, we envision this defense as an optimization problem by setting up an Integer Linear Programming(ILP) to calculate optimal migration strategy, which is intractable due to high computational complexity. Therefore, we approximate the ILP with a baseline genetic algorithm, which is further improved for its optimality and scalability. Experimental results show that our migration-based defense can not only provide excellent security guarantees and affordable performance cost in both theoretical simulation and practical cloud environment, but also achieve better optimality and scalability than previous countermeasures.
文摘Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement is usually not met.In this paper,an attack algorithm based on collaborative learning is proposed.The algorithm only needs to use a small number of labeled power traces to cooperate with the unlabeled power trace to realize the attack to cryptographic device.By experimenting with the DPA contest V4 dataset,the results show that the algorithm can improve the accuracy by about 20%compared with the pure supervised learning in the case of using only 10 labeled power traces.
基金supported by Universiti Kebangsaan Malaysia(No.GUP 2023-010).
文摘Mobile devices within Fifth Generation(5G)networks,typically equipped with Android systems,serve as a bridge to connect digital gadgets such as global positioning system,mobile devices,and wireless routers,which are vital in facilitating end-user communication requirements.However,the security of Android systems has been challenged by the sensitive data involved,leading to vulnerabilities in mobile devices used in 5G networks.These vulnerabilities expose mobile devices to cyber-attacks,primarily resulting from security gaps.Zero-permission apps in Android can exploit these channels to access sensitive information,including user identities,login credentials,and geolocation data.One such attack leverages“zero-permission”sensors like accelerometers and gyroscopes,enabling attackers to gather information about the smartphone’s user.This underscores the importance of fortifying mobile devices against potential future attacks.Our research focuses on a new recurrent neural network prediction model,which has proved highly effective for detecting sidechannel attacks in mobile devices in 5G networks.We conducted state-of-the-art comparative studies to validate our experimental approach.The results demonstrate that even a small amount of training data can accurately recognize 37.5%of previously unseen user-typed words.Moreover,our tap detection mechanism achieves a 92%accuracy rate,a crucial factor for text inference.These findings have significant practical implications,as they reinforce mobile device security in 5G networks,enhancing user privacy,and data protection.
文摘Fault attacks have emerged as an increasingly effective approach for integrated circuit security attacks due to their short execution time and minimal data requirement.However,the lack of a unified leakage model remains a critical challenge,as existing methods often rely on algorithm-specific details or prior knowledge of plaintexts and intermediate values.This paper proposes the Fault Probability Model based on Hamming Weight(FPHW)to address this.This novel statistical framework quantifies fault attacks by solely analyzing the statistical response of the target device,eliminating the need for attack algorithm details or implementation specifics.Building on this model,a Fault Injection Attack method based on Mutual Information(FPMIA)is introduced,which recovers keys by leveraging the mutual information between measured fault probability traces and simulated leakage derived from Hamming weight,reducing data requirements by at least 44%compared to the existing Mutual Information Analysis method while achieving a high correlation coefficient of 0.9403 between measured and modeled fault probabilities.Experimental validation on an AES-128 implementation via a Microcontroller Unit demonstrates that FPHW accurately captures the data dependence of fault probability and FPMIA achieves efficient key recovery with robust noise tolerance,establishing a unified and efficient framework that surpasses traditional methods in terms of generality,data efficiency,and practical applicability.
基金supported by the National Natural Science Foundation of China(Nos.62172027 and U24B20117)the Zhejiang Provincial Natural Science Foundation of China(No.LZ23F020013)the National Key R&D Program of China(No.2020YFB1005601).
文摘Incremental search provides real-time suggestions as users type their queries.However,recent studies demonstrate that its encrypted search traffic can disclose privacy-sensitive data through side channels.Specifically,attackers can derive information about user keystrokes from observable traffic features,like packet sizes,timings,and directions,thereby inferring the victim's entered search query.This vulnerability is known as a remote keystroke inference attack.While various attacks leveraging different traffic features have been developed,accompanied by obfuscation-based countermeasures,there is still a lack of overall and in-depth understanding regarding these attacks and defenses.To fill this gap,we conduct the first comprehensive evaluation of existing remote keystroke inference attacks and defenses.We carry out extensive experiments on five well-known incremental search websites.all listed in Alexa's top 50,to evaluate and compare their realworld performance.The results demonstrate that attacks utilizing multidimensional request features pose the greatest risk to user privacy,and random padding is currently considered the optimal defense balancing both efficacy and resource demands.Our work sheds light on the real-world implications of remote keystroke inference attacks and provides developers with guidelines to enhance privacy protection strategies.
基金The National Natural Science Foundation of China(W2431048)The Science and Technology Research Program of Chongqing Municipal Education Commission,China(KJZDK202300807)The Chongqing Natural Science Foundation,China(CSTB2024NSCQQCXMX0052).
文摘This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method is employed to achieve secure control by estimating the system's state in real time.Secondly,by combining a memory-based adaptive eventtriggered mechanism with neural networks,the paper aims to approximate the nonlinear terms in the networked system and efficiently conserve system resources.Finally,based on a two-degree-of-freedom model of a vehicle affected by crosswinds,this paper constructs a multi-unmanned ground vehicle(Multi-UGV)system to validate the effectiveness of the proposed method.Simulation results show that the proposed control strategy can effectively handle external disturbances such as crosswinds in practical applications,ensuring the stability and reliable operation of the Multi-UGV system.
基金supported by Jiangsu Provincial Science and Technology Project,grant number J2023124.Jing Guo received this grant,the URLs of sponsors’website is https://kxjst.jiangsu.gov.cn/(accessed on 06 June 2024).
文摘The rapid proliferation of electric vehicle(EV)charging infrastructure introduces critical cybersecurity vulnerabilities to power grids system.This study presents an innovative anomaly detection framework for EV charging stations,addressing the unique challenges posed by third-party aggregation platforms.Our approach integrates node equations-based on the parameter identification with a novel deep learning model,xDeepCIN,to detect abnormal data reporting indicative of aggregation attacks.We employ a graph-theoretic approach to model EV charging networks and utilize Markov Chain Monte Carlo techniques for accurate parameter estimation.The xDeepCIN model,incorporating a Compressed Interaction Network,has the ability to capture complex feature interactions in sparse,high-dimensional charging data.Experimental results on both proprietary and public datasets demonstrate significant improvements in anomaly detection performance,with F1-scores increasing by up to 32.3%for specific anomaly types compared to traditional methods,such as wide&deep and DeepFM(Factorization-Machine).Our framework exhibits robust scalability,effectively handling networks ranging from 8 to 85 charging points.Furthermore,we achieve real-time monitoring capabilities,with parameter identification completing within seconds for networks up to 1000 nodes.This research contributes to enhancing the security and reliability of renewable energy systems against evolving cyber threats,offering a comprehensive solution for safeguarding the rapidly expanding EV charging infrastructure.
文摘Watermarking is embedding visible or invisible data within media to verify its authenticity or protect copyright.The watermark is embedded in significant spatial or frequency features of the media to make it more resistant to intentional or unintentional modification.Some of these features are important perceptual features according to the human visual system(HVS),which means that the embedded watermark should be imperceptible in these features.Therefore,both the designers of watermarking algorithms and potential attackers must consider these perceptual features when carrying out their actions.The two roles will be considered in this paper when designing a robust watermarking algorithm against the most harmful attacks,like volumetric scaling,histogram equalization,and non-conventional watermarking attacks like the Denoising Convolution Neural Network(DnCNN),which must be considered in watermarking algorithm design due to its rising role in the state-of-the-art attacks.The DnCNN is initialized and trained using watermarked image samples created by our proposed Covert and Severe Attacks Resistant Watermarking Algorithm(CSRWA)to prove its robustness.For this algorithm to satisfy the robustness and imperceptibility tradeoff,implementing the Dither Modulation(DM)algorithm is boosted by utilizing the Just Noticeable Distortion(JND)principle to get an improved performance in this sense.Sensitivity,luminance,inter and intra-block contrast are used to adjust the JND values.
基金supported by the National Natural Science Foundation of China(Nos.12172315,12072304,11702232)the Fujian Provincial Natural Science Foundation,China(No.2021J01050)the Aeronautical Science Foundation of China(No.20220013068002).
文摘Unsteady aerodynamic characteristics at high angles of attack are of great importance to the design and development of advanced fighter aircraft, which are characterized by post-stall maneuverability with multiple Degrees-of-Freedom(multi-DOF) and complex flow field structure.In this paper, a special kind of cable-driven parallel mechanism is firstly utilized as a new suspension method to conduct unsteady dynamic wind tunnel tests at high angles of attack, thereby providing experimental aerodynamic data. These tests include a wide range of multi-DOF coupled oscillatory motions with various amplitudes and frequencies. Then, for aerodynamic modeling and analysis, a novel data-driven Feature-Level Attention Recurrent neural network(FLAR) is proposed. This model incorporates a specially designed feature-level attention module that focuses on the state variables affecting the aerodynamic coefficients, thereby enhancing the physical interpretability of the aerodynamic model. Subsequently, spin maneuver simulations, using a mathematical model as the baseline, are conducted to validate the effectiveness of the FLAR. Finally, the results on wind tunnel data reveal that the FLAR accurately predicts aerodynamic coefficients, and observations through the visualization of attention scores identify the key state variables that affect the aerodynamic coefficients. It is concluded that the proposed FLAR enhances the interpretability of the aerodynamic model while achieving good prediction accuracy and generalization capability for multi-DOF coupling motion at high angles of attack.
基金Funded by Chinese National Natural Science Foundation of China(No.U2006224)。
文摘The paper presents experimental investigation results of crack pattern change in cement pastes caused by external sulfate attack(ESA).To visualize the formation and development of cracks in cement pastes under ESA,an X-ray computed tomography(X-ray CT)was used,i e,the tomography system of Zeiss Xradia 510 versa.The results indicate that X-CT can monitor the development process and distribution characteristics of the internal cracks of cement pastes under ESA with attack time.In addition,the C3A content in the cement significantly affects the damage mode of cement paste specimens during sulfate erosion.The damage of ordinary Portland cement(OPC)pastes subjected to sulfate attack with high C3A content are severe,while the damage of sulfate resistant Portland cement(SRPC)pastes is much smaller than that of OPC pastes.Furthermore,a quadratic function describes the correlation between the crack volume fraction and development depth for two cement pastes immermed in sulfate solution.
文摘To improve the vertical axis wind turbine(VAWT)design,the angle of attack(AOA)and airfoil data must be treated correctly.The present paper develops a method for determining AOA on a VAWT based on computational fluid dynamics(CFD)analysis.First,a CFD analysis of a two-bladed VAWT equipped with a NACA 0012 airfoil is conducted.The thrust and power coefficients are validated through experiments.Second,the blade force and velocity data at monitoring points are collected.The AOA at different azimuth angles is determined by removing the blade self-induction at the monitoring point.Then,the lift and drag coefficients as a function of AOA are extracted.Results show that this method is independent of the monitoring points selection located at certain distance to the blades and the extracted dynamic stall hysteresis is more precise than the one with the“usual”method without considering the self-induction from bound vortices.
基金supported by Science and Technology Innovation Programfor Postgraduate Students in IDP Subsidized by Fundamental Research Funds for the Central Universities(Project No.ZY20240335)support of the Research Project of the Key Technology of Malicious Code Detection Based on Data Mining in APT Attack(Project No.2022IT173)the Research Project of the Big Data Sensitive Information Supervision Technology Based on Convolutional Neural Network(Project No.2022011033).
文摘Previous studies have shown that deep learning is very effective in detecting known attacks.However,when facing unknown attacks,models such as Deep Neural Networks(DNN)combined with Long Short-Term Memory(LSTM),Convolutional Neural Networks(CNN)combined with LSTM,and so on are built by simple stacking,which has the problems of feature loss,low efficiency,and low accuracy.Therefore,this paper proposes an autonomous detectionmodel for Distributed Denial of Service attacks,Multi-Scale Convolutional Neural Network-Bidirectional Gated Recurrent Units-Single Headed Attention(MSCNN-BiGRU-SHA),which is based on a Multistrategy Integrated Zebra Optimization Algorithm(MI-ZOA).The model undergoes training and testing with the CICDDoS2019 dataset,and its performance is evaluated on a new GINKS2023 dataset.The hyperparameters for Conv_filter and GRU_unit are optimized using the Multi-strategy Integrated Zebra Optimization Algorithm(MIZOA).The experimental results show that the test accuracy of the MSCNN-BiGRU-SHA model based on the MIZOA proposed in this paper is as high as 0.9971 in the CICDDoS 2019 dataset.The evaluation accuracy of the new dataset GINKS2023 created in this paper is 0.9386.Compared to the MSCNN-BiGRU-SHA model based on the Zebra Optimization Algorithm(ZOA),the detection accuracy on the GINKS2023 dataset has improved by 5.81%,precisionhas increasedby 1.35%,the recallhas improvedby 9%,and theF1scorehas increasedby 5.55%.Compared to the MSCNN-BiGRU-SHA models developed using Grid Search,Random Search,and Bayesian Optimization,the MSCNN-BiGRU-SHA model optimized with the MI-ZOA exhibits better performance in terms of accuracy,precision,recall,and F1 score.
基金supported by the Ministry of Trade,Industry and Energy(MOTIE)under Training Industrial Security Specialist for High-Tech Industry(RS-2024-00415520)supervised by the Korea Institute for Advancement of Technology(KIAT)the Ministry of Science and ICT(MSIT)under the ICT Challenge and Advanced Network of HRD(ICAN)Program(No.IITP-2022-RS-2022-00156310)supervised by the Institute of Information&Communication Technology Planning&Evaluation(IITP).
文摘As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.
基金supported in part by Shanghai Rising-Star Program,China under grant 22QA1409400in part by National Natural Science Foundation of China under grant 62473287 and 62088101in part by Shanghai Municipal Science and Technology Major Project under grant 2021SHZDZX0100.
文摘This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional methods by considering both denial-of-service(DoS)and false data injection(FDI)attacks simultaneously.Additionally,the stability conditions for the system under these hybrid attacks are established.It is technically challenging to design the control strategy by predicting attacker actions based on Stcakelberg game to ensure the system stability under hybrid attacks.Another technical difficulty lies in establishing the conditions for mean-square asymptotic stability due to the complexity of the attack scenarios Finally,simulations on an unstable batch reactor system under hybrid attacks demonstrate the effectiveness of the proposed strategy.
