Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the...Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the security controls. However, defining enterprise-level security metrics has already been listed as one of the hard problems in the Info Sec Research Council's hard problems list. Almost all the efforts in defining absolute security metrics for the enterprise security have not been proved fruitful. At the same time, with the maturity of the security industry, there has been a continuous emphasis from the regulatory bodies on establishing measurable security metrics. This paper addresses this need and proposes a relative security metric model that derives three quantitative security metrics named Attack Resiliency Measure(ARM), Performance Improvement Factor(PIF), and Cost/Benefit Measure(CBM) for measuring the performance of the security controls. For the effectiveness evaluation of the proposed security metrics, we took the secure virtual machine(VM) migration protocol as the target of assessment. The virtual-ization technologies are rapidly changing the landscape of the computing world. Devising security metrics for virtualized environment is even more challenging. As secure virtual machine migration is an evolving area and no standard protocol is available specifically for secure VM migration. This paper took the secure virtual machine migration protocol as the target of assessment and applied the proposed relative security metric model for measuring the Attack Resiliency Measure, Performance Improvement Factor, and Cost/Benefit Measure of the secure VM migration protocol.展开更多
Angle of Attack(AOA) is a crucial parameter which directly affects the aerodynamic forces of an aircraft.The measurement of AOA is required to ensure a safe flight within its designed flight envelop.This paper intends...Angle of Attack(AOA) is a crucial parameter which directly affects the aerodynamic forces of an aircraft.The measurement of AOA is required to ensure a safe flight within its designed flight envelop.This paper intends to summarise a comprehensive survey on the measurement techniques and estimation methods for AOA, specifically in Unmanned Aerial Vehicle(UAV) applications.In the case of UAVs, weight constraint plays a major role as far as sensor suites are concerned.This results in selecting a suitable estimation method to extract AOA using the available data from the autopilot.The most feasible and widely employed AOA measurement technique is by using the Multi-Hole Probes(MHPs).The MHP measures the AOA regarding the pressure variations between the ports.Due to the importance of MHP in AOA measurement, the calibration methods for the MHP are also included in this paper.This paper discusses the AOA measurement using virtual AOA sensors, their importance and the operation.展开更多
Quantum private query(QPQ)protocols have emerged as a pivotal innovation in quantum cryptography,offering users the ability to retrieve specific database information while preserving privacy.However,the practical impl...Quantum private query(QPQ)protocols have emerged as a pivotal innovation in quantum cryptography,offering users the ability to retrieve specific database information while preserving privacy.However,the practical implementation of these protocols faces significant security challenges,particularly from joint-measurement attacks in multi-round query scenarios.A recent study by Liu et al.addresses these vulnerabilities through a comprehensive analysis and proposes innovative solutions,marking a critical advancement in the field[1].展开更多
Smart grids are increasingly dependent on data with the rapid development of communication and measurement.As one of the important data sources of smart grids,phasor measurement unit(PMU)is facing the high risk from a...Smart grids are increasingly dependent on data with the rapid development of communication and measurement.As one of the important data sources of smart grids,phasor measurement unit(PMU)is facing the high risk from attacks.Compared with cyber attacks,global position system(GPS)spoofing attacks(GSAs)are easier to implement because they can be exploited by portable devices,without the need to access the physical system.Therefore,this paper proposes a novel method for pattern recognition of GSA and an additional function of the proposed method is the data correction to the phase angle difference(PAD)deviation.Specifically,this paper analyzes the effect of GSA on PMU measurement and gives two common patterns of GSA,i.e.,the step attack and the ramp attack.Then,the method of estimating the PAD deviation across a transmission line introduced by GSA is proposed,which does not require the line parameters.After obtaining the estimated PAD deviations,the pattern of GSA can be recognized by hypothesis tests and correlation coefficients according to the statistical characteristics of the estimated PAD deviations.Finally,with the case studies,the effectiveness of the proposed method is demonstrated,and the success rate of the pattern recognition and the online performance of the proposed method are analyzed.展开更多
文摘Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the security controls. However, defining enterprise-level security metrics has already been listed as one of the hard problems in the Info Sec Research Council's hard problems list. Almost all the efforts in defining absolute security metrics for the enterprise security have not been proved fruitful. At the same time, with the maturity of the security industry, there has been a continuous emphasis from the regulatory bodies on establishing measurable security metrics. This paper addresses this need and proposes a relative security metric model that derives three quantitative security metrics named Attack Resiliency Measure(ARM), Performance Improvement Factor(PIF), and Cost/Benefit Measure(CBM) for measuring the performance of the security controls. For the effectiveness evaluation of the proposed security metrics, we took the secure virtual machine(VM) migration protocol as the target of assessment. The virtual-ization technologies are rapidly changing the landscape of the computing world. Devising security metrics for virtualized environment is even more challenging. As secure virtual machine migration is an evolving area and no standard protocol is available specifically for secure VM migration. This paper took the secure virtual machine migration protocol as the target of assessment and applied the proposed relative security metric model for measuring the Attack Resiliency Measure, Performance Improvement Factor, and Cost/Benefit Measure of the secure VM migration protocol.
基金the financial support of the Aeronautical Research&Development Board(AR&DB)through the SIGMA Panel for sanctioning the project ID number ARDB/01/2021791/M/I。
文摘Angle of Attack(AOA) is a crucial parameter which directly affects the aerodynamic forces of an aircraft.The measurement of AOA is required to ensure a safe flight within its designed flight envelop.This paper intends to summarise a comprehensive survey on the measurement techniques and estimation methods for AOA, specifically in Unmanned Aerial Vehicle(UAV) applications.In the case of UAVs, weight constraint plays a major role as far as sensor suites are concerned.This results in selecting a suitable estimation method to extract AOA using the available data from the autopilot.The most feasible and widely employed AOA measurement technique is by using the Multi-Hole Probes(MHPs).The MHP measures the AOA regarding the pressure variations between the ports.Due to the importance of MHP in AOA measurement, the calibration methods for the MHP are also included in this paper.This paper discusses the AOA measurement using virtual AOA sensors, their importance and the operation.
文摘Quantum private query(QPQ)protocols have emerged as a pivotal innovation in quantum cryptography,offering users the ability to retrieve specific database information while preserving privacy.However,the practical implementation of these protocols faces significant security challenges,particularly from joint-measurement attacks in multi-round query scenarios.A recent study by Liu et al.addresses these vulnerabilities through a comprehensive analysis and proposes innovative solutions,marking a critical advancement in the field[1].
基金supported by the National Key Research and Development Program of China(No.2017YFB0902900,No.2017YFB0902901)National Natural Science Foundation of China(No.51627811,No.51725702)the Fundamental Research Funds for the Central Universities(No.2018ZD01)
文摘Smart grids are increasingly dependent on data with the rapid development of communication and measurement.As one of the important data sources of smart grids,phasor measurement unit(PMU)is facing the high risk from attacks.Compared with cyber attacks,global position system(GPS)spoofing attacks(GSAs)are easier to implement because they can be exploited by portable devices,without the need to access the physical system.Therefore,this paper proposes a novel method for pattern recognition of GSA and an additional function of the proposed method is the data correction to the phase angle difference(PAD)deviation.Specifically,this paper analyzes the effect of GSA on PMU measurement and gives two common patterns of GSA,i.e.,the step attack and the ramp attack.Then,the method of estimating the PAD deviation across a transmission line introduced by GSA is proposed,which does not require the line parameters.After obtaining the estimated PAD deviations,the pattern of GSA can be recognized by hypothesis tests and correlation coefficients according to the statistical characteristics of the estimated PAD deviations.Finally,with the case studies,the effectiveness of the proposed method is demonstrated,and the success rate of the pattern recognition and the online performance of the proposed method are analyzed.
