Eavesdropping Attacks Research Articles

Pilot spoofing attack detection and channel estimation for secure massive MIMO

AbstractPilot spoofing attack (PSA) is an active eavesdropping attack in massive multiple‐input multiple‐output systems, where the eavesdroppers transmit the same pilot sequence as the legitimate user does to the base station to confuse the normal channel estimation during the uplink channel training phase. With the contaminated channel estimations, more information will be leaked to eavesdroppers in the downlink transmission phase. However, it is a challenging issue to detect the PSA attack due to the similarity of the received signals and the variations of the wireless channels. Here, a new PSA detection scheme by using the difference of two different estimators is presented, that is, the least square estimator and the minimum mean square error estimator, without requiring any priori of eavesdroppers. Following that, a new data‐aided channel estimation scheme is proposed to eliminate the PSA effect. Simulation results demonstrate that the proposed PSA detection scheme outperforms the conventional energy detector, and more accurate legitimate channel estimation and higher sum secrecy rates can be obtained with the proposed scheme.

Overview of Cyber Attacks Classification and Detection in IoT using CNN-Deep Reinforcement Learning

Millions of digital devices total the Internet of Things (IoT), and this allows very easy interaction from users connecting the devices. IoT is one of the tech sectors that is expanding most rapidly, but it can also be very vulnerable to hazards. Infections and abnormal placement on the Internet of Things (IoT) framework is an increasing threat in the field of technology. In view of the growing IoT foundation usage across all industries, attacks and dangers on these systems have also grown proportional. Leveraging typical machine learning methods, cyber-attack detection plays a critical role in avoiding damage from cyberattacks on IoT devices. IoT Cyber Attacks are Not Detected by ANN Artificial Neural Networks Using Deep Learning Techniques CNN-DRL (Convolutional Neural Networks-Deep Reinforcement Learning) Hybrid Approach: Detects Attacks, including Distributed Denial of Service (DDoS), Zero-day, and Eavesdropping Attacks.

Efficient multi-party quantum secret-sharing protocol

ContextQuantum secret sharing allows one secret dealer to divide his/her secret among different participants. Only when all the participants pool their secret pieces together can the secret be reconstructed. Quantum secret-sharing protocol can provide high security for users who need to share some secret information among some partners. It is also a useful tool in many applications such as secure operations of joint sharing of quantum money, sharing ancilla states, and distributed quantum computation. ObjectiveWe propose a novel multi-party quantum secret-sharing protocol (MPQSSP). MethodsIn our protocol, the dealer mixes the particle sequence of the Bell states and sends the sequence to the participants. The participants encode their secret pieces into Pauli operators, which are applied to the received particle sequence. After annularly transmitting and operating the particle sequence, the participants return the particle sequence to the dealer, who can share a secret with the partners by measuring the returned sequence with the Bell basis. ResultsThe proposed MPQSSP has the merits as follows. First, its qubit efficiency can be 100% when the sample bits of the secret and the corresponding sample qubits are ignored (In our protocol when the qubit efficiency is computed, the sample bits and the corresponding Bell states used to check eavesdropping are ignored). Second, it can protect participants' privacy and interests, since the dealer cannot derive the secret piece of any participant although he/she masters the secret. Third, the participants need not perform many quantum operations and measurements to check the eavesdropping, which helps improve the efficiency of the protocol. Fourth, compared with most of the similar MPQSSPs, the quantum resources of the proposed one are relatively easier to prepare. At last, the proposed protocol has the security against various eavesdropping attacks. ConclusionThe merits above show that Our MPQSSP is relatively more practical and efficient than similar ones.

Key Synchronization Method Based on Negative Databases and Physical Channel State Characteristics of Wireless Sensor Network.

Due to their inherent openness, wireless sensor networks (WSNs) are vulnerable to eavesdropping attacks. Addressing the issue of secure Internet Key Exchange (IKE) in the absence of reliable third parties like CA/PKI (Certificate Authority/Public Key Infrastructure) in WSNs, a novel key synchronization method named NDPCS-KS is proposed in the paper. Firstly, through an initial negotiation process, both ends of the main channels generate the same initial key seeds using the Channel State Information (CSI). Subsequently, negotiation keys and a negative database (NDB) are synchronously generated at the two ends based on the initial key seeds. Then, in a second-negotiation process, the NDB is employed to filter the negotiation keys to obtain the keys for encryption. NDPCS-KS reduced the risk of information leakage, since the keys are not directly transmitted over the network, and the eavesdroppers cannot acquire the initial key seeds because of the physical isolation of their eavesdropping channels and the main channels. Furthermore, due to the NP-hard problem of reversing the NDB, even if an attacker obtains the NDB, deducing the initial key seeds is computationally infeasible. Therefore, it becomes exceedingly difficult for attackers to generate legitimate encryption keys without the NDB or initial key seeds. Moreover, a lightweight anti-replay and identity verification mechanism is designed to deal with replay attacks or forgery attacks. Experimental results show that NDPCS-KS has less time overhead and stronger randomness in key generation compared with other methods, and it can effectively counter replay, forgery, and tampering attacks.

Black-hole and DoS attack detection analysis and isolation mechanism for black-hole in MANET

A mobile ad-hoc network is a network without infrastructure where communication between nodes occurs in an open medium, such as the air. This makes it susceptible to eavesdropping and various attacks, which can be categorized as data traffic attacks (such as black-hole, grey-hole, DoS, etc.) and control traffic attacks (such as worm-hole, hello flood, man-in-the-middle, etc.). This NS2 experimental simulation compares the disruption effects of black-hole and DoS attacks in an identical network using the AODV routing protocol. The simulation aims to observe and analyze parameters such as packet delivery fraction, end-to-end delay, normalized overhead, and residual energy in HKI-Reader. Additionally, it demonstrates how malicious nodes are detected, removed, or isolated from the network to restore it to its original state. HKI-Reader is a software application developed using PHP and JavaScript. It is designed to read simulation results files for attacks and display them in a graphical user interface (GUI) for improved analysis and visual observation.

An Improved Deffie Hellman Scheme for Mitigating an Eavesdropping Attack on a Network

An Improved Deffie Hellman Scheme for Mitigating an Eavesdropping Attack on a Network

PPG-Hear: A Practical Eavesdropping Attack with Photoplethysmography Sensors

Photoplethysmography (PPG) sensors have become integral components of wearable and portable health devices in the current technological landscape. These sensors offer easy access to heart rate and blood oxygenation, facilitating continuous long-term health monitoring in clinic and non-clinic environments. While people understand that health-related information provided by PPG is private, no existing research has demonstrated that PPG sensors are dangerous devices capable of obtaining sensitive information other than health-related data. This work introduces PPG-Hear, a novel side-channel attack that exploits PPG sensors to intercept nearby audio information covertly. Specifically, PPG-Hear exploits low-frequency PPG measurements to discern and reconstruct human speech emitted from proximate speakers. This technology allows attackers to eavesdrop on sensitive conversations (e.g., audio passwords, business decisions, or intellectual properties) without being noticed. To achieve this non-trivial attack on commodity PPG-enabled devices, we employ differentiation and filtering techniques to mitigate the impact of temperature drift and user-specific gestures. We develop the first PPG-based speech reconstructor, which can identify speech patterns in the PPG spectrogram and establish the correlation between PPG and speech spectrograms. By integrating a MiniRocket-based classifier with a PixelGAN model, PPG-Hear can reconstruct human speech using low-sampling-rate PPG measurements. Through an array of real-world experiments, encompassing common eavesdropping scenarios such as surrounding speakers and the device's own speakers, we show that PPG-Hear can achieve remarkable accuracy of 90% for recognizing human speech, surpassing the current state-of-the-art side-channel eavesdropping attacks using motion sensors operating at equivalent sampling rates (i.e., 50Hz to 500Hz).

Improving Throughput and Sum Secrecy Rate in Wireless Networks Against Illegal Intelligent Reflecting Surface (IIRS) Based Jamming Attacks

Illegal intelligent reflecting surfaces (I-IRSs), i.e., the illegal deployment and utilization of IRSs, impose serious harmful impacts on wireless networks. The existing I-IRS-based illegal jammer (IJ) requires channel state information (CSI) or extra power or both, and therefore, the I-IRS-based IJ seems to be difficult to implement in practical wireless networks. Due to continued sharing of resources, wireless networks often come under security attacks, most common of which are eavesdropping attacks. In the case of eavesdropping attacks, deliberately designed random eavesdropping data is added to the channel. These eavesdropping along with noise result in packet losses and low throughput, degrading the overall performance of the cognitive network. In this work, a security aware jamming and eavesdropping rejection mechanism is proposed which detects suspicious signals in the channel frequency response and employs discrete equalization to recover transmitted data. The proposed approach uses a chaos based FFH protocol for possible adversarial eavesdropping attacks. The error rate and average sum rate show that the proposed system outperforms the exiting systems in terms of the performance metrics. Keywords:- Illegal Intelligent Reflecting Surface (IIRS), Jamming Attack, Packet Intercept. Error Rate, Sum Rate

A Review on Securing Wireless Networks against Jamming Attacks

The internet of thins (IoT) framework has helped in design of high speed connected networks which include Wide Area Networks (WANs). Cognitive Radio can be considered to be one of the key enablers of high speed data transfer with evolving generation of wireless networks. Cognitive networks find their applications in military and defence as well with the advent of internet of things and its allied applications in military warfare. Cognitive Radio Networks often share common resources such as bandwidth or spectrum among several users or stations. Due to continued sharing of resources, cognitive networks often come under security attacks, most common of which are jamming and eavesdropping attacks. In this paper, the basics of cognitive IoT networks have been presented with the focus of security aware cognitive IoT networks. Previous work in the allied domain has been discussed along with their salient features. Keywords: Wide Area Network (WAN), Internet of Things (IoT), cognitive radio network (CRN), security aware spectrum assignment, cyber-attacks, false alarm, and throughput.

Multi-Constraint and Multi-Policy Path Hopping Active Defense Method Based on SDN

Path hopping serves as an active defense mechanism in network security, yet it encounters challenges like a restricted path switching space, the recurrent use of similar paths and vital nodes, a singular triggering mechanism for path switching, and fixed hopping intervals. This paper introduces an active defense method employing multiple constraints and strategies for path hopping. A depth-first search (DFS) traversal is utilized to compute all possible paths between nodes, thereby broadening the path switching space while simplifying path generation complexity. Subsequently, constraints are imposed on residual bandwidth, selection periods, path similitude, and critical nodes to reduce the likelihood of reusing similar paths and crucial nodes. Moreover, two path switching strategies are formulated based on the weights of residual bandwidth and critical nodes, along with the calculation of path switching periods. This facilitates adaptive switching of path hopping paths and intervals, contingent on the network’s residual bandwidth threshold, in response to diverse attack scenarios. Simulation outcomes illustrate that this method, while maintaining normal communication performance, expands the path switching space effectively, safeguards against eavesdropping and link-flooding attacks, enhances path switching diversity and unpredictability, and fortifies the network’s resilience against malicious attacks.

Moving target defense approach for secure relay selection in vehicular networks

Ensuring the security and reliability of cooperative vehicle-to-vehicle (V2V) communications is an extremely challenging task due to the dynamic nature of vehicular networks as well as the delay-sensitive wireless medium. In this context, the moving target defense (MTD) paradigm has been proposed to overcome the challenges of conventional solutions based on static network services and configurations. Specifically, the MTD approach involves the dynamic altering of network configurations to improve resilience to cyberattacks. Nevertheless, the current MTD solution for cooperative networks poses several limitations, such as that they require high synchronization modules that are resource-intensive and difficult to implement; and they rely heavily on attack-defense models, which may not always be accurate or comprehensive to use. To overcome these challenges, the proposed approach introduces an adaptive defense strategy within the MTD framework. This strategy proposes an intelligent spatiotemporal diversification-based MTD scheme to defend against eavesdropping attacks in cooperative V2V networks. It involves altering the system configuration spatially through relay selection and adjusting the percentage of injected fake data over time. This approach aims to balance reducing intercept probability while ensuring high throughput. Our methodology involves modeling the configuration of vehicular relays and data injection patterns as a Markov decision process, followed by applying deep reinforcement learning to determine the optimal configuration. We then iteratively evaluate the intercept probability and the percentage of transmitted real data for each configuration until convergence is achieved. To optimize the security-real data percentage (S-RDP), we developed a two-agent framework, namely MTD-DQN-RSS & MTD-DQN-RSS-RDP. The first agent, MTD-DQN-RSS, tries to minimize the intercept probability by injecting additional fake data, which in turn reduces the overall RDP, while the second agent, MTD-DQN-RSS-RDP, attempts to inject a sufficient amount of fake data to achieve a target S-RDP. Finally, extensive simulation results are conducted to demonstrate the effectiveness of our proposed solution, which improved system security compared to the conventional relay selection approach.

An efficient authentication protocol with privacy-preserving for virtual power plant

As an important manifestation of the current development and transformation of the world’s power and energy industries, the virtual power plant is an important foundation for optimizing the layout of energy resources. However, since there are many open channels in the virtual power plant, adversaries can implement eavesdropping, replay, impersonation, forgery, and other attacks to access the virtual power plant, and even publish false data in the virtual power plant to disrupt the operation of the virtual power plant. In addition, it is easy for an adversary to deduce key information such as the layout of virtual power plant equipment through the identity of the device. In this context, to ensure the security and privacy of devices when accessing the platform, in this paper, we propose an efficient authentication protocol based on the elliptic curve cryptography and zero-knowledge proof, which requires only two information exchanges. Security analysis shows that the proposed protocol can meet security features such as mutual authentication, key agreement, perfect forward secrecy, and device anonymity. Performance analysis indicates that the proposed protocol achieves a reasonable balance between computational and signaling overhead, and it is more suitable for achieving efficient device authentication and privacy protection in virtual power plants.

LFTDA: A lightweight and fault-tolerant data aggregation scheme with privacy-enhanced property in fog-assisted smart grid

In recent years, the data aggregation scheme was widely adopted in smart grids (SG) to protect data privacy while ensuring data availability. Meanwhile, asymmetric homomorphic encryption is a popular technique that guarantees data aggregation and accurate computing results. However, it often brings heavy computation overheads and costs, which increases burdens to SG. In order to lighten SG’s burden, in this paper, a lightweight and fault-tolerant data aggregation scheme (LFTDA) with privacy-enhanced property is proposed. Unlike existing schemes, our proposed scheme uses a lightweight symmetric encryption algorithm and a skillful mathematical structure to achieve data aggregation. In addition, in the proposed scheme, smart meters are allowed to dynamically join and exit from the group while guaranteeing the correctness, security, and efficiency of aggregation. More importantly, our LFTDA is fault-tolerant, which means that the data collection from other devices will not be affected even if some of the smart meters or fog nodes do not work. From the view of security, LFTDA can defend against eavesdropping attack and collusion attack. Finally, we evaluate its performance along with other related schemes in terms of aggregation, decryption, and communication costs, which shows that LFTDA is very competitive and hence is suitable for many practical SG applications.

Securing Infrared Communication in Nuclear Power Plants: Advanced Encryption for Infrared Sensor Networks.

This study enhances infrared communication security in nuclear power plants' secondary systems, addressing the risk of mechanical and cyber failures. A novel random address generator, employing an innovative S-box, was developed to secure IoT sensor data transmissions to gateway nodes, mitigating eavesdropping, interference, and replay attacks. We introduced a structured IR communication protocol, generating unique, encrypted addresses to prevent unauthorized access. Key-dependent S-boxes, based on a compound chaotic map system, significantly improved encryption, increasing data transmission randomness and uniqueness. Entropy analysis and reduced duplicated addresses confirmed the effectiveness of our method, with the Hash-CCM algorithm showing the highest entropy and fewest duplicates. Integrating advanced cryptographic techniques into IR systems significantly enhances nuclear power plants' security, contributing to the protection of critical infrastructure from cyber threats and ensuring operational integrity.

A Survey on Security Mechanisms in D2D IoT Networks

Due to the availability of handheld, mobile devices and the advent of cloud and bog data applications, the data traffic in the licensed bands has increased. This has led to the exploration of alternative avenues to de-load the conventional wireless networks. A new paradigm called device to device networks has evolved which is a category of mobile ad-hoc networks. Device-to- device (D2D) communication is expected to play a significant role in upcoming networks as it will reduce the burden from the cellular systems. This may make big data applications easier. However the D2D networks don’t use the security provided by cellular networks. Hence there is a chance of attacks. The major attack in D2D devices is the eavesdropping attack in which mobile hosts share the same wireless medium and broadcast signals over airwaves, which can be easily intercepted by receivers tuned to the proper frequency. Thus, the attacker can read exchanged messages and is able to inject fake messages to manipulate other users. This paper investigates the salient approaches of D2D networks in the context of security and access control and existing research methods. Keywords: Internet of Things (IoT), Network Security, D2D Security, Throughput, Error Rate.

A Lightweight Chaotic Map-Based Key Agreement Scheme for the Advanced Metering Infrastructure

In the advanced metering infrastructure (AMI), impersonation, eavesdropping, man-in-the-middle and other attacks occur in the process of communication between entities through public channels, which will lead to the leakage of user privacy or the incorrect issuance of control instructions, resulting in economic losses and even power system operation failures. In view of this situation, we design a lightweight key agreement scheme based on a chaotic map for the AMI. We use the chaotic map to replace the time-consuming bilinear pairing and elliptic curve method and establish a secure communication channel between legal entities. In addition, we also design a multicast key generation mechanism for message transmission in AMI. The security analysis proves the security of the proposed scheme in the random oracle model, which can meet the security characteristics of anonymity and forward secrecy, and can effectively resist common attacks such as impersonation, replay and man-in-the-middle. The performance analysis results show that the proposed scheme requires lower computational and communication costs than related schemes, so it is more suitable for AMI scenarios with limited resources.

Privacy and security trade‐off in cyber‐physical systems: An information theory‐based framework

AbstractThis article investigates the trade‐off between privacy and security in cyber‐physical systems, with the goal of designing a privacy‐preserving mechanism based on information theory. Considering the unreliability of the communication channel, we assume that the private data is vulnerable to eavesdropping and bias injection attacks. To maintain privacy, the system is equipped with a privacy‐preserving mechanism achieved by injecting Gaussian‐type privacy noise into transmitted data, which inevitably leads to degraded detecting performance. Therefore, we investigate the trade‐off between privacy level and detection performance, where the privacy level and the detection performance are measured by mutual information and Kullback–Leibler divergence, respectively. Then, the optimal privacy noise is obtained by solving a convex optimization problem for maximizing the privacy degree and constraining a bound on detection performance degradation. Furthermore, to optimize the detection performance, another convex optimization problem is proposed to minimize both the false alarm rate and the missed alarm rate while guaranteeing a level of the privacy. Finally, a numerical example of the vehicle tracking problem is adopted to illustrate the effectiveness of the designed framework.

A Review on Security Frameworks for Software Defined Networks

The internet of thins (IoT) framework has helped in design of high speed connected networks which include Wide Area Networks (WANs). Cognitive Radio can be considered to be one of the key enablers of high speed data transfer with evolving generation of wireless networks. Cognitive networks find their applications in military and defence as well with the advent of internet of things and its allied applications in military warfare. Cognitive Radio Networks often share common resources such as bandwidth or spectrum among several users or stations. Due to continued sharing of resources, cognitive networks often come under security attacks, most common of which are jamming and eavesdropping attacks. In this paper, the basics of cognitive IoT networks have been presented with the focus of security aware cognitive IoT networks. Previous work in the allied domain has been discussed along with their salient features. Keywords: Wide Area Network (WAN), Internet of Things (IoT), cognitive radio network (CRN), security aware spectrum assignment, cyber-attacks, false alarm, and throughput.

Mitigating communications threats in decentralized federated learning through moving target defense

AbstractThe rise of Decentralized Federated Learning (DFL) has enabled the training of machine learning models across federated participants, fostering decentralized model aggregation and reducing dependence on a server. However, this approach introduces unique communication security challenges that have yet to be thoroughly addressed in the literature. These challenges primarily originate from the decentralized nature of the aggregation process, the varied roles and responsibilities of the participants, and the absence of a central authority to oversee and mitigate threats. Addressing these challenges, this paper first delineates a comprehensive threat model focused on DFL communications. In response to these identified risks, this work introduces a security module to counter communication-based attacks for DFL platforms. The module combines security techniques such as symmetric and asymmetric encryption with Moving Target Defense (MTD) techniques, including random neighbor selection and IP/port switching. The security module is implemented in a DFL platform, Fedstellar, allowing the deployment and monitoring of the federation. A DFL scenario with physical and virtual deployments have been executed, encompassing three security configurations: (i) a baseline without security, (ii) an encrypted configuration, and (iii) a configuration integrating both encryption and MTD techniques. The effectiveness of the security module is validated through experiments with the MNIST dataset and eclipse attacks.The results showed an average F1 score of 95%, with the most secure configuration resulting in CPU usage peaking at 68% (± 9%) in virtual deployments and network traffic reaching 480.8 MB (± 18 MB), effectively mitigating risks associated with eavesdropping or eclipse attacks.

A Chaos-FFH Based Approach Against Illegal Intelligent Reflecting Surface (IIRS) Based Jamming Attacks

Illegal intelligent reflecting surfaces (I- IRSs), i.e., the illegal deployment and utilization of IRSs, impose serious harmful impacts on wireless networks. The existing I-IRS-based illegal jammer (IJ) requires channel state information (CSI) or extra power or both, and therefore, the I-IRS- based IJ seems to be difficult to implement in practical wireless networks. Due to continued sharing of resources, wireless networks often come under security attacks, most common of which are eavesdropping attacks. In the case of eavesdropping attacks, deliberately designed random eavesdropping data is added to the channel. These eavesdropping along with noise result in packet losses and low throughput, degrading the overall performance of the cognitive network. In this work, a security aware jamming and eavesdropping rejection mechanism is proposed which detects suspicious signals in the channel frequency response and employs discrete equalization to recover transmitted data. The proposed approach uses a chaos based FFH protocol for possible adversarial eavesdropping attacks. The error rate and average sum rate show that the proposed system outperforms the exiting systems in terms of the performance metrics. Keywords:- Illegal Intelligent Reflecting Surface (IIRS), Jamming Attack, Packet Intercept. Error Rate, Sum Rate