Spelling suggestions: "subject:"[een] COUNTERMEASURE"" "subject:"[enn] COUNTERMEASURE""
21 |
Comparison of security level and current consumption of security implementations for MQTTCarlsson, Fredrik, Eriksson, Klas-Göran January 2018 (has links)
IoT is a rapidly growing area with products in the consumer, commercial and industrial market. Collecting data with multiple small and often battery-powered devices sets new challenges for both security and communication. There has been a distinct lack of a IoT specific communication protocols. The industry has had to use bulky interfaces not suitable for resource-constrained devices. MQTT is a standardised communication protocol made for the IoT industry. MQTT does however not have built-in security and it is up to the developers to implement a suitable security countermeasure. To evaluate how different security countermeasures impact MQTT in complexity, current consumption and security the following research questions are answered. How do you derive a measurement from the SEF that can be compared with a current consumption measurement? Which level of security, according to the SEF, will RSA, AES and TLS provide to MQTT when publishing a message to a broker? What level of complexity is added to MQTT when using chosen security countermeasure? Which of the analysed security countermeasure upholds an adequate security level while also having a low current consumption? To answer the above research questions an experiment approach has been used. Implementations of TLS, RSA and AES have been evaluated to measure how they affect the security level and current consumption of an MQTT publication, compared to no security countermeasures at all.Both RSA and AES had the same security level, but the current consumption for RSA was four times higher. The experiment showed that the security level is significantly higher for TLS, while it also has the highest current consumption. The security countermeasure evaluated differs greatly. TLS provides complete protections, while RSA and AES lacks authentication and does not ensure integrity and non-repudiation.Even if the current consumption for TLS is higher, the security it provides make it unreasonable to recommend any of the other security countermeasure implementations.
|
22 |
Studies on future Mine Countermeasure Vessels (MCMV)Somehagen, Philip January 2023 (has links)
Background Maritime transportation is vital for international trade, and any disruption to this flow can have severe financial and environmental consequences. Ship mines, both old and new, present significant risks as man-made obstacles. The perilous task of minesweeping, historically carried out by humans at great risk, necessitates the development of unmanned vessels. These autonomous solutions aim to effectively address the dangers posed by ship mines while ensuring the safety of human lives. Objectives This thesis aims to explore the potential of next-generation Mine countermeasure vessel (MCMV) and develop a concept for an autonomous or remotely operated vessel capable of effectively clearing sea mines. This thesis is limited to only considering surface vessels for the MCMV, and alternative designs like submersible vehicles are not considered. Furthermore, the study relies on conventional platform technology, potentially limiting the vehicles’ capabilities compared to emerging technologies. Methods The methodology employed in this degree project is centered on the analysis of current trends and technologies in Mine countermeasure (MCM) operations. Three world-leading products in the field are described in depth to then go through a comprehensive evaluation to serve as a foundation for concept development. Results The outcome of this thesis is a catamaran-based concept that incorporates additional functionalities to enhance its adaptability and self-defense capabilities. The concept extends upon the design of an existing product, incorporating new features such as adjustable width and the ability to support forward reconnaissance, as well as contribute to air defense capabilities within the fleet. Conclusions The future of MCM operations is expected to shift towards automated systems, characterized by smaller and more affordable platforms. This technological advancement enables the increased deployment of MCMVs, with their effectiveness being determined by the number of units rather than individual speed. As technological developments in marine environments continue to progress, the significance of ensuring safety and control in these settings becomes of utmost importance. AutonomousMCMVs will play a vital role in addressing these challenges and contribute significantly to the safety and security of marine environments in the future. / Bakgrund Sjötransporter är avgörande för internationell handel, och störningar i detta flöde kanfå allvarliga ekonomiska och miljömässiga konsekvenser. Fartygsminor, både gamlaoch nya, utgör betydande risker. Uppgiften med att röja dessa hinder, har historisktutförd av människor innebärandes stora risker. Detta har drivit på utvecklingen avobemannade fartyg. Dessa autonoma lösningar syftar till att effektivt ta itu medfarorna som fartygsminor utgör samtidigt som de garanterar människors säkerhet. Syfte Detta examensarbete syftar till att utforska potentialen hos nästa generations MCMVoch utveckla ett koncept för ett autonomt eller fjärrstyrt fartyg som effektivt kanröja sjöminor. Antagandet görs att MCMV antingen kommer att vara autonomeller fjärrstyrd, och alternativa konstruktioner som undervattensfordon övervägs inte.Dessutom bygger studien på nyttjande av konventionell plattformsteknik, vilket po-tentiellt begränsar fordonens kapacitet jämfört med framtida tekniker. Metod Metodiken som används i detta examensarbete är centrerad på analys av aktuellatrender och teknologier i MCM-området. Tre världsledande produkter inom områdetbeskrivs ingående för att sedan gå igenom en omfattande utvärdering, resultatet nyt-tjas för att ligga till grund för konceptutvecklingen. Resultat Resultatet är ett katamaranbaserat koncept som innehåller ytterligare funktioner föratt förbättra dess anpassnings- och självförsvarsförmåga. Konceptet utgår från ut-formningen av en befintlig produkt, med nya tillförda funktioner som justerbar breddoch förmågan att aggera som framskjuten spaning, samt bidra till luftförsvarska-paciteten inom flottan. Slutsatser Framtiden för MCM-verksamheten förväntas skifta mot automatiserade system, kän-netecknade av mindre och mer prisvärda plattformar. Denna tekniska utvecklingmöjliggör byggnation av fler MCMV, där effektiviteten snarare bestäms av antaletenheter än fartygens hastighet. När exploateringen i marina miljöer fortsätter, blirbetydelsen av säkerhet och kontroll i dessa miljöer av yttersta vikt. AutonomaMCMV kommer att spela en viktig roll för att hantera dessa utmaningar.
|
23 |
An Automatable Workflow to Analyze and Secure Integrated Circuits Against Power Analysis AttacksPerera, Kevin 02 June 2017 (has links)
No description available.
|
24 |
Internet-of-Things Privacy in WiFi Networks: Side-Channel Leakage and MitigationsAlyami, Mnassar 01 January 2024 (has links) (PDF)
WiFi networks are susceptible to statistical traffic analysis attacks. Despite encryption, the metadata of encrypted traffic, such as packet inter-arrival time and size, remains visible. This visibility allows potential eavesdroppers to infer private information in the Internet of Things (IoT) environment. For example, it allows for the identification of sleep monitors and the inference of whether a user is awake or asleep.
WiFi eavesdropping theoretically enables the identification of IoT devices without the need to join the victim's network. This attack scenario is more realistic and much harder to defend against, thus posing a real threat to user privacy. However, researchers have not thoroughly investigated this type of attack due to the noisy nature of wireless channels and the relatively low accuracy of WiFi sniffers.
Furthermore, many countermeasures proposed in the literature are inefficient in addressing side-channel leakage in WiFi networks. They often burden internet traffic with high data overhead and disrupt the user experience by introducing deliberate delays in packet transmission.
This dissertation investigates privacy leakage resulting from WiFi eavesdropping and proposes efficient defensive techniques. We begin by assessing the practical feasibility of IoT device identification in WiFi networks. We demonstrate how an eavesdropper can fingerprint IoT devices by passively monitoring the wireless channel without joining the network. After exploring this privacy attack, we introduce a traffic spoofing-based defense within the WiFi channel to protect against such threats. Additionally, we propose a more data-efficient obfuscation technique to counter traffic analytics based on packet size without adding unnecessary noise to the traffic.
|
25 |
Periodic Search Strategies For Electronic Countermeasure Receivers With Desired Probability Of Intercept For Each Frequency BandKoksal, Emin 01 January 2010 (has links) (PDF)
Radar systems have been very effective in gathering information in a battlefield, so
that the tactical actions can be decided. On the contrary, self-protection systems
have been developed to break this activity of radars, for which radar signals must be
intercepted to be able to take counter measures on time. Ideally, interception should
be done in a certain time with a 100% probability, but in reality this is not the case.
To intercept radar signals in shortest time with the highest probability, a search
strategy should be developed for the receiver. This thesis studies the conditions
under which the intercept time increases and the probability of intercept decreases.
Moreover, it investigates the performance of the search strategy of Clarkson with
respect to these conditions, which assumes that a priori knowledge about the radars
that will be intercepted is available. Then, the study identifies the cases where the
search strategy of Clarkson may be not desirable according to tactical necessities,
and proposes a probabilistic search strategy, in which it is possible to intercept radar
signals with a specified probability in a certain time.
|
26 |
Analyse de vulnérabilités de systèmes avioniques embarqués : classification et expérimentation / Vulnerabilities analysis of embedded avionic systems : classification and experimentDessiatnikoff, Anthony 17 July 2014 (has links)
L’évolution actuelle des systèmes embarqués à bord des systèmes complexes (avions,satellites, navires, automobiles, etc.) les rend de plus en plus vulnérables à des attaques,en raison de : (1) la complexité croissante des applications ; (2) l’ouverture des systèmes vers des réseaux et systèmes qui ne sont pas totalement contrôlés ; (3) l’utilisation de composants sur étagère qui ne sont pas développés selon les méthodes exigées pour les systèmes embarqués critiques ; (4) le partage de ressources informatiques entre applications, qui va de pair avec l’accroissement de puissance des processeurs. Pour faire face aux risques de malveillances ciblant les systèmes embarqués, il est nécessaire d’appliquer ou d’adapter les méthodes et techniques de sécurité qui ont fait leurs preuves dans d’autres contextes : Méthodes formelles de spécification, développement et vérification ;Mécanismes et outils de sécurité (pare-feux, VPNs, etc.) ; Analyse de vulnérabilités et contre-mesures. C’est sur ce dernier point que portent nos travaux de thèse.En effet, cet aspect de la sécurité a peu fait l’objet de recherche, contrairement aux méthodes formelles. Cependant, il n’existe pas actuellement de modèle formel capable de couvrir à la fois des niveaux d’abstraction suffisamment élevés pour permettre d’exprimer les propriétés de sécurité désirées, et les détails d’implémentation où se situent la plupart des vulnérabilités susceptibles d’être exploitées par des attaquants : fonctions des noyaux d’OS dédiées à la protection des espaces d’adressage, à la gestion des interruptions et au changement de contextes, etc. ; implémentation matérielle des mécanismes de protection et d’autres fonctions ancillaires. C’est sur ces vulnérabilités de bas niveau que se focalise notre étude.Nos contributions sont résumées par la suite. Nous avons proposé une classification des attaques possibles sur un système temps-réel. En nous basant sur cette classification,nous avons effectué une analyse de vulnérabilité sur un système réaliste : une plateforme avionique expérimentale fournie par Airbus. Il s’agit d’un noyau temps-réel critique ordonnancé avec plusieurs autres applications, le tout exécuté sur une plateforme Freescale QorIQ P4080. C’est à travers une application dite « malveillante », présente parmi l’en-semble des applications, que nous essayons de modifier le comportement des autres applications ou du système global pour détecter des vulnérabilités. Cette méthode d’analyse de vulnérabilités a permis de détecter plusieurs problèmes concernant les accès mémoire,la communication entre applications, la gestion du temps et la gestion des erreurs qui pouvaient conduire à la défaillance du système global. Enfin, nous avons proposé des contre-mesures spécifiques à certaines attaques et des contre-mesures génériques pour le noyau temps-réel qui permet d’empêcher une application d’obtenir des accès privilégiés ou encore de perturber le comportement du système. / Security is becoming a major concern for embedded computing systems in variouscritical industrial sectors (aerospace, satellites, automotive, etc.). Indeed, recent trendsin the development and operation of such systems, have made them more and morevulnerable to potential attacks, for the following reasons : 1) increasing complexity of theapplications ; 2) openness to applications and networks that are note completely undercontrol ; 3) Use Commercial-Off-The-Shelf (COTS) hardware and software components ;4) Resource sharing among different applications, driven by the increase of processorscapabilities.To improve the security of such systems, it is necessary to apply or adapt methodsand techniques that have proven their efficiency in other contexts : Formal methods forspecification, development and verification ; Security mechanisms and tools (firewalls,VPNs, etc.) ; Vulnerability assessment and countermeasure provision.The research carried out in this thesis adresses the latter technique. This aspect ofsecurity analysis cannot be easily covered by current formal methods, since no exist-ing model is able to cover both high-level abstractions, where security properties canbe defined, and low-level implementation details, where most vulnerabilities that couldbe exploited by attackers lie : OS kernel implementation of address space protection,interrupt management, context switching, etc. ; hardware implementation of protectionmechanisms and other ancillary functions. Very few research projects are addressing thisaspect of security, which is the main objective of this thesis. In particular, our researchfocuses on low-level vulnerabilities, but contrarily with common practice, we aim todiscover and analyze them during the development process.Our contributions are summarized as follows. We elaborated a classification of low-level vulnerabilities for different implementations of real-time embedded systems. Basedon this classification, we carried out a vulnerability analysis study on a realistic system :An experimental avionic platform provided by Airbus. It consists of a critical real-timekernel scheduling the execution of different applications on a freescale QorIQ P4080platform. The identification and analysis of vulnerabilities is carried out based on a“malicious” application hosted on the platform that attempts to corrupt the behavior ofthe other applications or the global system considering different types of low level attacks.Such experiments allowed us to identify some problems related to the management ofmemory accesses, the communication between applications, time management and errorhandling that could lead to the global system failure.We have also proposed genericcounter measures to protect the real-time kernel against specific attacks, and to preventa given application from escalating its privileges or trying to compromise the systembehavior
|
27 |
An experimental study of driver fatigue: subjective driver fatigue score, driving performance, and driver fatigue countermeasuresLIU, Shixu 05 1900 (has links)
Two experiments were conducted to study driver fatigue. The first investigated driver fatigue and driving performance. Thirty one Participants completed a questionnaire to obtain their Subjective Driver Fatigue Score (SDFS) quantifying fatigue levels. Driving performance was evaluated by measuring steering wheel, lateral position, etc. The results showed significant increases in the SDFS and driving performance impairment following simulated driving sessions. Further analysis suggested a linear relationship between the SDFS and the standard deviation of lateral acceleration. Subjective fatigue assessment and driving performance were plotted as radar diagrams to show the multidimensional characteristics. The second experiment examined effects of caffeine and music on the SDFS, driving performance, and 8 EEG signal parameters. Initially, there was no significant inter-sessional variation in the dependent variables, suggesting all sessions were started at similar states. The final SDFS for caffeine and music sessions were significantly lower than control sessions, suggesting both inhibited subjective fatigue increase. Driving performance deteriorated less significantly in caffeine sessions than in control and music sessions. The results suggested that caffeine was more effective than music. EEG was not changed significantly. However, the amplitude of α wave increased significantly for an extremely fatigued individual, along with vehicle drifting and micro-sleep. In conclusion, the SDFS developed in this study successfully estimated subjective driver fatigue levels and showed a linear relationship with driving performance during driving tasks. Caffeine and music reduced driver fatigue subjectively similarly, but caffeine also helped subjects maintain driving performance. / Thesis / Doctor of Philosophy (PhD) / In this project, two experiments were conducted to study driver fatigue. A subjective driver fatigue score was specially developed and used as a driver fatigue indicator. This score was sensitive to driver fatigue changes, and showed a linear relationship with the standard deviation of lateral acceleration. Two popular driver fatigue countermeasures, caffeine and music, were examined to investigate the effects on subjective driver fatigue and driving performance. The results showed that caffeine reduced subjective driver fatigue and helped driver maintain good driving performance; however, music only helped drivers reduce subjective driver fatigue.
|
28 |
INTERNSHIP REPORT Butler County Department of Environmental ServicesSackenheim, Adam Michael 06 August 2004 (has links)
No description available.
|
29 |
Contributions à la sécurité des circuits intégrés face aux attaques par canaux auxiliaires / Contributions to the security of integrated circuits against side-channel attacksVaquié, Bruno 18 December 2012 (has links)
Les attaques par canaux cachés telles que les attaques par analyse de la consommation sont une menace pour la sécurité des circuits intégrés. Elles exploitent les fuites physiques émises par les circuits lors des calculs cryptographiques pour récupérer les informations secrètes qu'ils contiennent. De nombreuses contremesures, notamment matérielles, ont donc été proposées par la communauté dans le but de protéger les crypto-systèmes contre ce type d'attaques. Malgré leur efficacité, leur inconvénient majeur est leur surcoût important en surface, vitesse et consommation. Cette thèse a pour objectif de proposer des contremesures avec un faible coût au niveau matériel visant à réduire ces fuites et offrant un bon compromis entre sécurité et surcoûts. Pour cela, nous identifions tout d'abord les principales sources de fuites d'un crypto-système intégrant une architecture matérielle itérative d'un algorithme symétrique. Puis nous proposons plusieurs contremesures, à faible coût matériel, qui visent à réduire ces fuites. Enfin, nous évaluerons la robustesse de nos solutions face aux attaques par canaux cachés. / Side channel attacks such as power analysis attacks are a threat to the security of integrated circuits.They exploit the physical leakage of circuits during the cryptographic computations to retrieve the secret informations they contain. Many countermeasures, including hardware, have been proposed by the community in order to protect cryptosystems against such attacks. Despite their effectiveness, their major drawback is their significant additional cost in area, speed and consumption. This thesis aims at proposing low cost countermeasures able to reduce the leaks and offering a good compromise between security and costs. First we identify the main sources of leakage of a cryptographic system that integrates an iterative hardware architecture of a symetric algorithm. Then we propose several low cost countermeasures, which aim at reducing this leakage. Finally, we evaluate the robustness of our solutions against side channel attacks.
|
30 |
Time development of local scour at a bridge pier fitted with a collarAlabi, Patrick Dare 23 August 2006
A series of relatively recent bridge failures due to pier scour, as reported in literature, has rekindled interest in furthering our understanding of the scour process and for developing improved ways of protecting bridges against scour. Moreover, increased attention is being given to the state of Canadas infrastructure, a major aspect of which is the transportation network. In part, there is concern about both the impact of a failure on the handling of traffic flow while the failure is being remedied and on the cost of replacing the failed system component. As such, attention is being given to the scour design of new bridges and to the inspection, maintenance and management of existing bridge structures. The two major countermeasure techniques employed for preventing or minimising local scour at bridge piers are increased scour resistance and flow alteration. In the former case, the objective is to combat the erosive action of the scour-inducing mechanisms using hard engineering materials or physical barriers such as rock riprap. In the latter case, the objective is to either inhibit the formation of the scour-inducing mechanisms or to cause the scour to be shifted away from the immediate vicinity of the pier. This research focuses on a particular application of the latter technique. <p> In this study, the use of collars for reducing the effects of local scour at a bridge pier is presented together with the time aspect of the scour development. The adoption of a collar is based on the concept that its existence will sufficiently inhibit and/or deflect the local scour mechanisms so as to reduce the local scour immediately adjacent to the pier. The overall objective of the research is to study the temporal development of the scour for a pier fitted with a collar and a pier without a collar. More specifically, the objectives are: i) to evaluate the effectiveness of a pier collar for mitigating the depth of scour that would otherwise occur at a bridge pier; and ii) to assess the occurrence of an equilibrium scour condition, if achieved, or of the implications of not achieving such a condition in respect of interpreting the results obtained from a physical hydraulic model study. <p>The study was conducted using a physical hydraulic model operated under clear-water conditions in cohesionless bed material. Tests were conducted using two different pier diameters so as to determine the effect of pier diameter on the temporal development of scour for a plain pier. Also investigated was the effect of collar size on the time development of scour and its efficacy at preventing scour at a bridge pier. The time development of the scour hole around the model pier with and without a collar installed was compared with similar studies on bridge piers. Several equations for the temporal development of scour depth and those for the prediction of the equilibrium scour depth were tested as part of this study. <p>The results of the model study indicated that the maximum depth of scour is highly dependent on the experimental duration. The depth of the scour hole increases as the duration of the increased flow that initiates the scour increases. The extent of scour observed at the pier also increases as the duration of the tests increases. It was found that the temporal development of the scour hole at the pier was dependent on whether or not the pier was fitted with a collar placed at the bed level. The pathway to an equilibrium scour depth is different depending on whether the pier is fitted with a collar or not. With a collar in place, the development of the scour hole is considerably delayed. A truly equilibrium scour condition is not readily attainable and was not achieved in the work reported herein. It was demonstrated that wrong conclusions may be reached if a test is stopped short of an equilibrium state. As regards the temporal development of scour depth and for the tests in which no collar was fitted to the pier, it was noted that the form of equation that fits the experimental data well was the one given by Franzetti et al. (1982). Furthermore, it is possible to reach a variety of conclusions about the efficacy of using collars as a pier scour countermeasure technique, depending on which definition of time to equilibrium scour is adopted.
|
Page generated in 0.0409 seconds