Search Results (36)

Smartphones are ubiquitous and continuously carried high-performance devices equipped with speech recognition capabilities that enable the analysis of surrounding conversations. When leveraged for public purposes, networks of smartphones can function as a large-scale sensing infrastructure capable of detecting and reporting early signs of serious crimes or terrorist activities. This paper proposes the concept of “Smartphone as Societal Safety Guard” as an approach to substantially enhancing public safety through relatively low additional cost and the combination of existing technologies (first pillar). At the same time, this concept entails serious risks of privacy infringement, as exemplified by the potential introduction of always-on eavesdropping through operating system updates. The originality of this study lies in redefining smartphones not merely as personal tools but as public safety infrastructure within democratic societies, and in systematizing the conditions for their social acceptability from the perspective of institutional design. This research presents a reference architecture and a regulatory framework, and organizes six key challenges that must be addressed to reconcile public safety with privacy protection: external attacks, mitigation of privacy information, false positives, expansion of the scope of application, discriminatory use, and misuse by authorized insiders. In particular, misuse by authorized insiders is positioned as the core challenge. As a necessary condition for acceptance in democratic societies (second pillar), this paper proposes a privacy-protective infrastructure centered on the Verifiable Record of AI Output (VRAIO). By combining on-device two-stage urgency classification with the review and recording of AI outputs by independent third-party entities, the proposed framework aims to provide a mechanism that can ensure, as a design requirement, that information unrelated to emergencies is not released outside the device. In summary, this paper presents a design framework for reconciling enhanced public safety with the protection of privacy. Full article

The growing reliance on satellite-based infrastructures for communication, navigation, defense, and environmental monitoring has magnified the urgency of securing Space Information Networks (SINs) against cyber threats. This paper presents a comprehensive review of the vulnerabilities, threat vectors, and advanced countermeasures impacting SINs. Key vulnerabilities, including system complexity, use of Commercial Off-the-Shelf (COTS) components, lack of standardized security frameworks, and emerging quantum threats, are critically analyzed. This paper classifies cyber threats into active and passive categories, highlighting real-world case studies such as Denial-of-Service attacks, message modification, eavesdropping, and satellite transponder hijacking. A detailed survey of countermeasures follows, focusing on AI-driven intrusion detection, federated learning approaches, deep learning techniques, random routing algorithms, and quantum-resistant encryption. This study emphasizes the pressing need for integrated, resilient, and proactive security architectures tailored to the unique constraints of space systems. It concludes by identifying research gaps and recommending future directions to enhance the resilience of SINs against evolving cyber threats in an increasingly contested space environment. Full article

Modern networked industrial applications often require low-latency communication. Some applications evolve over time, however, are tied to yet existing infrastructures, like power grids spanning across large areas. For instance, medium voltage direct current (MVDC) grids are evolving to a promising alternative to traditional medium voltage alternating current (MVAC) grids due to their efficiency and suitability for novel use cases like electric mobility. MVDC grids, however, require an active control and fault handling strategy. Some strategies demand for a continuous state exchange of the converter substations via a low-latency communication channel with less than 1 millisecond. While some communication approaches for MVDC grids are described in the literature, none of them is inherently designed to be secure. In this paper, we present a protocol for ultra-low-latency secure state exchange (PULLSE) based on conventional non-deterministic Ethernet and AES-GCM. We chose Ethernet in order to not limit the approaches usability in terms of hardware requirements or communication patterns. PULLSE is designed to prevent traffic eavesdropping, replay, and manipulation attacks. Full article

Integrated sensing and communication (ISAC) has attracted extensive attention as a key technology to improve spectrum utilization and system performance for future wireless sensor networks. At the same time, active surveillance, as a legitimate means of surveillance, can improve the success rate of surveillance by sending interference signals to suspicious receivers, which is important for crime prevention and public safety. In this paper, we investigate the joint optimization of performance of both ISAC and active surveillance. Specifically, we formulate a bilevel optimization problem where the upper-level objective aims to maximize the probability of successful eavesdropping while the lower-level objective aims to optimize the localization performance of the radar on suspicious transmitters. By employing the Rayleigh quotient, introducing a decoupling strategy, and adding penalty terms, we propose an algorithm to solve the bilevel problem where the lower-level objective is convex. With the help of the proposed algorithm, we obtain the optimal solution of the analog transmit beamforming matrix and the digital beamforming vector. Performance analysis and discussion of key insights, such as the trade-off between eavesdropping success probability and radar localization accuracy, are also provided. Finally, comprehensive simulation results validate the effectiveness of our proposed algorithm in enhancing both the eavesdropping success probability and the accuracy of radar localization. Full article

DNS over HTTPS (DoH) is an advanced version of the traditional DNS protocol that prevents eavesdropping and man-in-the-middle attacks by encrypting queries and responses. However, it introduces new challenges such as encrypted traffic communication, masking malicious activity, tunneling attacks, and complicating intrusion detection system (IDS) packet inspection. In contrast, unencrypted packets in the traditional Non-DoH version remain vulnerable to eavesdropping, privacy breaches, and spoofing. To address these challenges, an optimized dual-path feature selection approach is designed to select the most efficient packet features for binary class (DoH-Normal, DoH-Malicious) and multiclass (Non-DoH, DoH-Normal, DoH-Malicious) classification. Ant Colony Optimization (ACO) is integrated with machine learning algorithms such as XGBoost, K-Nearest Neighbors (KNN), Random Forest (RF), and Convolutional Neural Networks (CNNs) using CIRA-CIC-DoHBrw-2020 as the benchmark dataset. Experimental results show that the proposed model selects the most effective features for both scenarios, achieving the highest detection and outperforming previous studies in IDS. The highest accuracy obtained for binary and multiclass classifications was 0.9999 and 0.9955, respectively. The optimized feature set contributed significantly to reducing computational costs and processing time across all utilized classifiers. The results provide a robust, fast, and accurate solution to challenges associated with encrypted DNS packets. Full article

As a key enabling technology of the Internet of Thing (IoT), WiFi sensing has undergone noteworthy advancements and brought significant improvement to prevailing IoT systems and applications. The past few years have witnessed growing efforts in WiFi sensing, which is widely applied in various applications, such as indoor localization, human activity recognition, physiological signal monitoring, and so on. However, these techniques are also maliciously used by attackers to eavesdrop on legitimate users and even tamper the sensing results. Fortunately, these attack techniques in turn promote the advancement of WiFi sensing techniques, especially defense techniques. In this study, we carried out a comprehensive survey to systematically summarize the works related to the topic of attacks and defenses on WiFi sensing technology. Firstly, we summarize the existing surveys in related areas and highlight our unique novelty. Then, we introduce the concept of the core topic of this survey and provide a taxonomy to distinguish different kinds of attack and defense techniques, respectively, that is, active and passive attack techniques as well as active and passive defense techniques. Furthermore, existing works in each category are grouped and introduced in detail, respectively. Full article

Establishing robust cybersecurity for Internet of Things (IoT) ecosystems poses significant challenges for system operators due to IoT resource constraints, trade-offs between security and performance, diversity of applications, and their security requirements, usability, and scalability. This article introduces a physical-layer security (PLS) approach that enables IoT devices to maintain specified levels of information confidentiality against wireless channel eavesdropping threats. This work proposes applying PLS active defense mechanisms utilizing spectrum-sharing schemes combined with fair scheduling and power management algorithms to mitigate the risk of eavesdropping attacks on resource-constrained IoT environments. Specifically, an IoT device communicating over an insecure wireless channel will utilize intentional noise signals transmitted alongside the actual IoT information signal. The intentional noise signal will appear to an eavesdropper (EVE) as additional noise, reducing the EVE’s signal-to-interference-plus-noise ratio (SINR) and increasing the EVE’s outage probability, thereby restricting their capacity to decode the transmitted IoT information, resulting in better protection for the confidentiality of the IoT device’s transmission. The proposed communication strategy serves as a complementary solution to existing security methods. Analytical and numerical analyses presented in this article validate the effectiveness of the proposed strategy, demonstrating that IoT devices can achieve the desired levels of confidentiality. Full article

Despite its flexibility, unmanned aerial vehicle (UAV) communications are susceptible to eavesdropping due to the open nature of wireless channels and the broadcasting nature of wireless signals. This paper studies secure UAV communications and proposes a method to optimize the minimum secrecy rate of the system by using interference technology to enhance it. To this end, the system not only deploys multiple UAV base stations (BSs) to provide services to legitimate users but also assigns dedicated UAV jammers to send interference signals to active or potential eavesdroppers to disrupt their eavesdropping effectiveness. Based on this configuration, we formulate the optimization process of parameters such as the user association variables, UAV trajectory, and output power as a sequential decision-making problem and use the single-agent soft actor-critic (SAC) algorithm and twin delayed deep deterministic policy gradient (TD3) algorithm to achieve joint optimization of the core parameters. In addition, for specific scenarios, we also use the multi-agent soft actor-critic (MASAC) algorithm to solve the joint optimization problem mentioned above. The numerical results show that the normalized average secrecy rate of the MASAC algorithm increased by more than 6.6% and 14.2% compared with that of the SAC and TD3 algorithms, respectively. Full article

The advent of the Fourth Industrial Revolution has positioned the Internet of Things as a pivotal force in intelligent vehicles. With the source of vehicle-to-everything (V2X), Internet of Things (IoT) networks, and inter-vehicle communication, intelligent connected vehicles are at the forefront of this transformation, leading to complex vehicular networks that are crucial yet susceptible to cyber threats. The complexity and openness of these networks expose them to a plethora of cyber-attacks, from passive eavesdropping to active disruptions like Denial of Service and Sybil attacks. These not only compromise the safety and efficiency of vehicular networks but also pose a significant risk to the stability and resilience of the Internet of Vehicles. Addressing these vulnerabilities, this paper proposes a Dynamic Forest-Structured Ensemble Network (DFSENet) specifically tailored for the Internet of Vehicles (IoV). By leveraging data-balancing techniques and dimensionality reduction, the DFSENet model is designed to detect a wide range of cyber threats effectively. The proposed model demonstrates high efficacy, with an accuracy of 99.2% on the CICIDS dataset and 98% on the car-hacking dataset. The precision, recall, and f-measure metrics stand at 95.6%, 98.8%, and 96.9%, respectively, establishing the DFSENet model as a robust solution for securing the IoV against cyber-attacks. Full article

Intentional electromagnetic interference attacks (e.g., jamming) against wireless connected devices such as the Internet of Things (IoT) remain a serious challenge, especially as such attacks evolve in complexity. Similarly, eavesdropping on wireless communication channels persists as an inherent vulnerability that is often exploited by adversaries. This article investigates a novel approach to enhancing information security for IoT systems via collaborative strategies that can effectively mitigate attacks targeting availability via interference and confidentiality via eavesdropping. We examine the proposed approach for two use cases. First, we consider an IoT device that experiences an interference attack, causing wireless channel outages and hindering access to transmitted IoT data. A physical-layer-based security (PLS) transmission strategy is proposed in this article to maintain target levels of information availability for devices targeted by adversarial interference. In the proposed strategy, select IoT devices leverage a cooperative transmission approach to mitigate the IoT signal outages under active interference attacks. Second, we consider the case of information confidentiality for IoT devices as they communicate over wireless channels with possible eavesdroppers. In this case, we propose a collaborative transmission strategy where IoT devices create a signal outage for the eavesdropper, preventing it from decoding the signal of the targeted devices. The analytical and numerical results of this article illustrate the effectiveness of the proposed transmission strategy in achieving desired IoT security levels with respect to availability and confidentiality for both use cases. Full article

Path hopping serves as an active defense mechanism in network security, yet it encounters challenges like a restricted path switching space, the recurrent use of similar paths and vital nodes, a singular triggering mechanism for path switching, and fixed hopping intervals. This paper introduces an active defense method employing multiple constraints and strategies for path hopping. A depth-first search (DFS) traversal is utilized to compute all possible paths between nodes, thereby broadening the path switching space while simplifying path generation complexity. Subsequently, constraints are imposed on residual bandwidth, selection periods, path similitude, and critical nodes to reduce the likelihood of reusing similar paths and crucial nodes. Moreover, two path switching strategies are formulated based on the weights of residual bandwidth and critical nodes, along with the calculation of path switching periods. This facilitates adaptive switching of path hopping paths and intervals, contingent on the network’s residual bandwidth threshold, in response to diverse attack scenarios. Simulation outcomes illustrate that this method, while maintaining normal communication performance, expands the path switching space effectively, safeguards against eavesdropping and link-flooding attacks, enhances path switching diversity and unpredictability, and fortifies the network’s resilience against malicious attacks. Full article

Recent decades have witnessed a remarkable pace of innovation and performance improvements in integrated circuits (ICs), which have become indispensable in an array of critical applications ranging from military infrastructure to personal healthcare. Meanwhile, recent developments have brought physical security to the forefront of concern, particularly considering the valuable assets handled and stored within ICs. Among the various invasive attack vectors, micro-probing attacks have risen as a particularly menacing threat. These attacks leverage advanced focused ion beam (FIB) systems to enable post-silicon secret eavesdropping and circuit modifications with minimal traceability. As an evolved variant of micro-probing attacks, reroute attacks possess the ability to actively disable built-in shielding measures, granting access to the security-sensitive signals concealed beneath. To address and counter these emerging challenges, we introduce a layout-level framework known as Detour-RS. This framework is designed to automatically assess potential vulnerabilities, offering a systematic approach to identifying and mitigating exploitable weaknesses. Specifically, we employed a combination of linear and nonlinear programming-based approaches to identify the layout-aware attack costs in reroute attempts given specific target assets. The experimental results indicate that shielded designs outperform non-shielded structures against reroute attacks. Furthermore, among the two-layer shield configurations, the orthogonal layout exhibits better performance compared to the parallel arrangement. Furthermore, we explore both independent and dependent scenarios, where the latter accounts for potential interference among circuit edit locations. Notably, our results demonstrate a substantial near 50% increase in attack cost when employing the more realistic dependent estimation approach. In addition, we also propose time and gas consumption metrics to evaluate the resource consumption of the attackers, which provides a perspective for evaluating reroute attack efforts. We have collected the results for different categories of target assets and also the average resource consumption for each via, required during FIB reroute attack. Full article

This paper proposes to combat active eavesdropping using intelligent reflecting surface (IRS) backscatter techniques. To be specific, the source (Alice) sends the confidential information to the intended user (Bob), while the eavesdropper (Willie) transmits a jamming signal to interrupt the transmission for more data interception. To enhance the secrecy, an IRS is deployed and connected with Alice through fiber to transform the jamming signal into the confidential signal by employing backscatter techniques. Based on the considered model, an optimization problem is formulated to maximize the signal-to-interference-plus-noise ratio (SINR) at Bob under the constraints of the transmit power at Alice, the reflection vector at the IRS, and the allowable maximum the SINR at Willie. To address the optimization problem, an alternate optimization algorithm is developed. The simulation results verify the achievable secrecy gain of the proposed scheme. The proposed scheme is effective in combating active eavesdropping. Furthermore, the deployment of large-scale IRS significantly enhances the secrecy rate. Full article

This paper proposes and studies the physical layer security of a mixed radio frequency/free space optical (RF/FSO) system based on reconfigurable intelligent surface (RIS)-aided jamming to prevent eavesdropping. This work considers Nakagami-m fading for the RF links and Málaga (M) turbulence for the FSO links. A two-hop decode-and-forward (DF) relaying method was used and the eavesdropper actively eavesdropped on the information transmitted by the RF link. The eavesdropper was thwarted by a wireless-powered jammer that transmits jamming signals, which were reflected by the RIS to the eavesdropper to ensure secure communication in the mixed RF/FSO system. The expressions of secrecy outage probability (SOP) and average secrecy capacity (ASC) of the RIS-aided mixed RF/FSO system were derived for the system model discussed above. The Monte Carlo method was utilized to verify the accuracy of these expressions. In the RIS-aided mixed RF/FSO system, the effects of the time switching factor, energy conversion efficiency, and average interference noise ratio on the system secrecy outage probability were analyzed and compared to the RIS-free mixed RF/FSO system. Meanwhile, the influence of the number of RIS reflecting elements, link distances before and after reflection, and fading severity parameter on the security performance of a mixed RF/FSO system assisted by RIS were also investigated. Full article

Recently, unmanned aerial vehicles (UAVs) have gained significant popularity and have been extensively utilized in wireless communications. Due to the susceptibility of wireless channels to eavesdropping, interference and other security attacks, UAV communication security faces serious challenges. Therefore, novel solutions need to be investigated for handling corresponding issues. Note that the UAV with full-duplex (FD) mode can actively improve spectral efficiency, and reconfigurable intelligent surface (RIS) can enable the intelligent control of signal reflection for improving transmission quality. Accordingly, the security of UAV communications may be considerably improved by combining the two techniques mentioned above. In this paper, we investigate the performance of secure communication in urban areas, assisted by a FD UAV and an RIS, where the UAV receives sensitive information from the ground users and sends jamming signals to the ground eavesdroppers. Particularly, we propose an approach to jointly optimize the user scheduling, user transmit power, UAV jamming power, RIS phase shift, and UAV trajectory for maximizing the worst-case secrecy rate. However, the non-convexity of the problem makes it difficult to solve. Combining alternating optimization (AO), slack variable techniques, successive convex approximation (SCA), and semi-definite relaxation (SDR), we propose an effective algorithm to obtain a suboptimal solution. According to the simulation results, in contrast to other benchmark schemes, we show that our proposed algorithm can significantly improve the overall secrecy rate. Full article