Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next-generation air transportation systems. As the heart of modern air traffic ...control, it will play an essential role in the protection of two billion passengers per year, in addition to being crucial to many other interest groups in aviation. The inherent lack of security measures in the ADS-B protocol has long been a topic in both the aviation circles and in the academic community. Due to recently published proof-of-concept attacks, the topic is becoming ever more pressing, particularly with the deadline for mandatory implementation in most airspaces fast approaching. This survey first summarizes the attacks and problems that have been reported in relation to ADS-B security. Thereafter, it surveys both the theoretical and practical efforts that have been previously conducted concerning these issues, including possible countermeasures. In addition, the survey seeks to go beyond the current state of the art and gives a detailed assessment of security measures that have been developed more generally for related wireless networks such as sensor networks and vehicular ad hoc networks, including a taxonomy of all considered approaches.
This open access book reports the results of a study conducted in Switzerland in 2022 to provide an overview of the changing landscape of encryption and data protection technologies and their global ...usage trends. The Swiss Confederation tasked the Cyber-Defence Campus (CYD Campus) to identify the 38 most relevant encryption and data protection technologies, analyze their expected evolution until 2025, and derive implications for the military, civil society, and economy sectors. Fifty experts from academia, government, and industry have contributed to this study and provided their viewpoints on the different technologies and trends. This comprehensive collection of factsheets provides a reference for organizations and individuals that need to elaborate coherent and efficient data protection and encryption strategies in the coming years. The 38 technologies have been sorted into five categories. First, encryption foundations represent the technologies used to create other encryption applications. Second, low-level applications represent the technologies that focus on micro functionalities. Third, high-level applications represent the technologies that focus on more abstract and macro functionalities. Fourth, data protection represents the technologies used to protect data without encrypting these data. Finally, use cases represent concrete ways the different technologies can be used together to create a working solution. The book serves as a guide for decision-making within administrations, government organizations, and industry. It will also be interesting for the tech-savvy board member or engineers looking to get an entry point into data protection topics. Last not least, the book will also be a valuable reading for anyone interested in data protection and encryption.
Reactive jammers have been shown to be a serious threat for wireless communication. Despite this, it is difficult to detect their presence reliably. We propose a novel method to detect such ...sophisticated jammers in direct sequence spread spectrum (DSSS) wireless communication systems. The key idea is to extract statistics from the jamming-free symbols of the DSSS synchronizer to discern jammed packets from those lost due to bad channel conditions. Our contribution is twofold. First, we experimentally evaluate new empirical models utilizing the preamble symbols of IEEE 802.15.4 packets, thus enabling the accurate prediction of the packet delivery ratio (PDR). We show that the chip error rate-based metric is superior to metrics used in the literature, offering an accurate and reactive indicator of the true PDR. Our second contribution is the design and evaluation of a detection technique relying on this metric to detect reactive jammers. We build a software-defined radio testbed and show that our technique enables the error-free detection of reactive jammers that jam all packets on links with a PDR above 0.3. To the best of our knowledge, our detector is the first to detect reactive jamming attacks targeting the physical layer header of DSSS packets, and does not require any modifications of the wireless communication system.
LocaRDS: A Localization Reference Data Set Schäfer, Matthias; Strohmeier, Martin; Leonardi, Mauro ...
Sensors (Basel, Switzerland),
08/2021, Letnik:
21, Številka:
16
Journal Article
Recenzirano
Odprti dostop
The use of wireless signals for the purposes of localization enables a host of applications relating to the determination and verification of the positions of network participants ranging from radar ...to satellite navigation. Consequently, this has been a longstanding interest of theoretical and practical research in mobile networks and many solutions have been proposed in the scientific literature. However, it is hard to assess the performance of these in the real world and, more importantly, to compare their advantages and disadvantages in a controlled scientific manner. With this work, we attempt to improve the current state of art methodology in localization research and to place it on a solid scientific grounding for future investigations. Concretely, we developed LocaRDS, an open reference data set of real-world crowdsourced flight data featuring more than 222 million measurements from over 50 million transmissions recorded by 323 sensors. We demonstrate how we can verify the quality of LocaRDS measurements so that it can be used to test, analyze and directly compare different localization methods. Finally, we provide an example implementation for the aircraft localization problem and a discussion of possible metrics for use with LocaRDS.
Numerous studies have shown that concurrent transmissions can help boost wireless network performance despite the possibility of packet collisions. However, while these works provide empirical ...evidence that concurrent transmissions may be received reliably, existing signal capture models only partially explain the root causes of this phenomenon. We present a comprehensive mathematical model for MSK-modulated signals that makes the reasons explicit and thus provides fundamental insights into the key parameters governing the successful reception of colliding transmissions. A major contribution is the closed-form derivation of the receiver bit decision variable for an arbitrary number of colliding signals and constellations of power ratios, time offsets, and carrier phase offsets. We systematically explore the factors for successful packet delivery under concurrent transmissions across the whole parameter space of the model. We confirm the capture threshold behavior observed in previous studies but also reveal new insights relevant to the design of optimal protocols. We identify capture zones depending not only on the signal power ratio but also on time and phase offsets.
Cloud computing environments increasingly provision field-programmable gate arrays (FPGAs) for their programmability and hardware-level parallelism. While FPGAs are typically used by one tenant at a ...time, multitenant schemes supporting spatial sharing of cloud FPGA resources have been proposed in the literature. However, the spatial multitenancy of FPGAs opens up new attack surfaces. Investigating potential security threats to multitenant FPGAs is thus essential for better understanding and eventually mitigating the security risks. This work makes a notable step forward by systematically analyzing the combined threat of FPGA power wasters and satisfiability don’t-care hardware Trojans in shared cloud FPGAs. We demonstrate a successful remote undervolting attack that activates a hardware Trojan concealed within a victim FPGA design and exploits the payload. The attack is carried out entirely remotely, assuming two spatially colocated FPGA users isolated from one another. The victim user’s circuit is infected with a Trojan, triggered by a pair of don’t-care signals that never reach the combined trigger condition during regular operation. The adversary, targeting the exploitation of the Trojan, deploys power waster circuits to lower the supply voltage of the FPGA. The assumption is that, under the effect of the lowered voltage, don’t-care signals may reach the particular state that triggers the Trojan. We name this exploit X -Attack and demonstrate its feasibility on an embedded FPGA and real-world cloud FPGA instances. Additionally, we study the effects of various attack tuning parameters on the exploit’s success. Finally, we discuss potential countermeasures against this security threat and present a lightweight self-calibrating countermeasure. To the best of our knowledge, this is the first work on undervolting-based fault-injection attacks in multitenant FPGAs to demonstrate the attack on commercially available cloud FPGA instances.
Red blood cell (RBC) hitchhiking has great potential in enhancing drug therapy, by improving targeting and reducing rapid clearance of nanoparticles (NPs). However, to improve the potential for ...clinical translation of RBC hitchhiking, a more thorough understanding of the RBC-NP interface is needed. Here, we evaluate the effects of NP surface parameters on the success and biocompatibility of NP adsorption to extracted RBCs from various species. Major differences in RBC characteristics between rabbit, mouse and human were proven to significantly impact NP adsorption outcomes. Additionally, the effects of NP design parameters, including NP hydrophobicity, zeta potential, surfactant concentration and drug encapsulation, on RBC hitchhiking are investigated. Our studies demonstrate the importance of electrostatic interactions in balancing NP adsorption success and biocompatibility. We further investigated the effect of varying the anti-coagulant used for blood storage. The results presented here offer new insights into the parameters that impact NP adsorption on RBCs that will assist researchers in experimental design choices for using RBC hitchhiking as drug delivery strategy.
Field-programmable gate arrays (FPGAs) combine hardware reconfigurability with a high degree of parallelism. Consequently, FPGAs offer performance gains and power savings for many applications. A ...recent trend has been to leverage the hardware versatility of FPGAs with the software programmability of central processing units (CPUs) to improve the performance of processing-intensive workloads. A variety of heterogeneous FPGA-CPU embedded systems are thus available. However, the security of FPGA-CPU systems has not yet been thoroughly evaluated. In this work, we demonstrate the first attack on FPGA-CPU platforms which leverages undervolting caused by the FPGA to inject faults and exploit them against a software encryption algorithm. The aggressor FPGA affects a CPU sharing the same system-on-chip (SoC). We show that circuits in the FPGA fabric, controlled by an attacker, can create a significant supply voltage drop which, in turn, faults the software computation performed by the CPU or even causes a denial-of-service attack. Our results do not rely on any hardware modifications of the target platform. We present a characterization of the attack parameters and the effects observed. Then, we leverage the FPGA-induced undervolting to fault multiplications executing on the CPU. We also highlight how an attacker might benefit from the injected faults to compromise the system's security by demonstrating differential fault analysis (DFA) against an advanced encryption standard (AES) implementation. Our work exposes a new electrical-level threat in tightly integrated modern FPGA-CPU SoCs, bringing to light a need for more research on countermeasures.
Voice communication between air traffic controllers (ATCos) and pilots is critical for ensuring safe and efficient air traffic control (ATC). The handling of these voice communications requires high ...levels of awareness from ATCos and can be tedious and error-prone. Recent attempts aim at integrating artificial intelligence (AI) into ATC communications in order to lessen ATCos’s workload. However, the development of data-driven AI systems for understanding of spoken ATC communications demands large-scale annotated datasets, which are currently lacking in the field. This paper explores the lessons learned from the ATCO2 project, which aimed to develop an unique platform to collect, preprocess, and transcribe large amounts of ATC audio data from airspace in real time. This paper reviews (i) robust automatic speech recognition (ASR), (ii) natural language processing, (iii) English language identification, and (iv) contextual ASR biasing with surveillance data. The pipeline developed during the ATCO2 project, along with the open-sourcing of its data, encourages research in the ATC field, while the full corpus can be purchased through ELDA. ATCO2 corpora is suitable for developing ASR systems when little or near to no ATC audio transcribed data are available. For instance, the proposed ASR system trained with ATCO2 reaches as low as 17.9% WER on public ATC datasets which is 6.6% absolute WER better than with “out-of-domain” but gold transcriptions. Finally, the release of 5000 h of ASR transcribed speech—covering more than 10 airports worldwide—is a step forward towards more robust automatic speech understanding systems for ATC communications.