基于容积卡尔曼滤波的虚假数据注入攻击检测研究

虚假数据注入攻击给电力系统的安全稳定运行带来严重威胁,研究其检测方法具有十分重大的意义.本文基于容积卡尔曼滤波提出了一种虚假数据注入攻击的检测方法,该方法首先利用容积卡尔曼滤波算法对系统进行状态估计;其次,将状态估计结果与加权最小二乘法的估计结果进行状态一致性检验;最后,以IEEE-14节点系统为试验对象,进行算例分析.结果表明,本文的方法能够有效地检测出注入到系统中的虚假数据.     

SQL注入攻击及其检测防御技术研究

本文对SQL注入攻击的原理和方法进行了介绍,对如何检测和防御SQL注入攻击进行了研究.网络系统安全问题是一个持续性问题,SQL注入攻击作为网络中最为常见的攻击手段.了解并掌握如何有效防御SQL注入攻击对提升Web网络系统的安全性有着重大的现实指导意义.     

基于概率统计的错误数据注入攻击

信息战的威胁越来越被大家所重视。错误数据注入攻击,通过危害电力系统状态估计,给电力系统的安全和可靠运行产生了巨大的威胁。然而它也给攻击者提出了很高的要求。从降低错误数据注入攻击条件出发,构建了基于概率统计的错误数据注入攻击。该方案允许攻击者在只能操纵一个电表测量值的情况下仍可以发起影响弱化的错误数据注入攻击。随着可操纵的测量值数增加,攻击影响逐渐增大,并最终与原始方案无缝衔接。最后通过仿真分析,验证了方案的有效性和可行性。     

基于微控制器的AES激光注入攻击研究

密码设备面临故障攻击的威胁,针对密码芯片的故障攻击手段研究是密码学和硬件安全领域的重要研究方向.脉冲激光具有较好的时空分辨性,是一种准确度较高的故障攻击手段.该文详细描述了激光注入攻击的原理和方法,以集成AES-128算法的微控制器(MCU)为例实施了激光注入攻击实验.实验以微控制器的SRAM为攻击目标,分别成功实现了差分故障攻击和子密钥编排攻击,恢复了其16 Byte的完整密钥,其中后一种攻击是目前首次以激光的手段实现.研究表明,激光注入攻击能准确定位关键数据存放的物理位置,并能在任意的操作中引入错误,实现单比特的数据翻转,满足故障攻击模型的需求.激光注入攻击能在较短时间内完成自动攻击和密文收集,攻击过程贴近真实场景,对密码芯片具有极大的威胁.     

基于微控制器的AES激光注入攻击研究

密码设备面临故障攻击的威胁,针对密码芯片的故障攻击手段研究是密码学和硬件安全领域的重要研究方向。脉冲激光具有较好的时空分辨性,是一种准确度较高的故障攻击手段。该文详细描述了激光注入攻击的原理和方法,以集成AES-128算法的微控制器(MCU)为例实施了激光注入攻击实验。实验以微控制器的SRAM为攻击目标,分别成功实现了差分故障攻击和子密钥编排攻击,恢复了其16 Byte的完整密钥,其中后一种攻击是目前首次以激光的手段实现。研究表明,激光注入攻击能准确定位关键数据存放的物理位置,并能在任意的操作中引入错误,实现单比特的数据翻转,满足故障攻击模型的需求。激光注入攻击能在较短时间内完成自动攻击和密文收集,攻击过程贴近真实场景,对密码芯片具有极大的威胁。     

电力系统无线通信技术对比分析

电力系统无线通信WiMAX属于无线宽带接入网,由于无线信道的开放性,它的安全问题尤为引人注目.由于无线接入网所固有的特点,它的安全问题通常集中在认证机制、数据的机密性、完整性和防DoS攻击等方面.安全子层的存在就是为了解决上述问题.     

Web应用中SQL注入攻击研究

SQL注入攻击是一种利用客户端用户提交数据构成查询语句而没有对潜在有害字符进行处理就在Web应用后台数据库中执行,从而产生与应用预期不同结果的一种攻击手段。在Internet或企业内部网络中,对Web应用中进行SQL注入攻击大量存在。这种攻击手段很容易被攻击者利用,但是只要对Web应用采取合理的安全防护措施就可以阻止SQL注入的发生或减少攻击造成的损失。     

注入攻击下的扩展卡尔曼滤波安全检测

信息物理系统是一种开放式的网络化智能信息系统，容易受到安全攻击。注入攻击是一种通信攻击，注入虚假数据会使传感器获得错误量测值，从而导致系统性能变差。针对这一安全问题，文中结合扩展卡尔曼状态估计器，利用基于最小迹原则扩展卡尔曼滤波状态估计的检测方案，对同一场景下的新息序列进行检测，通过假设检验来判断系统状态。MATLAB仿真结果表明，在给定的攻击检测规则下，该检测方案能够有效检测到注入攻击，减少传感器因错误量测值而造成的系统性能损失问题。     

电磁故障注入攻击对动态随机存取存储器安全性的影响研究

以探索电磁故障注入(EMFI)攻击对动态随机存取存储器(DRAM)的安全性影响为目标,该文使用电磁故障注入攻击平台对DRAM进行了扫描攻击,对出现的故障进行统计分类,随后基于DRAM的基本结构分析阐述了造成故障的机理,最后展示了通过电磁脉冲攻击DRAM对计算机系统的安全威胁.实验表明电磁脉冲在DRAM中既可以引起瞬时故障也可以引起持续性故障,且以多故障为主.分析发现,电磁脉冲故障攻击技术可以以低的时间和空间分辨率向DRAM的指定地址注入持续性故障.另外,该文成功地将持续性故障注入到了存储在DRAM中的AES-128程序中并破解了其密钥,证明了使用电磁脉冲对DRAM进行攻击能对计算机系统造成安全威胁,展示了DRAM安全性的研究对硬件系统安全具有重要意义.     

SQL注入绕过技术与防御机制研究

注入攻击已经成为危害web安全的第一要素,而SQL注人攻击是注入攻击的主要攻击手段,如何防御层出不穷的绕过技术是目前的研究热点之一。本文首先对SQL注入攻击技术进行了介绍,并对攻击方式进行了分类。然后,总结了SQL注入的各种绕过技术。最后,根据各种绕过方法,从网络架构到代码开发等多方面给出了SQL注人的防御机制。     

密码芯片中抗差分功耗分析攻击的DES方案设计

功耗分析攻击是当前密码芯片中各类数据加密算法的主要安全威胁,尤其是对于迄今应用最为广泛的数据加密标准算法造成了严重的危害。通过分析数据加密标准算法遭受功耗分析攻击的原理,并结合针对数据加密标准算法关键防御技术,给出了一种基于互补电路的中间值掩码DES方案设计。主要是利用双电路进行互补输出,以保证寄存器翻转保持功耗恒定,从而最大限度地降低功耗差异。根据算法性能分析结果表明：该方案可以抵抗差分功耗分析攻击,且实现简单,能够直接应用于密码芯片的电路设计中。     

An Overview of Power Analysis Attacks Against Field Programmable Gate Arrays

Since their introduction by Kocher in 1998, power analysis attacks have attracted significant attention within the cryptographic community. While early works in the field mainly threatened the security of smart cards and simple processors, several recent publications have shown the vulnerability of hardware implementations as well. In particular, field programmable gate arrays are attractive options for hardware implementation of encryption algorithms,but their security against power analysis is a serious concern, as we discuss in this paper. For this purpose, we present recent results of attacks attempted against standard encryption algorithms, provide a theoretical estimation of these attacks based on simple statistical parameters and evaluate the cost and security of different possible countermeasures.     

Using discriminant analysis to detect intrusions in external communication for self-driving vehicles

Security systems are a necessity for the deployment of smart vehicles in our society. Security in vehicular ad hoc networks is crucial to the reliable exchange of information and control data. In this paper, we propose an intelligent Intrusion Detection System (IDS) to protect the external communication of self-driving and semi self-driving vehicles. This technology has the ability to detect Denial of Service (DoS) and black hole attacks on vehicular ad hoc networks (VANETs). The advantage of the proposed IDS over existing security systems is that it detects attacks before they causes significant damage. The intrusion prediction technique is based on Linear Discriminant Analysis (LDA) and Quadratic Discriminant Analysis (QDA) which are used to predict attacks based on observed vehicle behavior. We perform simulations using Network Simulator 2 to demonstrate that the IDS achieves a low rate of false alarms and high accuracy in detection.     

A table masking countermeasure for low-energy secure embedded systems

Future wireless embedded devices will be increasingly powerful, supporting many more applications, including one of the most crucial, which is security. Although many embedded devices offer more resistance to bus probing attacks due to their compact size, susceptibility to power or electromagnetic analysis attacks must be analyzed. This paper presents a table masking countermeasure to resist differential power analysis (DPA) and differential electromagnetic analysis (DEMA). Real power and EM measurements are used to verify the countermeasure using second- and third-order DPA and DEMA attacks on a popular low-energy embedded ARM processor. Results show that the new table masking countermeasure provides increased security without large overheads of energy dissipation compared with previous countermeasures. With the emergence of security applications personal digital assistants, cellphones, and other embedded devices, low-energy countermeasures for resistance to DPA/DEMA are crucial for supporting future wireless embedded systems.     

A hierarchical mobile‐agent‐based security operation center

The continuous evolvement of the e‐domain has led to a significant increase in the amount of sensitive personal information stored on networked hosts. These hosts are invariably protected by security mechanisms such as intrusion detection systems, Intrusion Prevention System (IPS), antivirus software, firewalls, and so forth. However, they still remain vulnerable to the threat of malicious attacks, theft and intrusion. The high false positive alarm rate of such mechanisms is particularly troublesome because false alarms greatly degrade the efficiency of the security framework. Security operation centers (SOCs) provide an automated solution for analyzing the threat to a network such that appropriate protective measures can be put in place. This paper proposes a novel hierarchical mobile‐agent‐based SOC to overcome the vulnerability of traditional static SOCs to single point of failure attacks. In addition, the network is partitioned into multiple divisions, each with its own alert detection and aggregation methodology to improve the computational efficiency of the data collection and fusion process. The data acquired in the various divisions are fused and correlated in an efficient manner via intrusion detection message exchange format, XML, session and timer methods The experimental results confirm the effectiveness and efficiency of the proposed hierarchical mobile‐agent‐based SOC framework. Copyright © 2012 John Wiley & Sons, Ltd.     

物联网分布式路由中基于Beta函数的抗攻击信任管理模型

With the rapid development of Internet of Things (IoT), the issue of trust in distributed routing systems has attracted more research attention. The existing trust management frameworks, however, suffer from some possible attacks in hostile environments, such as false accusation, collusion, on-off, and conflicting behavior. Therefore, more comprehensive models should be proposed to predict the trust level of nodes on potential routes more precisely, and to defeat several kinds of possible attacks. This paper makes an attempt to design an attack-resistant trust management model based on beta function for distributed routing strategy in IoT. Our model can evaluate and propagate reputation in distributed routing systems. We first describe possible attacks on existing systems. Our model is then proposed to establish reliable trust relations between self-organized nodes and defeat possible attacks in distributed routing systems. We also propose a theoretical basis and skeleton of our model. Finally, some performance evaluations and security analyses are provided to show the effectiveness and robustness of our model compared with the existing systems.     

Hybrid Fuzzy Adaptive Wiener Filtering with Optimization for Intrusion Detection

Intrusion detection plays a key role in detecting attacks over networks, and due to the increasing usage of Internet services, several security threats arise. Though an intrusion detection system (IDS) detects attacks efficiently, it also generates a large number of false alerts, which makes it difficult for a system administrator to identify attacks. This paper proposes automatic fuzzy rule generation combined with a Wiener filter to identify attacks. Further, to optimize the results, simplified swarm optimization is used. After training a large dataset, various fuzzy rules are generated automatically for testing, and a Wiener filter is used to filter out attacks that act as noisy data, which improves the accuracy of the detection. By combining automatic fuzzy rule generation with a Wiener filter, an IDS can handle intrusion detection more efficiently. Experimental results, which are based on collected live network data, are discussed and show that the proposed method provides a competitively high detection rate and a reduced false alarm rate in comparison with other existing machine learning techniques.     

SQL注入检测与防范方法研究

随着互联网的发展,Web应用程序开发也变得越来越普及.但目前很多B/S模式的Web服务技术的应用程序,在设计之初,都未能充分考虑数据的校验与过滤.因此,这些应用在使用中就存在着不少的安全隐患,SQL注入的攻击方式便乘虚而入.本文分析了SQL注入攻击的原理、特点,并对常用的注入方法进行了总结.最后,在主动防御的基础上,针对软件测评工作,提出了一套防范SQL注入的安全方案和思路.