Analysis of impersonation attacks on systems using RF fingerprinting and low-end receivers

Recently, physical layer security commonly known as Radio Frequency (RF) fingerprinting has been proposed to provide an additional layer of security for wireless devices. A unique RF fingerprint can be used to establish the identity of a specific wireless device in order to prevent masquerading/impersonation attacks. In the literature, the performance of RF fingerprinting techniques is typically assessed using high-end (expensive) receiver hardware. However, in most practical situations receivers will not be high-end and will suffer from device specific impairments which affect the RF fingerprinting process. This paper evaluates the accuracy of RF fingerprinting employing low-end receivers. The vulnerability to an impersonation attack is assessed for a modulation-based RF fingerprinting system employing low-end commodity hardware (by legitimate and malicious users alike). Our results suggest that receiver impairment effectively decreases the success rate of impersonation attack on RF fingerprinting. In addition, the success rate of impersonation attack is receiver dependent.     

含碳硫硅酸钙腐蚀产物的微观结构与生成机理

通过X射线衍射分析、扫描电镜、X射线光电子能谱分析、Fourier变换红外光谱分析及激光Raman光谱分析等现代测试技术,分析英国某桥墩基部腐蚀产物的微观结构,证实所取样品中含有大量的碳硫硅酸钙晶体,已发生了明显的碳硫硅酸钙型硫酸盐侵蚀.探讨了碳硫硅酸钙的腐蚀机理.     

基于中位数的用户信誉度排名算法

针对推荐系统易受Spammer攻击的影响,从而导致对象的实际得分不准确的问题,提出基于中位数的用户信誉度排名算法。通过衡量用户信誉度调整用户打分权重,根据中位数具有不易受极端打分影响的特性,选取用户打分与对象得分差距的中位数作为降低用户信誉度的标准,不断迭代调整用户信誉度以及最终得分直至收敛。在多个真实数据集上的运行结果证明,相比现有排名算法,该算法具有更合理的信誉度分布和更高的排名结果准确度,通过该算法预处理后的数据集在SVD++上运行可以得到更低的均方根误差。     

Redefining cement characteristics for sulfate-resistant Portland cement

Experimental research was performed to relate specific cement characteristics to expansion due to sulfate attack. Twenty-one North American cement of statistically diverse chemical composition were used in the study. ASTM 1012 “Standard Test Method for Length Change of Hydraulic Cement Mortars Exposed to a Sulfate Solution” was performed using mortars prepared with each of the cement. First-order and multivariate relationships between cement characteristics and sulfate expansion were correlated at different ages. Analysis revealed that while tricalcium aluminate (C₃A) has typically been targeted as the chief contributor to sulfate attack, iron oxide (Fe₂O₃) or tetracalcium aluminoferrite (C₄AF) content, combined with total equivalent alkalis, showed a much stronger negative correlation with expansions at all ages. These results are in agreement with a broad spectrum of sulfate expansion theories and can provide a better means of specifying sulfate-resistant cement.     

基于椭圆曲线的RFID协议的安全分析

Matinez等人已经提出了一种只依赖于椭圆曲线密码和零知识认证模式的无线射频认证协议. 本文中,我们指出该协议不能抵抗去同步化攻击. 攻击者只需拦截最后服务器发给标签的确认消息,就会导致后台服务器和标签存储的共享秘钥不一致. 对此,我们提出了修正方案,并证明了修订后的协议可以抵抗去同步化攻击.     

304 Stainless steel oxidation in sulfate and sulfate+ bicarbonate solutions

The electrochemical characterization of 304 stainless steel in 0.1–0.5m Na2SO4 and Na2SO4 + NaHCO3 aqueous solutions at pH8 was done in combination with SEM surface analysis. Passivation of the surface film without any pitting events is observed for the current–potential and current–time experiments, and no anodic current spikes, which are associated with depassivation events, are distinguishable above the background current level. However, SEM pictures of an electrode surface polarized at potentials above 0.4V show microscopic pit nucleation. Even when the metal may be regarded as passive from a current–time or current–potential characteristics, passivity is not stable and localized film breakdown can still occur. The events are ascribed to pit nucleation at the active inclusion sites. The pits do not grow even into the metastable state but die through repassivation by metal salt precipitation immediately after birth. The effect is ascribed to the solubility of metal salts with the electrolyte produced by dissolution in the nucleation sites. The results show that pit nucleation and pit growth are two distinct processes. The importance of solution composition and the protective effect of bicarbonate ions is also discussed.     

Differentiating seawater and groundwater sulfate attack in Portland cement mortars

The study reported in this article deals with understanding the physical, chemical and microstructural differences in sulfate attack from seawater and groundwater. Portland cement mortars were completely immersed in solutions of seawater and groundwater. Physical properties such as length, mass, and compressive strength were monitored periodically. Thermal analysis was used to study the relative amounts of phases such as ettringite, gypsum, and calcium hydroxide, and microstructural studies were conducted by scanning electron microscopy. Portland cement mortars performed better in seawater solution compared to groundwater solution. The difference in performance could be attributed to the reduction in the quantity of the expansive attack products (gypsum and ettringite). The high Cl concentration of seawater could have played an important role by binding the C₃A to form chloroaluminate compounds, such as Friedel's salt (detected in the microstructural studies), and also by lowering the expansive potential of ettringite. Furthermore, the thicker layer of brucite forming on the specimens in seawater could have afforded better protection against ingress of the solution than in groundwater.     

社会网络的隐私保护研究综述*

某些网站将匿名处理后的社会网络数据公开发布,或者提供给科研机构、大学或者其他组织和个人使用,而这些数据往往侵犯了用户的隐私,但有关社会网络中个人信息安全和隐私保护的研究却处于起步阶段。综述了当前在线社会网络的研究成果,主要就社会网络及其隐私漏洞、信息泄露、再识别攻击、聚集攻击、推理攻击等进行了分析,并对今后的发展提出了预测,为社会网络的科研指出了可行的研究方向。     

一个新的基于口令的密钥协商协议

以不经意多项式计算作为核心组件,提出了一个基于口令的密钥协商协议PSKA-I,该协议能够抵抗字典攻击但只能工作于认证模型。为解决协议PSKA-I这一缺陷,根据BCK安全模型设计了消息传输认证器,将协议PSKA-I转换为非认证模型中的安全协议PSKA-Ⅱ。上述协议口令的安全性由不经意多项式计算予以保证。与GL协议相比,该协议的通信及计算复杂度明显降低。     

基于Omnet++的虫洞攻击的仿真实现

虫洞攻击(wormhole attack)是Ad Hoc网络中一种常见的路由攻击方法。在移动Ad Hoc网络中,虫洞攻击会严重破坏路由协议的正常运行,甚至使整个网络陷于瘫痪。基于Omnet++网络仿真器设计实现了Ad Hoc网络中的虫洞攻击,并提出若干衡量虫洞攻击的指标。仿真实验表明,由于虫洞攻击节点的破坏,网络的性能明显下降。