Analysis of impersonation attacks on systems using RF fingerprinting and low-end receivers

Recently, physical layer security commonly known as Radio Frequency (RF) fingerprinting has been proposed to provide an additional layer of security for wireless devices. A unique RF fingerprint can be used to establish the identity of a specific wireless device in order to prevent masquerading/impersonation attacks. In the literature, the performance of RF fingerprinting techniques is typically assessed using high-end (expensive) receiver hardware. However, in most practical situations receivers will not be high-end and will suffer from device specific impairments which affect the RF fingerprinting process. This paper evaluates the accuracy of RF fingerprinting employing low-end receivers. The vulnerability to an impersonation attack is assessed for a modulation-based RF fingerprinting system employing low-end commodity hardware (by legitimate and malicious users alike). Our results suggest that receiver impairment effectively decreases the success rate of impersonation attack on RF fingerprinting. In addition, the success rate of impersonation attack is receiver dependent.     

含碳硫硅酸钙腐蚀产物的微观结构与生成机理

通过X射线衍射分析、扫描电镜、X射线光电子能谱分析、Fourier变换红外光谱分析及激光Raman光谱分析等现代测试技术,分析英国某桥墩基部腐蚀产物的微观结构,证实所取样品中含有大量的碳硫硅酸钙晶体,已发生了明显的碳硫硅酸钙型硫酸盐侵蚀.探讨了碳硫硅酸钙的腐蚀机理.     

Multi-Wavelength vs. Binary Code Pattern Unwrapping in Fringe Projection Method

Phase extraction, phase unwrapping and phase to height conversion are consecutive steps within the fringe projection method for reconstruction of 3D objects. The procedure of determining discontinuities on the wrapped phase, resolving them and achieving the unwrapped phase is called phase unwrapping. A software system was developed that provides the ability to create many kinds of patterns with a verity of desirable properties suitable for different demands in fringe projection systems. In our previous work, an experimental study was reported based on a multi-wavelength unwrapping approach. In the following work, we implemented a new method called binary code pattern unwrapping that is based on time analysis. A comparison of the two unwrapping approaches in terms of resolution, quality, noise, depth accuracy, and computational cost is provided.     

口令重用行为与多维口令体系研究

互联网的迅速发展与网络服务的高度分散,促使广大网民不断注册更多的账户,并导致口令重用行为普遍化,使得用户信息面临泄露的风险。为此,基于2011年底互联网泄密门数据和大学生在线调查数据,分析了网民口令的结构特征和重用行为,并由此设计融入信息维度和分级管理思想的多维口令体系。该体系以根口令-重用码结构为基础,内容维包含多个独立的信息因子,构成口令的可记忆性主体;形式维负责形式变换,以提升口令的复杂性和安全性;时空维用于保障口令的时效性和重用性。对比量化分析结果表明,该口令体系具备良好的记忆性和便捷性,能有效抵御暴力攻击和熟人攻击。     

基于K-L散度的恶意代码模型聚类检测方法

在云计算应用环境下,由于服务系统越来越复杂,网络安全漏洞和被攻击情况急剧增加,传统的恶意代码检测技术和防护模式已无法适应云存储环境的需求。为此,通过引入高斯混合模型,建立恶意代码的分层检测机制,使用信息增益和文档频率等方法分析和提取样本数据特征值,结合K-L散度特性,提出基于K-L散度的恶意代码模型聚类检测方法。采用KDDCUP99数据集,使用Weka开源软件完成数据预处理和聚类分析。实验结果表明,在结合信息增益和文档频率进行特征分析的前提下,与贝叶斯算法相比,该方法在虚拟环境中恶意代码的平均检测时间降低16.6%,恶意代码的平均检测率提高1.05%。     

基于中位数的用户信誉度排名算法

针对推荐系统易受Spammer攻击的影响,从而导致对象的实际得分不准确的问题,提出基于中位数的用户信誉度排名算法。通过衡量用户信誉度调整用户打分权重,根据中位数具有不易受极端打分影响的特性,选取用户打分与对象得分差距的中位数作为降低用户信誉度的标准,不断迭代调整用户信誉度以及最终得分直至收敛。在多个真实数据集上的运行结果证明,相比现有排名算法,该算法具有更合理的信誉度分布和更高的排名结果准确度,通过该算法预处理后的数据集在SVD++上运行可以得到更低的均方根误差。     

Redefining cement characteristics for sulfate-resistant Portland cement

Experimental research was performed to relate specific cement characteristics to expansion due to sulfate attack. Twenty-one North American cement of statistically diverse chemical composition were used in the study. ASTM 1012 “Standard Test Method for Length Change of Hydraulic Cement Mortars Exposed to a Sulfate Solution” was performed using mortars prepared with each of the cement. First-order and multivariate relationships between cement characteristics and sulfate expansion were correlated at different ages. Analysis revealed that while tricalcium aluminate (C₃A) has typically been targeted as the chief contributor to sulfate attack, iron oxide (Fe₂O₃) or tetracalcium aluminoferrite (C₄AF) content, combined with total equivalent alkalis, showed a much stronger negative correlation with expansions at all ages. These results are in agreement with a broad spectrum of sulfate expansion theories and can provide a better means of specifying sulfate-resistant cement.     

基于椭圆曲线的RFID协议的安全分析

Matinez等人已经提出了一种只依赖于椭圆曲线密码和零知识认证模式的无线射频认证协议. 本文中,我们指出该协议不能抵抗去同步化攻击. 攻击者只需拦截最后服务器发给标签的确认消息,就会导致后台服务器和标签存储的共享秘钥不一致. 对此,我们提出了修正方案,并证明了修订后的协议可以抵抗去同步化攻击.     

基于开放源代码的防火墙实验项目设计

当前计算机网络安全课程已经广泛地开设于计算机及信息安全等相关专业,而防火墙技术又是计算机网络安全课程的重要内容之一。用专用硬件防火墙作为实验设备具有价格昂贵、内部技术不透明的缺点,因此本文设计一系列基于Linux操作系统开放源代码的防火墙技术实验,这样不仅可以降低教学实验成本,也能让学生更清楚地了解各种防火墙技术及实现,增强学生的专业实践能力。     

304 Stainless steel oxidation in sulfate and sulfate+ bicarbonate solutions

The electrochemical characterization of 304 stainless steel in 0.1–0.5m Na2SO4 and Na2SO4 + NaHCO3 aqueous solutions at pH8 was done in combination with SEM surface analysis. Passivation of the surface film without any pitting events is observed for the current–potential and current–time experiments, and no anodic current spikes, which are associated with depassivation events, are distinguishable above the background current level. However, SEM pictures of an electrode surface polarized at potentials above 0.4V show microscopic pit nucleation. Even when the metal may be regarded as passive from a current–time or current–potential characteristics, passivity is not stable and localized film breakdown can still occur. The events are ascribed to pit nucleation at the active inclusion sites. The pits do not grow even into the metastable state but die through repassivation by metal salt precipitation immediately after birth. The effect is ascribed to the solubility of metal salts with the electrolyte produced by dissolution in the nucleation sites. The results show that pit nucleation and pit growth are two distinct processes. The importance of solution composition and the protective effect of bicarbonate ions is also discussed.