Prevention of information leakage through channels of spurious electromagnetic radiation and interference: research models

Problem statement. The investigation the currently used methods for determining the sources of information leakage threats from the basic hardware and systems (BHaS) through the spurious electromagnetic radiation and interference (SERaB) channels on the object of informatization (OoI), gives grounds to assert that they have a number of disadvantages. The lack of а formal interpretation for process dynamics of the SERaB information collecting and implementing measures to prevent information leakage requires development of a systematic approach to improving the ways and means of protecting confidential information from leakage through SERaB channels.The purpose. Development of mathematical models and a systematic approach to improving methods and means of protecting confidential information from leaks through the SERaB channels from the BHaS on the OoI.Results. The article substantiates the need for a systematic approach to improving the methods and means of protecting confidential information from leakage through the SERaB channels from the BHaS on the OoI. The authors determined the ways of ensuring the adequacy of the methodological apparatus for the study of these technologies in order to justify measures to prevent leakage. They formulate requirements for techniques used to evaluate the characteristics of measures to prevent information leakage through the SERaB channels. There are describe the procedure of forming the mathematical models set structure for evaluating such characteristics. Also in the article are present the analytical models of the time characteristics of threats to intercept informative SERaB signals on the OoI and measures to prevent information leakage. Finally, the authors are justify the probabilistic format of the indicator of the effectiveness of such measures.Practical relevance. The developed mathematical models can be an effective tool for evaluating the characteristics of measures to prevent information leakage through the SERaB channels.

Download Full-text

A System Approach to the Construction of the Software and Hardware Complex for Training Information Security Specialists

Vestnik Tambovskogo gosudarstvennogo tehnicheskogo universiteta ◽

10.17277/vestnik.2021.01.pp.020-030 ◽

2021 ◽

Vol 27 (1) ◽

pp. 020-030

Author(s):

V. V. Alekseev ◽

◽

V. A. Gridnev ◽

A. V. Yakovlev ◽

O. S. Mashkova ◽

...

Keyword(s):

Information Security ◽

Electromagnetic Radiation ◽

System Approach ◽

Information Leakage ◽

Confidential Information ◽

Acoustic Interference ◽

Hardware Complex ◽

Software And Hardware

In order to train specialists in information security (IS), a software and hardware complex “Means of protecting information from leakage through technical channels” has been developed; it provides an opportunity to study the process of information leakage through technical channels and methods of its protection, as well as apply various modules and additional software (software) that clearly demonstrate the features of various methods of information security. The composition of this complex is shown: laboratory stands simulating acoustic, vibroacoustic, acoustoelectric channels and a channel of side electromagnetic radiation and interference. At each of the stands there are information security means (ISMs) that prevent the leakage of confidential information through the corresponding technical channel. To adjust the ISMs for acoustic and vibroacoustic channels, the ISIDORA software has been developed; it allows adjusting the level of the generated acoustic interference to meet the requirements of the security of the room and at the same time to have a comfortable conversation in this room.

Download Full-text

Information leakage through electromagnetic radiation of PS/2 Keyboard

Journal of Science and Technology on Information security ◽

10.54654/isj.v10i2.67 ◽

2020 ◽

Vol 10 (2) ◽

pp. 51-60

Author(s):

Chinh Duc Bui ◽

Minh The Ngo ◽

Hao Ngoc Vinh Nguyen ◽

Tuan Manh Pham

Keyword(s):

Electromagnetic Radiation ◽

Computer System ◽

Near Field ◽

Information Leakage ◽

Power Line ◽

Side Channel ◽

Electronic Components ◽

Confidential Information ◽

System Data ◽

Electromagnetic Radiations

Abstract— Computer keyboards are often used to enter data for a computer system, data could be normal information or confidential information such as password, key. Keyboards use electronic components so they will generate electromagnetic radiation that can reveal information. This article presents the acquisition of electromagnetic emanating from the PS/2 keyboards through different paths (in space, through power line or via LAN cable). After acquisition we develop a program on MATLAB to recover the keystroke signal from data which is obtained in the near field of PS/2 keyboard. The result of this side channel attack is recovered an average of more than 70% of the keystrokes in near field of PS/2 keyboards. Our best attack can recover up to more than 90% of the keystrokes. From this result, we conclude that PS/2 keyboards generate electromagnetic radiations which can cause the loss of information and they are not safe to use when entering confidential information. Tóm tắt— Bàn phím máy tính thường được sử dụng để nhập dữ liệu đầu vào cho một hệ thống máy tính, các dữ liệu có thể là văn bản thông thường hoặc thông tin cần được bảo mật như mật khẩu hay khóa. Bàn phím sử dụng các linh kiện điện tử, vì thế chúng sẽ gây ra bức xạ điện từ dẫn đến lộ lọt các thông tin khi gõ phím. Bài báo này trình bày về việc thu các tín hiệu bức xạ điện từ phát ra từ bàn phím PS/2 khi gõ phím qua các con đường khác nhau (nhiễu bức xạ trong không gian, nhiễu dẫn trên đường nguồn, qua mạng LAN). Từ đó, nghiên cứu xây dựng một module chương trình trên MATLAB để khôi phục lại tín hiệu gõ phím từ các dữ liệu thu được trong trường gần của bàn phím. Kết quả của cách tần công trên kênh kề này là khôi phục trung bình được hơn 70% ký tự được gõ trong trường gần của bàn phím PS/2. Trường hợp tốt nhất kết quả có thể lên đến hơn 90% ký tự được gõ. Từ kết quả nghiên cứu trên, nhóm nghiên cứu rút ra kết luận, các loại bàn phím[1] PS/2 đều phát ra các bức xạ điện từ gây mất mát thông tin và không an toàn để sử dụng khi nhập các thông tin cần được bảo mật.

Download Full-text

Secure Codesign: Achieving Optimality Without Revealing

Journal of Computing and Information Science in Engineering ◽

10.1115/1.4039431 ◽

2018 ◽

Vol 18 (2) ◽

Cited By ~ 3

Author(s):

Siva Chaitanya Chaduvula ◽

Mikhail J. Atallah ◽

Jitesh H. Panchal

Keyword(s):

Collaborative Design ◽

Homomorphic Encryption ◽

Information Leakage ◽

Primary Sources ◽

Optimal Solutions ◽

Sources Of Information ◽

Confidential Information ◽

Design Problems ◽

Competitive Edge ◽

Cryptographic Techniques

Information leakage can lead to loss of intellectual property and competitive edge. One of the primary sources of information leakage in collaborative design is sharing confidential information with collaborators, who may be also collaborating with competitors. Hiding information from collaborators is challenging in codesign because it can lead to inferior and suboptimal solutions. Therefore, there is a need for techniques that enable designers to protect confidential information from their collaborators while achieving solutions that are as good as those obtained when full information is shared. To address this need, we propose a secure codesign (SCD) framework that enables designers to achieve optimal solutions without sharing confidential information. It is built on two principles: adding/multiplying a parameter with a large random number hides the value of the parameter, and adding/multiplying a large number is orders of magnitude faster than using existing cryptographic techniques. Building on the protocols for basic arithmetic computations, developed in our earlier work, we establish protocols for higher order computations involved in design problems. The framework is demonstrated using three codesign scenarios: requirements-driven codesign, objective-driven codesign, and Nash noncooperation. We show that the proposed SCD framework enables designers to achieve optimal solutions in all three scenarios. The proposed framework is orders of magnitude faster than competing (but impractical for engineering design) cryptographic methods such as homomorphic encryption, without compromising on precision in computations. Hence, the proposed SCD framework is a practical approach for maintaining confidentiality of information during codesign.

Download Full-text

A mathematical model and an algorithm for sampling sets of components on the Assembly enterprises of space technology

Informacionno-technologicheskij vestnik ◽

10.21499/2409-1650-2018-1-39-55 ◽

2018 ◽

Vol 15 (1) ◽

pp. 39-55

Author(s):

V. B. Rudakov ◽

V. M. Makarov ◽

M. I. Makarov

Keyword(s):

Mathematical Model ◽

Mathematical Models ◽

Space Technology ◽

Economic Costs ◽

Problem Statement ◽

Optimal Plan ◽

Product Mix ◽

Technical Parameters ◽

Complex Products ◽

Assembly Plants

The article considers the problem of determining the rational plans of the input sampling reliability and technical parameters of components of space technology, the totality of which is supplied to the Assembly plants for the manufacture of complex products of space technology. Problem statement and mathematical model based on the minimization of the economic costs of control and losses related to the risks of taking wrong decisions, are given in the article. The properties of the mathematical models are investigated, the algorithm for its optimization is developed. The result is an optimal plan for the sampling of sets of components, which includes: an optimal product mix subject to mandatory control of the aggregate and optimum risks of first and second kind, when acceptance number of statistical plan is zero. The latter circumstance is due to the high requirements of reliability and technical parameters of products of space technology.

Download Full-text

Electromagnetic radiation-based IC device identification and verification using deep learning

EURASIP Journal on Wireless Communications and Networking ◽

10.1186/s13638-020-01808-z ◽

2020 ◽

Vol 2020 (1) ◽

Author(s):

Hong-xin Zhang ◽

Jia Liu ◽

Jun Xu ◽

Fan Zhang ◽

Xiao-tong Cui ◽

...

Keyword(s):

Radio Frequency ◽

Electromagnetic Radiation ◽

Integrated Circuit ◽

Information Leakage ◽

Physical Layer ◽

Descent Method ◽

Gradient Descent Method ◽

Absolute Level ◽

Device Identification ◽

Multifactor Authentication

Abstract The electromagnetic radiation of electronic equipment carries information and can cause information leakage, which poses a serious threat to the security system; especially the information leakage caused by encryption or other important equipment will have more serious consequences. In the past decade or so, the attack technology and means for the physical layer have developed rapidly. And system designers have no effective method for this situation to eliminate or defend against threats with an absolute level of security. In recent years, device identification has been developed and improved as a physical-level technology to improve the security of integrated circuit (IC)-based multifactor authentication systems. Device identification tasks (including device identification and verification) are accomplished by monitoring and exploiting the characteristics of the IC’s unintentional electromagnetic radiation, without requiring any modification and process to hardware devices, thereby providing versatility and adapting existing hardware devices. Device identification based on deep residual networks and radio frequency is a technology applicable to the physical layer, which can improve the security of integrated circuit (IC)-based multifactor authentication systems. Device identification tasks (identification and verification) are accomplished by passively monitoring and utilizing the inherent properties of IC unintended RF transmissions without requiring any modifications to the analysis equipment. After the device performs a series of operations, the device is classified and identified using a deep residual neural network. The gradient descent method is used to adjust the network parameters, the batch training method is used to speed up the parameter tuning speed, the parameter regularization is used to improve the generalization, and finally, the Softmax classifier is used for classification. In the end, 28 chips of 4 models can be accurately identified into 4 categories, then the individual chips in each category can be identified, and finally 28 chips can be accurately identified, and the verification accuracy reached 100%. Therefore, the identification of radio frequency equipment based on deep residual network is very suitable as a countermeasure for implementing the device cloning technology and is expected to be related to various security issues.

Download Full-text

INFORMATION SECURITY AS A COMPONENT OF THE ECONOMIC SECURITY OF THE ENTERPRISE

Business security management in modern conditions ◽

10.26526/chapter_60258635b4a2f5.44169199 ◽

2021 ◽

pp. 119-129

Author(s):

Vera Shumilina ◽

Elena Tetunashvili

Keyword(s):

Information Security ◽

Information Leakage ◽

Economic Security ◽

Confidential Information ◽

Unauthorized Access ◽

Modern Enterprise

The article is devoted to the study of information security as an integral part of the economic security of any modern enterprise. Threats are described that can lead to disclosure of confidential information, leakage of confidential information, unauthorized access to protected information, etc. Means and ways of countering the presented threats are also given

Download Full-text

Mathematical models of thermomechanics of magnetizable and polarizable electrically conducting bodies subject to quasisteady electromagnetic radiation

Journal of Mathematical Sciences ◽

10.1007/bf02364924 ◽

1999 ◽

Vol 97 (1) ◽

pp. 3846-3853 ◽

Cited By ~ 1

Author(s):

O. R. Hachkevych

Keyword(s):

Mathematical Models ◽

Electromagnetic Radiation ◽

Electrically Conducting ◽

Conducting Bodies

Download Full-text

Information leakage detection from computer display in electromagnetic radiation

2016 17th International Symposium on Antenna Technology and Applied Electromagnetics (ANTEM) ◽

10.1109/antem.2016.7550111 ◽

2016 ◽

Author(s):

Jun Shi ◽

Degang Sun ◽

Xuejie Ding ◽

Jianlin Hu ◽

Abbas Yongacoglu

Keyword(s):

Electromagnetic Radiation ◽

Information Leakage ◽

Leakage Detection

Download Full-text

A Systematic Approach to Evaluating Design Prompts in Supporting Experimental Design Research

Proceedings of the Design Society: International Conference on Engineering Design ◽

10.1017/dsi.2019.282 ◽

2019 ◽

Vol 1 (1) ◽

pp. 2755-2764 ◽

Cited By ~ 1

Author(s):

Apurva Patel ◽

Maria-Vittoria Elena ◽

Joshua Summers

Keyword(s):

Experimental Design ◽

Systematic Approach ◽

Design Research ◽

Problem Statement ◽

Equivalent Problem ◽

Step Process ◽

Initial Comparison ◽

Experiment Verification ◽

Multiple Variables ◽

The Given

AbstractExperiments that study engineering behavior in design often rely on participants responding to a given design prompt or a problem statement. Moreover, researchers often find themselves testing multiple variables with a relatively small participant pool. In such situations multiple design prompts may be used to boost replication by giving each participant an equivalent problem with a different experimental condition. This paper presents a systematic approach to compare given design prompts using a two-step process that allows an initial comparison of the prompts and a post-experiment verification of the similarity of the given prompts. Comparison metrics are provided which can be used to evaluate a level of similarity of existing prompts as well as develop similar problems. These metrics include complexity (size, coupling, and solvability), familiarity, and prompt structure. Statistical methods are discussed for post-experiment verification. Guidelines are provided for a post-experiment survey which may be used for an additional perspective of prompt similarity. The proposed approach is demonstrated using an experiment where two design prompts were used for within-subject replication.

Download Full-text

Factor of the Finite Rigidity of the Working Member in the Dynamics of the Vibratory Machine

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.627.93 ◽

2014 ◽

Vol 627 ◽

pp. 93-96

Author(s):

Victor Zviadauri ◽

T. Nadiradze ◽

M. Chelidze ◽

G. Tumanishvili

Keyword(s):

Mathematical Models ◽

Systematic Approach ◽

Friable Material ◽

Elastic Bottom ◽

Rigid Frame ◽

New Construction ◽

Material Load

Vibratory transport and technological machines (VTTM) are widely used in the various spheres of the industry: for transportation of the friable and separate particles, their dosed supply, sorting and realization of various technological processes.One of the factors that has an influence on the process of vibratory transportation is elasticity of the working member bottom of a vibratory transportation and technologic machine.This problem is less studied in theory of vibratory transportation [1, 2].A system vibratory drive – rigid frame of the vibratory member – elastic bottom of the working member – friable load” is considered in the report and dynamical and mathematical models of their interaction are worked out.A systematic approach to the study of influence of the working member elastic bottom on the technologic process is used and some results of the research are presented.It has been established with the help of developed models that at coincidence of phases of vibrations of the working member frame and elastic bottom rigidly fastened to it a speed of transportation of the friable material (load) rises significantly. On the bases of the mentioned result a new construction is developed.

Download Full-text