• 전자공학회논문지
• /
• 제53권4호
• /
• pp.79-86
• /
• 2016

물리계층보안은 신호의 물리적 특성을 이용하여 정보를 보호하는 보안 기법이다. 현재 이에 대한 연구가 활발히 진행 중이지만 해결해야할 다음과 같은 문제점들이 존재한다. 도청자는 자신의 존재를 숨기기 위해서 자신의 채널상태정보를 다른 합법적인 노드와 공유하지는 않는다. 그리고 노드가 신호를 전송할 때 하드웨어 왜곡이 발생하지만 많은 연구들은 노드 모델들이 이상적인 것으로 가정을 하고, 하드웨어 왜곡문제를 고려하지 않고 있다. 이와 같은 문제점들을 해결하기 위한 본 논문의 주요한 특징 및 기여도는 다음과 같다. 첫째, 도청자의 채널상태정보를 얻기 위해서 조력자노드를 합법적인 노드주변에 설치하고, 조력자노드의 채널상태정보를 이용하여 노드모델에서 하드웨어 왜곡을 고려한다. 둘째, 제안된 시스템 모델의 인터셉트 확률에 대한 Closed-Form Expression을 제시한다. 제안된 시스템의 성능평가를 위해서 다양한 시뮬레이션를 통하여 제안된 시스템 모델의 물리계층보안에 미치는 영향을 알아본 결과, 불완전한 채널상태정보는 인터셉트 확률에는 영향을 미치지 못한 반면에, 불완전한 노드모델의 경우, 인터셉트 확률, 에르고딕 시크리스 용량과 보안채널용량에 영향을 준다는 것을 보여준다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권6호
• /
• pp.2595-2618
• /
• 2018

In this paper, we investigate secure communication with the presence of multiple eavesdroppers (Eves) in a two-tier downlink dense heterogeneous network, wherein there is a macrocell base station (MBS) and multiple femtocell base stations (FBSs). Each base station (BS) has multiple users. And Eves attempt to wiretap a macrocell user (MU). To keep Eves ignorant of the confidential message, we propose a physical-layer security scheme based on cross-layer cooperation to exploit interference in the considered network. Under the constraints on the quality of service (QoS) of other legitimate users and transmit power, the secrecy rate of system can be maximized through jointly optimizing the beamforming vectors of MBS and cooperative FBSs. We explore the problem of maximizing secrecy rate in both non-colluding and colluding Eves scenarios, respectively. Firstly, in non-colluding Eves scenario, we approximate the original non-convex problem into a few semi-definite programs (SDPs) by employing the semi-definite relaxation (SDR) technique and conservative convex approximation under perfect channel state information (CSI) case. Furthermore, we extend the frame to imperfect CSI case and use the Lagrangian dual theory to cope with uncertain constraints on CSI. Secondly, in colluding Eves scenario, we transform the original problem into a two-tier optimization problem equivalently. Among them, the outer layer problem is a single variable optimization problem and can be solved by one-dimensional linear search. While the inner-layer optimization problem is transformed into a convex SDP problem with SDR technique and Charnes-Cooper transformation. In the perfect CSI case of both non-colluding and colluding Eves scenarios, we prove that the relaxation of SDR is tight and analyze the complexity of proposed algorithms. Finally, simulation results validate the effectiveness and robustness of proposed scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권3호
• /
• pp.1057-1073
• /
• 2015

In this paper, we consider cooperative D2D communications in cellular networks. More precisely, a cellular user leases part of its spectrum to facilitate the D2D communication with a goal of improving the energy efficiency of a D2D pair. However the D2D pair is untrusted to the cellular user, such resource sharing may result in the information of this cellular user unsecured. In order to motivate the cellular user's generosity, this D2D pair needs to help the cellular user maintain a target secrecy rate. To address this issue, we formulate a joint spectrum and power allocation problem to maximize the energy efficiency of the D2D communication while guaranteeing the physical layer security of the cellular user. Then, a theorem is proved to indicate the best resource allocation strategy, and accordingly, an algorithm is proposed to find the best solution to this resource allocation problem. Numerical results are finally presented to verify the validity and effectiveness of the proposed algorithm.

• 전기전자학회논문지
• /
• 제24권2호
• /
• pp.665-668
• /
• 2020

자동차 내부의 CAN 버스에서 노드 하나가 해킹을 당한 경우, 차량에 위해를 가하지 못하게 해당 노드를 차단하려면 각 노드를 고유하게 특정하여야 하지만 CAN 버스에는 이러한 기능이 존재하지 않는다. 본 논문에서는 CAN 버스가 부팅될 때 개별 노드에 고유 ID를 자동으로 부여하는 물리 계층 보안 기법을 제안한다. 제안한 기법을 Verilog HDL을 이용하여 CAN 컨트롤러에 구현하였고, 이를 통해 CAN 버스 노드의 고유 ID가 자동으로 부여되고 악의적인 내부 공격이 차단됨을 확인하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권11호
• /
• pp.5610-5624
• /
• 2017

A novel scheme based on polarization modulation and the weighted fractional Fourier transform (PM-WFRFT) is proposed in this paper to enhance the physical layer security of dual-polarized satellite systems. This scheme utilizes the amplitude and phase of the carrier as information-bearing parameters to transmit the normal signal and conceals the confidential information in the carrier's polarization state (PS). After being processed by WFRFT, the characteristics of the transmit signal (including amplitude, phase and polarization state) vary randomly and in nearly Gaussian distribution. This makes the signal very difficult for an eavesdropper to recognize or capture. The WFRFT parameter is also encrypted by a pseudo-random sequence and updated in real time, which enhances its anti-interception performance. Furthermore, to prevent the polarization-based impairment to PM-WFRFT caused by depolarization in the wireless channel, two components of the polarized signal are transmitted respectively in two symbol periods; this prevents any mutual interference between the two orthogonally polarized components. Demodulation performance in the system was also assessed, then the proposed scheme was validated with a simulated dual-polarized satellite system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권11호
• /
• pp.4483-4501
• /
• 2015

In this paper, we investigate a security transmission scheme at the physical layer for cooperative wireless relay networks in the presence of a passive eavesdropper. While the security scheme has been previously investigated with perfect channel state information(CSI) in the presence of a passive eavesdropper, this paper focuses on researching the robust cooperative relay beamforming mechanism for wireless relay networks which makes use of artificial noise (AN) to confuse the eavesdropper and increase its uncertainty about the source message. The transmit power used for AN is maximized to degrade the signal-to-interference-plus-noise-ratio (SINR) level at the eavesdropper, while satisfying the individual power constraint of each relay node and worst-case SINR constraint at the desired receiver under a bounded spherical region for the norm of the CSI error vector from the relays to the destination. Cooperative beamforming weight vector in the security scheme can be obtained by using S-Procedure and rank relaxation techniques. The benefit of the proposed scheme is showed in simulation results.

• ETRI Journal
• /
• 제36권1호
• /
• pp.183-186
• /
• 2014

In this letter, we consider a cooperation system with multiple untrusted relays (URs). To keep the transmitted information confidential, we obtain joint channel characteristics (JCCs) through combining the channels from the source to the destination. Then, in the null space of the JCCs, jammers construct artificial noise to confuse URs when the source node broadcasts its data. Through a distributed implementation algorithm, the weight of each node can be obtained from its own channel state information. Simulation results show that high-level security of the system can be achieved when internal and external eavesdroppers coexist.

• 전자공학회논문지
• /
• 제50권9호
• /
• pp.92-99
• /
• 2013

최근 사이버 공격은 명확한 목적과 특정화된 대상에 대해 지능적이고 지속적이며 복잡한 공격 특성을 가짐으로써 사전에 인지하거나 사고 발생 시 대응하기에 상당히 어려워지고 있다. 또한 피해규모도 상당히 크기 때문에 이에 대한 대응체계가 국가적인 측면에서 시급한 상황이다. 기존의 데이터센터 및 전산실의 통합보안체계는 이러한 최근의 사이버 공격에 대응하기에는 시대에 뒤떨어진 면이 많다고 판단된다. 그러므로 본 연구에서는 지능형지속위협(APT)기반의 공격에 대비해 보다 고도화된 차세대 융합형 보안 프레임워크를 제안한다. 제안한 차세대 융합형 보안 프레임워크는 영역별 보안계층, 영역별 연계계층, 행위가시화 계층, 행위통제계층, 융합대응계층의 5단계 계층적 구성으로 APT 공격에 대한 선제적 대응이 가능하도록 설계하였다. 영역별 보안계층은 관리적, 물리적, 기술적 보안영역별로 보안 지침과 방향을 제시한다. 영역별 연계계층은 보안 도메인간의 상태정보가 일관성을 갖도록 한다. 지능화된 공격 행위의 가시화 계층은 데이터 취합, 비교, 판단, 통보의 수명주기로 구성된다. 행위 통제계층에서는 가시화된 행위를 통제하는 계층이다. 마지막으로 융합대응계층은 APT공격 전과 후의 대응체계를 제안하였다. 제안하는 차세대 융합 보안 프레임워크의 도입은 지속적이고 지능적인 보안위협에 대해 보다 향상된 보안관리를 수행하게 될 것이다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권6호
• /
• pp.2255-2281
• /
• 2021

Channel characteristic-based physical layer authentication is one potential identity authentication scheme in wireless communication, such as used in a fog computing environment. While existing channel characteristic-based physical layer authentication schemes may be efficient when deployed in the conventional wireless network environment, they may be less efficient and practical for the industrial wireless communication environment due to the varying requirements. We observe that this is a topic that is understudied, and therefore in this paper, we review the constructions and performance of several commonly used test statistics and analyze their performance in typical industrial wireless networks using simulation experiments. The findings from the simulations show a number of limitations in existing channel characteristic-based physical layer authentication schemes. Therefore, we believe that it is a good idea to combine machine learning and multiple test statistics for identity authentication in future industrial wireless network deployment. Four machine learning methods prove that the scheme significantly improves the authentication accuracy and solves the challenge of choosing a threshold.

• International Journal of Computer Science & Network Security
• /
• 제22권6호
• /
• pp.83-90
• /
• 2022

Traditional Cloud Computing would be unable to safely host IoT data due to its high latency as the number of IoT sensors and physical devices accommodated on the Internet grows by the day. Because of the difficulty of processing all IoT large data on Cloud facilities, there hasn't been enough research done on automating the security of all components in the IoT-Cloud ecosystem that deal with big data and real-time jobs. It's difficult, for example, to build an automatic, secure data transfer from the IoT layer to the cloud layer, which incorporates a large number of scattered devices. Addressing this issue this article presents an intelligent algorithm that deals with enhancing security aspects in IoT cloud ecosystem using butterfly optimization algorithm.