Abstract
Sensitive information can have its security compromised by unintentional electromagnetic emissions from the information technology equipment (ITE) being used to process it. It is important to assess the likelihood of a potential compromise, and this requires radio frequency (RF) engineering expertise to predict the likelihood of the vulnerability occurring. This paper describes the development of a fuzzy inference system that can be used to assess the radiated and conducted vulnerability likelihood of unintentional electromagnetic emanations. The system has the potential to be a valuable tool for cybersecurity practitioners without RF expertise. The system has been tested on office-based ITE devices, and it is effective in predicting the likelihood of radiated and conducted vulnerabilities occurring. Areas of future work include extending the fuzzy inference system to use RF propagation models and enabling it to make vulnerability likelihood predictions after countermeasures have been applied.
Original language | English |
---|---|
Pages (from-to) | 561-575 |
Number of pages | 15 |
Journal | Alexandria Engineering Journal |
Volume | 78 |
Early online date | 3 Aug 2023 |
DOIs | |
Publication status | Published - 1 Sept 2023 |
Keywords
- Fuzzy logic
- TEMPEST
- Unintentional Emanations
- Vulnerability assessment