A TEMPEST vulnerability prediction method for cyber security practitioners

Maxwell Martin, Funlade Sunmola, David Lauder

Research output: Contribution to journalArticlepeer-review

22 Downloads (Pure)

Abstract

Sensitive information can have its security compromised by unintentional electromagnetic emissions from the information technology equipment (ITE) being used to process it. It is important to assess the likelihood of a potential compromise, and this requires radio frequency (RF) engineering expertise to predict the likelihood of the vulnerability occurring. This paper describes the development of a fuzzy inference system that can be used to assess the radiated and conducted vulnerability likelihood of unintentional electromagnetic emanations. The system has the potential to be a valuable tool for cybersecurity practitioners without RF expertise. The system has been tested on office-based ITE devices, and it is effective in predicting the likelihood of radiated and conducted vulnerabilities occurring. Areas of future work include extending the fuzzy inference system to use RF propagation models and enabling it to make vulnerability likelihood predictions after countermeasures have been applied.
Original languageEnglish
Pages (from-to)561-575
Number of pages15
JournalAlexandria Engineering Journal
Volume78
Early online date3 Aug 2023
DOIs
Publication statusPublished - 1 Sept 2023

Keywords

  • Fuzzy logic
  • TEMPEST
  • Unintentional Emanations
  • Vulnerability assessment

Fingerprint

Dive into the research topics of 'A TEMPEST vulnerability prediction method for cyber security practitioners'. Together they form a unique fingerprint.

Cite this