New channels for leakage of confidential speech information through fiber-optic subsystems of structured cabling systems.

New channels for leakage of confidential speech information through fiber-optic subsystems of SCS.

1Grishachev Vladimir Vasilievich, candidate of physical and mathematical sciences, associate professor
1Khalyapin Dmitry Borisovich, candidate of technical sciences, professor
1Shevchenko Natalia Andreevna,
2Merzlikin Vladimir Gavrilovich, candidate of technical sciences, professor

1Institute of Information Sciences and Security Technologies,
Russian State Humanitarian University, Moscow  
2Moscow State Linguistic University, Moscow

New channels for leakage of confidential speech information through fiber-optic subsystems of SCS

A general and experimental analysis of new threats to the security of confidential speech information associated with the widespread use of fiber-optic technologies in modern local communication systems is presented. The real possibility of forming a channel for leakage of speech information based on fiber-optic elements of subsystems of a structured cabling system is shown.

1. New threats to information security

The transition in modern closed information communications from electronic to fiber-optic technologies allows to significantly improve the main technical parameters of information systems, satisfy the current demands of information consumers and have significant opportunities for further development [1, 2]. And the emerging business needs of such services as a distributed office, Internet conference, high-definition streaming video and other requests leads to the penetration of fiber-optic technologies to the level of local networks, structured cabling systems. Such a wide distribution of fiber-optic communication systems creates new threats to information protection, attention to which is not sufficient. When developing and installing new structured cabling systems with fiber-optic elements, the main attention is paid to protecting the traffic of the information system from unauthorized removal [3-5], while threats to other types of information remain outside the scope of information security measures.

One of such threats is the possibility of unauthorized removal of confidential speech information using local fiber-optic cable systems laid inside premises, buildings, territories [6]. Fiber-optic cable of local information systems can pass through technical and special premises of commercial and government institutions protected from leakage of speech information. In existing instructions, recommendations and analytical reviews on information security, the formation of a channel for leakage of confidential speech information is not discussed. This work compensates for the emerging gap.

The structure of any channel for leakage of confidential speech information includes the following elements [7-11]:

• a source of acoustic waves carrying information, for example, human speech, acoustic waves from operating technical devices;
• technical means of modulating the physical field that carries information beyond the protected premises, for example, modulation of the reflection coefficient of laser radiation by sound, PEMIN;
• the information transmission medium through which the physical field is propagated, the leakage carrier;
• technical means of demodulating confidential information from the physical field;
• an intruder, an attacker, an unauthorized recipient of information.

If in any leakage channel the first and last elements can be the same, then the technical means of reconnaissance (TMR) and the information transmission medium are special, distinguishing one leakage channel from another.

In case of using optical fiber for unauthorized removal of confidential speech information, TCP includes a description of the physical principles of sound modulation of the optical flow in the light guide and subsequent demodulation (Fig. 1). An informative sound signal propagating in the air affects the optical fiber with the transmitted optical data signal. An acoustic wave, as a mechanical wave, affects all elements of technical structures located on its path, including elements of fiber-optic communications, which leads to modulation of the intensity of optical radiation in the communication channel by a sound signal [7,8,12,13]. Light radiation modulated by sound in the optical fiber goes beyond the protected area and can be received by an intruder. The described method of information removal can be called an acoustic-fiber-optic leakage channel.

The possibility of implementing an acoustic-fiber-optic leakage channel is associated with the creation of light flows in the cable system and its modulation by sound. The efficiency of modulation depends on the type of element of the fiber-optic structured cable system subjected to acoustic impact. Connecting elements, optical inhomogeneities of the fiber, design features of installation respond differently to acoustic impact, but all of them are places of interaction of the acoustic field and optical flow, the analysis of which allows us to determine the degree of danger of speech information.

Types of acoustic-fiber-optic leakage channels

Let's analyze and identify the most dangerous sections of fiber-optic communications for the possibility of modulating the flow of light with acoustic vibrations (speech). By the type of passive fiber-optic equipment and the design features of cable laying in the premises, all leakage channels can be divided into three types [1,2,6], which we will designate with letters: A, B, C (Fig. 2).

A. Mechanical contacts and connections of optical fiber.Modern passive fiber-optic equipment includes a large set of various types of connectors, sockets, adapters, splitters, attenuators, couplings, cords, patch cords, assemblies and other elements that provide convenient installation and assembly of local fiber-optic networks. One of the important elements are connectors, which are used to mechanically connect optical fibers with high efficiency without welding. Depending on the type of connector, more than 1000 connections are provided with insertion losses of about 0.2 dB.

The magnitude of insertion losses within the limits not exceeding the maximum values ​​is modulated by elastic effects on the optical contact of the fibers (Fig. 2A). The connector design includes a sleeve of the fiber size, into which fibers with processed ends are inserted. Mechanical contact is fixed by various types of fasteners — ST, FC, SC and others. In any case, when sound affects the connection, various types of vibrations occur, affecting the passage of light through the connection and forming a leakage channel. An intruder can increase the depth of modulation of the light flux by sound if he introduces elastic elements into the design of the connection. For example, place a thin elastic gasket between the fibers; shift the contact along the axis or across the fibers; specially process the ends of the fibers to be connected and perform other actions that increase the elastic properties of the connection.

B. Free sections of fiber optic cable with sealing elements.Optical fiber is highly sensitive to mechanical impacts, even small vibrations cause a change in the conditions of light transmission and, accordingly, the intensity of the optical flow. In fiber-optic local networks, optical cables containing one or two or more fibers in assemblies are used to connect computers, depending on the tasks being solved. Optical fibers in a cable are protected from external influences by special fillers and a casing (outer shell), which significantly reduce the impact of vibrations and sound. An intruder can increase the sensitivity of the fiber to sound vibrations by introducing special solid inclusions under the outer shell of the cable, as well as special clamps for the cable, fiber, and other devices that provide acoustic contact of the optical fiber with the surrounding air (Fig. 2B). Moreover, the formation of acoustic contact can be made anywhere in the optical cable, and the size of the contact area may not exceed several millimeters. Detecting such changes in the cable is difficult, as it may look like the natural state of the cable.

C. Points of attachment of fiber-optic cable to the elements of the supporting structures of the building.Another place that is potentially dangerous for the formation of a leak channel is any fixed contacts of the optical cord with the building structure, fiber connection boxes, cable trays (Fig. 2C). For example, special clamps that fix the fiber passing inside the patch panel, as well as other features of the cable wiring. Particular attention should be paid to cable boxes for laying optical cords — it is easy to provide hidden acoustic contact with the surface of the box in them. They are a membrane with a large surface and provide good acoustic contact with both the fiber and the surrounding air.

Table 1. Experimental estimates of the effectiveness of confidential speech information leakage channels through fiber-optic communications using the articulation research method

The presented analysis shows a high risk of forming a leak of speech information through a fiber-optic cable practically along its entire length in the communication line. It is very difficult to assess the danger created by each of the considered types of leakage channels only on the basis of theoretical calculations due to the influence of many factors, therefore experimental studies can be the most effective.

Principles of implementation of an acoustic-fiber-optic leakage channel

It is possible to ensure the functioning of the acoustic-fiber-optic leakage channel under conditions when the light flux either already exists or is specially created in the cable network. The implementation of each of the methods depends on the operating mode of the active equipment and can be divided into two types depending on the state of the network equipment. •  The active state mode of the network equipment, when optical signal flows in the fiber-optic channel are used to transfer speech information. The leakage channel can be formed by modulating the light intensity of a part of the traffic at an audio frequency and then performing acoustic demodulation outside the protection systems. •  The passive state mode of the network equipment. When the equipment is turned off, it is possible to temporarily connect an external light source from unprotected rooms in order to activate the leakage channel and retrieve information based on the reflected radiation. Existing structured cabling systems make it possible to implement this leakage channel due to the development of installation technology and the possibility of connecting and branching optical fibers. Each of the modes has its own characteristics and requires separate discussion, but the physical principles remain unchanged, and the transition from one mode to another does not require structural changes to the leakage channel at the site of acoustic modulation. A feature of the active state is the ability to form a leakage channel without turning off the network equipment, using an external light source that is shifted in frequency from that used in the communication line.

Fig. 1. Structure of the acoustic-fiber-optic channel for leakage of confidential speech information.
1 — acoustic source of confidential information,
2 — air environment, 3 — acoustic-vibration impact,
4 — acoustic interference, 5 — fiber-optic cable,
6 — technical means of intelligence (TMI) of confidential information.

Let us discuss in more detail the first type of leakage channel, which may be associated with bugs or the use of features of fiber-optic communication equipment. Typically, a local fiber-optic information network operates at data transfer rates exceeding 100 Mbps, which corresponds to modulation frequencies of about 100 MHz. In this case, filling the fiber-optic communication channel at normal information transfer volumes for audio frequencies (about 10 kHz) appears as a continuous stream of light with small gaps between data packets. The stream of light becomes almost continuous as traffic volumes increase.

In the recording equipment, the signals are divided into bits depending on the modulation method. With amplitude modulation, most often used in local networks, different levels of zero and one signals or the direction of transition (rise and fall) are recorded. The difference in levels is significant, a small change in the intensity of light is perceived by the recording equipment as noise. With phase modulation, the intensity does not change, only the phase change between bits is recorded. The superposition of an acoustic signal on an information optical signal in an optical fiber, at values ​​less than those included in the equipment as possible deviations associated with noise, may not be recorded. In this case, the information optical signal will carry, along with user data, additional speech information that is not recorded by the network's communication equipment.

The output of additional confidential speech information can be carried out by special methods or by changing the operating parameters of the communication equipment. In the first case, it is necessary to install a special device for reading acoustic information in unprotected rooms near the source of speech information, as well as to create a separate channel for transmitting data outside the room or to accumulate it at the place of reading. In the second case, it is necessary to reprogram the active network equipment, and the same local information network with an outlet to an unprotected section, where the information is accumulated and taken by the intruder, can be used to transmit data.

Articulation method for analyzing speech information leakage channels

Experimental and theoretical measurement of the efficiency of the leakage channel operation can be defined as the ratio of the amount of information (J0) coming from its carrier to the amount of information (J1) received at the TCP output (Fig. 1)

h=(J0/J1)•100%

Practical assessment of the efficiency of leakage channel implementation is related to many parameters and depends on its type. In particular, for the speech information leakage channel, the method of articulation studies can be used, the essence of which is to determine the intelligibility of speech obtained with the help of TCP for this leakage channel [14, 15]. As a test signal, it is proposed to use a specially selected set of words from Pokrovsky's tests [14].

Fig. 2. Threats of forming a channel for leakage of speech information of types A, B, C
on the example of individual fiber-optic elements of a structured cabling system.

The articulation method is based on the assessment of the degree of fulfillment of the main requirement imposed on speech paths — ensuring intelligible transmission of speech through the acoustic information leakage channel. The measure of intelligibility is the value W, defined as the ratio of the number N0 of speech elements (sounds, syllables, words or phrases) correctly received through the test path to a sufficiently large total number N1 of transmitted speech elements, expressed as a percentage or as a fraction of a unit. Thus, speech intelligibility is called

W=(N0/N1)•100%.

Depending on the obtained value of W, the quality of acoustic protection of the elements of the room or the room as a whole is ensured [7]. For example, as practical experience shows, with verbal intelligibility:

• less than 60-70% — it is impossible to compile a detailed report on the content of intercepted conversations, but with greater intelligibility, the number of correctly understood words ensures the compilation of a detailed report on the content of the conversation;
• less than 40-50% — the intercepted message allows you to compile a brief report reflecting the subject, problem and general meaning of the intercepted conversation, individual words are not perceived;
• less than 20-30% — the intercepted speech message contains individual correctly understood words that allow us to establish the subject of the conversation;
• less than 20% — the speaker's voice is not identified, the topic of the conversation is not determined, analysis of the intercepted message allows us to determine only the fact of the presence of speech (negotiations).

The method for calculating verbal intelligibility of speech recommended by the State Technical Commission of Russia for assessing and monitoring the security of speech information allows calculating and giving a fairly accurate assessment of the permissible speech intelligibility depending on the octave levels of the protected speech and acoustic (vibration) noise signal.

Fig. 3. A stand for experimental modeling of an acoustic-fiber-optic channel for leakage of confidential speech information.
 I, II — acoustically isolated rooms.
1 — continuous optical radiation source, 2 — optical radiation receiver,
3 — optical fiber, 4 — devices for preliminary processing of the electrical signal,
5 — operator's headset,
 6 — test element of the fiber-optic information transmission system,
7 — acoustic system, 8 — microphone of the sound impact monitoring system,
9 — Computer control post for acoustic impact and fiber-optic communication,
 10 — Computer for voice information collection post.

Experimental comparison of voice information leakage channels

An experimental assessment of the efficiency of speech information leakage for various types of channels was performed on a fiber-optic transmission system test bench with the main passive elements hazardous to information protection (Fig. 3). The test bench included a light source, a fiber-optic line, and an optical radiation receiver (photodiode). A continuous helium-neon laser with a wavelength of 633 nm and a power of about 10 milliwatts was used as a light source; its radiation was introduced into the fiber. The communication line was made up of patch cords with single-mode and multimode fiber 2, 3, 5 m long, connected by connectors of several types (most often, an FC-FC type connector socket was used). In other cases, a line of double optical fiber with a total length of more than 25 m was used, forming a closed ring. The intensity of optical radiation was recorded by a silicon photodiode, the electrical signal from which was fed to a selective amplifier of a nanovoltmeter or a special audio broadband amplifier. Then the electrical signal of the audio frequency range was output to headphones and analyzed in real time by the operator or sent to the audio card of the computer at the data collection post for recording on the computer's hard drive and subsequent processing.

Modeling of confidential negotiations was carried out using a special program for reading texts from the control post computer. Sounding with a constant sound pressure level was carried out near the model leakage channels. The sound pressure level from the acoustic system was monitored using a noise meter. The speech information leakage channels were modeled using sections of optical fiber with mechanical contact (leakage channel type A), optical fiber in a protective cable sheath (leakage channel type B) and clamped between hard flat surfaces of the cable (leakage channel type C). The fiber-optic line with acoustic impact elements and the operator with the computer of the information reading post were located in acoustically isolated adjacent rooms, which created reality and increased the reliability of the measurements.

As experimental studies show, all three types of leakage channels allow unauthorized removal of information. The efficiency of the channel depended on the degree of processing of the optical fiber, materials and other parameters. The results of the experimental studies are presented in Table 1.

According to the experiment, the evaluation of the speech intelligibility W varies from 30 to 80%, depending on the type of leakage channel in the absence of special treatment of the cable or connectors and under the same other conditions. This allows us to speak about the high risk of leakage of confidential speech information. A particularly high value of speech intelligibility was observed when clamping the optical cable between hard surfaces, which is associated with a large plane of interaction of the acoustic wave and the fiber section. In fact, this structure of the leakage channel worked as a good microphone.

Conclusion

The conducted experimental studies have shown the reality of the formation of leakage channels of confidential acoustic (speech) information through fiber-optic communications passing through protected premises. The danger of the appearance of such leakage channels of acoustic information is associated with the peculiarities of the impact of the acoustic (speech) signal on the optical fiber and fiber-optic elements of the institution's information communications. The most dangerous sections of fiber-optic communications have been identified.

Reducing the speech intelligibility in speech information leakage channels to a level that meets the requirements for protecting acoustic information using passive and active protection methods will be considered in subsequent works. These protection methods can be built on the same physical principles as the leakage channels.

The materials of the article were prepared as part of the assignment for the project «Modeling the Comprehensive Protection of Confidential Speech Information of National Languages ​​at Communication and Information Facilities» under the analytical departmental target program «Development of the Scientific Potential of Higher Education (2009-2010) for 2009».

Literature

1. Bailey D., Wright E. Fiber optics: theory and practice. Trans. from English //M.: KUDITS-PRESS, 2008. — 320 p.
2. Semenov A.B. Fiber-optic subsystems of modern SCS //M.: Academy of IT: DMKPress, 2007. — 632 p.
3. Yakovlev A.V. Fiber-optic system for transmitting confidential information //Electrosvyaz. — 1994. — No. 10.
4. Grishachev V.V., Kabashkin V.N., Frolov A.D. Analysis of information leakage channels in fiber-optic communication lines: violation of total internal reflection //Scientific and practical journal «Information counteraction to terrorist threats». — 2005. — №4. http://www.contrterror.tsure.ru/site/magazine4/06-35-Grishachev-Kabashkin-Frolov.htm
5. Svintsov. A.G. Optimization of optical reflectometer parameters for detecting inhomogeneity during an attempt of unauthorized access to FOTS //Foton-Express. — 2006. — №6.
6. Grishachev V.V., Khalyapin D.B., Shevchenko N.A. Dangers of confidential speech information leakage channels via fiber-optic structured cabling systems //Proceedings of the X International scientific and practical conference «Information security». Part 2.- Taganrog: Publishing house of TTIUFU, 2008. — P. 103-105. Khalyapin D.B. Information protection. Are you being eavesdropped on? Protect yourself //M .: NOU SHO «BAYARD», 2004.
7. Khorev. A.A. Technical channels of acoustic (speech) information leakage //Special equipment. — 2004. — № 3,4,5.
8. Dvoryankin R.V., Kozlachkov S.B., Kharchenko L.A. Evaluation of speech information security taking into account modern noise reduction technologies //Information Security Issues. — 2007. — No. 2.
9. Terentyev E.B., Khalyapin D.B. Protection of speech information from leakage through fire alarm detectors //Technologies of technosphere safety. — 2007. — No. 5. http://www.ipb.mos.ru/ttb/2007-5/2007-5.html
10. Fedorov I.S., Orekhov I.N., Krasnoborodko E.V. Features of information leakage via acoustic and vibroacoustic channels //Security of information technologies (MIFI). — 2004. — №1.
11. Acoustics. Handbook. Under the general editorship of M.A. Sapozhkov. //M.: Radio and communication, 1989. — 336 p.
12. Kulchin. Yu.N. Distributed fiber-optic measuring systems //M.: Fizmatlit, 2001. — 272 p.
13. Pokrovsky. N.B. Calculation and measurement of speech intelligibility //M.: Svyazizdat, 1962. — 390 p. Kalintsev Yu.K. Speech intelligibility in digital vocoders //M.: Radio and communication, 1991. -220 p.