Automated software protection for the masses against side-channel attacks.

Automated software protection for the masses against side-channel attacks. ... We present an approach and a tool to answer the need for e ective, generic and easily applicable protections against side-channel attacks. ... ACKNOWLEGEMENTS We thank Olivier Debicki for his fruitful help on the management of memory permissions, Philippe Jaillon for the preliminary discussions on attack paths on polymorphic implementations, ...

doi:10.1145/3281662 fatcat:ftmxm2xklvbfhjqr67oytzm2qi

This includes protocols, software, hardware, and circuits. We review active research in the area of secure design methodologies. ... We outline a methodology for the design of secure and trusted electronic embedded systems, which builds on identifying the secure-sensitive part of a system (the root-of-trust) and iteratively partitioning ... Acknowledgement This work was partially supported by NSF awards 0644070 and 0541472, FWO projects G.0475.05 and G.0300.07 and funds from the K.U.Leuven. ...

doi:10.1109/date.2007.364671 dblp:conf/date/VerbauwhedeS07 fatcat:txc6qezp35c5zkxsllzeq2p46i

It is essential to ensure the cybersecurity of automatic control systems, such as relay protection devices (RP), devices of regime control (RC) and emergency control (EC), automated control systems. ... At the same time, the issues of cybersecurity include not only the problem of hacker attacks, but also the whole complex of problems relating to adequate functioning of cybernetic systems in the power ... The work was carried out within the project III.17.4.2 (No. АААА-А17-117030310438-1) of the fundamental research program of the Siberian Branch of the Russian Academy of Sciences. ...

doi:10.1051/e3sconf/201913901029 fatcat:vjaobnxeu5ardgovugodza7n7q

DOAJ Szczepanski

It is essential to ensure the cybersecurity of automatic control systems, such as relay protection devices (RP), devices of regime control (RC) and emergency control (EC), automated control systems. ... The authors consider two of the most acute aspects of cybersecurity in the energy systems of the future in the era of total digitalization: large-scale prepared cyber attacks on the electrical power systems ... The work was carried out within the project III.17.4.2 (No. АААА-А17-117030310438-1) of the fundamental research program of the Siberian Branch of the Russian Academy of Sciences. ...

doi:10.1051/e3sconf/202021601040 fatcat:6gutaztrrbgopnoqosx6wudwl4

DOAJ Szczepanski

While scaling is generally thought of as beneficial to the resulting implementations, this does not hold for secure electronic design. ... Indeed, the relations between scaling and the resulting security are poorly understood. ... As a result, the attacker can launch a cache attack by measuring the total time for the encryption. This technique has been used to attack a remote server. ...

doi:10.4230/dagrep.6.8.65 dblp:journals/dagstuhl-reports/BatinaBSS16 fatcat:qya6rznvonbi7pfic7ocbxwkea

The complexity of these systems and the potential impact of cyberattacks bring upon new threats. ... These systems generate, process, and exchange vast amounts of security-critical and privacy-sensitive data, which makes them attractive targets of attacks. ... Acknowledgments This work has been co-funded by the DFG as part of project S2 within the CRC 1119 CROSSING. ...

doi:10.1145/2744769.2747942 dblp:conf/dac/SadeghiWW15 fatcat:5xtdkzjs4jggjfng7juny2r3pa

Fortunately, we are able to describe software-based countermeasures as effective improvements to retrofit the examined devices. ... Our findings clearly emphasize the significant threat from supply chain and evil maid scenarios since the attacks are practical and only require moderate attacker efforts. ... Acknowledgements The work presented in this contribution was funded by the German Federal Office for Information Security (BSI). We thank Sven Freud and Tobias Damm for the valuable ...

doi:10.46586/tches.v2021.i3.176-201 fatcat:lnykdcaslvfjbaq4vgpwxt5qnq

DOAJ OJS

The proposed approach, inspired by side-channel schemes used to detect Trojans (foreign malicious logic) in integrated circuits, aims at detecting changes to a manufactured part's intrinsic behavior through ... However, quality control systems are not designed to detect the effects of malicious attacks and are illsuited to act as a cyber-security measure for many manufacturing systems. ... Through the careful selection of IC characteristics for model generation, attackers have little information on the side-channel measurements being used. ...

doi:10.1016/j.promfg.2015.09.065 fatcat:77xwroq5dzgkpgvmiqff3b7gli

Open Access

This report documents the program and the outcomes of Dagstuhl Seminar 16051 "Modern Cryptography and Security: An Inter-Community Dialogue". ... MPC: killer applications and threat models for applications ... Hence, to achieve comprehensive protection secure hardware needs to implement mechanism against each possible side-channel. ...

doi:10.4230/dagrep.6.1.207 dblp:journals/dagstuhl-reports/LauterSS16 fatcat:pvygznzfp5bpbhzl5jirtvtnpm

Precise knowledge of the target software provides the underpinning for a wide range of attacks. This makes diversity a broad rather than narrowly focused defense mechanism. ... The deficiencies of currently deployed defenses and the transition to online software distribution (the "App store" model) for traditional and mobile computers has revived the interest in automatic software ... ACKNOWLEDGMENTS We thank the anonymous reviewers, Prof. Greg Morrisett, Stephen Crane, and Mark Murphy for their insightful reviews, helpful suggestions, and proofreading. ...

doi:10.1109/sp.2014.25 dblp:conf/sp/LarsenHBF14 fatcat:2z54gsh6cbhk3ihyaq4i6he7h4

For example, how does an AI-capable adversary impact the cyber kill chain? Does AI benefit the attacker more than the defender? ... AI has provided us with the ability to automate tasks, extract information from vast amounts of data, and synthesize media that is nearly indistinguishable from the real thing. ... Pin-Yu Chen, Evan Downing, and Didier Contis for taking the time to participate in our survey. ...

arXiv:2106.15764v1 fatcat:zkfukg4krjcczpie2gbdznwqqi

Open Access

(b) destroy the economic value for the attacker without severely damaging our own resources. ... This leads us to the conclusion that we may be forced to accept that the security war is lost for now, and that a considerable portion of all consumer PCs is under control of some organized malicious entity ... The authors thank Michael Locasto, the anonymous reviewers and all participants of the NSPW'07 workshop for valuable comments that helped to sharpen the paradigm put forth in the paper. ...

doi:10.1145/1600176.1600191 dblp:conf/nspw/KursaweK07 fatcat:yikplbpbqrdoji63f4dpzaxfau

The 3D printing estimated value reached 20.2 billion of dollars in 2021. The thermal camera is used for exploring the side channel attacks after reconstructing the objects against 3D printers. ... The rapid development of new applications using smartphones in the world caused all users of the IoT community to be faced with one major challenge of security in the form of side channel attacks against ... This study provides IoT devices' security attacks relevant awareness [29] .The side channel attacks which destroyed the smartphone sensitive data, consist of: - Local Side-Channel Attack (Protection cryptographic ...

arXiv:1708.04560v1 fatcat:2ykbj6h7anbu7eik4ccbmgs5ui

We propose strategies for defenders to regain the initiative and push security solutions far beyond the reach of current security tools -yet those strategies start mirroring the actions and technologies ... We review the current strategies to counter Internet threats under the light of the classic strategy literature. ... We thank the research institutions that employ us and that in no way share the views expressed in this paper. ...

doi:10.1007/978-3-642-22137-8_2 fatcat:vyiv537yafgp3akidkima3r7na

Defending against a foundry-side adversary is challenging because---even with as few as two gates---hardware Trojans can completely undermine software security. ... Researchers have attempted to both detect and prevent foundry-side attacks, but all existing defenses are ineffective against Trojans with footprints of a few gates or less. ... Acknowledgment We thank Brian Tyrrell, Matt Guyton, and other members of the MIT Lincoln Laboratory community for their thoughtful feedback that enhanced the quality of our work. ...

arXiv:1906.08842v2 fatcat:yqkqecmvb5bybmefnzvkqgvmau

Multiple Versions

Automated Software Protection for the Masses Against Side-Channel Attacks

Preserved Fulltext

Design methods for Security and Trust

Preserved Fulltext

Analysis of the emergency control and relay protection structures approached from the point of view of EPS reliability and survivability by taking into account cybersecurity threats

Preserved Fulltext

Analysis of cyber vulnerabilities of the emergency control and relay protection to assess the reliability and survivability of electrical power systems in the era of total digitalization

Preserved Fulltext

Foundations of Secure Scaling (Dagstuhl Seminar 16342)

Preserved Fulltext

Security and privacy challenges in industrial internet of things

Preserved Fulltext

Security and Trust in Open Source Security Tokens

Preserved Fulltext

Trojan Detection and Side-channel Analyses for Cyber-security in Cyber-physical Manufacturing Systems

Preserved Fulltext

Modern Cryptography and Security: An Inter-Community Dialogue (Dagstuhl Seminar 16051)

Preserved Fulltext

SoK: Automated Software Diversity

Preserved Fulltext

The Threat of Offensive AI to Organizations [article]

Preserved Fulltext

Computing under occupation

Preserved Fulltext

A Review of Internet of Things Architecture, Technologies and Analysis Smartphone-based Attacks Against 3D printers [article]

Preserved Fulltext

Fighting the 'Good' Internet War [chapter]

Preserved Fulltext

T-TER: Defeating A2 Trojans with Targeted Tamper-Evident Routing [article]

Preserved Fulltext

Other Versions