Filters








5,674 Hits in 5.1 sec

Leveraging Side-channel Information for Disassembly and Security

Jungmin Park, Fahim Rahman, Apostol Vassilev, Domenic Forte, Mark Tehranipoor
2019 ACM Journal on Emerging Technologies in Computing Systems  
In this paper, we provide a taxonomy of hardware-based monitoring techniques against different cyber and hardware attacks, highlight the potentials and unique challenges, and display how power-based side-channel  ...  instruction-level monitoring can offer suitable solutions to prevailing embedded device security issues.  ...  In this regard, we illustrate a power-based side-channel instruction-level disassembler. A few simple case studies show the potential applications of the proposed disassembler.  ... 
pmid:32863796 pmcid:PMC7450766 fatcat:hefsx3i2hzdulhaxcj5wcvjbfm

A Practical Methodology for ML-Based EM Side Channel Disassemblers [article]

Cesar N. Arguello, Hunter Searle, Sara Rampazzi, Kevin R. B. Butler
2022 arXiv   pre-print
By collecting these traces using our methodology and leveraging a random forest algorithm to develop a machine learning model, we built an EM side channel based instruction level disassembler.  ...  The disassembler was tested on an Arduino UNO board, yielding an accuracy of 88.69% instruction recognition for traces from twelve instructions captured at a single location in the device; this is an improvement  ...  Neural networks have also been leveraged for disassembly, achieving similar levels of accuracy only on power side channel [13] .  ... 
arXiv:2206.10746v2 fatcat:eyph3jjp75hfhhonzy677733lq

Building a Side Channel Based Disassembler [chapter]

Thomas Eisenbarth, Christof Paar, Björn Weghenkel
2010 Lecture Notes in Computer Science  
In addition to quantifying the potential of the created side channel based disassembler, we highlight its diverse and unique application scenarios.  ...  In this work we exploit side channel information to recover large parts of the program executed on an embedded processor.  ...  [10] published power based side channel attacks in 1999, they already mentioned the feasibility of reverse engineering code using side channel analysis.  ... 
doi:10.1007/978-3-642-17499-5_4 fatcat:u62ksqychzd2bi7wqaf3zyvpue

Configuration and Collection Factors for Side-Channel Disassembly [article]

Random Gwinn, Mark Matties, Aviel D. Rubin
2022 arXiv   pre-print
The analysis use case considered is instruction disassembly and classification using the microcontroller power side-channel.  ...  Additionally, data collection and analysis well above the Nyquist rate is required for side-channel disassembly.  ...  side-channel disassembly classification accuracy.  ... 
arXiv:2204.04766v1 fatcat:25rfco7pmzb2rcod5fepcasxae

Wavelet Selection and Employment for Side-Channel Disassembly [article]

Random Gwinn, Mark A. Matties, Aviel D. Rubin
2021 arXiv   pre-print
This paper explores wavelet selection and analysis parameters for use in side-channel analysis, particularly power side-channel-based instruction disassembly and classification.  ...  Side-channel analysis, originally used in cryptanalysis is growing in use cases, both offensive and defensive.  ...  In this work, the use case of disassembly through power side-channels is explored.  ... 
arXiv:2107.11870v1 fatcat:sy43n2lw3necpfqn63kgltu5fa

A Dataset Generation Framework for profiling Disassembly attacks using Side-Channel Leakages and Deep Neural Networks [article]

Pouya Narimani, Seyed Amin Habibi, Mohammad Ali Akhaee
2022 arXiv   pre-print
This study proposes two deep models to extract low and high-level features from side-channel traces and classify them to related instructions.  ...  Various studies among side-channel attacks have tried to extract information through leakages from electronic devices to reach the instruction flow of some appliances.  ...  Power side-channel traces of the target device are recorded by employing the OWON VDS 3102 USB oscilloscope.  ... 
arXiv:2207.12068v2 fatcat:kb54vuoa35fbpopt67jw5ep6o4

An Efficient Profiling Attack to Real Codes of PIC16F690 and ARM Cortex-M3

Shahram Vafa, Massoud Masoumi, Amir Amini
2020 IEEE Access  
This paper presents a new and efficient method based on power analysis, hierarchical recognition of instructions, and machine learning for reverse engineering of the instructions of PIC16F690 as an 8-bit  ...  Both dynamic and static power consumption were considered and analyzed.  ...  By combining machine-learning-based methods with an efficient hierarchical trace classification approach and instruction grouping, we have presented a powerful side-channel-based disassembler that is able  ... 
doi:10.1109/access.2020.3043395 fatcat:rcgkj523efhmverofltupemocm

Confidential Attestation: Efficient in-Enclave Verification of Privacy Policy Compliance [article]

Weijie Liu, Wenhao Wang, Xiaofeng Wang, Xiaozhu Meng, Yaosong Lu, Hongbo Chen, Xinyu Wang, Qingtao Shen, Kai Chen, Haixu Tang, Yi Chen, Luyi Xing
2020 arXiv   pre-print
To this end, this paper presents CAT, a new model for TEE-based confidential attestation.  ...  To this end, we need to mediate all indirect control transfer instructions, including indirect calls and jumps, and return instructions. AEX based side/covert channel mitigation.  ...  Particularly, an OS-level adversary can perform a controlled side channel attack (e.g., [78] ).  ... 
arXiv:2007.10513v1 fatcat:p23pajyac5hhvcszvc5els4ap4

SoK: Automated Software Diversity

Per Larsen, Andrei Homescu, Stefan Brunthaler, Michael Franz
2014 2014 IEEE Symposium on Security and Privacy  
Diversity as a Counter to Side Channel Attacks Covert channels exist whenever computation has observable side-effects.  ...  For example, information leaks help bypass address space layout randomization in later stages of an attack. a) Side Channel Attacks: We consider side channel attacks as a category of information leaks.  ... 
doi:10.1109/sp.2014.25 dblp:conf/sp/LarsenHBF14 fatcat:2z54gsh6cbhk3ihyaq4i6he7h4

Guest Editors' Introduction to the Special Issue on Hardware Security

Amro Awad, Rujia Wang
2020 IEEE transactions on computers  
The paper investigates the impact of delaying memory loads on memory level parallelism. The paper also reevaluates value prediction as an invisible form of speculation.  ...  We treated all papers similarly with regard to the selection criteria, and our decisions are majorly based on experts' recommendations.  ...  In another paper, Instruction Sequence Identification and Disassembly Using Power Supply Side-Channel Analysis, the authors identify that instruction-level activity could be leaked via a power-based side  ... 
doi:10.1109/tc.2020.3021223 fatcat:nz37oxlhovahlbggly7iwpl22i

RASCv2: Enabling Remote Access to Side-Channels for Mission Critical and IoT Systems

Yunkai Bai, Andrew Stern, Jungmin Park, Mark Tehranipoor, Domenic Forte
2022 ACM Transactions on Design Automation of Electronic Systems  
RASC reduces the complete side-channel analysis system into two small PCBs (2 \( \times \) 2 cm), providing the ability to monitor power and electromagnetic (EM) traces of the target device.  ...  A very promising approach to detecting anomalous behavior in the IoT and other embedded systems is side-channel analysis.  ...  The ine-grained method is based on instruction-level granularity [31] . In [20, 29, 32, 40] , the power traces are analyzed to disassemble instruction low of the target device.  ... 
doi:10.1145/3524123 fatcat:g6topb75mjhgfac3vllebimgue

Exploiting code mobility for dynamic binary obfuscation

Paolo Falcarin, Stefano Di Carlo, Alessandro Cabutto, Nicola Garazzino, Davide Barberis
2011 2011 World Congress on Internet Security (WorldCIS-2011)  
To address this research problem, we propose a novel binary obfuscation approach based on the deployment of an incomplete application whose code arrives from a trusted network entity as a flow of mobile  ...  their confusion factor, as the percentage of instructions not correctly disassembled because of binary obfuscation.  ...  The random bytes causes disassembler to shift instruction boundaries (which have variable length in Intel architecture), and displays wrong assembly instructions to the attacker.  ... 
doi:10.1109/worldcis17046.2011.5749894 fatcat:5ppwmbwpwrfdxbhhruu3mw2juy

Jump over ASLR: Attacking branch predictors to bypass ASLR

Dmitry Evtyushkin, Dmitry Ponomarev, Nael Abu-Ghazaleh
2016 2016 49th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO)  
In this paper, we develop an attack to derive kernel and user-level ASLR offset using a side-channel attack on the branch target buffer (BTB).  ...  Our attack exploits the observation that an adversary can create BTB collisions between the branch instructions of the attacker process and either the user-level victim process or on the kernel executing  ...  Creating BTB Collisions in User Space To create a BTB-based side-channel, three conditions must be satisfied. First, one application has to fill a BTB entry by executing a branch instruction.  ... 
doi:10.1109/micro.2016.7783743 dblp:conf/micro/EvtyushkinPA16 fatcat:2hbwyflxpbcq3c2fidzyftppvy

Implementation of security module to protect programme theft in microcontroller-based applications

P. Muthu Subramanian, A. Rajeswari
2019 Automatika  
All the approaches use side-channel information obtained during the execution of the suspicious code. The primary method is passive, i.e. no previous modification of the original code is required.  ...  The other method inserts additional code fragments as a watermark that can be identified in the power consumption of the executed source code.  ...  The side-channel software watermark consists of few instructions that are inserted in the assembly-level code.  ... 
doi:10.1080/00051144.2019.1578916 fatcat:yyuy4ozggjhr5frxcfmsjxbo64

MalDeep: A Deep Learning Classification Framework against Malware Variants Based on Texture Visualization

Yuntao Zhao, Chunyu Xu, Bo Bo, Yongxin Feng
2019 Security and Communication Networks  
In this paper, MalDeep, a novel malware classification framework of deep learning based on texture visualization, is proposed against malicious variants.  ...  Through code mapping, texture partitioning, and texture extracting, we can study malware classification in a new feature space of image texture representation without decryption and disassembly.  ...  Based on the static representation, the feature is extracted from malicious code by analyzing the PE file structure, binary byte code, disassembled code, and system call after disassembly.  ... 
doi:10.1155/2019/4895984 fatcat:ujsd6njlvrapthhrv5ln4gcloe
« Previous Showing results 1 — 15 out of 5,674 results