grizzly/deneir
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add reference to articles

Browse source
This commit is contained in:
Arthur Grisel-Davy 2023-09-29 08:12:37 -04:00
parent d24aa59706
commit 2ea0650c00
2 changed files with 24 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
PhD/research_proposal/pastwork.tex
View file

@ -22,7 +22,6 @@ For these reasons, network switches are prime candidates for side-channel securi
The installation of a side-channel monitoring system is often minimally invasive and can even be performed without downtime if the machine supports redundant power supplies.
The aim of the project was to leverage side-channel analysis to detect anomalous activities that can be related to attacks on a network switch.
The goal is not to create a complete \gls{ids} suite from physics-based security but to offer a complementary detection mechanism for the cases where traditional \gls{ids} are failing.
\agd{ask sebastian about examples of traditional H|N-IDS}
\subsection{Attack Scenario}
@ -106,6 +105,8 @@ All these methods yield good results for the detection of abnormal firmware.
\label{fig:eet1_firmware}
\end{figure}
This first exploration of the capabilities of physics-based \gls{ids} lead to the publication of an article \cite{eet1_mlcs} at the workshop on Machine Learning for Cyber Security at the ECML-PKDD conference.
\newpage
\section{xPSU}\label{sec:xpsu}
The xPSU project continued the exploratory work started with the \gls{eet} project.
@ -192,6 +193,7 @@ We performed the second evaluation on a drone.
A drone is a prime machine for the \gls{bpv} as its low complexity allows for consistent boot traces.
We successfully detected different firmware versions by leveraging the information from the two previous experiments.
Along the evaluations, the \gls{bpv} capabilities have been modified to adapt to specific cases and enable anomalous training samples, multi-model evaluations, and autonomous learning.
This expansion of the work on \gls{bpv} lead to the plublication of a paper \cite{bpv_qrs} at the QRS Conference.
\begin{table}[ht]
\centering
@ -375,6 +377,7 @@ The normalized state edit distance is defined as
with $Lev$ the Levenshtein distance.
This metric is complementary to the accuracy and will be computed for every evaluation of the the state detection algorithms.
This work on the detection of machine activity from power consumption information lead to the publication of an article \cite{dsd_qrs} at the QRS conference.
\newpage
\section{Conclusion on Past Work}
The project of physics-based security at a global level with complete independence from the protected machine is not trivial.