From 40c54e53a7005ef9d61afc7dbbb1b2151beddbbb Mon Sep 17 00:00:00 2001 From: Arthur Grisel-Davy Date: Mon, 25 Sep 2023 09:28:45 -0400 Subject: [PATCH] camera ready DSD qrs --- .gitignore | 3 +++ DSD/qrs/biblio.bib | 7 +++++-- DSD/qrs/main.tex | 22 +++++++++++----------- 3 files changed, 19 insertions(+), 13 deletions(-) diff --git a/.gitignore b/.gitignore index 8596114..6a5c9f5 100644 --- a/.gitignore +++ b/.gitignore @@ -30,3 +30,6 @@ # markdown files *.md + +# archives +*.zip diff --git a/DSD/qrs/biblio.bib b/DSD/qrs/biblio.bib index 046b69f..dea920a 100644 --- a/DSD/qrs/biblio.bib +++ b/DSD/qrs/biblio.bib @@ -103,8 +103,11 @@ series = {MobiSys '17} title = {Reference hidden for peer-review}, } -@misc{hidden-articlemlcs, - title = {Reference hidden for peer-review}, +@misc{articlemlcs, + title = {Side-channel Based Runtime Intrusion Detection for Network Equipment}, + author = {Arthur Grisel-Davy, Goksen U. Guler, Julian Dickert, Philippe Vibien, Waleed Khan, Jack Morgan, Carlos Moreno, and Sebastian Fischmeister}, + year = {2023}, + Journal = {Machine Learning for Cyber Security. ML4CS 2023} } @inbook{278e1df91d22494f9be2adfca2559f92, diff --git a/DSD/qrs/main.tex b/DSD/qrs/main.tex index 7c0b177..bfbaa76 100644 --- a/DSD/qrs/main.tex +++ b/DSD/qrs/main.tex @@ -32,16 +32,16 @@ \begin{document} \input{acronyms} \title{\textbf{\Large MAD: One-Shot Machine Activity Detector for Physics-Based Cyber Security\\}} -%\author{ -% Arthur Grisel-Davy$^{1,*}$, Sebastian Fischmeister$^{1}$\\ -% \normalsize $^{1}$University of Waterloo, Ontario, Canada\\ -% \normalsize agriseld@uwaterloo.ca, sfishme@uwaterloo.ca\\ -% \normalsize *corresponding author -%} \author{ - \vspace{\baselineskip} - \vspace{1.1\baselineskip} + Arthur Grisel-Davy$^{1,*}$, Sebastian Fischmeister$^{1}$\\ + \normalsize $^{1}$University of Waterloo, Ontario, Canada\\ + \normalsize agriseld@uwaterloo.ca, sfishme@uwaterloo.ca\\ + \normalsize *Corresponding author } +%\author{ +% \vspace{\baselineskip} +% \vspace{1.1\baselineskip} +%} %+++++++++++++++++++++++++++++++++++++++++++ % use only for invited papers @@ -127,7 +127,7 @@ In experiments, \gls{mad} outperforms other approaches in accuracy and the reduc We will present the current related work on physics-based security and time series pattern detection in Section~\ref{sec:related}. Then we will introduce the formal and practical definitions of the solution in Section~\ref{sec:statement} and~\ref{sec:solution}. -The two case studies presented in section~\ref{sec:cs1} and~\ref{sec:cs2} illustrate the performances of the solution in various situations. +The two case studies presented in Section~\ref{sec:cs1} and~\ref{sec:cs2} illustrate the performances of the solution in various situations. Finally, we will discuss some important aspects of the proposed solution in Section~\ref{sec:discussion}. \section{Related Work}\label{sec:related} @@ -141,7 +141,7 @@ Acoustic emissions \cite{belikovetsky2018digital}, heat pattern signature \cite{ Side-channel information collection generally results in time series objects to analyze. There exists a variety of methods for analyzing time series. -For signature-based solutions, a specific extract of the data is compared to known-good references to assess the integrity of the host \cite{9934955, hidden-articlemlcs}. +For signature-based solutions, a specific extract of the data is compared to known-good references to assess the integrity of the host \cite{9934955, articlemlcs}. This signature comparison enables the verification of expected and specific sections and requires that the sections of interest can be extracted and synchronized. Another solution for detecting intrusions is the definition of security policies. Security policies are sets of rules that describe wanted or unwanted behavior. @@ -514,7 +514,7 @@ The dataset is publicly available \cite{zenodo}. \textbf{Lab Captures:} NUCPC-0, NUCPC-1, WAP-ASUS and WAP-LINKSYS correspond to lab-captured machine activity power consumption. -A commercial solution \cite{hidden-palitronica}, placed in series with the main power cable, measures the global power consumption of the machine. +A commercial solution \cite{palitronica}, placed in series with the main power cable, measures the global power consumption of the machine. We considered two types of machines. The NUCPC-* are small form factor general-purpose computers. The WAP-* are wireless access points from two different brands.