From 56021ab3052d412c53571d065e270e335d4e38ae Mon Sep 17 00:00:00 2001 From: Arthur Grisel-Davy Date: Mon, 26 Jun 2023 17:34:28 -0400 Subject: [PATCH] review --- BPV/qrs/bibli.bib | 12 +++---- BPV/qrs/glossary.typ | 2 +- BPV/qrs/main.typ | 19 ++++++---- BPV/qrs/tablex.typ | 1 - BPV/qrs/template.typ | 83 +++++++++++++++++--------------------------- BPV/qrs/utils.typ | 2 +- 6 files changed, 50 insertions(+), 69 deletions(-) diff --git a/BPV/qrs/bibli.bib b/BPV/qrs/bibli.bib index eda2606..edbaef7 100644 --- a/BPV/qrs/bibli.bib +++ b/BPV/qrs/bibli.bib @@ -31,11 +31,11 @@ primaryClass={cs.CR} @inproceedings {185175, author = {Jacob Maskiewicz and Benjamin Ellis and James Mouradian and Hovav Shacham}, title = {Mouse Trap: Exploiting Firmware Updates in {USB} Peripherals}, -booktitle = {8th {USENIX} Workshop on Offensive Technologies ({WOOT} 14)}, +booktitle = {8th USENIX Workshop on Offensive Technologies ({WOOT} 14)}, year = {2014}, address = {San Diego, CA}, url = {https://www.usenix.org/conference/woot14/workshop-program/presentation/maskiewicz}, -publisher = {{USENIX} Association}, +publisher = {USENIX Association}, month = aug, } @@ -525,15 +525,11 @@ series = {IoTPTS '16} @inproceedings{michalevsky2015powerspy, title={Powerspy: Location tracking using mobile device power analysis}, author={Michalevsky, Yan and Schulman, Aaron and Veerapandian, Gunaa Arumugam and Boneh, Dan and Nakibly, Gabi}, - booktitle={24th $\{$USENIX$\}$ Security Symposium ($\{$USENIX$\}$ Security 15)}, + booktitle={24th USENIX Security Symposium (USENIX Security 15)}, pages={785--800}, year={2015} } - - - - @INPROCEEDINGS{4531926, author={Nilsson, D. K. and Larson, U. E.}, @@ -588,7 +584,7 @@ series = {IoTPTS '16} doi={10.1109/ICDIS.2019.00016}} - @inproceedings{pothukuchi2021maya, +@inproceedings{pothukuchi2021maya, title={Maya: Using formal control to obfuscate power side channels}, author={Pothukuchi, Raghavendra Pradyumna and Pothukuchi, Sweta Yamini and Voulgaris, Petros G and Schwing, Alexander and Torrellas, Josep}, booktitle={2021 ACM/IEEE 48th Annual International Symposium on Computer Architecture (ISCA)}, diff --git a/BPV/qrs/glossary.typ b/BPV/qrs/glossary.typ index 96e7135..a42fe92 100644 --- a/BPV/qrs/glossary.typ +++ b/BPV/qrs/glossary.typ @@ -120,4 +120,4 @@ } doc -} +} \ No newline at end of file diff --git a/BPV/qrs/main.typ b/BPV/qrs/main.typ index f9c77d8..a618872 100644 --- a/BPV/qrs/main.typ +++ b/BPV/qrs/main.typ @@ -2,6 +2,7 @@ #import "tablex.typ": tablex, hlinex, vlinex, colspanx, rowspanx #let acronyms = ( + "IoT": "Internet of Things", "BPV": "Boot Process Verifier", "IDS": "Intrusion Detection System", "SVM": "Support Vector Machine", @@ -93,6 +94,7 @@ email: "sfischme@uwaterloo.ca", ), ), + anon: true, index-terms: (), bibliography-file: "bibli.bib", ) @@ -119,7 +121,7 @@ = Introduction The firmware of any embedded system is susceptible to attacks. Since firmware provides many security features, it is always of major interest to attackers. -Every year, a steady number of new vulnerabilities are discovered. Any device that requires firmware, such as computers @185175, @PLC @BASNIGHT201376, or IoT devices @rieck2016attacks, is vulnerable to these attacks. +Every year, a steady number of new vulnerabilities are discovered. Any device that requires firmware, such as computers @185175, @PLC @BASNIGHT201376, or @IoT devices @rieck2016attacks, is vulnerable to these attacks. There are multiple ways to leverage a firmware attack. Reverting firmware to an older version allows an attacker to reopen discovered and documented flaws. Cancelling an update can ensure that previously deployed attacks remain available. Finally, implementing custom firmware enables full access to the machine. @@ -136,7 +138,7 @@ An attacker that could avoid triggering a verification, tamper with the verifica // This idea of necessary independence between the target and the @IDS can be summarized in the following statement.\ // #align(center,text(weight: "bold", [An @IDS is incoherent if its deployment requires the cooperation of the entity it pretends to protect.])) -@IDS are subjected to a trade-off between having access to relevant and meaningful information and keeping the detection mechanism separated from the target machine. +@IDS are subject to a trade-off between having access to relevant and meaningful information and keeping the detection mechanism separated from the target machine. Our solution addresses this trade-off by leveraging side-channel information. == Contributions @@ -156,8 +158,8 @@ Finally, the paper finishes with @discussion that provides more insight on speci = Related Work -Historically, the firmware was written on a @ROM, and it was impossible to change. -With the growing complexity of embedded systems, manufacturers developed procedures to allow remote firmware upgrades. +Historically, the firmware was written on a @ROM, and it impossible to change. +With the growing complexity of embedded systems, manufacturers developed procedures to enable remote firmware upgrades. Firmware upgrades can address performances or security flaws or, less frequently, add features. Unfortunately, attackers can leverage these firmware upgrade mechanisms to implement unauthorized or malicious pieces of software in the machine. Almost all embedded systems are vulnerable to firmware attacks. @@ -391,7 +393,7 @@ The changes are listed in @tab-machines. #figure( tablex( columns: (25%,25%,25%,25%), - align: horizon, + align: (left+horizon,right+horizon,right+horizon,right+horizon), auto-vlines: false, repeat-header: false, [*Device*], [*Original*], [*Change 1*], [*Change 2*], @@ -438,6 +440,7 @@ The results are presented in @tab-results. tablex( columns: (40%,40%), auto-vlines: false, + align: (left, right), [*Machine*], [*BPV*], [TP-Link switch], [0.87], [HP switch], [0.98], @@ -494,7 +497,7 @@ The experiment scenarios are: #figure( tablex( auto-vlines: false, - align: left, + align: (left, right, right), columns: (40%,auto,auto), [*Scenario*],[*Accuracy*], [*Nbr. of Samples*], [Original],[1],[98], @@ -614,7 +617,9 @@ The training dataset is composed of 100 training traces and 100 evaluation races The results are presented in @tab-aim #figure( - table( + tablex( + auto-vlines: false, + align: (left, right, right), columns:(33%,33%,33%), [*Machine*], [*BPV*], [*AIM*], [HP-SWITCH],[$0.895 plus.minus 0.094$],[$0.657 plus.minus 0.394$], diff --git a/BPV/qrs/tablex.typ b/BPV/qrs/tablex.typ index a1c4161..7a9deed 100644 --- a/BPV/qrs/tablex.typ +++ b/BPV/qrs/tablex.typ @@ -2522,4 +2522,3 @@ #let gridx(..options) = { tablex(auto-lines: false, ..options) } - diff --git a/BPV/qrs/template.typ b/BPV/qrs/template.typ index f5f600b..2b27899 100644 --- a/BPV/qrs/template.typ +++ b/BPV/qrs/template.typ @@ -21,6 +21,7 @@ // department, organization, location, and email. Everything but // but the name is optional. authors: (), + anon: false, // The paper's abstract. Can be omitted if you don't have one. abstract: none, @@ -81,7 +82,7 @@ 1 } - set text(10pt, weight: 400) + set text(10pt, weight: "regular") if it.level == 1 [ #show: smallcaps #v(12pt, weak: true) @@ -107,59 +108,40 @@ // Start with names set align(center) let nbr_authors = authors.len() - for (i,author) in authors.enumerate(){ - if i+1 == nbr_authors{ - [#author.name\ ] - }else{ - [#author.name, ] + if not anon{ + for (i,author) in authors.enumerate(){ + if i+1 == nbr_authors{ + [#author.name\ ] + }else{ + [#author.name, ] + } } - } - // Continue with affiliations - for author in authors{ - if author.department+author.organization+author.location != ""{ - [#author.department, #author.organization, #author.location\ ] + // Continue with affiliations + for author in authors{ + if author.department+author.organization+author.location != ""{ + [#author.department, #author.organization, #author.location\ ] + } } - } - // Continue with the emails, same way as for authors - for (i,author) in authors.enumerate(){ - if i+1 == nbr_authors{ - [#author.email\ ] - }else{ - [#author.email, ] + // Continue with the emails, same way as for authors + for (i,author) in authors.enumerate(){ + if i+1 == nbr_authors{ + [#author.email\ ] + }else{ + [#author.email, ] + } } + [\*Corresponding author] + }else{ + [ + \ + \ + \ + \ + + ] } - [\*Corresponding author] + set align(left) - - // Display the authors list. - //for i in range(calc.ceil(authors.len() / 3)) { - // let end = calc.min((i + 1) * 3, authors.len()) - // let is-last = authors.len() == end - // let slice = authors.slice(i * 3, end) - // grid( - // columns: slice.len() * (1fr,), - // gutter: 12pt, - // ..slice.map(author => align(center, { - // text(12pt, author.name) - // if "department" in author [ - // \ #emph(author.department) - // ] - // if "organization" in author [ - // \ #emph(author.organization) - // ] - // if "location" in author [ - // \ #author.location - // ] - // if "email" in author [ - // \ #link("mailto:" + author.email) - // ] - // })) - // ) - - // if not is-last { - // v(16pt, weak: true) - // } - //} v(40pt, weak: true) // Start two column mode and configure paragraph properties. @@ -169,7 +151,7 @@ // Display abstract and index terms. if abstract != none [ - #set text(weight: "regular") + //#set text(weight: "regular") #h(1em) _Abstract_---#abstract #if index-terms != () [ @@ -187,4 +169,3 @@ bibliography(bibliography-file, title: text(10pt)[References], style: "ieee") } } - diff --git a/BPV/qrs/utils.typ b/BPV/qrs/utils.typ index da9be64..15693a9 100644 --- a/BPV/qrs/utils.typ +++ b/BPV/qrs/utils.typ @@ -28,7 +28,7 @@ } #let reset-all-acronyms() = { - // Reset all acronyms. They will all be expanded on next use. + // Reset all acronyms. They will all be expanded on the next use. for term in acronyms.keys() { state("acronym-state-" + term, false).update(false) }