review
This commit is contained in:
Arthur Grisel-Davy
parent
e2cc4ecfec
commit
56021ab305
6 changed files with 50 additions and 69 deletions
|
|
@ -2,6 +2,7 @@
|
|||
#import "tablex.typ": tablex, hlinex, vlinex, colspanx, rowspanx
|
||||
|
||||
#let acronyms = (
|
||||
"IoT": "Internet of Things",
|
||||
"BPV": "Boot Process Verifier",
|
||||
"IDS": "Intrusion Detection System",
|
||||
"SVM": "Support Vector Machine",
|
||||
|
|
@ -93,6 +94,7 @@
|
|||
email: "sfischme@uwaterloo.ca",
|
||||
),
|
||||
),
|
||||
anon: true,
|
||||
index-terms: (),
|
||||
bibliography-file: "bibli.bib",
|
||||
)
|
||||
|
|
@ -119,7 +121,7 @@
|
|||
|
||||
= Introduction
|
||||
The firmware of any embedded system is susceptible to attacks. Since firmware provides many security features, it is always of major interest to attackers.
|
||||
Every year, a steady number of new vulnerabilities are discovered. Any device that requires firmware, such as computers @185175, @PLC @BASNIGHT201376, or IoT devices @rieck2016attacks, is vulnerable to these attacks.
|
||||
Every year, a steady number of new vulnerabilities are discovered. Any device that requires firmware, such as computers @185175, @PLC @BASNIGHT201376, or @IoT devices @rieck2016attacks, is vulnerable to these attacks.
|
||||
There are multiple ways to leverage a firmware attack. Reverting firmware to an older version allows an attacker to reopen discovered and documented flaws.
|
||||
Cancelling an update can ensure that previously deployed attacks remain available. Finally, implementing custom firmware enables full access to the machine.
|
||||
|
||||
|
|
@ -136,7 +138,7 @@ An attacker that could avoid triggering a verification, tamper with the verifica
|
|||
// This idea of necessary independence between the target and the @IDS can be summarized in the following statement.\
|
||||
// #align(center,text(weight: "bold", [An @IDS is incoherent if its deployment requires the cooperation of the entity it pretends to protect.]))
|
||||
|
||||
@IDS are subjected to a trade-off between having access to relevant and meaningful information and keeping the detection mechanism separated from the target machine.
|
||||
@IDS are subject to a trade-off between having access to relevant and meaningful information and keeping the detection mechanism separated from the target machine.
|
||||
Our solution addresses this trade-off by leveraging side-channel information.
|
||||
|
||||
== Contributions
|
||||
|
|
@ -156,8 +158,8 @@ Finally, the paper finishes with @discussion that provides more insight on speci
|
|||
|
||||
|
||||
= Related Work
|
||||
Historically, the firmware was written on a @ROM, and it was impossible to change.
|
||||
With the growing complexity of embedded systems, manufacturers developed procedures to allow remote firmware upgrades.
|
||||
Historically, the firmware was written on a @ROM, and it impossible to change.
|
||||
With the growing complexity of embedded systems, manufacturers developed procedures to enable remote firmware upgrades.
|
||||
Firmware upgrades can address performances or security flaws or, less frequently, add features.
|
||||
Unfortunately, attackers can leverage these firmware upgrade mechanisms to implement unauthorized or malicious pieces of software in the machine.
|
||||
Almost all embedded systems are vulnerable to firmware attacks.
|
||||
|
|
@ -391,7 +393,7 @@ The changes are listed in @tab-machines.
|
|||
#figure(
|
||||
tablex(
|
||||
columns: (25%,25%,25%,25%),
|
||||
align: horizon,
|
||||
align: (left+horizon,right+horizon,right+horizon,right+horizon),
|
||||
auto-vlines: false,
|
||||
repeat-header: false,
|
||||
[*Device*], [*Original*], [*Change 1*], [*Change 2*],
|
||||
|
|
@ -438,6 +440,7 @@ The results are presented in @tab-results.
|
|||
tablex(
|
||||
columns: (40%,40%),
|
||||
auto-vlines: false,
|
||||
align: (left, right),
|
||||
[*Machine*], [*BPV*],
|
||||
[TP-Link switch], [0.87],
|
||||
[HP switch], [0.98],
|
||||
|
|
@ -494,7 +497,7 @@ The experiment scenarios are:
|
|||
#figure(
|
||||
tablex(
|
||||
auto-vlines: false,
|
||||
align: left,
|
||||
align: (left, right, right),
|
||||
columns: (40%,auto,auto),
|
||||
[*Scenario*],[*Accuracy*], [*Nbr. of Samples*],
|
||||
[Original],[1],[98],
|
||||
|
|
@ -614,7 +617,9 @@ The training dataset is composed of 100 training traces and 100 evaluation races
|
|||
The results are presented in @tab-aim
|
||||
|
||||
#figure(
|
||||
table(
|
||||
tablex(
|
||||
auto-vlines: false,
|
||||
align: (left, right, right),
|
||||
columns:(33%,33%,33%),
|
||||
[*Machine*], [*BPV*], [*AIM*],
|
||||
[HP-SWITCH],[$0.895 plus.minus 0.094$],[$0.657 plus.minus 0.394$],
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue