grizzly/deneir
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

final changes to conclusion

Browse source
This commit is contained in:
Arthur Grisel-Davy 2023-10-03 06:06:16 -04:00
parent 7602f00593
commit 7335d083b6
1 changed files with 6 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

12
PhD/research_proposal/conclusion.tex
View file

@ -2,16 +2,16 @@
The problem of leveraging power side-channel analysis to defend embedded systems presents unique capabilities. The problem of leveraging power side-channel analysis to defend embedded systems presents unique capabilities.
Contrary to current common \glspl{ids} techniques, physics-based security is not built on purpose-made actionable data. Contrary to current common \glspl{ids} techniques, physics-based security is not built on purpose-made actionable data.
The very nature of the input information sets this technique aside. The very nature of the input information sets this technique aside.
Power consumption is closely related to instruction execution and makes it a good proxy variable for machine activity. Power consumption is closely related to instruction execution, making it a good proxy variable for machine activity.
Moreover, power is easy and cheap to measure reliably at a high sampling rate, enabling analysis of any machine consuming electricity. Moreover, power is easy and cheap to measure reliably at a high sampling rate, enabling analysis of any machine consuming electricity.
Finally, a sequence of instructions is generally related to a unique power consumption pattern. Finally, a sequence of instructions is generally related to a unique power consumption pattern.
This \textit{one-to-one} relationship allows us to consider the power consumption as a signature for software of machine activity. This \textit{one-to-one} relationship allows us to consider the power consumption as a signature for software of machine activity.
However, power consumption is not an actionable information. However, power consumption is not an actionable information.
Little can be extracted from the raw time series format about the machine's activity or integrity. Little can be extracted from the raw time series format about the machine's activity or integrity.
To enable further analysis, a set of algorithms is required for both runtime online analysis and offline monitoring of specific activity. To enable further analysis, a set of algorithms is required for both runtime online analysis and offline monitoring of specific activity.
The full range of capabilities remains to be discovered. The full range of capabilities remains to be discovered.
Successful runtime monitoring enables the detection of activity policy violations, anomalous activity detection, machine failure detection or distributed attacks. Successful runtime monitoring enables the detection of activity policy violations, anomalous activity detection, machine failure detection or distributed attacks.
On the other hand, pre-OS monitoring enables the detection of boot process violation at a level where common \glspl{ids} are not enabled yet. Pre-OS monitoring enables the detection of boot process violation at a level where common \glspl{hids} are not enabled yet and \glspl{nids} are blind.
These are just some of the possible applications of this technology, with many more to discovered. Developing robust and practical time series analysis techniques for the specific application of activity recognition from machine's power consumption would enable the exploration of all these applications.
Among all the many possible directions, this proposal presents the problems of activity recognition as the main stepping stone in the development of physics-based \glspl{ids}.