grizzly/deneir
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add alternative section and complementary projects section

Browse source
This commit is contained in:
Arthur Grisel-Davy 2023-06-21 10:47:47 -04:00
parent 1726a3fd8f
commit 8dd98b0b9c
3 changed files with 81 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

43
PhD/research_proposal/timetable.tex
View file

@ -31,12 +31,49 @@ This term will also be dedicated to beginning the design of the multi-source sin
For this third system, the capture system is already available.
The workload is mainly centred on the design of the processing algorithm.
\section{Complementary Projects}
Although it is difficult to plan work after one year, there are some complementary projects that I intend on exploring.
\textbf{Cover Channel:}
Some work in the litterature explored potential of power consumption as a covert channel.
This application is complementary with the defense work I am focusing on in this thesis.
As an attacker trying to exfiltrate information from a machine, understanding the method from generating meaningfull power consumption patterns is crucial.
This work provide insights on how different applications generate specific consumption patterns.
A 1b/s covert channel already successfully extracted a private ECDSA SSH key through AC/DC transformers with an MSSM setup.
I intend on improving the capabilities of this covert channel as a complementary project for this thesis.
\textbf{Specific Activities Detection:}
Some users activities carry so much potential threats that detecting them quickly is interesting.
For example, plugging in a USB device is an entry point for many attacks \cite{cannoles2017hacking, NISSIM2017675, su2017usb}.
Fortunately, USB devices have a direct impact on the power consumption of a machine as they draw their power from the host.
Detecting this specific event enable the collection of trusted logs usefull for forensics or log verification tasks.
The current work on this problem is exploring signal processing methods to build a reliable detector with the least false positive rate while still detecting all USB events.
This problem is complementary to the more general pattern detection problem that this thesis explores as a reduction to practice that, once again, provide a better understanding of the variety of patterns present in a power consumption trace.
\section{Alternative Courses of Action}
Pandemic: continue from my home (already did before)
Many unforseen event can disturb a a research plan on multiple years.
Although it is not possible to plan an alternative course of action for each case, here are some ways to continue this thesis under different conditions.
SSMM and MSSM fails, focuse on improving SSSM
\textbf{Pandemic or Global Lockdown Situation:}
The recent years reminded us that a global lockdown can become a necessity in a matter of months.
Without access to the university, the xork of this thesis remain possible.
Thanks to the great work of all the people at Palitronica Inc. the capture system is deployable anywhere with an internet connection.
Many experiment were already performed outside of the lab and it is even possible to store data on premise for complete offline work.
I already experienced this situation in 2020 when the university closed and I continued the work at home with some lab equipement.
The xPSU project was entirely developped off-campus.
Find other
\textbf{Unconvincing Results:}
The first results of the SSSM problem are encouraging for the eploration of MSSM and SSMM problems.
However, some unforeseen discovery could force to reevaluate the potential of this technology.
As presented before, there is plenty of alternative routes to explore for physics-based \gls{ids}.
First, there is room for improving the performances of the SSSM detector.
A better accuracy, a greater number of states, a lower training requirement or higher time-efficiency are all valuable improvements to pursue.
Second, the range of machines that can benefit from this technology is wide.
Experimentations with different machines for different use-cases can reveal unknown specific challenges.
Finally, complementary projects such as the xPSU, the covert channel, or the specific activities detectors are all interesting projects that would undoubtebly reveal new problems to explore.
%There is no lack of interesting problems to study in the field of physics-based cyber-security.
\section{Publication Goals}
Find conferences/journals to aim for publishing.