grizzly/deneir
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update

Browse source
This commit is contained in:
Arthur Grisel-Davy 2023-07-18 13:40:37 -04:00
parent 5f2cb74c7b
commit 941650e6be
1 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
DSD/qrs/main.tex
View file

@ -51,8 +51,9 @@ Side channel analysis offers several advantages over traditional machine monitor
The low intrusiveness, independence with the host, data reliability and difficulty to bypass are compelling arguments for using involuntary emissions as input for security policies. The low intrusiveness, independence with the host, data reliability and difficulty to bypass are compelling arguments for using involuntary emissions as input for security policies.
However, side-channel information often comes in the form of unlabeled time series representing a proxy variable of the activity. However, side-channel information often comes in the form of unlabeled time series representing a proxy variable of the activity.
Enabling the definition and enforcement of high-level security policies requires extracting the state or activity of the system. Enabling the definition and enforcement of high-level security policies requires extracting the state or activity of the system.
We present in this paper a novel time series, one-shot classifier called \gls{mad} specifically designed and evaluated for side-channel analysis. We present in this paper a novel time series, one-shot classifier called Machine Activity Detector (MAD) specifically designed and evaluated for side-channel analysis.
\gls{mad} outperforms other traditional state detection solutions in terms of accuracy and, as importantly, Levenshtein distance of the state sequence. We evaluate MAD in two case studies on a variety of machines and datasets where it outperforms other traditional state detection solutions.
Results of state detection with MAD enable the definition and verification of high-level security rules to detect various attacks without any interaction with the monitored machine.
\end{abstract} \end{abstract}
%\IEEEoverridecommandlockouts %\IEEEoverridecommandlockouts
%\vspace{1.5ex} %\vspace{1.5ex}