diff --git a/EET1/MLCS_conference/presentation.tex b/EET1/MLCS_conference/presentation.tex index a66b05b..ce95dfc 100644 --- a/EET1/MLCS_conference/presentation.tex +++ b/EET1/MLCS_conference/presentation.tex @@ -21,6 +21,8 @@ \author{Arthur Grisel-Davy} \institute{University of Waterloo, Canada} +\renewcommand{\thempfootnote}{\ifcase\value{mpfootnote}\or\textasteriskcentered\or\textdagger\or\textdaggerdbl\fi} + \begin{document} \maketitle @@ -55,49 +57,49 @@ \end{frame} \begin{frame}{Threat Model} - \only<1>{\begin{tcolorbox}[colback=yellow!5!white,colframe=yellow!50!black, - colbacktitle=yellow!75!black,title=Firmware Manipulation] + \only<1>{\begin{tcolorbox}[colback=orange!5!white,colframe=orange!50!black, + colbacktitle=orange!75!black,title=Firmware Manipulation] Change settings, upgrade/downgrade firmware, Replace firmware. \tcblower Machine takeover, Advanced Persistent Threats. - \end{tcolorbox} + \end{tcolorbox} - \begin{tcolorbox}[colback=yellow!75!black,colframe=yellow!50!black, coltext=white] + \begin{tcolorbox}[colback=orange!75!black,colframe=orange!50!black, coltext=white] Runtime Monitoring \end{tcolorbox} - \begin{tcolorbox}[colback=yellow!75!black,colframe=yellow!50!black, coltext=white] + \begin{tcolorbox}[colback=orange!75!black,colframe=orange!50!black, coltext=white] Hardware Tampering \end{tcolorbox} } \only<2>{ - \begin{tcolorbox}[colback=yellow!75!black,colframe=yellow!50!black, coltext=white] + \begin{tcolorbox}[colback=orange!75!black,colframe=orange!50!black, coltext=white] Firmware Manipulation \end{tcolorbox} - \begin{tcolorbox}[colback=yellow!5!white,colframe=yellow!50!black, - colbacktitle=yellow!75!black,title=Runtime Monitoring] + \begin{tcolorbox}[colback=orange!5!white,colframe=orange!50!black, + colbacktitle=orange!75!black,title=Runtime Monitoring] Log tampering, login (brute force/dictionary) attacks. \tcblower Intrusion, Covert operations. \end{tcolorbox} - \begin{tcolorbox}[colback=yellow!75!black,colframe=yellow!50!black, coltext=white] + \begin{tcolorbox}[colback=orange!75!black,colframe=orange!50!black, coltext=white] Runtim Monitoring \end{tcolorbox} } \only<3>{ - \begin{tcolorbox}[colback=yellow!75!black,colframe=yellow!50!black, coltext=white] + \begin{tcolorbox}[colback=orange!75!black,colframe=orange!50!black, coltext=white] Firmware Manipulation \end{tcolorbox} - \begin{tcolorbox}[colback=yellow!75!black,colframe=yellow!50!black, coltext=white] + \begin{tcolorbox}[colback=orange!75!black,colframe=orange!50!black, coltext=white] Runtim Monitoring \end{tcolorbox} - \begin{tcolorbox}[colback=yellow!5!white,colframe=yellow!50!black, - colbacktitle=yellow!75!black,title=Hardware Tampering] + \begin{tcolorbox}[colback=orange!5!white,colframe=orange!50!black, + colbacktitle=orange!75!black,title=Hardware Tampering] Installation/removal of peripherals. \tcblower MAC Flooding attacks. @@ -232,7 +234,7 @@ Experiment 1: Detecting SSH Login Attempts \begin{center} \begin{tabular}{ccccc} \toprule - \textbf{Input Data} & \textbf{Model} & \textbf{Accuracy} & \textbf{Recall}\tabularnewline + \textbf{Input Data} & \textbf{Model} & \textbf{Accuracy} & \textbf{Recall}\tabularnewline \midrule DC & SVM & \numprint[\%]{100} & \numprint[\%]{100}\tabularnewline DC & KNN & \numprint[\%]{100} & \numprint[\%]{100}\tabularnewline @@ -246,6 +248,26 @@ Experiment 1: Detecting SSH Login Attempts \end{frame} \begin{frame}{Conclusion} + \only<1>{ + \begin{tcolorbox}[colback=orange!5!white,colframe=orange!50!black, + colbacktitle=orange!75!black,title=Advantages of Physics-Based IDS] + \begin{itemize} + \item Host-independance + \item Trustworthy input data + \item + \end{itemize} + \end{tcolorbox} + + \begin{tcolorbox}[colback=orange!5!white,colframe=orange!50!black, + colbacktitle=orange!75!black,title=Capabilities] + \begin{itemize} + \item Boot Process Assessement \footnote{Work-in-Progress: Boot Sequence Integrity Verification with Power Analysis, EMSOFT 22}. + + \item Run-time Monitoring / Log Verification. + \item Hardware Tampering Detection. + \end{itemize} + \end{tcolorbox} + } \end{frame} \end{document}