first round clemence comments

PhD/research_proposal/conclusion.tex

@@ -1,6 +1,6 @@
 \chapter{Conclusion}
 The problem of leveraging power side-channel analysis to defend embedded systems presents unique capabilities.
-Contrary to current common \gls{ids} techniques, physics-based security is not built on purpose-made actionable data.
+Contrary to current common \glspl{ids} techniques, physics-based security is not built on purpose-made actionable data.
 The very nature of the input information sets this technique aside.
 Power consumption is closely related to instruction execution and makes it a good proxy variable for machine activity.
 Moreover, power is easy and cheap to measure reliably at a high sampling rate, enabling analysis of any machine consuming electricity.
@@ -11,7 +11,7 @@ Little can be extracted from the raw time series format about the machine's acti
 To enable further analysis, a set of algorithms is required for both runtime online analysis and offline monitoring of specific activity.
 The full range of capabilities remains to be discovered.
 Successful runtime monitoring enables the detection of activity policy violations, anomalous activity detection, machine failure detection or distributed attacks.
-On the other hand, pre-OS monitoring enables the detection of boot process violation at a level where common \gls{ids} are not enabled yet.
+On the other hand, pre-OS monitoring enables the detection of boot process violation at a level where common \glspl{ids} are not enabled yet.
 These are just some of the possible applications of this technology, with many more to be discovered.
 
 This proposal presents some problems to study that enable the development of physics-based security.

PhD/research_proposal/frontpages.tex

@@ -116,10 +116,10 @@ This design makes the result of the detection trustworthy only when the target i
 This observation leads to the conclusion that we cannot entrust machines to assess their own integrity.
 To remain trustworthy, the IDS must be independent of the target and require no cooperation to perform the detection.
 The main challenge with such a system is collecting relevant data.
-The main example of such a system are Network-based IDS (NIDS).
-NIDS exhibit complete independence, but their input data --- network communication from the machine --- is only relevant for a small subset of attacks.
+The main example of such a system are Network-based IDSs (NIDSs).
+NIDSs exhibit complete independence, but their input data --- network communication from the machine --- is only relevant for a small subset of attacks.
                                                                                                                                         
-This proposal describe another family of IDSs called physics-based IDS that leverages side-channel information.
+This proposal describes another family of IDSs called physics-based IDS --- also called side-channel-based IDS --- that leverages side-channel information.
 Side-channel information is a perfect candidate for intrusion detection as it is, by definition, an involuntary emission from the target.
 Collecting side-channel information requires no communication with the machine to protect.
 Moreover, if chosen adequately, side-channel information can provide insight into all activities performed by the machine.

PhD/research_proposal/pastwork.tex

@@ -13,7 +13,7 @@ As powerful as computers can be, their computing power remains useless if they a
 Communication is as essential as computing power in a data centre with hundreds of machines.
 The failure of a network switch can have devastating consequences for the data centre operations.
 Every minute of downtime costs the data centre and its clients a fortune and must be prevented.
-\gls{hids} are often not a perfect solution for network switches.
+\glspl{hids} are often not a perfect solution for network switches.
 Their \gls{os} typically do not support additional software installation and may not propose built-in \gls{ids} capabilities.
 When they do, the security solutions may be weak or rapidly out of date and fail to protect against attacks such as firmware modification~\cite{cisco_trust,thomson_2019} and bypassing secure boot-up~\cite{Cui2013WhenFM, hau_2015}.
 They also fail to offer effective runtime monitoring through auditing and verifying log entries~\cite{koch2010security}.
@@ -21,7 +21,7 @@ They also fail to offer effective runtime monitoring through auditing and verify
 For these reasons, network switches are prime candidates for side-channel security.
 Installing a side-channel monitoring system is often minimally invasive and can even be performed without downtime if the machine supports redundant power supplies.
 The project aimed to leverage side-channel analysis to detect anomalous activities that can be related to attacks on a network switch.
-The goal is not to create a complete \gls{ids} suite from physics-based security but to offer a complementary detection mechanism for the cases where traditional \gls{ids} fail.
+The goal is not to create a complete \gls{ids} suite from physics-based security but to offer a complementary detection mechanism for the cases where traditional \glspl{ids} fail.
 
 
 \subsection{Attack Scenario}
@@ -105,7 +105,7 @@ All these methods yield good results for the detection of abnormal firmware.
     \label{fig:eet1_firmware}
 \end{figure}
 
-This first exploration of the capabilities of physics-based \gls{ids} lead to the publication of an article \cite{eet1_mlcs} at the workshop on Machine Learning for Cyber Security at the ECML-PKDD conference.
+This first exploration of the capabilities of physics-based \glspl{ids} lead to the publication of an article \cite{eet1_mlcs} at the workshop on Machine Learning for Cyber Security at the ECML-PKDD conference.
 
 \newpage
 \section{xPSU}\label{sec:xpsu}
@@ -120,8 +120,7 @@ The capture mechanism consisted of a shunt resistor for generating the voltage d
 The xPSU system measures and analyses the power consumption without communicating with the host device to ensure independence.
 The xPSU was an early proof of concept, and all the components could not fit in the \gls{psu}.
 The fan of the \gls{psu} was moved outside of the enclosure, modifying the form factor of the \gls{psu}.
-For this reason, the xPSU was not a perfect \textit{drop-in} replacement of a regular power supply, but the final form factor was encouraging.
-A more compact form factor is possible with a better design of the capture system and a more appropriate choice of components.
+For this reason, the xPSU was not a perfect \textit{drop-in} replacement of a regular power supply, but the final form factor was encouraging. A more compact form factor is possible with a better design of the capture system and a more appropriate choice of components.
 
 \begin{figure}
     \centering

PhD/research_proposal/timetable.tex

@@ -4,8 +4,8 @@ Each of these three parts has its own specificities and challenges that call for
 
 \section{Fall 2023}
 This term will have a dual goal.
-On one hand, finishing the \gls{dsd} paper and submitting it to a conference.
-On the other, start working on the single-source multi-measure capture system.
+On one hand, several articles compiling the initial results from the first two years of work will be presented at different conferences.
+On the other, the design and capture for the single-source multi-measure problem will begin.
 The current capture system is composed of a box placed in series with the machine to monitor.
 This system is reliable and serves its purpose perfectly, but it is not possible to fit in a more constrained space or able to measure multiple consumptions at once.
 The single-source multi-measure system aims for integration in the machine with minimal modification to allow for easy \textit{drop-in} installation.
@@ -13,7 +13,7 @@ The goal could be a computer's \gls{psu} or an external box with multiple measur
 In any case, the design and prototyping of this new measurement system is an important part of the single-source multi-measure system.
 
 \section{Winter 2024}
-Fall 2023 will be dedicated to designing and evaluating the single-source multi-measure system.
+Winter 2024 will be dedicated to designing and evaluating the single-source multi-measure system.
 This work's challenge is enabling the processing of multi-variate time series to yield better results.
 The system's performances will be put in perspective with the capabilities of the DSD (single-source single-measure).
 A series of experiments will also provide a complementary evaluation of the performances of these new techniques.
@@ -60,7 +60,7 @@ The xPSU project was entirely developed off-campus.
 \textbf{Unconvincing Results:}
 The first results of the SSSM problem are encouraging for the exploration of MSSM and SSMM problems.
 However, some unforeseen discoveries could force us to reevaluate the potential of this technology.
-As presented before, there are plenty of alternative routes to explore for physics-based \gls{ids}.
+As presented before, there are plenty of alternative routes to explore for physics-based \glspl{ids}.
 First, there is room for improving the performance of the SSSM detector.
 A better accuracy, a greater number of states, a lower training requirement or higher time efficiency, are all valuable improvements to pursue.
 Second, the range of machines that can benefit from this technology is wide.
@@ -80,6 +80,6 @@ From the current work, multiple articles have been submitted for publication.
 To complete the findings of this first paper, more experiments were conducted on a wider variety of machines and exploring diverse optimization techniques.
         A workshop paper compiling these new findings was accepted for QRS 2023 \cite{bpv_qrs}.
 
-    \item Also accepter for QRS 2023, an article about \gls{dsd} details the capabilities of the method to detect cybersecurity policies violation \cite{dsd_qrs}.
+    \item Also accepted for QRS 2023, an article about \gls{dsd} details the capabilities of the method to detect cybersecurity policies violation \cite{dsd_qrs}.
 \end{itemize}