From d45ba851ff88ac1b247d9b09b2c0d1ee6c295bf7 Mon Sep 17 00:00:00 2001 From: Arthur Grisel-Davy Date: Sun, 5 May 2024 23:16:04 -0400 Subject: [PATCH] sync CPI scholarship application --- scolarship_CPI/research.typ | 38 +++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 scolarship_CPI/research.typ diff --git a/scolarship_CPI/research.typ b/scolarship_CPI/research.typ new file mode 100644 index 0000000..c5d17bb --- /dev/null +++ b/scolarship_CPI/research.typ @@ -0,0 +1,38 @@ +#import "@preview/acrostiche:0.3.0": * + +#set page("us-letter", + header: [ + #set text(8pt) + #smallcaps[Arthur Grisel-Davy] + #h(1fr) _CPI Scholarship Application_ + ], + +) + +#init-acronyms(( + "IDS": ("Intrusion Detection System"), +)) + +#let cn = {text(fill:purple, weight:"bold")[#smallcaps[\[citation needed\]]]} + +#set par( + first-line-indent: 1em, + justify: true, +) + +#text(weight: "bold", size: 2em)[Areas of Research] +#v(0pt) +#line(length:100%, stroke: 2pt) + +My research projects, as a Ph.D. student, all revolve around the concepts of enforcing security policies or detecting abnormal behavior using the power consumption of an embedded system. +The power consumption, like other side-channel emmissions --- noise, temperature, or timing information for example---, are, from a computation point of view, a necessary but useless by-product that the machine has to deal with. +However, for a few decades now, researchers and have found ways to leverage these seemingly useless information channels to extract insights about the machine states and activities. +Although primalarily leveraging these information to design attacks, the research on side-channel analysis also proposes to consider them as a source of information to power defense mechanismes with their own intrisec characteristics. +These mechanisms require the use or developement of processing algorithm to overcome the non-actionable nature of raw time series and extract the information embedded in the collected data. +My projects focuses on exploring the applicability of side-channel (or physics-based) #acr("IDS") through the developement of processing algorithms and decision models. + += Boot Process Verification +The boot sequence of a machine is a critical state for the machine security. +The bootloader and firmware that executes during this sequence controles the lowest level of software that sets important security parameter. +Moreover, this is a particularily vulnerable sequence as no host-based #acr("IDS") is running. +There are hardware-based mechanisms, often leveraging cryptographic sugnatures, that strive to prevent firmware tampering, but studies illustrated the possibility to bypass them #cn.