@INPROCEEDINGS{7163050, author={F. {Liu} and Y. {Yarom} and Q. {Ge} and G. {Heiser} and R. B. {Lee}}, booktitle={2015 IEEE Symposium on Security and Privacy}, title={Last-Level Cache Side-Channel Attacks are Practical}, year={2015}, volume={}, number={}, pages={605-622}, keywords={cache storage;cloud computing;security of data;virtual machines;last-level cache side-channel attacks;Prime+Probe side-channel attack;covert channel;cross-core attack;cross-VM attack;GnuPG;virtual machine monitor;IaaS cloud computing;Probes;Indexes;Multicore processing;Monitoring;Cryptography;Virtual machine monitors;Memory management;side-channel attack;cross-VM side channel;covert channel;last-level cache;ElGamal}, doi={10.1109/SP.2015.43}, ISSN={2375-1207}, month={May},} @inproceedings{10.1145/2976749.2978299, author = {Liu, Yannan and Wei, Lingxiao and Zhou, Zhe and Zhang, Kehuan and Xu, Wenyuan and Xu, Qiang}, title = {On Code Execution Tracking via Power Side-Channel}, year = {2016}, isbn = {9781450341394}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/2976749.2978299}, doi = {10.1145/2976749.2978299}, booktitle = {Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security}, pages = {1019–1031}, numpages = {13}, keywords = {embedded system, hardware security, power side-channel, code execution tracking}, location = {Vienna, Austria}, series = {CCS ’16} } @Article{Moreno2018, author="Moreno, Carlos and Fischmeister, Sebastian", title="Non-intrusive runtime monitoring through power consumption to enforce safety and security properties in embedded systems", journal="Formal Methods in System Design", year="2018", month="Aug", day="01", volume="53", number="1", pages="113--137", issn="1572-8102", doi="10.1007/s10703-017-0298-3", url="https://doi.org/10.1007/s10703-017-0298-3" } @inproceedings {cisco_trust, author = {Jatin Kataria and Rick Housley and Joseph Pantoga and Ang Cui}, title = {Defeating Cisco Trust Anchor: A Case-Study of Recent Advancements in Direct {FPGA} Bitstream Manipulation}, booktitle = {13th {USENIX} Workshop on Offensive Technologies ({WOOT} 19)}, year = {2019}, address = {Santa Clara, CA}, url = {https://www.usenix.org/conference/woot19/presentation/kataria}, publisher = {{USENIX} Association}, month = aug } @inproceedings{Cui2013WhenFM, title={When Firmware Modifications Attack: A Case Study of Embedded Exploitation}, author={Ang Cui and Michael Costello and Salvatore J. Stolfo}, booktitle={NDSS}, url={http://ids.cs.columbia.edu/sites/default/files/ndss-2013.pdf}, year={2013} } @misc{thomson_2019, title={It's 2019 so now security vulnerabilities are branded using emojis: Meet Thrangrycat, a Cisco router secure boot flaw}, url={https://www.theregister.co.uk/2019/05/13/cisco_thrangrycat_vulnerability/}, journal={The Register}, publisher={The Register}, author={Thomson, Iain}, year={2019}, month={May} } @misc{hau_2015, title="{SYNful Knock -- A Cisco router implant -- Part I}", url = {https://www.fireeye.com/blog/threat-research/2015/09/synful_knock_-_acis.html}, publisher={FireEye}, author={Hau, Bill}, year={2015}, month={Sep} } @InProceedings{10.1007/3-540-36400-5_4, author="Agrawal, Dakshi and Archambeault, Bruce and Rao, Josyula R. and Rohatgi, Pankaj", editor="Kaliski, Burton S. and Ko{\c{c}}, {\c{c}}etin K. and Paar, Christof", title="The EM Side---Channel(s)", booktitle="Cryptographic Hardware and Embedded Systems - CHES 2002", year="2003", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="29--45", } @article{printers, title = {Acoustic Side-Channel Attacks on Printers}, author = {Michael Backes, Markus Dürmuth, Sebastian Gerling, Manfred Pinkal, Caroline Sporleder}, year = {2010}, publisher = {https://www.usenix.org/legacy/event/sec10/tech/full_papers/Backes.pdf}, } @article{10.1145/1609956.1609959, author = {Zhuang, Li and Zhou, Feng and Tygar, J. D.}, title = {Keyboard Acoustic Emanations Revisited}, year = {2009}, issue_date = {October 2009}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, volume = {13}, number = {1}, issn = {1094-9224}, url = {https://doi.org/10.1145/1609956.1609959}, doi = {10.1145/1609956.1609959}, journal = {ACM Trans. Inf. Syst. Secur.}, month = nov, articleno = {Article 3}, numpages = {26}, keywords = {privacy, cepstrum, learning theory, signal analysis, acoustic manations, Computer security, HMM, human factors, keyboards, hidden markov models, electronic eavesdropping} } @InProceedings{10.1007/3-540-68697-5_9, author="Kocher, Paul C.", editor="Koblitz, Neal", title="Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems", booktitle="Advances in Cryptology --- CRYPTO '96", year="1996", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="104--113", } @article{osti_1372902, title = {{United States} Data Center Energy Usage Report}, author = {Shehabi, Arman and Smith, Sarah and Sartor, Dale and Brown, Richard and Herrlin, Magnus and Koomey, Jonathan and Masanet, Eric and Horner, Nathaniel and Azevedo, Inês and Lintner, William}, doi = {10.2172/1372902}, place = {United States}, year = {2016}, month = {6} } @ARTICLE{6848725, author={K. {Bilal} and S. U. R. {Malik} and S. U. {Khan} and A. Y. {Zomaya}}, journal={IEEE Cloud Computing}, title={Trends and challenges in cloud datacenters}, year={2014}, volume={1}, number={1}, pages={10-20}, keywords={cloud computing;computer centres;quality of service;virtualisation;reliability;cloud DCs;quality of service;cloud computing paradigm;virtualization technology;next-generation data centers;cloud data centers;Computer architecture;Cloud computing;Data centers;Bandwidth allocation;Next generation networking;Virtualization;Resource allocation;cloud;cloud computing;cloud data center;thermal awareness;resource utilization;resources consolidation techniques;virtualization}, doi={10.1109/MCC.2014.26}, ISSN={2372-2568}, month={May},} @article{VINCENT201577, title = "Trojan Detection and Side-channel Analyses for Cyber-security in Cyber-physical Manufacturing Systems", journal = "Procedia Manufacturing", volume = "1", pages = "77 - 85", year = "2015", note = "43rd North American Manufacturing Research Conference, NAMRC 43, 8-12 June 2015, UNC Charlotte, North Carolina, United States", issn = "2351-9789", doi = "https://doi.org/10.1016/j.promfg.2015.09.065", url = "http://www.sciencedirect.com/science/article/pii/S2351978915010653", author = "Hannah Vincent and Lee Wells and Pablo Tarazaga and Jaime Camelio", keywords = "Cyber-Attack detection, Cyber-Physical manufacturing systems, Quality control, Side-Channel analyses, Structural Health Monitoring, Trojans", } @inproceedings{quisquater2001electromagnetic, title={Electromagnetic analysis (ema): Measures and counter-measures for smart cards}, author={Quisquater, Jean-Jacques and Samyde, David}, booktitle={International Conference on Research in Smart Cards}, pages={200--210}, year={2001}, organization={Springer} } @inproceedings{fuller2018exploiting, title={Exploiting side-channel emissions to detect changes in FPGA firmware}, author={Fuller, Ryan M and Riley, Ronald A and Graham, James T}, booktitle={Cyber Sensing 2018}, volume={10630}, pages={106300A}, year={2018}, organization={International Society for Optics and Photonics} } @ARTICLE{1456237, author={R. E. {Crochiere} and L. R. {Rabiner}}, journal={Proceedings of the IEEE}, title={Interpolation and decimation of digital signals—A tutorial review}, year={1981}, volume={69}, number={3}, pages={300-331},} @article{hospodar2011machine, title={Machine learning in side-channel analysis: a first study}, author={Hospodar, Gabriel and Gierlichs, Benedikt and De Mulder, Elke and Verbauwhede, Ingrid and Vandewalle, Joos}, journal={Journal of Cryptographic Engineering}, volume={1}, number={4}, pages={293}, year={2011}, publisher={Springer} } @inproceedings{moreno2016non, title={Non-intrusive runtime monitoring through power consumption: a signals and system analysis approach to reconstruct the trace}, author={Moreno, Carlos and Fischmeister, Sebastian}, booktitle={International Conference on Runtime Verification}, pages={268--284}, year={2016}, organization={Springer} } @book{mangard2008power, title={Power analysis attacks: Revealing the secrets of smart cards}, author={Mangard, Stefan and Oswald, Elisabeth and Popp, Thomas}, volume={31}, year={2008}, publisher={Springer Science \& Business Media} } @inproceedings{kocher1996timing, title={Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems}, author={Kocher, Paul C}, booktitle={Annual International Cryptology Conference}, pages={104--113}, year={1996}, organization={Springer} } @article{goldack2008side, title={Side-channel based reverse engineering for microcontrollers}, author={Goldack, Martin and Paar, Ing Christof}, journal={Master's thesis, Ruhr-Universit{\"a}t Bochum, Germany}, year={2008} } @article{khan2019malware, title={Malware Detection in Embedded Systems Using Neural Network Model for Electromagnetic Side-Channel Signals}, author={Khan, Haider Adnan and Sehatbakhsh, Nader and Nguyen, Luong N and Prvulovic, Milos and Zaji{\'c}, Alenka}, journal={Journal of Hardware and Systems Security}, volume={3}, number={4}, pages={305--318}, year={2019}, publisher={Springer} } @incollection{eisenbarth2010building, title={Building a side channel based disassembler}, author={Eisenbarth, Thomas and Paar, Christof and Weghenkel, Bj{\"o}rn}, booktitle={Transactions on Computational Science X}, pages={78--99}, year={2010}, publisher={Springer} } @inproceedings{kocher1999differential, title={Differential power analysis}, author={Kocher, Paul and Jaffe, Joshua and Jun, Benjamin}, booktitle={Annual International Cryptology Conference}, pages={388--397}, year={1999}, organization={Springer} } @inproceedings{picek2017climbing, title={Climbing down the hierarchy: hierarchical classification for machine learning side-channel attacks}, author={Picek, Stjepan and Heuser, Annelie and Jovic, Alan and Legay, Axel}, booktitle={International Conference on Cryptology in Africa}, pages={61--78}, year={2017}, organization={Springer} } @inproceedings{picek2018performance, title={On the performance of convolutional neural networks for side-channel analysis}, author={Picek, Stjepan and Samiotis, Ioannis Petros and Kim, Jaehun and Heuser, Annelie and Bhasin, Shivam and Legay, Axel}, booktitle={International Conference on Security, Privacy, and Applied Cryptography Engineering}, pages={157--176}, year={2018}, organization={Springer} } @article{picek2019theory, title={When theory meets practice: A framework for robust profiled side-channel analysis}, author={Picek, Stjepan and Heuser, Annelie and Alippi, Cesare and Regazzoni, Francesco}, year={2019} } @inproceedings{brier2004correlation, title={Correlation power analysis with a leakage model}, author={Brier, Eric and Clavier, Christophe and Olivier, Francis}, booktitle={International Workshop on Cryptographic Hardware and Embedded Systems}, pages={16--29}, year={2004}, organization={Springer} } @inproceedings{shumov2010side, title={Side channel leakage profiling in software}, author={Shumov, D and Montgomery, Peter L}, booktitle={COSADE 2010}, year={2010}, organization={Citeseer} } @inproceedings{blanco2017framework, title={A framework for acquiring and analyzing traces from cryptographic devices}, author={Blanco, Alfonso Blanco and de Fuentes, Jose Mar{\'\i}a and Gonz{\'a}lez-Manzano, Lorena and Encinas, Luis Hern{\'a}ndez and Mu{\~n}oz, Agust{\'\i}n Mart{\'\i}n and Oliva, Jos{\'e} Luis Rodrigo and Garc{\'\i}a, J Ignacio S{\'a}nchez}, booktitle={International Conference on Security and Privacy in Communication Systems}, pages={283--300}, year={2017}, organization={Springer} } @misc{NationalInstrumentsHIL, author = {National Instruments}, title = {{Hardware In The Loop Test System}}, howpublished = "\url{https://www.ni.com/en-ca/innovations/white-papers/09/hardware-in-the-loop--hil--test-system-architectures.html#section--650933511}" } @misc{DSpace, author = {DSpace}, title = {{Hardware In The Loop Test System}}, howpublished = "\url{https://www.dspace.com/shared/data/pdf/2019/dSPACE-Hardware-in-the-Loop-Systems_Business-field-brochure_01-2019_English.pdf}" } @misc{Labview, author = {National Instruments}, title = {{LabVIEW DAQ}}, howpublished = "\url{https://www.ni.com/academic/students/learn-daq/}" } % Impact of human error: @article{BARCHARD20131917, title = "Improving data accuracy: Selecting the best data checking technique", journal = "Computers in Human Behavior", volume = "29", number = "5", pages = "1917 - 1922", year = "2013", issn = "0747-5632", doi = "https://doi.org/10.1016/j.chb.2013.02.021", url = "http://www.sciencedirect.com/science/article/pii/S0747563213000873", author = "Kimberly A. Barchard and Yevgeniya Verenikina", keywords = "Data checking, Double entry, Read aloud, Visual checking", } @article{BARCHARD20111834, title = "Preventing human error: The impact of data entry methods on data accuracy and statistical results", journal = "Computers in Human Behavior", volume = "27", number = "5", pages = "1834 - 1839", year = "2011", note = "2009 Fifth International Conference on Intelligent Computing", issn = "0747-5632", doi = "https://doi.org/10.1016/j.chb.2011.04.004", url = "http://www.sciencedirect.com/science/article/pii/S0747563211000707", author = "Kimberly A. Barchard and Larry A. Pace", keywords = "Data entry, Double entry, Visual checking, Outliers, Data cleaning", } @article{kozak2015, author = {Marcin Kozak and Wojtek Krzanowski and Izabela Cichocka and James Hartley}, title = {The effects of data input errors on subsequent statistical inference}, journal = {Journal of Applied Statistics}, volume = {42}, number = {9}, pages = {2030-2037}, year = {2015}, publisher = {Taylor & Francis}, doi = {10.1080/02664763.2015.1016410}, URL = {https://doi.org/10.1080/02664763.2015.1016410}, eprint = {https://doi.org/10.1080/02664763.2015.1016410} } @article{tu2015, author = {Tu, Huawei and Oladimeji, Patrick and Wiseman, Sarah and Thimbleby, Harold and Cairns, Paul and Niezen, Gerrit}, title = "{Employing Number-Based Graphical Representations to Enhance the Effects of Visual Check on Entry Error Detection}", journal = {Interacting with Computers}, volume = {28}, number = {2}, pages = {194-207}, year = {2015}, month = {07}, issn = {0953-5438}, doi = {10.1093/iwc/iwv020}, url = {https://doi.org/10.1093/iwc/iwv020}, eprint = {https://academic.oup.com/iwc/article-pdf/28/2/194/6956430/iwv020.pdf}, } @article{patel2011impact, title={Impact of outlier removal and normalization approach in modified k-means clustering algorithm}, author={Patel, Vaishali R and Mehta, Rupa G}, journal={International Journal of Computer Science Issues (IJCSI)}, volume={8}, number={5}, pages={331}, year={2011}, publisher={Citeseer} } @inproceedings{koch2010security, title={{Security system for encrypted environments (S2E2)}}, author={Koch, Robert and Rodosek, Gabi Dreo}, booktitle={International Workshop on Recent Advances in Intrusion Detection}, pages={505--507}, year={2010}, organization={Springer} } @inproceedings{moreno2016non, title={Non-intrusive runtime monitoring through power consumption: a signals and system analysis approach to reconstruct the trace}, author={Moreno, Carlos and Fischmeister, Sebastian}, booktitle={International Conference on Runtime Verification}, pages={268--284}, year={2016}, organization={Springer} } @article{VINCENT201577, title = "Trojan Detection and Side-channel Analyses for Cyber-security in Cyber-physical Manufacturing Systems", journal = "Procedia Manufacturing", volume = "1", pages = "77 - 85", year = "2015", note = "43rd North American Manufacturing Research Conference, NAMRC 43, 8-12 June 2015, UNC Charlotte, North Carolina, United States", issn = "2351-9789", doi = "https://doi.org/10.1016/j.promfg.2015.09.065", url = "http://www.sciencedirect.com/science/article/pii/S2351978915010653", author = "Hannah Vincent and Lee Wells and Pablo Tarazaga and Jaime Camelio", keywords = "Cyber-Attack detection, Cyber-Physical manufacturing systems, Quality control, Side-Channel analyses, Structural Health Monitoring, Trojans", } @inproceedings{fuller2018exploiting, title={Exploiting side-channel emissions to detect changes in FPGA firmware}, author={Fuller, Ryan M and Riley, Ronald A and Graham, James T}, booktitle={Cyber Sensing 2018}, volume={10630}, pages={106300A}, year={2018}, organization={International Society for Optics and Photonics} } @article{hospodar2011machine, title={Machine learning in side-channel analysis: a first study}, author={Hospodar, Gabriel and Gierlichs, Benedikt and De Mulder, Elke and Verbauwhede, Ingrid and Vandewalle, Joos}, journal={Journal of Cryptographic Engineering}, volume={1}, number={4}, pages={293}, year={2011}, publisher={Springer} } @inproceedings{moreno2016non, title={Non-intrusive runtime monitoring through power consumption: a signals and system analysis approach to reconstruct the trace}, author={Moreno, Carlos and Fischmeister, Sebastian}, booktitle={International Conference on Runtime Verification}, pages={268--284}, year={2016}, organization={Springer} } @inproceedings{picek2017climbing, title={Climbing down the hierarchy: hierarchical classification for machine learning side-channel attacks}, author={Picek, Stjepan and Heuser, Annelie and Jovic, Alan and Legay, Axel}, booktitle={International Conference on Cryptology in Africa}, pages={61--78}, year={2017}, organization={Springer} } @inproceedings{picek2018performance, title={On the performance of convolutional neural networks for side-channel analysis}, author={Picek, Stjepan and Samiotis, Ioannis Petros and Kim, Jaehun and Heuser, Annelie and Bhasin, Shivam and Legay, Axel}, booktitle={International Conference on Security, Privacy, and Applied Cryptography Engineering}, pages={157--176}, year={2018}, organization={Springer} } @article{picek2019theory, title={When theory meets practice: A framework for robust profiled side-channel analysis}, author={Picek, Stjepan and Heuser, Annelie and Alippi, Cesare and Regazzoni, Francesco}, year={2019} } @inproceedings{shumov2010side, title={Side channel leakage profiling in software}, author={Shumov, D and Montgomery, Peter L}, booktitle={COSADE 2010}, year={2010}, organization={Citeseer} } @inproceedings{blanco2017framework, title={A framework for acquiring and analyzing traces from cryptographic devices}, author={Blanco, Alfonso Blanco and de Fuentes, Jose Mar{\'\i}a and Gonz{\'a}lez-Manzano, Lorena and Encinas, Luis Hern{\'a}ndez and Mu{\~n}oz, Agust{\'\i}n Mart{\'\i}n and Oliva, Jos{\'e} Luis Rodrigo and Garc{\'\i}a, J Ignacio S{\'a}nchez}, booktitle={International Conference on Security and Privacy in Communication Systems}, pages={283--300}, year={2017}, organization={Springer} } @misc{NationalInstrumentsHIL, author = {National Instruments}, title = {{Hardware In The Loop Test System}}, howpublished = "\url{https://www.ni.com/en-ca/innovations/white-papers/09/hardware-in-the-loop--hil--test-system-architectures.html#section--650933511}" } @misc{DSpace, author = {DSpace}, title = {{Hardware In The Loop Test System}}, howpublished = "\url{https://www.dspace.com/shared/data/pdf/2019/dSPACE-Hardware-in-the-Loop-Systems_Business-field-brochure_01-2019_English.pdf}" } @misc{Labview, author = {National Instruments}, title = {{LabVIEW DAQ}}, howpublished = "\url{https://www.ni.com/academic/students/learn-daq/}" } % Impact of human error: @article{patel2011impact, title={Impact of outlier removal and normalization approach in modified k-means clustering algorithm}, author={Patel, Vaishali R and Mehta, Rupa G}, journal={International Journal of Computer Science Issues (IJCSI)}, volume={8}, number={5}, pages={331}, year={2011}, publisher={Citeseer} } @misc{cve-2018-15439, key = {CVE-2018-15439}, title = {{CVE-2018-15439}}, howpublished = {National Vulnerability Database}, institution = {NIST}, day = 08, month = {November}, year = 2018, note = {\url{https://nvd.nist.gov/vuln/detail/CVE-2018-15439}}, url = {https://nvd.nist.gov/vuln/detail/CVE-2018-15439} } @misc{cve-2018-0329, key = {CVE-2018-0329}, title = {{CVE-2018-0329}}, howpublished = {National Vulnerability Database}, institution = {NIST}, day = 08, month = {November}, year = 2018, note = {\url{https://nvd.nist.gov/vuln/detail/CVE-2018-0329}}, url = {https://nvd.nist.gov/vuln/detail/CVE-2018-0329} } @misc{cve-2018-0222, key = {CVE-2018-0222}, title = {{CVE-2018-0222}}, howpublished = {National Vulnerability Database}, institution = {NIST}, day = 16, month = {May}, year = 2018, note = {\url{https://nvd.nist.gov/vuln/detail/CVE-2018-0222}}, url = {https://nvd.nist.gov/vuln/detail/CVE-2018-0222} } @misc{cve-2018-0151, key = {CVE-2018-0151}, title = {{CVE-2018-0151}}, howpublished = {National Vulnerability Database}, institution = {NIST}, day = 28, month = {March}, year = 2018, note = {\url{https://nvd.nist.gov/vuln/detail/CVE-2018-0151}}, url = {https://nvd.nist.gov/vuln/detail/CVE-2018-0151} } @misc{cve-2018-0150, key = {CVE-2018-0150}, title = {{CVE-2018-0150}}, howpublished = {National Vulnerability Database}, institution = {NIST}, day = 28, month = {March}, year = 2018, note = {\url{https://nvd.nist.gov/vuln/detail/CVE-2018-0150}}, url = {https://nvd.nist.gov/vuln/detail/CVE-2018-0150} } @misc{CVE-2019-12649, key = {CVE-2019-12649}, title = {{CVE-2019-12649}}, howpublished = {National Vulnerability Database}, institution = {NIST}, day = 25, month = {September}, year = 2019, note = {\url{https://nvd.nist.gov/vuln/detail/CVE-2019-12649}}, url = {https://nvd.nist.gov/vuln/detail/CVE-2019-12649} } @misc{CVE-2019-12651, key = {CVE-2019-12651}, title = {{CVE-2019-12651}}, howpublished = {National Vulnerability Database}, institution = {NIST}, day = 25, month = {September}, year = 2019, note = {\url{https://nvd.nist.gov/vuln/detail/CVE-2019-12651}}, url = {https://nvd.nist.gov/vuln/detail/CVE-2019-12651} } @MISC {citrix2020, author = "William Ballenthin and Josh Madeley", title = {{"404 Exploit Not Found: Vigilante Deploying Mitigation for Citrix NetScaler Vulnerability While Maintaining Backdoor"}}, month = jan, year = "2020", note = "https://www.fireeye.com/blog/threat-research/2020/01/vigilante-deploying-mitigation-for-citrix-netscaler-vulnerability-while-maintaining-backdoor.html" } @MISC {kimwillsher2009, author = "Kim Willsher", title = "French fighter planes grounded by computer virus", month = feb, year = "2009", note = "https://www.telegraph.co.uk/news/worldnews/europe/france/4547649/French-fighter-planes-grounded-by-computer-virus.html" } @article{chaplain2018weapon, title={{Weapon Systems Cybersecurity: DoD just beginning to grapple with scale of vulnerabilities}}, author={Chaplain, Christina}, journal={Washington, DC, USA, GAO Report No. GAO-19-128}, year={2018} } @MISC {mitre2020, author = "MITRE", title = "Common Vulnerabilities and Exposures", month = jan, year = "2020", note = "Data aggregated from https://cve.mitre.org/" } @MISC {uscert2014, author = "US CERT", title = {{"ICS Alert (ICS-ALERT-14-281-01E): Ongoing Sophisticated Malware Campaign Compromising ICS"}}, month = dec, year = "2014", note = "https://www.us-cert.gov/ics/alerts/ICS-ALERT-14-281-01B" } @MISC {uscert2016, author = "US CERT", title = {{"ICS Alert (IR-ALERT-H-16-056-01): Cyber-Attack Against Ukrainian Critical Infrastructure"}}, month = feb, year = "2016", note = "https://www.us-cert.gov/ics/alerts/IR-ALERT-H-16-056-01" } @MISC {uscert2017, author = "US CERT", title = {{"Alert (TA17-293A): Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors"}}, month = oct, year = "2017", note = "https://www.us-cert.gov/ncas/alerts/TA17-293A" } @MISC {alexandercampbellvickramsingh2019, author = "Alexander Campbell, Vickram Singh", title = "Lessons from the cyberattack on {I}ndia’s largest nuclear power plant", month = nov, year = "2019", note = "https://thebulletin.org/2019/11/lessons-from-the-cyberattack-on-indias-largest-nuclear-power-plant/" } @article{langner2011stuxnet, title={{Stuxnet: Dissecting a cyberwarfare weapon}}, author={Langner, Ralph}, journal={IEEE Security \& Privacy}, volume={9}, number={3}, pages={49--51}, year={2011}, publisher={IEEE} } @MISC {charlesarthur2011, author = "Charles Arthur", title = "Chinese hackers suspected of interfering with {US} satellites", month = oct, year = "2011", note = "https://www.theguardian.com/technology/2011/oct/27/chinese-hacking-us-satellites-suspected" } @MISC {thierrynoisette2009, author = "Thierry Noisette", title = "S\'ecurit\'e : la Marine victime du virus Conficker-Downadup", month = feb, year = "2009", note = "https://www.zdnet.fr/actualites/securite-la-marine-victime-du-virus-conficker-downadup-39387036.htm" } @misc{cve, title = {CVE Cisco}, author = {The MITRE Corporation}, howpublished = {\url{https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=cisco+}}, note = {Search Results for: Cisco, Juniper, HPE. Retrieved December 17, 2019.}, } @misc{cost_outage, title = {Cost of Data Center Outages.}, howpublished = {\url{https://www.vertiv.com/globalassets/documents/reports/2016-cost-of-data-center-outages-11-11_51190_1.pdf}}, author = {Ponemon Institute LLC.}, month = {January}, year = {2016}, } @misc{cost_downtime, title = {The real cost of downtime.}, howpublished = {\url{https://devops.com/real-cost-downtime/}}, author = {Shimel, A.}, year = {2015}, month = {February}, } @misc{shadowhammer, title = {Shadowhammer Backdoor}, author = {Dellinger, AJ}, howpublished = {\url{https://www.engadget.com/2019/03/25/asus-hack-shadowhammer-backdoor/}}, } @inproceedings{UCRDTW, author = {Rakthanmanon, Thanawin and Campana, Bilson and Mueen, Abdullah and Batista, Gustavo and Westover, Brandon and Zhu, Qiang and Zakaria, Jesin and Keogh, Eamonn}, title = {Searching and Mining Trillions of Time Series Subsequences under Dynamic Time Warping}, year = {2012}, isbn = {9781450314626}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/2339530.2339576}, doi = {10.1145/2339530.2339576}, booktitle = {Proceedings of the 18th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining}, pages = {262–270}, numpages = {9}, series = {KDD ’12} } @inproceedings {ICISSP2017, title = {On the Security of Safety-Critical Embedded Systems: Who Watches the Watchers? Who Reprograms the Watchers?}, booktitle = {International Conference on Information Systems Security and Privacy (ICISSP)}, year = {2017}, author = {Carlos Moreno and Sebastian Fischmeister} } % Surveys of IDS @article{Khraisat2019, author="Khraisat, Ansam and Gondal, Iqbal and Vamplew, Peter and Kamruzzaman, Joarder", title="Survey of intrusion detection systems: techniques, datasets and challenges", journal="Cybersecurity", year="2019", month="Jul", day="17", volume="2", number="1", pages="20", issn="2523-3246", doi="10.1186/s42400-019-0038-7", url="https://doi.org/10.1186/s42400-019-0038-7" } %cited @Inbook{Hamed2018, author="Hamed, Tarfa and Ernst, Jason B. and Kremer, Stefan C.", title="A Survey and Taxonomy on Data and Pre-processing Techniques of Intrusion Detection Systems", bookTitle="Computer and Network Security Essentials", year="2018", publisher="Springer International Publishing", address="Cham", pages="113--134", isbn="978-3-319-58424-9", doi="10.1007/978-3-319-58424-9_7", url="https://doi.org/10.1007/978-3-319-58424-9_7" } @article{dolphin, title={DolphinAttack}, ISBN={9781450349468}, url={http://dx.doi.org/10.1145/3133956.3134052}, DOI={10.1145/3133956.3134052}, journal={Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security - CCS ’17}, publisher={ACM Press}, author={Zhang, Guoming and Yan, Chen and Ji, Xiaoyu and Zhang, Tianchen and Zhang, Taimin and Xu, Wenyuan}, year={2017} } % Survey of classic intrusion detection techniques. %cited @INPROCEEDINGS{7210351, author={L. {Dali} and A. {Bentajer} and E. {Abdelmajid} and K. {Abouelmehdi} and H. {Elsayed} and E. {Fatiha} and B. {Abderahim}}, booktitle={2015 2nd World Symposium on Web Applications and Networking (WSWAN)}, title={A survey of intrusion detection system}, year={2015}, pages={1-6}, doi={10.1109/WSWAN.2015.7210351}, ISSN={null}, month={March} } %cited @article{LIAO201316, title = "Intrusion detection system: A comprehensive review", journal = "Journal of Network and Computer Applications", volume = "36", number = "1", pages = "16 - 24", year = "2013", issn = "1084-8045", doi = "https://doi.org/10.1016/j.jnca.2012.09.004", url = "http://www.sciencedirect.com/science/article/pii/S1084804512001944", author = "Hung-Jen Liao and Chun-Hung Richard Lin and Ying-Chih Lin and Kuang-Yuan Tung" } %cited @article{LUNT1993405, title = "A survey of intrusion detection techniques", journal = "Computers \& Security", volume = "12", number = "4", pages = "405 - 418", year = "1993", issn = "0167-4048", doi = "https://doi.org/10.1016/0167-4048(93)90029-5", url = "http://www.sciencedirect.com/science/article/pii/0167404893900295", author = "Teresa F. Lunt" } %cited @article{10.1145/2542049, author = {Mitchell, Robert and Chen, Ing-Ray}, title = {A Survey of Intrusion Detection Techniques for Cyber-Physical Systems}, year = {2014}, issue_date = {April 2014}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, volume = {46}, number = {4}, issn = {0360-0300}, url = {https://doi.org/10.1145/2542049}, doi = {10.1145/2542049}, journal = {ACM Comput. Surv.}, month = mar, articleno = {Article 55}, numpages = {29}, } %cited @article{AGRAWAL2015708, title = "Survey on Anomaly Detection using Data Mining Techniques", journal = "Procedia Computer Science", volume = "60", pages = "708 - 713", year = "2015", note = "Knowledge-Based and Intelligent Information \& Engineering Systems 19th Annual Conference, KES-2015, Singapore, September 2015 Proceedings", issn = "1877-0509", doi = "https://doi.org/10.1016/j.procs.2015.08.220", url = "http://www.sciencedirect.com/science/article/pii/S1877050915023479", author = "Shikha Agrawal and Jitendra Agrawal" } %cited @article{KOLIAS2011625, title = "Swarm intelligence in intrusion detection: A survey", journal = "Computers \& Security", volume = "30", number = "8", pages = "625 - 642", year = "2011", issn = "0167-4048", doi = "https://doi.org/10.1016/j.cose.2011.08.009", url = "http://www.sciencedirect.com/science/article/pii/S016740481100109X", author = "C. Kolias and G. Kambourakis and M. Maragoudakis" } %cited @INPROCEEDINGS{1598592, author={A. {Murali} and M. {Rao}}, booktitle={2005 International Conference on Information and Communication Technologies}, title={A Survey on Intrusion Detection Approaches}, year={2005}, volume={}, number={}, pages={233-240}, doi={10.1109/ICICT.2005.1598592}, ISSN={null}, month={Aug}, } %cited @INPROCEEDINGS{6158822, author={D. K. {Denatious} and A. {John}}, booktitle={2012 International Conference on Computer Communication and Informatics}, title={Survey on data mining techniques to enhance intrusion detection}, year={2012}, volume={}, number={}, pages={1-5}, doi={10.1109/ICCCI.2012.6158822}, ISSN={null}, month={Jan} } %cited @ARTICLE{7307098, author={A. L. {Buczak} and E. {Guven}}, journal={IEEE Communications Surveys Tutorials}, title={A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection}, year={2016}, volume={18}, number={2}, pages={1153-1176}, doi={10.1109/COMST.2015.2494502}, ISSN={2373-745X}, month={Secondquarter} } %cited @INPROCEEDINGS{143785, author={N. {McAuliffe} and D. {Wolcott} and L. {Schaefer} and N. {Kelem} and B. {Hubbard} and T. {Haley}}, booktitle={[1990] Proceedings of the Sixth Annual Computer Security Applications Conference}, title={Is your computer being misused? A survey of current intrusion detection system technology}, year={1990}, volume={}, number={}, pages={260-272}, doi={10.1109/CSAC.1990.143785}, ISSN={null}, month={Dec} } %cited @article{2808691, author = {Milenkoski, Aleksandar and Vieira, Marco and Kounev, Samuel and Avritzer, Alberto and Payne, Bryan D.}, title = {Evaluating Computer Intrusion Detection Systems: A Survey of Common Practices}, year = {2015}, issue_date = {September 2015}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, volume = {48}, number = {1}, issn = {0360-0300}, url = {https://doi.org/10.1145/2808691}, doi = {10.1145/2808691}, journal = {ACM Comput. Surv.}, month = sep, articleno = {Article 12}, numpages = {41}, } %cited @ARTICLE{7935369, author={J. {Giraldo} and E. {Sarkar} and A. A. {Cardenas} and M. {Maniatakos} and M. {Kantarcioglu}}, journal={IEEE Design Test}, title={Security and Privacy in Cyber-Physical Systems: A Survey of Surveys}, year={2017}, volume={34}, number={4}, pages={7-17}, doi={10.1109/MDAT.2017.2709310}, ISSN={2168-2364}, month={Aug} } %cited @INPROCEEDINGS{4557881, author={S. {Owais} and V. {Snasel} and P. {Kromer} and A. {Abraham}}, booktitle={2008 7th Computer Information Systems and Industrial Management Applications}, title={Survey: Using Genetic Algorithm Approach in Intrusion Detection Systems Techniques}, year={2008}, pages={300-307}, doi={10.1109/CISIM.2008.49}, ISSN={null}, month={June} } @article{Hernandez2014SmartNT, title={Smart nest thermostat: A smart spy in your home}, author={Hernandez, Grant and Arias, Orlando and Buentello, Daniel and Jin, Yier}, journal={Black Hat USA}, pages={1--8}, year={2014} } %%!!DUPLICATE!! @misc{greenberg_2018, title={Router-Hacking "Slingshot" Spy Operation Compromised More Than 100 Targets}, url={https://www.wired.com/story/router-hacking-slingshot-spy-operation-compromised-more-than-100-targets/}, journal={Wired}, publisher={Conde Nast}, author={Greenberg, Andy}, year={2018}, month={Mar} } @misc{kovacs_2019, title={Cisco Firewall Exploited in Attack on {U.S.} Renewable Energy Firm}, note={\\ \href{https://www.securityweek.com/cisco-firewall-vulnerability-exploited-attack-us-renewable-energy-provider} {\nolinkurl{https://www.securityweek.com/cisco-firewall-vulnerability-exploited}} \\ \href{https://www.securityweek.com/cisco-firewall-vulnerability-exploited-attack-us-renewable-energy-provider} {\nolinkurl{-attack-us-renewable-energy-provider}} }, journal={SecurityWeek}, author={Kovacs, Eduard}, year={2019}, month={Nov} } @INPROCEEDINGS {liuacoustic, author = {A. X. Liu and L. Xiao and K. Pongaliur and L. Kempel and Z. Abraham}, booktitle = {2008 IEEE 11th High-Assurance Systems Engineering Symposium}, title = {Securing Sensor Nodes Against Side Channel Attacks}, year = {2008}, volume = {}, issn = {1530-2059}, pages = {353-361}, keywords = {sensor;network;security;side-channel}, doi = {10.1109/HASE.2008.26}, url = {https://doi.ieeecomputersociety.org/10.1109/HASE.2008.26}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, month = {dec} } @article{hanilci2011recognition, title={Recognition of brand and models of cell-phones from recorded speech signals}, author={Hanilci, Cemal and Ertas, Figen and Ertas, Tuncay and Eskidere, {\"O}mer}, journal={IEEE Transactions on Information Forensics and Security}, volume={7}, number={2}, pages={625--634}, year={2011}, publisher={IEEE} } @INPROCEEDINGS{4488501, author={H. {Zhengbing} and S. {Jun} and V. P. {Shirochin}}, booktitle={2007 4th IEEE Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications}, title={An Intelligent Lightweight Intrusion Detection System with Forensics Technique}, year={2007}, volume={}, number={}, pages={647-651},} @article{zhai2015method, title={A method for detecting abnormal program behavior on embedded devices}, author={Zhai, Xiaojun and Appiah, Kofi and Ehsan, Shoaib and Howells, Gareth and Hu, Huosheng and Gu, Dongbing and McDonald-Maier, Klaus D}, journal={IEEE Transactions on Information Forensics and Security}, volume={10}, number={8}, pages={1692--1704}, year={2015}, publisher={IEEE} } @INPROCEEDINGS{7479068, author={M. A. {Al Faruque} and S. R. {Chhetri} and A. {Canedo} and J. {Wan}}, booktitle={2016 ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS)}, title={Acoustic Side-Channel Attacks on Additive Manufacturing Systems}, year={2016}, volume={}, number={}, pages={1-10},} @article{vcagalj2014timing, title={Timing attacks on cognitive authentication schemes}, author={{\v{C}}agalj, Mario and Perkovi{\'c}, Toni and Bugari{\'c}, Marin}, journal={IEEE Transactions on Information Forensics and Security}, volume={10}, number={3}, pages={584--596}, year={2014}, publisher={IEEE} } @INPROCEEDINGS {, author = {A. X. Liu and L. Xiao and K. Pongaliur and L. Kempel and Z. Abraham}, booktitle = {2008 IEEE 11th High-Assurance Systems Engineering Symposium}, title = {Securing Sensor Nodes Against Side Channel Attacks}, year = {2008}, volume = {}, issn = {1530-2059}, pages = {353-361}, keywords = {sensor;network;security;side-channel}, doi = {10.1109/HASE.2008.26}, url = {https://doi.ieeecomputersociety.org/10.1109/HASE.2008.26}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, month = {dec} } @misc{symantec_security_response, key={sym}, title={Thousands of Ubiquiti AirOS routers hit with worm attacks}, note={\\ \href{https://www.symantec.com/connect/fr/blogs/thousands-ubiquiti-airos-routers-hit-worm-attacks-airos-routers} {\nolinkurl{https://www.symantec.com/connect/fr/blogs/thousands-ubiquiti-airos-routers} \\ \nolinkurl{-hit-worm-attacks-airos-routers} } }, author={Symantec Security Response}, publisher={Symantec Security Response}, year={2016}, month={May}, day={9} } %Side channel IDS @inproceedings{Aubel, title={Side-channel based intrusion detection for industrial control systems}, author={Van Aubel, Pol and Papagiannopoulos, Kostas and Chmielewski, {\L}ukasz and Doerr, Christian}, booktitle={International Conference on Critical Information Infrastructures Security}, pages={207--224}, year={2017}, organization={Springer} } @Article{Zantout, author="Zantout, Salam and Al Faruque, Mohammad", title="Hardware Trojan Detection in FPGA through Side-Channel Power Analysis and Machine Learning", year="2018", } %Classic side channel @inproceedings{Kocher, title={Differential power analysis}, author={Kocher, Paul and Jaffe, Joshua and Jun, Benjamin}, booktitle={Annual International Cryptology Conference}, pages={388--397}, year={1999}, organization={Springer} } @inproceedings{Camurati, title={Screaming channels: When electromagnetic side channels meet radio transceivers}, author={Camurati, Giovanni and Poeplau, Sebastian and Muench, Marius and Hayes, Tom and Francillon, Aur{\'e}lien}, booktitle={Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security}, pages={163--177}, year={2018} } @ARTICLE{8509150, author={C. {Luo} and Y. {Fei} and A. A. {Ding} and P. {Closas}}, journal={IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems}, title={Comprehensive Side-Channel Power Analysis of XTS-AES}, year={2019}, volume={38}, number={12}, pages={2191-2200}, doi={10.1109/TCAD.2018.2878171}, ISSN={1937-4151}, month={Dec} } % Cool / interesting @INPROCEEDINGS{8590946, author={R. {Matsumura} and T. {Sugawara} and K. {Sakiyama}}, booktitle={2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)}, title={A Secure LiDAR with AES-Based Side-Channel Fingerprinting}, year={2018}, volume={}, number={}, pages={479-482}, doi={10.1109/CANDARW.2018.00092}, ISSN={null}, month={Nov} } % Also: %% Removed Duplicate Moreno2018 (JD) @inproceedings{10.1145/2465554.2465570, author = {Moreno, Carlos and Fischmeister, Sebastian and Hasan, M. Anwar}, title = {Non-Intrusive Program Tracing and Debugging of Deployed Embedded Systems through Side-Channel Analysis}, year = {2013}, isbn = {9781450320856}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/2465554.2465570}, doi = {10.1145/2465554.2465570}, booktitle = {Proceedings of the 14th ACM SIGPLAN/SIGBED Conference on Languages, Compilers and Tools for Embedded Systems}, pages = {77–88}, numpages = {12}, location = {Seattle, Washington, USA}, series = {LCTES ’13} } @INPROCEEDINGS{8342184, author={K. {Lamichhane} and C. {Moreno} and S. {Fischmeister}}, booktitle={2018 Design, Automation Test in Europe Conference Exhibition (DATE)}, title={Non-intrusive program tracing of non-preemptive multitasking systems using power consumption}, year={2018}, volume={}, number={}, pages={1147-1150}, doi={10.23919/DATE.2018.8342184}, ISSN={1558-1101}, month={March} } @InProceedings{10.1007/978-3-319-04283-1_18, author="Msgna, Mehari and Markantonakis, Konstantinos and Mayes, Keith", editor="Zia, Tanveer and Zomaya, Albert and Varadharajan, Vijay and Mao, Morley", title = "{The B-Side of Side Channel Leakage: Control Flow Security in Embedded Systems}", booktitle="Security and Privacy in Communication Networks", year="2013", publisher="Springer International Publishing", address="Cham", pages="288--304", } @INPROCEEDINGS{8192483, author={A. {Nazari} and N. {Sehatbakhsh} and M. {Alam} and A. {Zajic} and M. {Prvulovic}}, booktitle={2017 ACM/IEEE 44th Annual International Symposium on Computer Architecture (ISCA)}, title="{EDDIE: EM-based detection of deviations in program execution}", year={2017}, volume={}, number={}, pages={333-346}, doi={10.1145/3079856.3080223}, ISSN={null}, month={June} } @article{sehatbakhsh2019remote, title={REMOTE: Robust External Malware Detection Framework by Using Electromagnetic Signals}, author={Sehatbakhsh, Nader and Nazari, Alireza and Alam, Monjur and Werner, Frank and Zhu, Yuanda and Zajic, Alenka and Prvulovic, Milos}, journal={IEEE Transactions on Computers}, year={2019}, publisher={IEEE} } @inproceedings{xie2017aggregated, title={Aggregated Residual Transformations for Deep Neural Networks}, author={Xie, Saining and Girshick, Ross and Doll{\'a}r, Piotr and Tu, Zhuowen and He, Kaiming}, booktitle={Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition}, pages={1492--1500}, year={2017} } @inproceedings{yilmaz2019detecting, title={Detecting Cellphone Camera Status at Distance by Exploiting Electromagnetic Emanations}, author={Yilmaz, Baki Berkay and Ugurlu, Elvan Mert and Prvulovic, Milos and Zajic, Alenka}, booktitle={MILCOM 2019-2019 IEEE Military Communications Conference (MILCOM)}, pages={1--6}, year={2019}, organization={IEEE} } @inproceedings {179223, author = {Shane S. Clark and Benjamin Ransford and Amir Rahmati and Shane Guineau and Jacob Sorber and Wenyuan Xu and Kevin Fu}, title = "{WattsUpDoc: Power Side Channels to Nonintrusively Discover Untargeted Malware on Embedded Medical Devices}", booktitle = "2013 {USENIX} Workshop on Health Information Technologies", year = {2013}, address = {Washington, D.C.}, url = {https://www.usenix.org/conference/healthtech13/workshop-program/presentation/Clark}, publisher = "{USENIX}", } @InProceedings{Acoustic_Cryptanalysis, author="Genkin, Daniel and Shamir, Adi and Tromer, Eran", editor="Garay, Juan A. and Gennaro, Rosario", title="{RSA} Key Extraction via Low-Bandwidth Acoustic Cryptanalysis", booktitle="Advances in Cryptology -- CRYPTO 2014", year="2014", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="444--461", isbn="978-3-662-44371-2" } @inbook{Eisenbarth, title = "{Building a Side Channel Based Disassembler}", publisher={Springer Berlin Heidelberg}, author={Eisenbarth, Thomas and Paar, Christof and Weghenkel, Bj\"{o}rn}, booktitle="{Transactions on Computational Science X: Special Issue on Security in Computing, Part I}", pages={78-99}, year = 2010 } @misc{router_hacking_slingshot, title = {Router-Hacking ``Slingshot'' Spy Operation Compromised More Than 100 Targets}, note={\\ \href{https://www.wired.com/story/router-hacking-slingshot-spy-operation-compromised-more-than-100-targets/} {\nolinkurl{https://www.wired.com/story/router-hacking-slingshot-spy-operation}} \\ \href{https://www.wired.com/story/router-hacking-slingshot-spy-operation-compromised-more-than-100-targets/} {\nolinkurl{-compromised-more-than-100-targets/}} }, journal = {Wired}, author = {Greenberg, Andy}, year = {2018}, month = {March}, } @misc{nsa_prefers_hacking_routers, title = "{NSA} Laughs at {PCs}, Prefers Hacking Routers and Switches", howpublished = {\url{https://www.wired.com/2013/09/nsa-router-hacking/}}, author = {Zetter, Kim}, year = {2013}, month = {September}, } @misc{unpatched_routers_prox_yarmy, title = {Unpatched routers being used to build vast proxy army, spy on networks}, howpublished = {\url{https://arstechnica.com/information-technology/2018/09/unpatched-routers-being-used-to-build-vast-proxy-army-spy-on-networks/}}, author = {Gallagher, Sean}, year = {2018}, month = {September}, } @InProceedings{10.1007/3-540-36400-5_4, author="Agrawal, Dakshi and Archambeault, Bruce and Rao, Josyula R. and Rohatgi, Pankaj", editor="Kaliski, Burton S. and Ko{\c{c}}, {\c{c}}etin K. and Paar, Christof", title="The EM Side---Channel(s)", booktitle="Cryptographic Hardware and Embedded Systems - CHES 2002", year="2003", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="29--45", } @article{printers, title = {Acoustic Side-Channel Attacks on Printers}, author = {Michael Backes, Markus Dürmuth, Sebastian Gerling, Manfred Pinkal, Caroline Sporleder}, year = {2010}, publisher = {https://www.usenix.org/legacy/event/sec10/tech/full_papers/Backes.pdf}, } @article{10.1145/1609956.1609959, author = {Zhuang, Li and Zhou, Feng and Tygar, J. D.}, title = {Keyboard Acoustic Emanations Revisited}, year = {2009}, issue_date = {October 2009}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, volume = {13}, number = {1}, issn = {1094-9224}, url = {https://doi.org/10.1145/1609956.1609959}, doi = {10.1145/1609956.1609959}, journal = {ACM Trans. Inf. Syst. Secur.}, month = nov, articleno = {Article 3}, numpages = {26}, keywords = {privacy, cepstrum, learning theory, signal analysis, acoustic manations, Computer security, HMM, human factors, keyboards, hidden markov models, electronic eavesdropping} } @InProceedings{10.1007/3-540-68697-5_9, author="Kocher, Paul C.", editor="Koblitz, Neal", title="Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems", booktitle="Advances in Cryptology --- CRYPTO '96", year="1996", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="104--113", } @article{VINCENT201577, title = "Trojan Detection and Side-channel Analyses for Cyber-security in Cyber-physical Manufacturing Systems", journal = "Procedia Manufacturing", volume = "1", pages = "77 - 85", year = "2015", note = "43rd North American Manufacturing Research Conference, NAMRC 43, 8-12 June 2015, UNC Charlotte, North Carolina, United States", issn = "2351-9789", doi = "https://doi.org/10.1016/j.promfg.2015.09.065", url = "http://www.sciencedirect.com/science/article/pii/S2351978915010653", author = "Hannah Vincent and Lee Wells and Pablo Tarazaga and Jaime Camelio", keywords = "Cyber-Attack detection, Cyber-Physical manufacturing systems, Quality control, Side-Channel analyses, Structural Health Monitoring, Trojans", } @inproceedings{fuller2018exploiting, title={Exploiting side-channel emissions to detect changes in FPGA firmware}, author={Fuller, Ryan M and Riley, Ronald A and Graham, James T}, booktitle={Cyber Sensing 2018}, volume={10630}, pages={106300A}, year={2018}, organization={International Society for Optics and Photonics} } @article{hospodar2011machine, title={Machine learning in side-channel analysis: a first study}, author={Hospodar, Gabriel and Gierlichs, Benedikt and De Mulder, Elke and Verbauwhede, Ingrid and Vandewalle, Joos}, journal={Journal of Cryptographic Engineering}, volume={1}, number={4}, pages={293}, year={2011}, publisher={Springer} } @inproceedings{moreno2016non, title={Non-intrusive runtime monitoring through power consumption: a signals and system analysis approach to reconstruct the trace}, author={Moreno, Carlos and Fischmeister, Sebastian}, booktitle={International Conference on Runtime Verification}, pages={268--284}, year={2016}, organization={Springer} } @inproceedings{picek2017climbing, title={Climbing down the hierarchy: hierarchical classification for machine learning side-channel attacks}, author={Picek, Stjepan and Heuser, Annelie and Jovic, Alan and Legay, Axel}, booktitle={International Conference on Cryptology in Africa}, pages={61--78}, year={2017}, organization={Springer} } @inproceedings{picek2018performance, title={On the performance of convolutional neural networks for side-channel analysis}, author={Picek, Stjepan and Samiotis, Ioannis Petros and Kim, Jaehun and Heuser, Annelie and Bhasin, Shivam and Legay, Axel}, booktitle={International Conference on Security, Privacy, and Applied Cryptography Engineering}, pages={157--176}, year={2018}, organization={Springer} } @article{picek2019theory, title={When theory meets practice: A framework for robust profiled side-channel analysis}, author={Picek, Stjepan and Heuser, Annelie and Alippi, Cesare and Regazzoni, Francesco}, year={2019} } @inproceedings{shumov2010side, title={Side channel leakage profiling in software}, author={Shumov, D and Montgomery, Peter L}, booktitle={COSADE 2010}, year={2010}, organization={Citeseer} } @inproceedings{blanco2017framework, title={A framework for acquiring and analyzing traces from cryptographic devices}, author={Blanco, Alfonso Blanco and de Fuentes, Jose Mar{\'\i}a and Gonz{\'a}lez-Manzano, Lorena and Encinas, Luis Hern{\'a}ndez and Mu{\~n}oz, Agust{\'\i}n Mart{\'\i}n and Oliva, Jos{\'e} Luis Rodrigo and Garc{\'\i}a, J Ignacio S{\'a}nchez}, booktitle={International Conference on Security and Privacy in Communication Systems}, pages={283--300}, year={2017}, organization={Springer} } @misc{NationalInstrumentsHIL, author = {National Instruments}, title = {{Hardware In The Loop Test System}}, howpublished = "\url{https://www.ni.com/en-ca/innovations/white-papers/09/hardware-in-the-loop--hil--test-system-architectures.html#section--650933511}" } @misc{DSpace, author = {DSpace}, title = {{Hardware In The Loop Test System}}, howpublished = "\url{https://www.dspace.com/shared/data/pdf/2019/dSPACE-Hardware-in-the-Loop-Systems_Business-field-brochure_01-2019_English.pdf}" } @misc{Labview, author = {National Instruments}, title = {{LabVIEW DAQ}}, howpublished = "\url{https://www.ni.com/academic/students/learn-daq/}" } % Impact of human error: @article{patel2011impact, title={Impact of outlier removal and normalization approach in modified k-means clustering algorithm}, author={Patel, Vaishali R and Mehta, Rupa G}, journal={International Journal of Computer Science Issues (IJCSI)}, volume={8}, number={5}, pages={331}, year={2011}, publisher={Citeseer} } @inproceedings{kazman1994saam, title={SAAM: A method for analyzing the properties of software architectures}, author={Kazman, Rick and Bass, Len and Abowd, Gregory and Webb, Mike}, booktitle={Proceedings of 16th International Conference on Software Engineering}, pages={81--90}, year={1994}, organization={IEEE} } @inproceedings{msgna2014verifying, title={Verifying software integrity in embedded systems: A side channel approach}, author={Msgna, Mehari and Markantonakis, Konstantinos and Naccache, David and Mayes, Keith}, booktitle={International Workshop on Constructive Side-Channel Analysis and Secure Design}, pages={261--280}, year={2014}, organization={Springer} } @article{hochreiter1997long, title={Long short-term memory}, author={Hochreiter, Sepp and Schmidhuber, J{\"u}rgen}, journal={Neural computation}, volume={9}, number={8}, pages={1735--1780}, year={1997}, publisher={MIT Press} } @phdthesis{calvi2019runtime, title={Runtime Monitoring of Cyber-Physical Systems Using Data-driven Models}, author={Calvi, Michele Giovanni}, year={2019}, school={University of Illinois at Chicago} } @inproceedings{moreno2013non, title={Non-intrusive program tracing and debugging of deployed embedded systems through side-channel analysis}, author={Moreno, Carlos and Fischmeister, Sebastian and Hasan, M Anwar}, booktitle={Proceedings of the 14th ACM SIGPLAN/SIGBED conference on Languages, compilers and tools for embedded systems}, pages={77--88}, year={2013} } @inproceedings{quisquater2002automatic, title={{Automatic Code Recognition for Smartcards Using a Kohonen Neural Network}}, author={Quisquater, Jean-Jacques and Samyde, David}, booktitle={CARDIS}, volume={2}, pages={6}, year={2002} } @manual{datacenterbreach, title = "Data breaches increased 54\% in 2019 so far", author = "James Sanders", url = "https://www.techrepublic.com/article/data-breaches-increased-54-in-2019-so-far/", year = "2019 (accessed April 15, 2020)" } @article{kur2009improving, title={Improving resiliency of {J}ava card code against power analysis}, author={Kur, Jir{\i} and Smolka, Tobi{\'a}{\v{s}} and Svenda, P}, journal={Mikulaska kryptobesidka, Sbornik prispevku}, pages={29--39}, year={2009} } @article{paliwal, title={A MODIFICATION OVER SAKOE AND CHIBA'S DYNAMIC TIME WARPING ALGORITHM FOR ISOLATED WORD RECOGNITION*}, author={K.K. PALIWAL, Anant AGARWAL and Sarvajit S. SINHA}, year={1981} } @inproceedings{deng2009imagenet, title={{Imagenet: A Large-Scale Hierarchical Image Database}}, author={Deng, Jia and Dong, Wei and Socher, Richard and Li, Li-Jia and Li, Kai and Fei-Fei, Li}, booktitle={2009 IEEE Conference on Computer Vision and Pattern Recognition}, pages={248--255}, year={2009}, organization={IEEE} } @inproceedings{szegedy2017inception, title={Inception-v4, inception-resnet and the impact of residual connections on learning}, author={Szegedy, Christian and Ioffe, Sergey and Vanhoucke, Vincent and Alemi, Alexander A}, booktitle={Thirty-first AAAI conference on artificial intelligence}, year={2017} } @inproceedings{chollet2017xception, title={Xception: Deep learning with depthwise separable convolutions}, author={Chollet, Fran{\c{c}}ois}, booktitle={Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition}, pages={1251--1258}, year={2017} } @INPROCEEDINGS{1536928, author={D. {Halford} and J. H. {Shoaf} and A. S. {Risley}}, booktitle={27th Annual Symposium on Frequency Control}, title={Spectral Density Analysis: Frequency Domain Specification and Measurement of Signal Stability}, year={1973}, volume={}, number={}, pages={421-431},} @inproceedings{10.5555/645803.669511, author = {Keogh, Eamonn J. and Pazzani, Michael J.}, title = {Scaling up Dynamic Time Warping to Massive Dataset}, year = {1999}, isbn = {3540664904}, publisher = {Springer-Verlag}, address = {Berlin, Heidelberg}, booktitle = {Proceedings of the Third European Conference on Principles of Data Mining and Knowledge Discovery}, pages = {1–11}, numpages = {11}, series = {PKDD ’99} } @article{theodoridis2009pattern, title={Pattern recognition. 2003}, author={Theodoridis, Sergios and Koutroumbas, Konstantinos}, journal={Google Scholar Digital Library}, year={2009} } @inproceedings{hutter2013temperature, title={The temperature side channel and heating fault attacks}, author={Hutter, Michael and Schmidt, J{\"o}rn-Marc}, booktitle={International Conference on Smart Card Research and Advanced Applications}, pages={219--235}, year={2013}, organization={Springer} } @inproceedings{masti2015thermal, title={Thermal covert channels on multi-core platforms}, author={Masti, Ramya Jayaram and Rai, Devendra and Ranganathan, Aanjhan and M{\"u}ller, Christian and Thiele, Lothar and Capkun, Srdjan}, booktitle={24th {USENIX} Security Symposium ({USENIX} Security '15)}, pages={865--880}, year={2015} } @ARTICLE{4766926, author={G. V. {Trunk}}, journal={{IEEE Transactions on Pattern Analysis and Machine Intelligence}}, title={A Problem of Dimensionality: A Simple Example}, year={1979}, volume={PAMI-1}, number={3}, pages={306-307}} @inproceedings{genkin2014rsa, title="{RSA} key extraction via low-bandwidth acoustic cryptanalysis", author={Genkin, Daniel and Shamir, Adi and Tromer, Eran}, booktitle={Annual Cryptology Conference}, pages={444--461}, year={2014}, organization={Springer} } @INPROCEEDINGS{7130435, author={R. {Daş} and A. {Karabade} and G. {Tuna}}, booktitle={2015 23nd Signal Processing and Communications Applications Conference (SIU)}, title={Common network attack types and defense mechanisms}, year={2015}, volume={}, number={}, pages={2658-2661},} @INPROCEEDINGS{727070, author={J. T. {Russell} and M. F. {Jacome}}, booktitle={Proceedings International Conference on Computer Design. VLSI in Computers and Processors (Cat. No.98CB36273)}, title={Software power estimation and optimization for high performance, 32-bit embedded processors}, year={1998}, volume={}, number={}, pages={328-333},} @inproceedings{10.1145/586110.586145, author = {Wagner, David and Soto, Paolo}, title = {Mimicry Attacks on Host-Based Intrusion Detection Systems}, year = {2002}, isbn = {1581136129}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/586110.586145}, doi = {10.1145/586110.586145}, abstract = {We examine several host-based anomaly detection systems and study their security against evasion attacks. First, we introduce the notion of a mimicry attack, which allows a sophisticated attacker to cloak their intrusion to avoid detection by the IDS. Then, we develop a theoretical framework for evaluating the security of an IDS against mimicry attacks. We show how to break the security of one published IDS with these methods, and we experimentally confirm the power of mimicry attacks by giving a worked example of an attack on a concrete IDS implementation. We conclude with a call for further research on intrusion detection from both attacker's and defender's viewpoints.}, booktitle = {Proceedings of the 9th ACM Conference on Computer and Communications Security}, pages = {255–264}, numpages = {10}, keywords = {anomaly detection, evasion attacks, host-based intrusion detection}, location = {Washington, DC, USA}, series = {CCS '02} } @article{vigna1999netstat, title={NetSTAT: A network-based intrusion detection system}, author={Vigna, Giovanni and Kemmerer, Richard A}, journal={Journal of computer security}, volume={7}, number={1}, pages={37--71}, year={1999}, publisher={IOS Press} } @article{bivens2002network, title={Network-based intrusion detection using neural networks}, author={Bivens, Alan and Palagiri, Chandrika and Smith, Rasheda and Szymanski, Boleslaw and Embrechts, Mark and others}, journal={Intelligent Engineering Systems through Artificial Neural Networks}, volume={12}, number={1}, pages={579--584}, year={2002}, publisher={ASME press New York} } @book{han2011data, title={Data mining: concepts and techniques}, author={Han, Jiawei and Pei, Jian and Kamber, Micheline}, year={2011}, publisher={Elsevier} } @inproceedings{eet1_mlcs, title={Side-channel Based Runtime Intrusion Detection for Network Equipment}, author={Arthur Grisel-Davy and Goksen U. Guler and Julian Dickert and Philippe Vibien and Waleed Khan and Jack Morgan and Carlos Moreno and Sebastian Fischmeister.}, booktitle={ECML-PKDD, Workshop on Machine Learning for Cyber Security}, year={2023}, } @inproceedings{bpv_qrs, title={Independent Boot Process Verification using Side-Channel Power Analysis}, author={Grisel-Davy, Arthur and Fischmeister, Sebastian}, booktitle={IEEE Intrenational Conference on Software Quality, Reliability, and Security (QRS)}, year={2023}, organization={IEEE} } @inproceedings{dsd_qrs, title={MAD: One-Shot Machine Activity Detector for Physics-Based Cyber Security}, author={Grisel-Davy, Arthur and Fischmeister, Sebastian}, booktitle={IEEE Intrenational Conference on Software Quality, Reliability, and Security (QRS)}, year={2023}, organization={IEEE} } @inproceedings{grisel2022work, title={Work-in-Progress: Boot Sequence Integrity Verification with Power Analysis}, author={Grisel-Davy, Arthur and Bhogayata, Amrita Milan and Pabbi, Srijan and Narayan, Apurva and Fischmeister, Sebastian}, booktitle={2022 International Conference on Embedded Software (EMSOFT)}, pages={3--4}, year={2022}, organization={IEEE} } @article{PENG2004199, title = {Application of the wavelet transform in machine condition monitoring and fault diagnostics: a review with bibliography}, journal = {Mechanical Systems and Signal Processing}, volume = {18}, number = {2}, pages = {199-221}, year = {2004}, issn = {0888-3270}, doi = {https://doi.org/10.1016/S0888-3270(03)00075-X}, url = {https://www.sciencedirect.com/science/article/pii/S088832700300075X}, author = {Z.K. Peng and F.L. Chu}, abstract = {The application of the wavelet transform for machine fault diagnostics has been developed for last 10 years at a very rapid rate. A review on all of the literature is certainly not possible. The purpose of this review is to present a summary about the application of the wavelet in machine fault diagnostics, including the following main aspects: the time–frequency analysis of signals, the fault feature extraction, the singularity detection for signals, the denoising and extraction of the weak signals, the compression of vibration signals and the system identification. Some other applications are introduced briefly as well, such as the wavelet networks, the wavelet-based frequency response function, etc. In addition, some problems in using the wavelet for machine fault diagnostics are analysed. The prospects of the wavelet analysis in solving non-linear problems are discussed.} } @ARTICLE{4084702, author={Su, Hua and Chong, Kil To}, journal={IEEE Transactions on Industrial Electronics}, title={Induction Machine Condition Monitoring Using Neural Network Modeling}, year={2007}, volume={54}, number={1}, pages={241-249}, doi={10.1109/TIE.2006.888786} } @article{HOU2021107451, title = {Investigations on quasi-arithmetic means for machine condition monitoring}, journal = {Mechanical Systems and Signal Processing}, volume = {151}, pages = {107451}, year = {2021}, issn = {0888-3270}, doi = {https://doi.org/10.1016/j.ymssp.2020.107451}, url = {https://www.sciencedirect.com/science/article/pii/S0888327020308372}, author = {Bingchang Hou and Dong Wang and Tangbin Xia and Yi Wang and Yang Zhao and Kwok-Leung Tsui}, keywords = {Quasi-arithmetic mean, Health index, Sparsity measure, Monotonic degradation assessment, Incipient fault detection, Envelope demodulation}, abstract = {Machine condition monitoring aims to use on-line sensor data to evaluate machine health conditions. One of the most crucial steps is construction of a health index for incipient fault detection and monotonic degradation assessment. Moreover, observations of a health index can be used as inputs to prognostic models for machine remaining useful life prediction. Even though significant outcomes about sparsity measures, such as kurtosis, the ratio of Lp to Lq norm, pq-mean, smoothness index, negative entropy, and Gini index, for machine health monitoring have been achieved during recent years, construction of a health index for simultaneously realizing incipient fault detection and monotonic degradation assessment is not fully explored due to unexpected variances of repetitive transients caused by rotating machine faults. To solve this problem, in this paper, quasi-arithmetic means (QAMs) are thoroughly investigated. Moreover, the aforementioned sparsity measures can be respectively reformulated as the ratios of different QAMs. Further, a generalized framework based on the ratio of different QAMs for machine health monitoring is proposed. Experimental results demonstrate that some special cases of the generalized framework can simultaneously detect incipient rotating faults, exhibit a monotonic degradation tendency and be robust to impulsive noises, and they are better than existing sparsity measures for machine health monitoring.} } @misc{sound_mcm, doi = {10.48550/ARXIV.2006.05822}, url = {https://arxiv.org/abs/2006.05822}, author = {Koizumi, Yuma and Kawaguchi, Yohei and Imoto, Keisuke and Nakamura, Toshiki and Nikaido, Yuki and Tanabe, Ryo and Purohit, Harsh and Suefusa, Kaori and Endo, Takashi and Yasuda, Masahiro and Harada, Noboru}, keywords = {Audio and Speech Processing (eess.AS), Machine Learning (cs.LG), Sound (cs.SD), Machine Learning (stat.ML), FOS: Electrical engineering, electronic engineering, information engineering, FOS: Electrical engineering, electronic engineering, information engineering, FOS: Computer and information sciences, FOS: Computer and information sciences}, title = {Description and Discussion on DCASE2020 Challenge Task2: Unsupervised Anomalous Sound Detection for Machine Condition Monitoring}, publisher = {arXiv}, year = {2020}, copyright = {arXiv.org perpetual, non-exclusive license} } @INPROCEEDINGS{22438, author={Maru, B. and Zotos, P.A.}, booktitle={Record of Conference Papers., Industrial Applications Society 35th Annual Petroleum and Chemical Industry Conference,}, title={Anti-friction bearing temperature rise for NEMA frame motors}, year={1988}, volume={}, number={}, pages={205-211}, doi={10.1109/PCICON.1988.22438}} @book{tavner1987condition, title={Condition Monitoring of Electrical Machines}, author={Tavner, P.J. and Penman, J.}, isbn={9780471917533}, lccn={lc87020691}, series={Battery applications series]}, url={https://books.google.ca/books?id=e2iwAAAAIAAJ}, year={1987}, publisher={Research Studies Press} } @ARTICLE{8701559, author={Nguyen, Luong N. and Cheng, Chia-Lin and Prvulovic, Milos and Zajić, Alenka}, journal={IEEE Transactions on Very Large Scale Integration (VLSI) Systems}, title={Creating a Backscattering Side Channel to Enable Detection of Dormant Hardware Trojans}, year={2019}, volume={27}, number={7}, pages={1561-1574}, doi={10.1109/TVLSI.2019.2906547}} @phdthesis{jorgensen2022efficient, title={EFFICIENT LEARNING FOR HARDWARE SECURITY VALIDATION USING ELECTROMAGNETIC SIDE CHANNELS}, author={Jorgensen, Erik J}, year={2022}, school={Georgia Institute of Technology} } @INPROCEEDINGS{6378346, author={Reed, Jeffrey H. and Gonzalez, Carlos R. Aguayo}, booktitle={2012 Future of Instrumentation International Workshop (FIIW) Proceedings}, title={Enhancing Smart Grid cyber security using power fingerprinting: Integrity assessment and intrusion detection}, year={2012}, volume={}, number={}, pages={1-3}, doi={10.1109/FIIW.2012.6378346}} @INPROCEEDINGS{5379826, author={Gonzalez, Carlos R. Aguayo and Reed, Jeffrey H.}, booktitle={MILCOM 2009 - 2009 IEEE Military Communications Conference}, title={Power fingerprinting in SDR \& CR integrity assessment}, year={2009}, volume={}, number={}, pages={1-7}, doi={10.1109/MILCOM.2009.5379826}} @article{hart1992nonintrusive, title={Nonintrusive appliance load monitoring}, author={Hart, George William}, journal={Proceedings of the IEEE}, volume={80}, number={12}, pages={1870--1891}, year={1992}, publisher={IEEE} } @article{moradzadeh2021practical, title={A practical solution based on convolutional neural network for non-intrusive load monitoring}, author={Moradzadeh, Arash and Mohammadi-Ivatloo, Behnam and Abapour, Mehdi and Anvari-Moghaddam, Amjad and Gholami Farkoush, Saeid and Rhee, Sang-Bong}, journal={Journal of Ambient Intelligence and Humanized Computing}, volume={12}, pages={9775--9789}, year={2021}, publisher={Springer} } @article{puente2020non, title={Non-intrusive load monitoring (NILM) for energy disaggregation using soft computing techniques}, author={Puente, Cristina and Palacios, Rafael and Gonz{\'a}lez-Arechavala, Yolanda and S{\'a}nchez-{\'U}beda, Eugenio Francisco}, journal={Energies}, volume={13}, number={12}, pages={3117}, year={2020}, publisher={MDPI} } @inproceedings{10.1145/1864349.1864375, author = {Gupta, Sidhant and Reynolds, Matthew S. and Patel, Shwetak N.}, title = {ElectriSense: Single-Point Sensing Using EMI for Electrical Event Detection and Classification in the Home}, year = {2010}, isbn = {9781605588438}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/1864349.1864375}, doi = {10.1145/1864349.1864375}, abstract = {This paper presents ElectriSense, a new solution for automatically detecting and classifying the use of electronic devices in a home from a single point of sensing. ElectriSense relies on the fact that most modern consumer electronics and fluorescent lighting employ switch mode power supplies (SMPS) to achieve high efficiency. These power supplies continuously generate high frequency electromagnetic interference (EMI) during operation that propagates throughout a home's power wiring. We show both analytically and by in-home experimentation that EMI signals are stable and predictable based on the device's switching frequency characteristics. Unlike past transient noise-based solutions, this new approach provides the ability for EMI signatures to be applicable across homes while still being able to differentiate between similar devices in a home. We have evaluated our solution in seven homes, including one six-month deployment. Our results show that ElectriSense can identify and classify the usage of individual devices with a mean accuracy of 93.82%.}, booktitle = {Proceedings of the 12th ACM International Conference on Ubiquitous Computing}, pages = {139–148}, numpages = {10}, keywords = {activity recognition, activity sensing, energy monitoring, infrastructure-mediated sensing}, location = {Copenhagen, Denmark}, series = {UbiComp '10} } @misc{hdd_malware, title = {Indestructible malware by Equation cyberspies is out there – but don’t panic (yet)}, howpublished = {\url{https://www.kaspersky.com/blog/equation-hdd-malware/7623/}}, note = {Accessed: 2023-03-15} } @inproceedings{8057232, author={Chen, Yimin and Jin, Xiaocong and Sun, Jingchao and Zhang, Rui and Zhang, Yanchao}, booktitle={IEEE INFOCOM 2017 - IEEE Conference on Computer Communications}, title={POWERFUL: Mobile app fingerprinting via power analysis}, year={2017}, pages={1-9}, doi={10.1109/INFOCOM.2017.8057232} } @article{sayakkara2019survey, title={A survey of electromagnetic side-channel attacks and discussion on their case-progressing potential for digital forensics}, author={Sayakkara, Asanka and Le-Khac, Nhien-An and Scanlon, Mark}, journal={Digital Investigation}, volume={29}, pages={43--54}, year={2019}, publisher={Elsevier} } @ARTICLE{9727162, author={Kim, Taehun and Shin, Youngjoo}, journal={IEEE Access}, title={ThermalBleed: A Practical Thermal Side-Channel Attack}, year={2022}, volume={10}, number={}, pages={25718-25731}, doi={10.1109/ACCESS.2022.3156596}} @article{page2003defending, title={Defending against cache-based side-channel attacks}, author={Page, Daniel}, journal={Information Security Technical Report}, volume={8}, number={1}, pages={30--44}, year={2003}, publisher={Elsevier} } @article{halevi2015keyboard, title={Keyboard acoustic side channel attacks: exploring realistic and security-sensitive scenarios}, author={Halevi, Tzipora and Saxena, Nitesh}, journal={International Journal of Information Security}, volume={14}, pages={443--456}, year={2015}, publisher={Springer} } @inproceedings{van2018side, title={Side-channel based intrusion detection for industrial control systems}, author={Van Aubel, Pol and Papagiannopoulos, Kostas and Chmielewski, {\L}ukasz and Doerr, Christian}, booktitle={Critical Information Infrastructures Security: 12th International Conference, CRITIS 2017, Lucca, Italy, October 8-13, 2017, Revised Selected Papers 12}, pages={207--224}, year={2018}, organization={Springer} } @ARTICLE{10016748, author={Xun, Yijie and Deng, Zhouyan and Liu, Jiajia and Zhao, Yilin}, journal={IEEE Transactions on Vehicular Technology}, title={Side Channel Analysis: A Novel Intrusion Detection System Based on Vehicle Voltage Signals}, year={2023}, volume={}, number={}, pages={1-10}, doi={10.1109/TVT.2023.3236820}} @article{cannoles2017hacking, title={Hacking experiment by using USB rubber ducky scripting}, author={Cannoles, Benjamin and Ghafarian, Ahmad}, journal={Journal of Systemics}, volume={15}, number={2}, pages={6671}, year={2017} } @article{NISSIM2017675, title = {USB-based attacks}, journal = {Computers \& Security}, volume = {70}, pages = {675-688}, year = {2017}, issn = {0167-4048}, doi = {https://doi.org/10.1016/j.cose.2017.08.002}, url = {https://www.sciencedirect.com/science/article/pii/S0167404817301578}, author = {Nir Nissim and Ran Yahalom and Yuval Elovici}, keywords = {USB, Device, Attack, Malicious, Malware}, abstract = {Attackers increasingly take advantage of innocent users who tend to use USB peripherals casually, assuming these peripherals are benign when in fact they may carry an embedded malicious payload that can be used to launch attacks. In recent years, USB peripherals have become an attractive tool for launching cyber-attacks. In this survey, we review 29 different USB-based attacks and utilize our new taxonomy to classify them into four major categories. These attacks target both individuals and organizations; utilize widely used USB peripherals, such as keyboards, mice, flash drives, smartphones etc. For each attack, we address the objective it achieves and identify the associated and vulnerable USB peripherals and hardware.} } @inproceedings{su2017usb, title={USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs.}, author={Su, Yang and Genkin, Daniel and Ranasinghe, Damith Chinthana and Yarom, Yuval}, booktitle={USENIX Security Symposium}, volume={8}, pages={1145--1161}, year={2017} }