#import "@preview/acrostiche:0.3.0": * #set page("us-letter", margin: (x:1.8cm, top:2cm, bottom:1cm), header: [ #set text(8pt) #smallcaps[Arthur Grisel-Davy] #h(1fr) _CPI Scholarship Application_ ], ) #init-acronyms(( "IDS": ("Intrusion Detection System"), )) #let cn = {text(fill:purple, weight:"bold")[#smallcaps[\[citation needed\]]]} #set par( first-line-indent: 1em, justify: true, ) #text(weight: "bold", size: 2em)[Areas of Research] #v(0pt) #line(length:100%, stroke: 2pt) As a Ph.D. student, my research projects revolve around enforcing security policies or detecting abnormal behaviour using embedded systems’ power consumption. The power consumption, like other side-channel emissions — noise, temperature, or timing information for example —, are, from a computation point of view, a necessary but useless by-product that the machine has to deal with. However, for a few decades, researchers have found ways to leverage theseseemingly useless information channels to extract insights about machine states and activities. Although primarily leveraging this information to design attacks, the research on side-channel analysis also proposes considering them as a source of information to power defense mechanisms with their own intrinsic characteristics. These mechanisms require the use or development of a processing algorithm to overcome the non-actionable nature of raw time series and extract the information embedded in the collected data. My projects focus on exploring the applicability of side-channel (or physics-based) Intrusion Detection System (IDS) through the development of processing algorithms and decision models. = Boot Process Verification The boot sequence of a machine is a critical state for the machine’s security. The bootloader and firmware that executes during this sequence control the lowest level of software, which sets important security parameters. Moreover, this is a particularly vulnerable sequence as no host-based IDS is running. There are hardware-based mechanisms, often leveraging cryptographic signatures, that strive to prevent firmware tampering, but studies illustrated the possibility of bypassing them. One of my research projects was the development of a boot sequence verifier based on power traces. This approach is fully independent from the target system — and thus not bypassable —, can leverage data even before the machine starts and provides an additional layer of protection against firmware tampering. = Device State Detection Once the machine starts, the power consumption is a useful runtime monitoring input. The ability to detect a machine’s state is crucial for anomaly detection, rule mining, policy enforcement, and predictive maintenance. However, log collection systems can be the target of attackers, suffer malfunction, or simply not be compatible with bespoke embedded systems. The power consumption, on the other hand, is ubiquitous across all embedded systems, easy and reliable to measure, and contains information about the target state. Leveraging this power consumption to infer the state of a machine requires the development of a pattern recognition algorithm. I proposed an approach to this problem in the context of rare events in which training data is reduced to a single sample per label. = Log Verification Logs from applications and operating systems are a valuable source of information for host-based IDS. However, logs are not reliable as they are produced and reported by software running on the machine to protect. This means that the logs that help detect intrusions are only trustworthy when there is no intrusion. Once again, power consumption can provide a secondary, independent and trusted source of information for validating the integrity of a log journal. This problem is complex due to the high dimensionality of both time and event series and the intrinsic hybrid nature of the input data. It is, however, a compelling problem to study with broad applications that I am currently working on. = Miscellaneous In addition to these broad projects, my studies led me to explore satellite projects and domains such as a power-cable-based bidirectional covert channel, the design of a PCB for the automated capture and analysis of USB-C power for laptops and mobile devices, and the collaboration on a trust-management system leveraging physics-based state recognition.