% T I T L E P A G E % ------------------- % Last updated August 16, 2022, by IST-Client Services % The title page is counted as page `i' but we need to suppress the % page number. Also, we don't want any headers or footers. \pagestyle{empty} \pagenumbering{roman} % The contents of the title page are specified in the "titlepage" % environment. \begin{titlepage} \begin{center} \vspace*{1.0cm} \Huge {\bf \mytopic} \vspace*{1.0cm} \normalsize by \myauthor\\ \vspace*{1.0cm} \Large \author \\ \vspace*{3.0cm} \normalsize A research proposal\\ presented to the University of Waterloo \\ for fulfillment of the \\ thesis requirement for the degree of \\ Doctor of Philosophy \\ in \\ Electrical and Computer Engineering \\ \vspace*{2.0cm} Waterloo, Ontario, Canada \\ \vspace*{1.0cm} \copyright \myauthor \\ \end{center} \end{titlepage} % The rest of the front pages should contain no headers and be numbered using Roman numerals starting with `ii' \pagestyle{plain} \setcounter{page}{2} \cleardoublepage % Ends the current page and causes all figures and tables that have so far appeared in the input to be printed. % In a two-sided printing style, it also makes the next page a right-hand (odd-numbered) page, producing a blank page if necessary. \phantomsection % allows hyperref to link to the correct page % E X A M I N I N G C O M M I T T E E (Required for Ph.D. theses only) % Remove or comment out the lines below to remove this page \addcontentsline{toc}{chapter}{Examining Committee} \begin{center}\textbf{Examining Committee Membership}\end{center} \noindent The following served on the Examining Committee for this thesis. The decision of the Examining Committee is by majority vote. \bigskip \noindent \begin{tabbing} Internal-External Member: \= \kill % using longest text to define tab length Internal-External Member: \> Diogo Barradas\\ \> Assistant Professor, Cheriton School of Computer Science\\ \> University of Waterloo \\ \end{tabbing} \bigskip \noindent \begin{tabbing} Internal-External Member: \= \kill % using longest text to define tab length Internal Member: \> Catherine Gebotys\\ \> Professor, Dept. Electrical and Computer Engineering\\ \> University of Waterloo \\ \end{tabbing} \bigskip \noindent \begin{tabbing} Internal-External Member: \= \kill % using longest text to define tab length Internal Member: \> Mark Crowley\\ \> Professor, Dept. Electrical and Computer Engineering\\ \> University of Waterloo \\ \end{tabbing} \bigskip \noindent \begin{tabbing} Internal-External Member: \= \kill % using longest text to define tab length Supervisor: \> Sebastian Fischmeister \\ \> Professor, Dept. Electrical and Computer Engineering\\ \> University of Waterloo \\ \end{tabbing} \bigskip \noindent \cleardoublepage \phantomsection % allows hyperref to link to the correct page % A B S T R A C T % --------------- \addcontentsline{toc}{chapter}{Abstract} \begin{center}\textbf{Abstract}\end{center} Most current Intrusion Detection Systems (IDSs) share the flaw of requiring the cooperation of the system to protect --- the target. Whether the IDS is a software or hardware component, it does not perform the detection independently and requires the target to execute a programm, use a component, or transmit resuts. In the case of a compromised target, this critical flaw allows attackers to avoid detection by forging input data, forging detection results, or bypassing the IDS altogether. This design makes the result of the detection trustworthy only when the target is not compromised. This observation leads to the conclusion that we cannot entrust machines to assess their own integrity. To remain trustworthy, the IDS must be independent of the target and not require cooperation to perform the detection. The main challenge with such a system is collecting relevant data. The main example of such a system are Network-based IDSs (NIDSs). NIDSs exhibit complete independence, but their input data --- network communication from the machine --- is only relevant for a small subset of attacks. This proposal describes another family of IDSs called physics-based IDS --- also called side-channel-based IDS --- that leverages side-channel information. Side-channel information is a perfect candidate for intrusion detection as it is, by definition, an involuntary emission from the target. Collecting side-channel information requires no communication with the machine to protect. Moreover, if chosen adequately, side-channel information can provide insight into all activities performed by the machine. Finally, side-channel information remains practical to measure on virtually any embedded system, providing a solution that is not only theoretical but also applicable in the real world. This proposal describes the exploratory work already achieved in the domain of physics-based IDS and outlines the main problems to study to evaluate the potential of this technology. \cleardoublepage \phantomsection % allows hyperref to link to the correct page % T A B L E O F C O N T E N T S % --------------------------------- \renewcommand\contentsname{Table of Contents} \tableofcontents \cleardoublepage \phantomsection % allows hyperref to link to the correct page % L I S T O F F I G U R E S % ----------------------------- \addcontentsline{toc}{chapter}{List of Figures} \listoffigures \cleardoublepage \phantomsection % allows hyperref to link to the correct page % L I S T O F T A B L E S % --------------------------- %\addcontentsline{toc}{chapter}{List of Tables} %\listoftables %\cleardoublepage %\phantomsection % allows hyperref to link to the correct page % L I S T O F A B B R E V I A T I O N S % --------------------------- %\renewcommand*{\abbreviationsname}{List of Abbreviations} %\printglossary[type=abbreviations] %\cleardoublepage %\phantomsection % allows hyperref to link to the correct page % Change page numbering back to Arabic numerals \pagenumbering{arabic}