91 lines
No EOL
2.8 KiB
TeX
91 lines
No EOL
2.8 KiB
TeX
\documentclass[aspectratio=169,10pt]{beamer}
|
|
\usetheme[progressbar=head,numbering=fraction,sectionpage=none]{metropolis}
|
|
|
|
\usepackage{graphicx}
|
|
\usepackage{ulem}
|
|
\usepackage{xcolor}
|
|
\usepackage[scale=2]{ccicons}
|
|
\usepackage{pgfplots}
|
|
\usepackage{booktabs}
|
|
\usepgfplotslibrary{dateplot}
|
|
\usepackage{hyperref}
|
|
\usepackage{multirow}
|
|
\usepackage{array}
|
|
\usepackage{xspace}
|
|
|
|
\title{WIP: Firmware Integrity Verification with Side-Channel Power Consumption Analysis}
|
|
\subtitle{}
|
|
\date{}
|
|
\author{Arthur Grisel-Davy, Amrita Milan Bhogayata, Srijan Pabbi, Apurva Narayan, Sebastian Fischmeister}
|
|
\institute{University of Waterloo, Canada}
|
|
|
|
|
|
\begin{document}
|
|
|
|
\maketitle
|
|
|
|
\begin{frame}{Introduction}
|
|
\begin{center}
|
|
\only<1>{\includegraphics[width=\textwidth]{images/main_illustration_p1.pdf}}
|
|
\only<2>{\includegraphics[width=\textwidth]{images/main_illustration_p2.pdf}}
|
|
\only<3>{\includegraphics[width=\textwidth]{images/main_illustration_p3.pdf}}
|
|
\only<4>{\includegraphics[width=\textwidth]{images/main_illustration_p4.pdf}}
|
|
\end{center}
|
|
\end{frame}
|
|
%
|
|
|
|
\begin{frame}{Power trace}
|
|
\begin{figure}[h]
|
|
\centering
|
|
\includegraphics[height=0.8\textheight]{images/Bootup_traces_TPLINK.pdf}
|
|
\caption{Power consumption for two firmware versions illustrating the impact of firmware change on the consumption pattern.}
|
|
\end{figure}
|
|
\end{frame}
|
|
|
|
\begin{frame}{Boot Process Verifier (BPV)}
|
|
Distance threshold = $1.5 \times IQR$
|
|
\only<1>{\includegraphics[width=\textwidth]{images/illustration_Page 1.pdf}}
|
|
\only<2>{\includegraphics[width=\textwidth]{images/illustration_Page 2.pdf}}
|
|
\only<3>{\includegraphics[width=\textwidth]{images/illustration_Page 3.pdf}}
|
|
|
|
|
|
\vfill
|
|
\end{frame}
|
|
|
|
\begin{frame}{Case Study: Networking Devices}
|
|
\begin{itemize}
|
|
\item Four devices
|
|
\item Attacks: firmware replacement, firmware downgrade.
|
|
\item 500 bootups sequences per device per attack.\footnote{dataset publicly available, see the paper.}
|
|
\item BPV trained with ten training samples.
|
|
\end{itemize}
|
|
|
|
\only<2>{
|
|
\begin{table}[h]
|
|
\centering
|
|
\begin{tabular}{p{0.2\textwidth}|>{\centering}p{0.4\textwidth}|>{\centering\arraybackslash}p{0.3\textwidth}}
|
|
\textbf{Machine} & \textbf{Detection $F_1$ Score} & \textbf{Overall $F_1$ Score}\\
|
|
\midrule
|
|
TP-Link switch & 0.866 & \multirow{4}{*}{0.942}\\
|
|
HP switch & 0.983 &\\
|
|
Asus router & 1 &\\
|
|
Linksys router & 0.921 &\\
|
|
\bottomrule
|
|
\end{tabular}
|
|
\caption{Results of detection.}
|
|
\label{tab:results}
|
|
\end{table}
|
|
}
|
|
\end{frame}
|
|
|
|
\begin{frame}{Future Work}
|
|
|
|
\begin{itemize}
|
|
\item Expand results to other types of machines.
|
|
\item Improve anomaly detector to make it less susceptible to outlier in training data.
|
|
\item Explore more sophisticated attacks.
|
|
\end{itemize}
|
|
Thank you for your attention.
|
|
\end{frame}
|
|
|
|
\end{document} |