grizzly/deneir
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
deneir/EET1/MLCS_conference/presentation.tex
Arthur Grisel-Davy f103acd548 add threat model slide
2023-08-28 14:13:55 -04:00

134 lines
4.2 KiB
TeX
Raw Blame History

\documentclass[aspectratio=169,10pt]{beamer}
\usetheme[progressbar=head,numbering=fraction,sectionpage=none]{metropolis}
\usepackage{graphicx}
\usepackage{ulem}
\usepackage{xcolor}
\usepackage[scale=2]{ccicons}
\usepackage{pgfplots}
\usepackage{numprint}
\usepackage{booktabs}
\usepgfplotslibrary{dateplot}
\usepackage{hyperref}
\usepackage{multirow}
\usepackage{tcolorbox}
\usepackage{array}
\usepackage{xspace}
\title{Side-channel Based Runtime Intrusion Detection for Network Equipment}
\subtitle{}
\date{}
\author{Arthur Grisel-Davy}
\institute{University of Waterloo, Canada}
\begin{document}
\maketitle
\begin{frame}{Introduction}
\begin{center}
{\LARGE We cannot entrust machines to assess their own integrity.}\\
\vspace{1.5cm}
{\LARGE Integrity assessement require access to relevant information.}
\end{center}
\end{frame}
\begin{frame}{Common IDS Solution}
\begin{center}
\includegraphics[width=\textwidth]{images/main_illustration_1.pdf}
\end{center}
\end{frame}
\begin{frame}{Common IDS Solution}
\begin{center}
\includegraphics[width=\textwidth]{images/main_illustration_2.pdf}
\end{center}
\end{frame}
\begin{frame}{Common IDS Solution}
\begin{center}
\includegraphics[width=\textwidth]{images/main_illustration_3.pdf}
\end{center}
\end{frame}
\begin{frame}{Common IDS Solution}
\begin{center}
\includegraphics[width=\textwidth]{images/main_illustration_4.pdf}
\end{center}
\end{frame}
\begin{frame}{Threat Model}
\only<1>{\begin{tcolorbox}[colback=yellow!5!white,colframe=yellow!50!black,
colbacktitle=yellow!75!black,title=Firmware Manipulation]
Change settings, upgrade/downgrade firmware, Replace firmware.
\tcblower
Machine takeover, Advanced Persistent Threats.
\end{tcolorbox}
\begin{tcolorbox}[colback=yellow!75!black,colframe=yellow!50!black, coltext=white]
Runtime Monitoring
\end{tcolorbox}
\begin{tcolorbox}[colback=yellow!75!black,colframe=yellow!50!black, coltext=white]
Hardware Tampering
\end{tcolorbox}
}
\only<2>{
\begin{tcolorbox}[colback=yellow!75!black,colframe=yellow!50!black, coltext=white]
Firmware Manipulation
\end{tcolorbox}
\begin{tcolorbox}[colback=yellow!5!white,colframe=yellow!50!black,
colbacktitle=yellow!75!black,title=Runtime Monitoring]
Log tampering, login (brute force/dictionary) attacks.
\tcblower
Intrusion, Covert operations.
\end{tcolorbox}
\begin{tcolorbox}[colback=yellow!75!black,colframe=yellow!50!black, coltext=white]
Runtim Monitoring
\end{tcolorbox}
}
\only<3>{
\begin{tcolorbox}[colback=yellow!75!black,colframe=yellow!50!black, coltext=white]
Firmware Manipulation
\end{tcolorbox}
\begin{tcolorbox}[colback=yellow!75!black,colframe=yellow!50!black, coltext=white]
Runtim Monitoring
\end{tcolorbox}
\begin{tcolorbox}[colback=yellow!5!white,colframe=yellow!50!black,
colbacktitle=yellow!75!black,title=Hardware Tampering]
Installation/removal of peripherals.
\tcblower
MAC Flooding attacks.
\end{tcolorbox}
}
\end{frame}
\begin{frame}{Experiment Family I - Firmware Manipulation}
\begin{center}
\includegraphics[height=0.9\textheight]{images/Firmware_Comparison_TD_direct.pdf}
\end{center}
\end{frame}
\begin{frame}{Experiment Family II - Run-Time Monitoring}
\begin{center}
\includegraphics[height=0.9\textheight]{images/time_domain_ssh.pdf}
\end{center}
\end{frame}
\begin{frame}{Experiment Family III - Hardware Tampering}
\begin{center}
\includegraphics[height=\textheight]{images/switch.jpg}
\end{center}
\end{frame}
\begin{frame}{Experiment Family III - Hardware Tampering}
\begin{center}
\includegraphics[width=\textwidth]{images/detect_change.pdf}
\end{center}
\end{frame}
\end{document}
Reference in a new issue View git blame Copy permalink