Khaled Karray scite author profile

We give an algorithm that checks whether every possible transition is masked. It allows to verify the absence of first-order leakage from a masked netlist. It validates the state-ofthe-art masking schemes, such as Threshold Implementation and Domain Oriented Masking, but also proves that more compact netlists with equivalent functions are secure. We leverage this methodology to propose a more compact implementation of AES S-Box.

show abstract

An Embedded AI-Based Smart Intrusion Detection System for Edge-to-Cloud Systems

Shrivastwa¹,

Bouakka²,

Perianin³

et al. 2022

View full text Add to dashboard Cite

This article proposes a general purpose IoT framework usually applicable to all Edge-to-Cloud applications and provides an evaluation study on a use-case involving automotive V2X architecture, tested and verified on a toy smart-car in an emulated smart-car environment. The architecture in study is finely tuned to mimic actual scenarios and therefore the sensors available on the toy car encompasses almost all the sensors that assist a regular ADAS in smart cars of today. The cloud connectivity is maintained through the CoAP protocol which is a standard IoT connectivity protocol. Finally, the security solution proposed is that of a smart Intrusion Detection System (IDS) that is built using Machine Learning (ML) technique and is deployed on the edge. The edge IDS is capable of performing anomaly detection and reporting both detection results as well as sensor collected big data to the cloud. On the cloud side the server stores and maintains the collected data for further retraining of ML models for edge anomaly detection which is differentiated into two categories viz. sensor anomaly detection model and network anomaly detection model. To demonstrate Software update Over The Air (SW-OTA) the cloud in the evaluation setup implements a ML model upgrade capability from the cloud to the connected edge. This implementation and evaluation provides a Proof-of-Concept of the choice of ML as IDS candidate and the framework in general to be applicable to various other IoT scenarios such as Healthcare, Smart-home, Smart-city, Harbour and Industrial environments, and so on, and paves way for future optimization studies.

show abstract

SpecDefender: Transient Execution Attack Defender using Performance Counters

Choudhari

Guilley²,

Karray³

2022

View full text Add to dashboard Cite

Side-channel attacks based on speculative execution have gained enough traction for researchers. This has resulted in the development of more creative variants of Spectre and its defences. However, many of these defence strategies end up making speculative execution or branch prediction ineffective. While these techniques protect the system, they cut down performance by more than 50%. Hence, these solutions cannot be deployed.In this paper, we present a framework that not only protects against different variants of Spectre but also maintains the performance. We prototyped this framework using a novel tool SpecDefender. It leverages Hardware Performance Counter (HPC) registers to dynamically detect active Spectre attacks and performs dynamic instrumentation to defend against them. This makes the tool widely applicable without any need for static analysis. Overall, the tool brings back the balance between performance and security.The tool was evaluated based on its accuracy and precision to detect an attack in different scenarios. It exhibit ¿90% precision when five out of ten processes were simultaneously attacked. The response time for the tool to detect is 2 sec. Furthermore, the throughput of the process under attack was comparable to normal execution in presence of SpecDefender.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Khaled Karray

Attack Tree Construction and Its Application to the Connected Vehicle

Identifier Randomization: An Efficient Protection Against CAN-Bus Attacks

Formal Evaluation and Construction of Glitch-resistant Masked Functions

An Embedded AI-Based Smart Intrusion Detection System for Edge-to-Cloud Systems

SpecDefender: Transient Execution Attack Defender using Performance Counters

Contact Info

Product

Resources

About