Noise-SDR: Arbitrary Modulation of Electromagnetic Noise from Unprivileged Software and Its Impact on Emission Security

“…[24] proposed a countermeasure to a SDR side-channel attack on the Raspberry Pi by generating EM noise that consists of executing arithmetic instructions in an infinite loop. Noise-SDR [14] presents a novel technique by exploiting DRAM accesses to shape arbitrary signals out of EM noise from unprivileged software. Therefore, a rootkit may try to tamper by generating noise during execution.…”

“…SVM with Kernel PCA performs best by reaching a TPR of 100% on both devices. [14] 100 100 100 [16] 100 100 91.8 [16] 91.0 92.5 97.8 [11] 96.7 98.9 98.0 [15] 100 96.0 In this scenario, we go beyond detection (two-class binary classification) and classify the rootkits into multiple classes. Again, the settings between the training and testing phase remain constant.…”

“…𝑚 )𝑚 99.4 [5] 99.0 99.8 100 [7] 100 100 100 [1] 100 100 99.6 [34] 99.2 100 99.6 [17] 99.3 100 99.7 [36] 99.4 100 𝑚 𝑜 )𝑚 𝑜 100 [13] 100 100 100 [15] 100 100 100 [10] 100 100 100 [25] 100 100 100 [14] 100 100 100 [30] 100 100 𝑚 )𝑚 𝑜 100 [13] 100 100 100 [15] 100 100 100 [10] 100 100 98.2 [25] 96.3 100 90.3 [14] 80.6 100 100 [30] 100 100 𝑚 𝑜 )𝑚 97.4 [5] 96.7 98.2 100 [7] 100 100 100 [1] 100 100 100 [34] 100 100 100 [17] 100 100 100 [36] 100 100 𝑑 )𝑑 100 [12] 100 100 100 [9] 100 100 100 [7] 100 100 95.1 [4] 97.2 93.1 100 [21] 100 100 100 [21] 100 100 𝑑 𝑜 )𝑑 𝑜 100 [10] 100 100 100 [8] 100 100 100 [9] 100 100 100 [22] 100 100 100 [11] 100 100 100 [16] 100 100 𝑑 )𝑑 𝑜 53.7 [10] 7.4 100 100 [8] 100 100 58.3 [9] 16.6 100 100 [22] 100 100 97.5 [11] 95.0 100 100 [16] 100 100 𝑑 𝑜 )𝑑 52.3 [12] 4.9 99.6 100 [9] 100 100 53.8 [7] 8.6 99.1 83.0 [4] 66.2 99.8 100…”

“…)𝑚 hwkb 50.6 [8] 92.8 8.4 50.0 [8] 0.0 100 51.0 [16] 2.9 99.2 100 [14] 100 100 100 [10] 100 100 100 [13] 100 100 swkb 57.1 [15] 14.8 99.5 100 [13] 100 100 100 [7] 100 100 100 [11] 100 100 100 [9] 100 100 100 [4] 100 100 𝑚 ) 𝑠 hwkb 46.9 [15] 43.5 50.2 50.0 [27] 0.0 100 48.2 [10] 0.1 96.3 99.5 [15] 99.1 100 85.3 [9] 70.6 100 100 [12] 100 100…”

ULTRA: Ultimate Rootkit Detection over the Air

“…[24] proposed a countermeasure to a SDR side-channel attack on the Raspberry Pi by generating EM noise that consists of executing arithmetic instructions in an infinite loop. Noise-SDR [14] presents a novel technique by exploiting DRAM accesses to shape arbitrary signals out of EM noise from unprivileged software. Therefore, a rootkit may try to tamper by generating noise during execution.…”

“…SVM with Kernel PCA performs best by reaching a TPR of 100% on both devices. [14] 100 100 100 [16] 100 100 91.8 [16] 91.0 92.5 97.8 [11] 96.7 98.9 98.0 [15] 100 96.0 In this scenario, we go beyond detection (two-class binary classification) and classify the rootkits into multiple classes. Again, the settings between the training and testing phase remain constant.…”

“…𝑚 )𝑚 99.4 [5] 99.0 99.8 100 [7] 100 100 100 [1] 100 100 99.6 [34] 99.2 100 99.6 [17] 99.3 100 99.7 [36] 99.4 100 𝑚 𝑜 )𝑚 𝑜 100 [13] 100 100 100 [15] 100 100 100 [10] 100 100 100 [25] 100 100 100 [14] 100 100 100 [30] 100 100 𝑚 )𝑚 𝑜 100 [13] 100 100 100 [15] 100 100 100 [10] 100 100 98.2 [25] 96.3 100 90.3 [14] 80.6 100 100 [30] 100 100 𝑚 𝑜 )𝑚 97.4 [5] 96.7 98.2 100 [7] 100 100 100 [1] 100 100 100 [34] 100 100 100 [17] 100 100 100 [36] 100 100 𝑑 )𝑑 100 [12] 100 100 100 [9] 100 100 100 [7] 100 100 95.1 [4] 97.2 93.1 100 [21] 100 100 100 [21] 100 100 𝑑 𝑜 )𝑑 𝑜 100 [10] 100 100 100 [8] 100 100 100 [9] 100 100 100 [22] 100 100 100 [11] 100 100 100 [16] 100 100 𝑑 )𝑑 𝑜 53.7 [10] 7.4 100 100 [8] 100 100 58.3 [9] 16.6 100 100 [22] 100 100 97.5 [11] 95.0 100 100 [16] 100 100 𝑑 𝑜 )𝑑 52.3 [12] 4.9 99.6 100 [9] 100 100 53.8 [7] 8.6 99.1 83.0 [4] 66.2 99.8 100…”

“…)𝑚 hwkb 50.6 [8] 92.8 8.4 50.0 [8] 0.0 100 51.0 [16] 2.9 99.2 100 [14] 100 100 100 [10] 100 100 100 [13] 100 100 swkb 57.1 [15] 14.8 99.5 100 [13] 100 100 100 [7] 100 100 100 [11] 100 100 100 [9] 100 100 100 [4] 100 100 𝑚 ) 𝑠 hwkb 46.9 [15] 43.5 50.2 50.0 [27] 0.0 100 48.2 [10] 0.1 96.3 99.5 [15] 99.1 100 85.3 [9] 70.6 100 100 [12] 100 100…”

ULTRA: Ultimate Rootkit Detection over the Air

RAMBLE: Bluetooth Low Energy from DDR5 Memory Buses

Air-Gap Electromagnetic Covert Channel