Side channel attacks and their mitigation techniques

Khan, Ajoy Kumar; Mahanta, Hridoy Jyoti

doi:10.1109/aces.2014.6807983

Cited by 14 publications

(7 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Electromagnetic Analysis Attacks (EMA) : The electromagnetic analysis attack method utilizes information leaked in the form of electromagnetic radiation emitted from the target encryption device [ 23 ]. Electromagnetic analysis attacks are largely divided into simple electromagnetic analysis (SEMA) and differential electromagnetic analysis (DEMA).…”

Section: Motivation and Backgroundmentioning

confidence: 99%

A Survey on Air-Gap Attacks: Fundamentals, Transport Means, Attack Scenarios and Challenges

Park

Yoo

et al. 2023

Sensors

View full text Add to dashboard Cite

Major public institutions and organizations that handle sensitive data frequently enforce strong security policies by implementing network separation policies that segregates their internal work networks and internet network using air gaps to prevent the leakage of confidential information. Such closed networks have long been considered the most secure technique for protecting data; however, studies have shown that they are no longer effective in providing a safe data protection environment. Research on air-gap attacks remains in its infancy stage. Studies have been conducted to check the method and demonstrate the possibility of transmitting data using various transmission media available within the closed network. These transmission media include optical signals such as HDD LEDs, acoustic signals such as speakers, and the electrical signals of power lines. This paper examines various media used for air-gap attacks by analyzing different techniques and their essential functions, strengths, and limitations. The findings of this survey and the follow-up analysis aim to assist companies and organizations in protecting their information by providing an understanding of air-gap attacks and their current trends.

show abstract

Section: Motivation and Backgroundmentioning

confidence: 99%

A Survey on Air-Gap Attacks: Fundamentals, Transport Means, Attack Scenarios and Challenges

Park

Yoo

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…The cybersecurity of commercial UAVs and IoT devices are at risk of this kind of fuzzing test without the proper security measures taken to defend them. [14] E. User Protection Unsecured UAV's and other IoT devices aren't the only possible victims of this fuzzing test. A device's security is only stable when a user follows proper protocol when maintaining its security.…”

Section: Gps Eliminationmentioning

confidence: 99%

Consumer UAV Cybersecurity Vulnerability Assessment Using Fuzzing Tests

Rudo,

Zeng

2020

Preprint

View full text Add to dashboard Cite

Unmanned Aerial Vehicles (UAVs) are remotecontrolled vehicles capable of flight and are present in a variety of environments from military operations to domestic enjoyment. These vehicles are great assets, but just as their pilot can control them remotely, cyberattacks can be executed in a similar manner. Cyber attacks on UAVs can bring a plethora of issues to physical and virtual systems. Such malfunctions are capable of giving an attacker the ability to steal data, incapacitate the UAV, or hijack the UAV. To mitigate such attacks, it is necessary to identify and patch vulnerabilities that may be maliciously exploited. In this paper, a new UAV vulnerability is explored with related UAV security practices identified for possible exploitation using large streams of data sent at specific ports. The more in-depth model involves strings of data involving FTP-specific keywords sent to the UAV's FTP port in the form of a fuzzing test and launching thousands of packets at other ports on the UAV as well. During these tests, virtual and physical systems are monitored extensively to identify specific patterns and vulnerabilities. This model is applied to a Parrot Bebop 2, which accurately portrays a UAV that had their network compromised by an attacker and portrays many lower-end UAV models for domestic use. During testings, the Parrot Bebop 2 is monitored for degradation in GPS performance, video speed, the UAV's reactivity to the pilot, motor function, and the accuracy of the UAV's sensor data. All these points of monitoring give a comprehensive view of the UAV's reaction to each individual test. In this paper, countermeasures to combat the exploitation of this vulnerability will be discussed as well as possible attacks that can branch from the fuzzing tests.

show abstract

“…According to S t a n d a e r t [70] side channel attacks are the category of attacks in which an attacker attempts to obtain confidential information by analyzing physically leaked timing information, power consumption or electromagnetic radiation. K h a n and M a h a n t a [71] have classified side channel attacks in four categories namely timing attack, electromagnetic attack, fault analysis attack, and power analysis attack. In Timing attack the adversary tries to get the information about the time taken by the device in different computations and then makes statistical analysis from this timing information to guess about the key.…”

Section: Side Channel Attacksmentioning

confidence: 99%

“…In fault analysis attacks these faulty outputs are analyzed to obtain secret information. K h a n and M a h a n t a [71] have mentioned that the only countermeasure to fault analysis attack is to restart the process again instead of continuing with the faulty output. Pop p, O s w a l d and M a n g a r d [74] have provided the introduction of power analysis attacks and their countermeasures.…”

Section: Side Channel Attacksmentioning

confidence: 99%

Security of Low Computing Power Devices: A Survey of Requirements, Challenges & Possible Solutions

Singh

Patro²

2019

Cybernetics and Information Technologies

View full text Add to dashboard Cite

Security has been a primary concern in almost all areas of computing and for the devices that are low on computing power it becomes more important. In this paper, a new class of computing device termed as Low Computing Power Device (LCPD) has been defined conceptually. The paper brings out common attributes, security requirements and security challenges of all kinds of low computing power devices in one place so that common security solutions for these can be designed and implemented rather than doing this for each individual device type. A survey of existing recent security solutions for different LCPDs hasve been presented here. This paper has also provided possible security solutions for LCPDs which include identification of countermeasures against different threats and attacks on these devices, and choosing appropriate cryptographic mechanism for implementing the countermeasures efficiently.

show abstract

Side channel attacks and their mitigation techniques

Cited by 14 publications

References 8 publications

A Survey on Air-Gap Attacks: Fundamentals, Transport Means, Attack Scenarios and Challenges

A Survey on Air-Gap Attacks: Fundamentals, Transport Means, Attack Scenarios and Challenges

Consumer UAV Cybersecurity Vulnerability Assessment Using Fuzzing Tests

Security of Low Computing Power Devices: A Survey of Requirements, Challenges & Possible Solutions

Contact Info

Product

Resources

About