Global ETD Search

21	Secured-by-design FPGA against side-channel attacks based on power consumption Almohaimeed, Ziyad Mohammed 31 August 2017 (has links) Power Analysis Attacks pose serious threats to hardware implementations of cryptographic systems. To retrieve the secret key, the attackers can exploit the mutual information between power consumption and processed data / operations through monitoring the power consumption of the cryptosystems. Field Programmable Gate Arrays (FPGA) have emerged as attractive implementation platforms for providing hardware-like performance and software-like flexibility for cryptosystem developers. These features come at the expense of larger power consumption, which makes FPGAs more vulnerable to power attacks. Different countermeasures have been introduced in the literature, but as they have originally been developed for Application-Specific Integrated Circuits (ASIC), mapping them onto FPGAs degrades their effectiveness. In this work, we propose a logic family based on pass transistors, which essentially consists of hardware replication, that can be used to build FPGAs with constant power consumption. Since the power consumption is no longer related to processed data and operations, a quadruple robustness to attacks based on dynamic power consumption, static power consumption, glitches, and early evaluation effect is achieved. Such a secured-by-design FPGA will relieve the cryptosystems developers from doing advanced analog design to secure the cryptosystem implementation. Our pass-transistor logic family can also be used in implementing ASICs. The silicon area overhead costs are shown to be less than prior art, which makes our FPGA attractive to cryptosystems developers. / Graduate / 2018-07-26 Side-Channel Attacks Power analysis attacks Secured-by-Design FPGA Differential Power Attacks DPA Correlation Power Attacks CPA
22	Enhancing Network Data Obliviousness in Trusted Execution Environment-based Stream Processing Systems Alsibyani, Hassan 15 May 2018 (has links) Cloud computing usage is increasing and a common concern is the privacy and security of the data and computation. Third party cloud environments are not considered fit for processing private information because the data will be revealed to the cloud provider. However, Trusted Execution Environments (TEEs), such as Intel SGX, provide a way for applications to run privately and securely on untrusted platforms. Nonetheless, using a TEE by itself for stream processing systems is not sufficient since network communication patterns may leak properties of the data under processing. This work addresses leaky topology structures and suggests mitigation techniques for each of these. We create specific metrics to evaluate leaks occurring from the network patterns; the metrics measure information leaked when the stream processing system is running. We consider routing techniques for inter-stage communication in a streaming application to mitigate this data leakage. We consider a dynamic policy to change the mitigation technique depending on how much information is currently leaking. Additionally, we consider techniques to hide irregularities resulting from a filtering stage in a topology. We also consider leakages resulting from applications containing cycles. For each of the techniques, we explore their effectiveness in terms of the advantage they provide in overcoming the network leakage. The techniques are tested partly using simulations and some were implemented in a prototype SGX-based stream processing system. systems security side-channel attacks
23	Fault Attacks on Cryptosystems: Novel Threat Models, Countermeasures and Evaluation Metrics Farhady Ghalaty, Nahid 19 August 2016 (has links) Recent research has demonstrated that there is no sharp distinction between passive attacks based on side-channel leakage and active attacks based on fault injection. Fault behavior can be processed as side-channel information, offering all the benefits of Differential Power Analysis including noise averaging and hypothesis testing by correlation. In fault attacks, the adversary induces faults into a device while it is executing a known program and observes the reaction. The abnormal reactions of the device are later analyzed to obtain the secrets of the program under execution. Fault attacks are a powerful threat. They are used to break cryptosystems, Pay TVs, smart cards and other embedded applications. In fault attack resistant design, the fault is assumed to be induced by a smart, malicious, determined attacker who has high knowledge of the design under attack. Moreover, the purpose of fault attack resistant design is for the system to work correctly under intentional fault injection without leaking any secret data information. Towards building a fault attack resistant design, the problem can be categorized into three main subjects: • Investigating novel and more powerful threat models and attack procedures. • Proposing countermeasures to build secure systems against fault attacks • Building evaluation metrics to measure the security of designs In this regard, my thesis has covered the first bullet, by proposing the Differential Fault Intensity Analysis (DFIA) based on the biased fault model. The biased fault model in this attack means the gradual behavior of the fault as a cause of increasing the intensity of fault injection. The DFIA attack has been successfully launched on AES, PRESENT and LED block ciphers. Our group has also recently proposed this attack on the AES algorithm running on a LEON3 processor. In our work, we also propose a countermeasure against one of the most powerful types of fault attacks, namely, Fault Sensitivity Analysis (FSA). This countermeasure is based on balancing the delay of the circuit to destroy the correlation of secret data and timing delay of a circuit. Additionally, we propose a framework for assessing the vulnerability of designs against fault attacks. An example of this framework is the Timing Violation Vulnerability Factor (TVVF) that is a metric for measuring the vulnerability of hardware against timing violation attacks. We compute TVVF for two implementations of AES algorithm and measure the vulnerability of these designs against two types of fault attacks. For future work, we plan to propose an attack that is a combination of power measurements and fault injections. This attack is more powerful in the sense that it has less fault injection restrictions and requires less amount of information from the block cipher's data. We also plan to design more efficient and generic evaluation metrics than TVVF. As shown in this thesis, fault attacks are more serious threat than considered by the cryptography community. This thesis provides a deep understanding of the fault behavior in the circuit and therefore a better knowledge on powerful fault attacks. The techniques developed in this dissertation focus on different aspects of fault attacks on hardware architectures and microprocessors. Considering the proposed fault models, attacks, and evaluation metrics in this thesis, there is hope to develop robust and fault attack resistant microprocessors. We conclude this thesis by observing future areas and opportunities for research. / Ph. D. Hardware Security Physical Attacks Cryptography
24	Dynamic Eviction Set Algorithms and Their Applicability to Cache Characterisation Lindqvist, Maria January 2020 (has links) Eviction sets are groups of memory addresses that map to the same cache set. They can be used to perform efficient information-leaking attacks against the cache memory, so-called cache side channel attacks. In this project, two different algorithms that find such sets are implemented and compared. The second of the algorithms improves on the first by using a concept called group testing. It is also evaluated if these algorithms can be used to analyse or reverse engineer the cache characteristics, which is a new area of application for this type of algorithms. The results show that the optimised algorithm performs significantly better than the previous state-of-the-art algorithm. This means that countermeasures developed against this type of attacks need to be designed with the possibility of faster attacks in mind. The results also shows, as a proof-of-concept, that it is possible to use these algorithms to create a tool for cache analysis. microarchitectural attacks cache attacks side channel attacks eviction set cache memory Computer Engineering Datorteknik
25	A three-layered robustness analysis of cybersecurity: Attacks and insights Schweitzer, David 11 December 2019 (has links) Cybersecurity has become an increasingly important concern for both military and civilian infrastructure globally. Because of the complexity that comes with wireless networks, adversaries have many means of infiltration and disruption of wireless networks. While there is much research done in defending these networks, understanding the robustness of these networks is tantamount for both designing new networks and examining possible security deficiencies in preexisting networks. This dissertation proposes to examine the robustness of wireless networks on three major fronts: the physical layer, the data-link layer, and the network layer. At the physical layer, denial-of-service jamming attacks are considered, and both additive interference and no interference are modeled in an optimal configuration and five common network topologies. At the data-link layer, data transmission efficacy and denial-of-sleep attacks are considered with the goal of maximizing throughput under a constrained lifetime. At the network layer, valid and anomalous communications are considered with the goal of classifying those anomalous communications apart from valid ones. This dissertation proposes that a thorough analysis of the aforementioned three layers provides valuable insights to robustness on general wireless networks. cybersecurity deep learning mathematical programming mixed-integer programming network flow Jamming attacks denial-of-service attacks denial-of-sleep attacks botnet detection
26	An Efficiency Evaluation of Far-Field Electromagnetic Deep Learning Side-Channel Attacks in Controlled Environments Evensen, Gabriel January 2022 (has links) As more and more modern systems and products use built-in microcontrollers, hardware security becomes more important to protect against cyber-attacks. Internet of things devices, like Bluetooth devices, usually use an encryption algorithm to keep data safe from hackers. Advanced Encryption Standard (AES) is a commonly used encryption algorithm. AES itself is hard to break. However, it is possible to utilize the information leaking from a system during the execution of encryption, called side-channel, to recover the key or part of the key used by the encryption algorithm. This kind of attack is called a side-channel attack (SCA). In this study, two deep learning (DL) models are trained to attack the Bluetooth microcontroller unit Nordic nRF52 development kit equipped with an nRF52832 chip. The DL models are trained using the far-field electromagnetic emissions that the microcontroller unintentionally generates and transmits through the antenna while encrypting data. All encryptions are executed with a fixed key and random plaintext. The attack is conducted in two stages: the profiling and attack stages. In the profiling stage, where the attacker is assumed to have full system control, 100 000 traces holding encryption information are sampled and used to train the DL models to classify a sub-byte of the fixed key given a trace. In the attack stage, traces are captured in two different environments. The first is an entirely isolated environment, while the second adds a specific Wi-Fi access point and client connection that execute HTTP requests and responses in this isolated environment referred to as the system environment. Given traces obtained from one of the two attack environments, the performance of the trained models at classifying the correct sub-key is evaluated. To summarize the results of this study, twelve SCAs are performed on six datasets captured in two different environments using two different DL models for each dataset. The correct key byte can be retrieved in three of these SCAs. All three successful attacks are made in an isolated environment without any interfering noise. The best performance is achieved with the multi-layer perceptron DL architecture, processing traces each composed of 10 averaged traces of the identical encryption, and the correct key-byte is recovered after 8198 traces. SCA DL-SCA Side-Channel Attacks Deep Learning Side-Channel Attacks Far-Field Side-Channel Attacks Engineering and Technology Teknik och teknologier
27	Aspects of ischaemia and reperfusion injury in the isolated rat heart Connaughton, Mark January 1997 (has links) No description available. 610
28	An epidemiological study of wheezing illness and asthma in Nottinghamshire schoolchildren : prevalence, natural history and aetiological effect of road traffic pollution Venn, Andrea January 2000 (has links) No description available. 610
29	NATO's response to the 11 September 2001 terrorism : lessons learned Kouzmanov, Krassi 03 1900 (has links) Approved for public release; distribution is unlimited / This thesis analyzes NATO's decisions and actions in response to the 11 September 2001 terrorist attacks against the United States and assesses the probable future role of the Alliance in combating international terrorism. In September-October 2001 the United States chose to lead a coalition against the Al Qaida terrorists and their supporters in Afghanistan instead of ceding the initiative to NATO. The necessity for rapid decisions and action, the military capabilities gap between the United States and the European allies, and the lessons of NATO's air campaign in the 1999 Kosovo crisis probably led the United States to make this choice. NATO's contributions to the campaign against terrorism have included sending Airborne Warning and Control Systems aircraft to the United States, deploying naval forces to the Eastern Mediterranean, and conducting preventive action against terrorist groups acting within or from the Balkans. NATO's responses to the 11 September attacks, the unconventional and asymmetric threat posed by international terrorism, and the distinct contributions that the military can make in combating terrorism support the main hypothesis examined in this study: that NATO may be unable to play more than specific limited roles in the fight against international terrorism. / Major, Bulgarian Army September 11 Terrorist Attacks, 2001 Terrorism Prevention
30	The impact of the September 11, 2001 terrorist attacks on U.S.-China relations / Model of the United States CENTCOM joint targeting architecture Epstein, Daren Adam 03 1900 (has links) Approved for public release; distribution unlimited / The terrorist attacks of September 11, 2001 on the United States had minimal impact on U.S.-China relations. The attacks merely rearranged U.S. strategic priorities in Asia while having no effect on Chinese strategic priorities. Before September 11, U.S. strategic priorities in Asia were U.S.-China relations, and containing North Korean aggression and its development of Weapons of Mass Destruction (WMD). After September 11, U.S. strategic priorities in Asia became the U.S. war on terror (WOT), containing North Korean Aggression and its development of WMD, and U.S.-China relations. This reordering of priorities did not result from stabilizing U.S.-China relations, but rather because of the increased threat of international terrorism towards the United States and U.S. interests. The Chinese strategic priorities of regime stability, territorial integrity, and increasing international prestige and power, did not change because of the attacks. The change in U.S. strategic priorities in Asia made the U.S.-China relationship more stable. Going forward, the PRC is likely to favor stable relations with the United States as long as China does not consider the expanding United States presence in Asia, because of the U.S. WOT, an immediate threat to Chinese strategic priorities. / Major, United States Army September 11 Terrorist Attacks, 2001 Terrorism

Search results