1,707 research outputs found
Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices
Contains fulltext :
187230.pdf (preprint version ) (Open Access
Software-Based Side Channel Attacks and the Future of Hardened Microarchitecture
Side channel attack vectors found in microarchitecture of computing devices expose systems to potentially system-level breaches. This thesis consists of a comprehensive report on current exploits of this nature, describing their fundamental basis and usage, paving the way to further research into hardware mitigations that may be utilized to combat these and future vulnerabilities. It will discuss several modern software-based side channel attacks, describing the mechanisms they utilize to gain access to privileged information. Attack vectors will be exemplified, along with applicability to various architectures utilized in modern computing. Finally, discussion of how future architectural changes must successfully harden chips against attacks of this type will occur, ending with a reinforced call for development of these integral architectural revisions to resolve the threat
A Survey of Techniques for Improving Security of GPUs
Graphics processing unit (GPU), although a powerful performance-booster, also
has many security vulnerabilities. Due to these, the GPU can act as a
safe-haven for stealthy malware and the weakest `link' in the security `chain'.
In this paper, we present a survey of techniques for analyzing and improving
GPU security. We classify the works on key attributes to highlight their
similarities and differences. More than informing users and researchers about
GPU security techniques, this survey aims to increase their awareness about GPU
security vulnerabilities and potential countermeasures
QFlip: An Adaptive Reinforcement Learning Strategy for the FlipIt Security Game
A rise in Advanced Persistent Threats (APTs) has introduced a need for
robustness against long-running, stealthy attacks which circumvent existing
cryptographic security guarantees. FlipIt is a security game that models
attacker-defender interactions in advanced scenarios such as APTs. Previous
work analyzed extensively non-adaptive strategies in FlipIt, but adaptive
strategies rise naturally in practical interactions as players receive feedback
during the game. We model the FlipIt game as a Markov Decision Process and
introduce QFlip, an adaptive strategy for FlipIt based on temporal difference
reinforcement learning. We prove theoretical results on the convergence of our
new strategy against an opponent playing with a Periodic strategy. We confirm
our analysis experimentally by extensive evaluation of QFlip against specific
opponents. QFlip converges to the optimal adaptive strategy for Periodic and
Exponential opponents using associated state spaces. Finally, we introduce a
generalized QFlip strategy with composite state space that outperforms a Greedy
strategy for several distributions including Periodic and Uniform, without
prior knowledge of the opponent's strategy. We also release an OpenAI Gym
environment for FlipIt to facilitate future research.Comment: Outstanding Student Paper awar
- …