research-article

Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures

Authors:

Shaun BangayAuthors Info & Claims

International Journal of Information Security, Volume 21, Issue 3

Pages 437 - 453

https://doi.org/10.1007/s10207-021-00563-6

Published: 01 June 2022 Publication History

Abstract

Side-channels are unintended pathways within target systems that leak internal information, exploitable via side-channel attack techniques that extract the target information, compromising the system’s security and privacy. Side-channel attacks are well established within the cybersecurity domain, and thus their cyber-physical systems are actively defended with countermeasures. Non-cyber systems are equally as vulnerable to side-channel attacks; however, this is largely unrecognised and therefore countermeasures to defend them are limited. This paper surveys side-channel attacks against non-cyber systems and investigates the consequent security and privacy ramifications. Side-channel attack techniques rely on respective side-channel properties in order to succeed; therefore, countermeasures that disrupt each side-channel property are identified, effectively thwarting the side-channel attack. This principle is captured within a countermeasure algorithm: a systematic and extensible approach to identifying candidate countermeasures for non-cyber systems. We validate the output of this process by showing how the candidate countermeasures could be applied in the context of each non-cyber system and in the real world. This work provides an extensible platform for translating cybersecurity-derived side-channel attack research into defending systems from non-cyber domains.

References

[1]

Standaert, F.-X., Malkin, T. G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Advances in Cryptology - EUROCRYPT 2009. pp. 443–461. Springer, Berlin Heidelberg, (2009)

[2]

Spreitzer R, Moonsamy V, Korak T, and Mangard S Systematic classification of side-channel attacks: A case study for mobile devices IEEE Commun. Surv. Tutorials 2018 20 1 465-488

[3]

Giechaskiel I and Rasmussen K Taxonomy and challenges of out-of-band signal injection attacks and defenses IEEE Commun. Surv. Tutorials 2020 22 1 645-670

[4]

Spence A and Bangay S Side-channel sensing: Exploiting side-channels to extract information for medical diagnostics and monitoring IEEE J. Transl. Eng. Health Med. 2020 8 1-13

[5]

Kocher P, Jaffe J, and Jun B Differential Power Analysis 1999 Berlin Springer

[6]

Martinovic, I., Davies, D., Frank, M., Perito, D., Ros, T., Song, D.: On the feasibility of side-channel attacks with brain-computer interfaces. In: USENIX Security Symposium, pp. 143–158 (2012)

[7]

Lange J, Massart C, Mouraux A, and Standaert F-X Guilley S Side-channel attacks against the human brain: The pin code case study Constructive Side-Channel Analysis and Secure Design 2017 Cham Springer International Publishing 171-189

[8]

Mangard S, Oswald E, and Popp T Power Analysis Attacks: Revealing the Secrets of Smart Cards 2008 Berlin Springer Science & Business Media

[9]

Standaert, F.-X.: Introduction to Side-Channel Attacks. I. M. R. Verbauwhede, (Ed.) Springer-Verlag GmbH, Boston, MA (2010)

[10]

Genkin, D., Pachmanov, L., Pipman, I., Tromer, E.: ECDH key-extraction via low-bandwidth electromagnetic attacks on PCs. In: Cryptographers’ Track at the RSA Conference, pp. 219–235. Springer, (2016)

[11]

Yang, B., Wu, K., Karri, R.: Scan based side channel attack on dedicated hardware implementations of data encryption standard. In: 2004 International Test Conference, pp. 339–344. IEEE Computer Society, Washington, DC, USA (Oct 2004)

[12]

Barenghi A, Breveglieri L, Koren I, and Naccache D Fault injection attacks on cryptographic devices: Theory, practice, and countermeasures Proc. IEEE 2012 100 11 3056-3076

[13]

Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Cryptographic Hardware and Embedded Systems - CHES 2002, Springer. Springer, Berlin Heidelberg, pp. 13–28, (2003)

[14]

Le, T.-H., Canovas, C., Clédiere, J.: An overview of side channel analysis attacks. In: Proceedings of the 2008 ACM symposium on Information, computer and communications security. pp. 33–43, ACM, (2008)

[15]

Timon, B.: Non-profiled deep learning-based side-channel attacks with sensitivity analysis. IACR Trans Cryptogr. Hardware Embedded Syst., pp. 107–131, (2019)

[16]

Greveler, U., Justus, B., Loehr, D.: Multimedia content identification through smart meter power usage profiles. In: Proceedings of the International Conference on Information and Knowledge Engineering (IKE), p. 1. (2012)

[17]

Chhetri SR and Faruque MAA Side-channels of cyber-physical systems: case study in additive manufacturing IEEE Design Test 2017 34 4 18-25

[18]

Benadjila, R., Prouff, E., Strullu, R., Cagli, E., Dumas, C.: Study of deep learning techniques for side-channel analysis and introduction to ascad database. ANSSI, France & CEA, LETI, MINATEC Campus, France, vol. 22, p. 2018, (2018)

[19]

Fan, J., Guo, X., Mulder, E.D., Schaumont, P., Preneel,B., Verbauwhede, I.: State-of-the-art of secure ECC implementations: a survey on known side-channel attacks and countermeasures. In: 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 76–87. IEEE, (2010)

[20]

Genkin D, Shamir A, and Tromer E Garay JA and Gennaro R Rsa key extraction via low-bandwidth acoustic cryptanalysis Advances in Cryptology - CRYPTO 2014 2014 Springer Berlin Heidelberg Berlin, Heidelberg 444-461

[21]

Biswas AK, Ghosal D, and Nagaraja S A survey of timing channels and countermeasures ACM Comput. Surv. 2017 50 1 1-39

[22]

Wang C, Wang X, Long Z, Yuan J, Qian Y, and Li J Estimation of temporal gait parameters using a wearable microphone-sensor-based system Sensors 2016 16 12 2167

[23]

Hettwer, B., Gehrer, S., Güneysu, T.: Applications of machine learning techniques in side-channel attacks: a survey. J. Cryptogr. Eng., pp. 1–28, (2019)

[24]

Ding X, Nassehi D, and Larson EC Measuring oxygen saturation with smartphone cameras using convolutional neural networks IEEE J. Biomed. Health Inform. 2019 23 6 2603-2610

[25]

Giallanza T, Siems T, Smith E, Gabrielsen E, Johnson I, Thornton MA, and Larson EC Keyboard snooping from mobile phone arrays with mixed convolutional and recurrent neural networks Proc. ACM Interact. Mobile Wearable Ubiquitous Technol. 2019 3 2 1-22

[26]

Garg, R., Hajj-Ahmad, A., Wu, M.: Geo-location estimation from electrical network frequency signals. In: 2013 IEEE International Conference on Acoustics, Speech and Signal Processing, pp. 2862–2866, (2013)

[27]

Eriksson, J., Girod, L., Hull, B., Newton, R., Madden, S., Balakrishnan, H.: The pothole patrol: using a mobile sensor network for road surface monitoring. In: Proceedings of the 6th international conference on Mobile systems, applications, and services. pp. 29–39, ACM, (2008)

[28]

Sanyal, S., Nundy, K.K.: Algorithms for monitoring heart rate and respiratory rate from the video of a user’s face. IEEE J. Transl. Eng. Health Med. 6, 1–11 (2018)

[29]

Adib, F., Mao, H., Kabelac, Z., Katabi, D., Miller, R.C.: Smart homes that monitor breathing and heart rate. In: Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems - CHI ’15. Seoul, pp. 837–846. ACM Press, Republic of Korea (2015)

[30]

Wangwiwattana C, Ding X, and Larson EC PupilNet, measuring task evoked pupillary response using commodity RGB tablet cameras Proc. ACM Interact. Mobile Wearable Ubiquitous Technol. 2018 1 4 1-26

[31]

Adib F and Katabi D See through walls with WiFi! ACM SIGCOMM Comput. Commun. Rev. 2013 43 4 75-86

[32]

Davis, A., Rubinstein, M., Wadhwa, N., Mysore, G.J., Durand, F., Freeman, W.T.: The visual microphone: Passive recovery of sound from video. ACM Trans. Graph. 33(4), 79:1–79:10, (2014). [Online]. Available: http://doi.acm.org/10.1145/2601097.2601119

[33]

Lindell, D.B., Wetzstein, G., O’Toole, M.: Wave-based non-line-of-sight imaging using fast fk migration. ACM Trans. Graph. (TOG) 38(4), 1–13 (2019)

[34]

Ming-Zher P, McDuff DJ, and Picard RW Advancements in noncontact, multiparameter physiological measurements using a Webcam Biomed. Eng. IEEE Trans. on 2011 58 1 7-11

[35]

Kim, H.-G., Cheon, E.-J., Bai, D.-S., Lee, Y.H., Koo, B.-H.: Stress and heart rate variability: a meta-analysis and review of the literature. Psychiatry Investig. 15(3), 235 (2018)

[36]

Duran, G., Tapiero, I., Michael, G.A.: Resting heart rate: A physiological predicator of lie detection ability. Physiol Behav, 186, 10–15, (2018). [Online]. Available: http://www.sciencedirect.com/science/article/pii/S0031938418300027

[37]

Zhu, Y., Xiao, Z., Chen, Y., Li, Z., Liu, M., Zhao, B. Y., Zheng, H.: Adversarial wifi sensing. CoRR, 2018. [Online]. Available: arXiv:1810.10109

[38]

Yang J, Zou H, Jiang H, and Xie L Device-free occupant activity sensing using wifi-enabled iot devices for smart homes IEEE Internet Things J. 2018 5 5 3991-4002

[39]

Eldib H and Wang C Biere A and Bloem R Synthesis of masking countermeasures against side channel attacks Computer Aided Verification 2014 Cham Springer International Publishing 114-130

[40]

Guri, M., Solewicz, Y., Daidakulov, A., Elovici, Y.: Acoustic data exfiltration from speakerless air-gapped computers via covert hard-drive noise (’diskfiltration’). In: European Symposium on Research in Computer Security, pp. 98–115. Springer, (2017)

[41]

Tuyls P, Schrijen G-J, Škorić B, van Geloven J, Verhaegh N, and Wolters R Goubin L and Matsui M Read-proof hardware from protective coatings Cryptographic Hardware and Embedded Systems - CHES 2006 2006 Springer Berlin Heidelberg Berlin, Heidelberg 369-383

Cited By

Perez-Tirador PDesai MRodriguez ABerral ERomero TCaffarena GJevtic R(2025)Side-channel attacks and countermeasures for heart rate retrieval from ECG characterization deviceInternational Journal of Information Security10.1007/s10207-024-00927-824:1Online publication date: 1-Feb-2025
https://dl.acm.org/doi/10.1007/s10207-024-00927-8

Recommendations

A Review on C3I Systems’ Security: Vulnerabilities, Attacks, and Countermeasures
Command, Control, Communication, and Intelligence (C3I) systems are increasingly used in critical civil and military domains for achieving information superiority, operational efficacy, and greater situational awareness. The critical civil and military ...
One-Sided Countermeasures for Side-Channel Attacks Can Backfire
WiSec '18: Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks

Side-channel attacks are currently one of the most powerful attacks against implementations of cryptographic algorithms. They exploit the correlation between the physical measurements (power consumption, electromagnetic emissions, timing) taken at ...
Formal Verification of Software Countermeasures against Side-Channel Attacks

A common strategy for designing countermeasures against power-analysis-based side-channel attacks is using random masking techniques to remove the statistical dependency between sensitive data and side-channel emissions. However, this process is both ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image International Journal of Information Security

International Journal of Information Security Volume 21, Issue 3

Jun 2022

274 pages

ISSN:1615-5262

EISSN:1615-5270

Issue’s Table of Contents

© The Author(s), under exclusive licence to Springer-Verlag GmbH, DE 2021.

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 01 June 2022

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 16 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Perez-Tirador PDesai MRodriguez ABerral ERomero TCaffarena GJevtic R(2025)Side-channel attacks and countermeasures for heart rate retrieval from ECG characterization deviceInternational Journal of Information Security10.1007/s10207-024-00927-824:1Online publication date: 1-Feb-2025
https://dl.acm.org/doi/10.1007/s10207-024-00927-8

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents