Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices
作者: Raphael Spreitzer , Veelasha Moonsamy , Thomas Korak , Stefan Mangard
DOI: 10.1109/COMST.2017.2779824
关键词:
摘要: Side-channel attacks on mobile devices have gained increasing attention since their introduction in 2007. While traditional side-channel attacks, such as power analysis and electromagnetic required physical presence of the attacker well expensive equipment, an (unprivileged) application is all it takes to exploit leaking information modern devices. Given vast amount sensitive that are stored smartphones, ramifications affect both security privacy users In this paper, we propose a new categorization system for which necessary evolved significantly scientific investigations during smart card era 1990s. Our proposed classification allows analyze systematically, facilitates development novel countermeasures. Besides system, extensive survey existing attack strategies provides valuable insights into evolving field especially when focusing We conclude by discussing open issues challenges context outline possible future research directions.
elsevier.com
harvard.edu
ru.nl
sci-hub.se 参考文章(157)
Yuto Nakano, Youssef Souissi, Robert Nguyen, Laurent Sauvage, Jean-Luc Danger, Sylvain Guilley, Shinsaku Kiyomoto, Yutaka Miyake, A Pre-processing Composition for Secret Key Recovery on Android Smartphone Information Security Theory and Practice. Securing the Internet of Things. pp. 76- 91 ,(2014) , 10.1007/978-3-662-43826-8_6
Raphael Spreitzer, Benoît Gérard, Towards More Practical Time-Driven Cache Attacks Information Security Theory and Practice. Securing the Internet of Things. pp. 24- 39 ,(2014) , 10.1007/978-3-662-43826-8_3
Michael Weiß, Benedikt Heinz, Frederic Stumpf, A Cache Timing Attack on AES in Virtualization Environments financial cryptography. pp. 314- 328 ,(2012) , 10.1007/978-3-642-32946-3_23
Tilo Müller, Michael Spreitzenbarth, FROST: forensic recovery of scrambled telephones applied cryptography and network security. pp. 373- 388 ,(2013) , 10.1007/978-3-642-38980-1_23
Richard A. DeMillo, Dan Boneh, Richard J. Lipton, On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract). theory and application of cryptographic techniques. pp. 37- 51 ,(1997)
Andrey Bogdanov, Thomas Eisenbarth, Christof Paar, Malte Wienecke, Differential cache-collision timing attacks on AES with applications to embedded CPUs the cryptographers track at the rsa conference. pp. 235- 251 ,(2010) , 10.1007/978-3-642-11925-5_17
Raphael Spreitzer, Thomas Plos, Cache-Access pattern attack on disaligned AES t-tables international workshop constructive side-channel analysis and secure design. pp. 200- 214 ,(2013) , 10.1007/978-3-642-40026-1_13
William Enck, Defending users against smartphone apps: techniques and future directions international conference on information systems security. pp. 49- 70 ,(2011) , 10.1007/978-3-642-25560-1_3
Stanislav Miskovic, Gene Moo Lee, Yong Liao, Mario Baldi, AppPrint: Automatic Fingerprinting of Mobile Applications in Network Traffic passive and active network measurement. pp. 57- 69 ,(2015) , 10.1007/978-3-319-15509-8_5
Yuval Yarom, Katrina Falkner, None, FLUSH+RELOAD: a high resolution, low noise, L3 cache side-channel attack usenix security symposium. pp. 719- 732 ,(2014)