English
Related papers

Related papers: PowerHammer: Exfiltrating Data from Air-Gapped Com…

200 papers

Air-gapped systems are disconnected from the Internet and other networks because they contain or process sensitive data. However, it is known that attackers can use computer speakers to leak data via sound to circumvent the air-gap defense.…

Cryptography and Security · Computer Science 2024-09-10 Mordechai Guri

The power consumption of a microprocessor is a huge channel for information leakage. While the most popular exploitation of this channel is to recover cryptographic keys from embedded devices, other applications such as mobile app…

Cryptography and Security · Computer Science 2021-08-27 Muhammad Arsath K F , Vinod Ganesan , Rahul Bodduna , Chester Rebeiro

This paper presents an experimental design and data analytics approach aimed at power-based malware detection on general-purpose computers. Leveraging the fact that malware executions must consume power, we explore the postulate that…

Cryptography and Security · Computer Science 2018-05-18 Robert Bridges , Jarilyn Hernandez Jimenez , Jeffrey Nichols , Katerina Goseva-Popstojanova , Stacy Prowell

Attacks based on power analysis have been long existing and studied, with some recent works focused on data exfiltration from victim systems without using conventional communications (e.g., WiFi). Nonetheless, prior works typically rely on…

Cryptography and Security · Computer Science 2020-01-29 Zhihui Shao , Mohammad A. Islam , Shaolei Ren

Rowhammer is a hardware vulnerability in DRAM memory, where repeated access to memory can induce bit flips in neighboring memory locations. Being a hardware vulnerability, rowhammer bypasses all of the system memory protection, allowing…

Cryptography and Security · Computer Science 2020-07-30 Zhi Zhang , Yueqiang Cheng , Dongxi Liu , Surya Nepal , Zhi Wang , Yuval Yarom

Rowhammer is a security vulnerability that allows unauthorized attackers to induce errors within DRAM cells. To prevent fault injections from escalating to successful attacks, a widely accepted mitigation is implementing fault checks on…

Cryptography and Security · Computer Science 2024-06-12 Kemal Derya , M. Caner Tol , Berk Sunar

Malware detection is challenging when faced with automatically generated and polymorphic malware, as well as with rootkits, which are exceptionally hard to detect. In an attempt to contribute towards addressing these challenges, we…

Cryptography and Security · Computer Science 2017-05-08 Jarilyn M. Hernández Jiménez , Jeffrey A. Nichols , Katerina Goseva-Popstojanova , Stacy Prowell , Robert A. Bridges

We propose PowerAlert, an efficient external integrity checker for untrusted hosts. Current attestation systems suffer from shortcomings in requiring complete checksum of the code segment, being static, use of timing information sourced…

Cryptography and Security · Computer Science 2017-02-13 Ahmed M. Fawaz , Mohammad Noureddine , William H. Sanders

Cyber data attacks are the worst-case interacting bad data to power system state estimation and cannot be detected by existing bad data detectors. In this paper, we for the first time analyze the likelihood of cyber data attacks by…

Systems and Control · Computer Science 2016-11-15 Yingshuai Hao , Meng Wang , Joe Chow

Although organizations are continuously making concerted efforts to harden their systems against network attacks by air-gapping critical systems, attackers continuously adapt and uncover covert channels to exfiltrate data from air-gapped…

Cryptography and Security · Computer Science 2022-10-17 Matthew Chan , Nathaniel Snyder , Marcus Lucas , Luis Garcia , Oleg Sokolsky , James Weimer , Insup Lee , Paulo Tabuada , Saman Zonouz , Mani Srivastava

This paper presents a new framework of identifying a series of cyber data attacks on power system synchrophasor measurements. We focus on detecting "unobservable" cyber data attacks that cannot be detected by any existing method that purely…

Information Theory · Computer Science 2016-11-03 Pengzhi Gao , Meng Wang , Joe H. Chow , Scott G. Ghiocel , Bruce Fardanesh , George Stefopoulos , Michael P. Razanousky

DRAM chips are vulnerable to read disturbance phenomena (e.g., RowHammer and RowPress), where repeatedly accessing or keeping open a DRAM row causes bitflips in nearby rows. Attackers leverage RowHammer bitflips in real systems to take over…

In this paper, we show that attackers can leak data from isolated, air-gapped computers to nearby smartphones via covert magnetic signals. The proposed covert channel works even if a smartphone is kept inside a Faraday shielding case, which…

Cryptography and Security · Computer Science 2018-02-08 Mordechai Guri , Andrey Daidakulov , Yuval Elovici

This retrospective paper describes the RowHammer problem in Dynamic Random Access Memory (DRAM), which was initially introduced by Kim et al. at the ISCA 2014 conference~\cite{rowhammer-isca2014}. RowHammer is a prime (and perhaps the…

Cryptography and Security · Computer Science 2019-04-23 Onur Mutlu , Jeremie S. Kim

A coordinated cyber-attack on grid meter readings and breaker statuses can lead to incorrect state estimation that can subsequently destabilize the grid. This paper studies cyber-attacks by an adversary that changes breaker statuses on…

Cryptography and Security · Computer Science 2016-11-17 Deepjyoti Deka , Ross Baldick , Sriram Vishwanath

This dissertation rigorously characterizes many modern commodity DRAM devices and shows that by exploiting DRAM access timing margins within manufacturer-recommended DRAM timing specifications, we can significantly improve system…

Hardware Architecture · Computer Science 2021-09-30 Jeremie S. Kim

This paper challenges the existing victim-focused counter-based RowHammer detection mechanisms by experimentally demonstrating a novel multi-sided fault injection attack technique called Threshold Breaker. This mechanism can effectively…

Hardware Architecture · Computer Science 2023-11-29 Ranyang Zhou , Jacqueline Liu , Sabbir Ahmed , Nakul Kochar , Adnan Siraj Rakin , Shaahin Angizi

As process technology scales down to smaller dimensions, DRAM chips become more vulnerable to disturbance, a phenomenon in which different DRAM cells interfere with each other's operation. For the first time in academic literature, our ISCA…

Distributed, Parallel, and Cluster Computing · Computer Science 2016-03-03 Yoongu Kim , Ross Daly , Jeremie Kim , Chris Fallin , Ji Hye Lee , Donghyuk Lee , Chris Wilkerson , Konrad Lai , Onur Mutlu

It has been assumed that the physical separation (air-gap) of computers provides a reliable level of security, such that should two adjacent computers become compromised, the covert exchange of data between them would be impossible. In this…

Cryptography and Security · Computer Science 2015-03-30 Mordechai Guri , Matan Monitz , Yisroel Mirski , Yuval Elovici

PowerShell is nowadays a widely-used technology to administrate and manage Windows-based operating systems. However, it is also extensively used by malware vectors to execute payloads or drop additional malicious contents. Similarly to…

Cryptography and Security · Computer Science 2019-04-25 Denis Ugarte , Davide Maiorca , Fabrizio Cara , Giorgio Giacinto