Related papers: PowerHammer: Exfiltrating Data from Air-Gapped Com…
Recently, out-of-order execution, an important performance optimization in modern high-end processors, has been revealed to pose a significant security threat, allowing information leaks across security domains. In particular, the Meltdown…
Field-Programmable Gate Arrays (FPGAs) are integrated circuits that implement reconfigurable hardware. They are used in modern systems, creating specialized, highly-optimized integrated circuits without the need to design and manufacture…
We introduce IMPACT, a set of high-throughput main memory-based timing attacks that leverage characteristics of processing-in-memory (PiM) architectures to establish covert and side channels. IMPACT enables high-throughput communication and…
The growing use of third-party hardware accelerators (e.g., FPGAs, ASICs) for deep neural networks (DNNs) introduces new security vulnerabilities. Conventional model-level backdoor attacks, which only poison a model's weights to misclassify…
Security of embedded computing systems is becoming of paramount concern as these devices become more ubiquitous, contain personal information and are increasingly used for financial transactions. Security attacks targeting embedded systems…
The ongoing modernization of the power system, involving new equipment installations and upgrades, exposes the power system to the introduction of malware into its operation through supply chain attacks. Supply chain attacks present a…
In this paper a new class of cyber attacks against state estimation in the electric power grid is considered. This class of attacks is named false data injection attacks. We show that with the knowledge of the system configuration an…
Motivated by the recent cyber attack on the Ukrainian power grid, we study cyber attacks on power grids that affect both the physical infrastructure and the data at the control center. In particular, we assume that an adversary attacks an…
Physical isolation from external networks - an airgap - aims to minimize exposure to remote attacks. Yet capable adversaries still achieve code execution on air-gapped systems, and prior work has shown that they can then wirelessly…
In this paper, we propose to use a wireless-powered friendly jammer to enable secure communication between a source node and destination node, in the presence of an eavesdropper. We consider a two-phase communication protocol with…
Intelligent attackers can suitably tamper sensor/actuator data at various Smart grid surfaces causing intentional power oscillations, which if left undetected, can lead to voltage disruptions. We develop a novel combination of formal…
For the modeling, design and planning of future energy transmission networks, it is vital for stakeholders to access faithful and useful power flow data, while provably maintaining the privacy of business confidentiality of service…
Side-channel attacks on memory (SCAM) exploit unintended data leaks from memory subsystems to infer sensitive information, posing significant threats to system security. These attacks exploit vulnerabilities in memory access patterns, cache…
The rapid growth of electric vehicles (EVs) has driven the development of roadway wireless charging technology, effectively extending EV driving range. However, wireless charging introduces significant cybersecurity challenges. Any receiver…
In recent years, there has been a noticeable increase in cyberattacks using ransomware. Attackers use this malicious software to break into networks and harm computer systems. This has caused significant and lasting damage to various…
It is possible to attack a computer remotely through the front panel LEDs. Following on previous results that showed information leakage at optical wavelengths, now it seems practicable to inject information into a system as well. It is…
We show that as a side effect of building code requirements, almost all commercial buildings today are vulnerable to a novel data exfiltration attack, even if they are air-gapped and secured against traditional attacks. The new attack uses…
Sensors are key components enabling various applications, e.g., home intrusion detection and environmental monitoring. While various software defenses and physical protections are used to prevent sensor manipulation, this paper introduces a…
Jamming refers to the deletion, corruption or damage of meter measurements that prevents their further usage. This is distinct from adversarial data injection that changes meter readings while preserving their utility in state estimation.…
One of the most concerning threats for modern AI systems is data poisoning, where the attacker injects maliciously crafted training data to corrupt the system's behavior at test time. Availability poisoning is a particularly worrisome…