Investigating mobile and peripheral side channels for attack and defense
Date
2021
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
University of Delaware
Abstract
Advances in computing technology and convenience have dramatically altered the way people conduct business. The reliance on face to face meetings, phone calls, postal service mail, large filing rooms, and hand computing have largely fallen out of favor, being replaced by constantly connected mobile smartphones, increasing productivity, convenience, and revenue. When all of this data becomes too ungainly or secret to move across the internet modern computers have eschewed an ungainly number of competing standards (parallel, serial, etc.) and settled on USB mass storage devices. ☐ While these mobile devices have enabled incredible convenience, they have done little to thwart insidious data stealing attacks. This dissertation focuses on a specific type of cyber attack, side channels. Side channel attacks identify components of a system that are shared by multiple processes and then monitor an observable characteristic (timing, temperature, power, acoustics) of that component to identify information about the system. In this dissertation we examine the utilization of side channels for both attack and defense in mobile and peripheral platforms. ☐ First, we examine the security of the content that appears on mobile phone screens, identifying that many user input actions result in large onscreen animations which cause noticable disturbances in the power trace of the device. We discover that these disturbances can be accurately classified with a machine learning system, enabling an attacker to learn exactly what buttons a user presses and perform an in-depth study on stealing user lock screen passcodes. ☐ Next, we investigate how users move data, examining the security issues brought about by USB flash drives. We examine the low-level timing characteristics of USB flash drives and determine that each individual device contains a uniquely identifiable timing pattern that can be exploited to construct a defense that identifies whether a drive is authorized for use on the target device. We examine the robustness of this defensive method in multiple scenarios. ☐ Finally, we notice a trend in computing towards more mobile devices and more accessible architectures, specifically noting a recent move of some laptop designers from x86 to ARM. We identify that the driving force behind this shift is the rapid increase in ARM performance, power usage, and heat dissipation, partly brought about by major modifications to the core and cache architectures. We examine whether these major changes now enable attacks that were mainly feasible on x86 devices. We specifically examine an attack which fingerprints the websites that users visit and use it's success to construct a novel GPU based channel within the ARM architecture for website fingerprinting.
Description
Keywords
Cybersecurity, Mobile, Side Channel