Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices

@article{Spreitzer2018SystematicCO,
  title={Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices},
  author={Raphael Spreitzer and Veelasha Moonsamy and Thomas Korak and Stefan Mangard},
  journal={IEEE Communications Surveys \& Tutorials},
  year={2018},
  volume={20},
  pages={465-488}
}
Side-channel attacks on mobile devices have gained increasing attention since their introduction in 2007. While traditional side-channel attacks, such as power analysis attacks and electromagnetic analysis attacks, required physical presence of the attacker as well as expensive equipment, an (unprivileged) application is all it takes to exploit the leaking information on modern mobile devices. Given the vast amount of sensitive information that are stored on smartphones, the ramifications of… 
A Taxonomy of Side Channel Attacks on Critical Infrastructures and Relevant Systems
TLDR
An extensive survey on side channel attacks that can be implemented either on ICS or traditional systems often used in Critical Infrastructure environments is presented and three different classification systems are presented to provide an objective form of multi-level taxonomy and a potentially profitable statistical approach.
Cache side-channel attacks detection based on machine learning
TLDR
Based on the AES algorithm, hardware performance counters are used to obtain the features of different cache events under Flush + Reload, Prime + Probe, and Flushes + Flush attacks, and high detection accuracy is achieved under different system loads.
Behavioral Model for Live Detection of Apps Based Attack
TLDR
An application-based attack modeling and attack detection scheme is proposed and a novel attack vulnerability is identified based on the app execution on the smartphone.
Side-Channel Attacks on the Mobile Phones: Applicability and Improvements
On one hand, side-channel attacks are a powerful approach to cryptoanalysis, on the other hand, these attacks have a very specific attacker model. As a result, a practical application of SCA is
ASVAAN: Semi-automatic side-channel analysis of Android NDK
TLDR
A new approach to discover Android NDK side-channel leaks, which at the best of the author knowledge have never been investigated through the usage of automatic or semi-automatic solutions are introduced.
Traffic Fingerprinting Attacks on Internet of Things Using Machine Learning
TLDR
Privacy risks, focusing primarily on information leakage exposed by traffic fingerprinting attacks, on IoT devices are investigated and a method for the devices’ state detection based on pattern recognition with ML is introduced.
A Timing Side-Channel Attack on a Mobile GPU
TLDR
This work on timing side channel vulnerability, launched on a popular mobile device's GPU, exploiting its cache behavior, targets AES-128 encryption, and shows that it can successfully recover the full encryption key when using known ciphertext by exploiting timing information.
Application Inference using Machine Learning based Side Channel Analysis
TLDR
A supervised learning based approach is used for inferring applications executing on android platform based on features extracted from EM side-channel emissions and software exposed dynamic voltage frequency scaling (DVFS) states and shows that learning the instantaneous frequency states polled from on-board frequency driver (cpufreq) is adequate to identify a known application and flag potentially malicious unknown application.
Physical Side-Channel Attacks on Embedded Neural Networks: A Survey
During the last decade, Deep Neural Networks (DNN) have progressively been integrated on all types of platforms, from data centers to embedded systems including low-power processors and, recently,
...
...

References

SHOWING 1-10 OF 174 REFERENCES
A Study on Power Side Channels on Mobile Devices
TLDR
This paper demonstrates the existence of various power side channels on popular mobile devices such as smartphones, and presents a list of real-world attacks that can be initiated to identify running apps, infer sensitive UIs, guess password lengths, and estimate geo-locations based on unprivileged power consumption traces.
Side Channel Attacks on Smartphones and Embedded Devices Using Standard Radio Equipment
TLDR
The electromagnetic emanations of smartphones and embedded devices will be used to extract secret keys of public key cryptosystems using standard radio equipment in combination with far-field antennas to implement a side channel attack exploiting ultra high frequency emanations.
A Survey on Security for Mobile Devices
TLDR
This paper surveys the state of the art on threats, vulnerabilities and security solutions over the period 2004-2011, by focusing on high-level attacks, such those to user applications, based upon the detection principles, architectures, collected data and operating systems.
A Survey of Android Security Threats and Defenses
TLDR
This survey discusses the existing Android security threats and existing security enforcements solutions between 2010−2015 and tries to classify works and review their functionalities and reviews the strength and weak points of the solutions.
Analyzing Android Encrypted Network Traffic to Identify User Actions
TLDR
This paper investigates to what extent an external attacker can identify the specific actions that a user is performing on her mobile apps, and design a system that achieves this goal using advanced machine learning techniques, and compares the solution with the three state-of-the-art algorithms.
Power analysis attacks - revealing the secrets of smart cards
TLDR
This volume explains how power analysis attacks work and provides an extensive discussion of countermeasures like shuffling, masking, and DPA-resistant logic styles to decide how to protect smart cards.
Leave Me Alone: App-Level Protection against Runtime Information Gathering on Android
TLDR
This new approach, called App Guardian, thwarts a malicious app's runtime monitoring attempt by pausing all suspicious background processes when the target app is running in the foreground, and resuming them after the app stops and its runtime environment is cleaned up.
On Inferring Browsing Activity on Smartphones via USB Power Analysis Side-Channel
TLDR
This paper is unique, because it is the first to study this side-channel on smartphones, under smartphone-specific constraints, and demonstrates that Websites can be correctly identified within a short time span of $2\times6$ seconds, which is in contrast with prior work, which uses 15-s traces.
A Pre-processing Composition for Secret Key Recovery on Android Smartphone
TLDR
How a composition of time-frequency pre-processings manages to extract the relevant information from one signal capture of an asymmetric cryptographic operation running on an Android system is detailed and explained.
ARMageddon: Cache Attacks on Mobile Devices
TLDR
This work demonstrates how to solve key challenges to perform the most powerful cross-core cache attacks Prime+Probe, Flush+ Reload, Evict+Reload, and Flush-Flush on non-rooted ARM-based devices without any privileges.
...
...