ABSTRACT
Digital forensics is fast-growing field involving the discovery and analysis of digital evidence acquired from electronic devices to assist investigations for law enforcement. Traditional digital forensic investigative approaches are often hampered by the data contained on these devices being encrypted. Furthermore, the increasing use of IoT devices with limited standardisation makes it difficult to analyse them with traditional techniques. This paper argues that electromagnetic side-channel analysis has significant potential to progress investigations obstructed by data encryption. Several potential avenues towards this goal are discussed.
- Dakshi Agrawal, Josyula R Rao, and Pankaj Rohatgi. 2003. Multi-channel attacks. In International Workshop on Cryptographic Hardware and Embedded Systems (CHES). Springer, 2--16.Google ScholarCross Ref
- Mohd Shahdi Ahmad, Nur Emyra Musa, Rathidevi Nadarajah, Rosilah Hassan, and Nor Effendy Othman. 2013. Comparison between android and iOS Operating System in terms of security. In 8th International Conference on Information Technology in Asia (CITA). IEEE, 1--4.Google ScholarCross Ref
- Vasudev Bhaskaran and Konstantinos Konstantinides. 1997. Image and video compression standards: algorithms and architectures. Vol. 408. Springer Science & Business Media. Google ScholarDigital Library
- Robert Callan, Farnaz Behrang, Alenka Zajic, Milos Prvulovic, and Alessandro Orso. 2016. Zero-overhead profiling via em emanations. In Proceedings of the 25th International Symposium on Software Testing and Analysis. ACM, 401--412. Google ScholarDigital Library
- Robert Callan, Alenka Zajic, and Milos Prvulovic. 2014. A practical methodology for measuring the side-channel signal available to the attacker for instruction-level events. In 47th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO). IEEE, 242--254. Google ScholarDigital Library
- Abbas Cheddad, Joan Condell, Kevin Curran, and Paul Mc Kevitt. 2010. Digital image steganography: Survey and analysis of current methods. Signal Processing 90, 3 (2010), 727--752. Google ScholarDigital Library
- Vicka Corey, Charles Peterman, Sybil Shearin, Michael S Greenberg, and James Van Bokkelen. 2002. Network forensics analysis. IEEE Internet Computing 6, 6 (2002), 60--66. Google ScholarDigital Library
- Randall D Deppensmith and Samuel J Stone. 2014. Optimized fingerprint generation using unintentional emission radio-frequency distinct native attributes (RF-DNA). In Aerospace and Electronics Conference, NAECON 2014-IEEE National. IEEE, 327--330.Google ScholarCross Ref
- Xiaoyu Du, Nhien-An Le-Khac, and Mark Scanlon. 2017. Evaluation of Digital Forensic Process Models with Respect to Digital Forensics as a Service. In Proceedings of the 16th European Conference on Cyber Warfare and Security (ECCWS 2017). ACPI, Dublin, Ireland, 573--581.Google Scholar
- Robin Getz and Bob Moeckel. 1996. Understanding and eliminating EMI in Microcontroller Applications. National Semiconductor (1996).Google Scholar
- Mordechai Guri, Assaf Kachlon, Ofer Hasson, Gabi Kedma, Yisroel Mirsky, and Yuval Elovici. 2015. GSMem: Data Exfiltration from Air-Gapped Computers over GSM Frequencies.. In USENIX Security Symposium. 849--864. Google ScholarDigital Library
- Brian Hay, Matt Bishop, and Kara Nance. 2009. Live analysis: Progress and challenges. IEEE Security & Privacy 7, 2 (2009). Google ScholarDigital Library
- Paul Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential power analysis. In Advances in Cryptology (CRYPTO '99). Springer, 789--789. Google ScholarDigital Library
- Paul Kocher, Joshua Jaffe, Benjamin Jun, and Pankaj Rohatgi. 2011. Introduction to differential power analysis. Journal of Cryptographic Engineering 1, 1 (2011), 5--27.Google ScholarCross Ref
- Markus G Kuhn and Ross J Anderson. 1998. Soft tempest: Hidden data transmission using electromagnetic emanations. In International Workshop on Information Hiding. Springer, 124--142.Google ScholarCross Ref
- Liran Lerman, Gianluca Bontempi, and Olivier Markowitch. 2011. Side channel attack: an approach based on machine learning. In Proceedings of 2nd International Workshop on Constructive Side-Channel Analysis and Security Design (COSADE). Schindler and Huss, 29--41.Google Scholar
- David Lillis, Brett Becker, Tadhg O'Sullivan, and Mark Scanlon. 2016. Current Challenges and Future Research Areas for Digital Forensic Investigation. In The 11th ADFSL Conference on Digital Forensics, Security and Law (CDFSL 2016). ADFSL, Daytona Beach, FL, USA, 9--20.Google Scholar
- David Lillis, Frank Breitinger, and Mark Scanlon. 2018. Hierarchical Bloom Filter Trees for Approximate Matching. Journal of Digital Forensics, Security and Law 13, 1 (01 2018).Google Scholar
- Aine MacDermott, Thar Baker, and Qi Shi. 2018. IoT Forensics: Challenges For The IoA Era. In New Technologies, Mobility and Security (NTMS), 2018 9th IFIP International Conference on. IEEE, 1--5.Google Scholar
- Houssem Maghrebi, Thibault Portigliatti, and Emmanuel Prouff. 2016. Breaking cryptographic implementations using deep learning techniques. In International Conference on Security, Privacy, and Applied Cryptography Engineering. Springer, 3--26.Google ScholarCross Ref
- Alireza Nazari, Nader Sehatbakhsh, Monjur Alam, Alenka Zajic, and Milos Prvulovic. 2017. EDDIE: EM-Based Detection of Deviations in Program Execution. In Proceedings of the 44th Annual International Symposium on Computer Architecture. ACM, 333--346. Google ScholarDigital Library
- Romain Poussier, Vincent Grosso, and François-Xavier Standaert. 2015. Comparing approaches to rank estimation for side-channel security evaluations. In International Conference on Smart Card Research and Advanced Applications. Springer, 125--142. Google ScholarDigital Library
- Jean-Jacques Quisquater and David Samyde. 2001. Electromagnetic Analysis (EMA): Measures and counter-measures for smart cards. Smart Card Programming and Security (2001), 200--210. Google ScholarDigital Library
- C. Ramsay and J. Lohuis. White Paper: TEMPEST attacks against AES covertly stealing keys for 200 euros. Technical Report. Fox-IT, Netherlands. 10 pages. https://www.fox-it.com/nl/wp-content/uploads/sites/12/Tempest_attacks_against_AES.pdfGoogle Scholar
- Hendra Saputra, Narayanan Vijaykrishnan, M Kandemir, Mary Jane Irwin, R Brooks, Soontae Kim, and Wei Zhang. 2003. Masking the energy behavior of DES encryption. In Proceedings of the conference on Design, Automation and Test in Europe-Volume 1. IEEE Computer Society, 10084. Google ScholarDigital Library
- Asanka Sayakkara, Nhien-An Le-Khac, and Mark Scanlon. 2018. Accuracy Enhancement of Electromagnetic Side-channel Attacks on Computer Monitors. In The 2nd International Workshop on Criminal Use of Information Hiding (CUING), part of the 13th International Conference on Availability, Reliability and Security (ARES) (ARES '17). ACM, Hamburg, Germany. Google ScholarDigital Library
- Mark Scanlon, Jason Farina, and M-Tahar Kechadi. 2015. Network Investigation Methodology for BitTorrent Sync: A Peer-to-Peer Based File Synchronisation Service. Computers & Security 54 (10 2015), 27 -- 43. Google ScholarDigital Library
- Matthias Schulz, Patrick Klapper, Matthias Hollick, Erik Tews, and Stefan Katzen-beisser. 2016. Trust the wire, they always told me!: On practical non-destructive wire-tap attacks against Ethernet. In Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks. ACM, 43--48. Google ScholarDigital Library
- Somayeh Soltani and Seyed Amin Hosseini Seno. 2017. A survey on digital evidence collection and analysis. In 7th International Conference on Computer and Knowledge Engineering (ICCKE). IEEE, 247--253.Google ScholarCross Ref
- Barron Stone and Samuel Stone. 2016. Comparison of Radio Frequency Based Techniques for Device Discrimination and Operation Identification. In 11th International Conference on Cyber Warfare and Security: ICCWS2016. Academic Conferences and Publishing Limited, 475.Google Scholar
- Walter HW Tuttlebee. 2003. Software defined radio: enabling technologies. John Wiley & Sons.Google Scholar
- Wim Van Eck. 1985. Electromagnetic radiation from video display units: An eavesdropping risk? Computers & Security 4, 4 (1985), 269--286. Google ScholarDigital Library
- Eva A Vincze. 2016. Challenges in digital forensics. Police Practice and Research 17, 2 (2016), 183--194.Google ScholarCross Ref
- Satohiro Wakabayashi, Seita Maruyama, Tatsuya Mori, Shigeki Goto, Masahiro Kinugawa, and Yu-ichi Hayashi. 2017. POSTER: Is Active Electromagnetic Side-channel Attack Practical?. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2587--2589. Google ScholarDigital Library
- Marc Witteman and Martijn Oostdijk. 2008. Secure application programming in the presence of side channel attacks. In RSA Conference, Vol. 2008.Google Scholar
- Marc F Witteman, Jasper GJ van Woudenberg, and Federico Menarini. 2011. Defeating RSA Multiply-Always and Message Blinding Countermeasures. In Cryptographersfi Track at the RSA Conference (CT-RSA), Vol. 6558. Springer, 77--88. Google ScholarDigital Library
- Chouchang Jack Yang and Alanson P Sample. 2017. EM-Comm: Touch-based Communication via Modulated Electromagnetic Emissions. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 1, 3 (2017), 118. Google ScholarDigital Library
Index Terms
- Electromagnetic side-channel attacks: potential for progressing hindered digital forensic analysis
Recommendations
Accuracy Enhancement of Electromagnetic Side-Channel Attacks on Computer Monitors
ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and SecurityElectromagnetic noise emitted from running computer displays modulates information about the picture frames being displayed on screen. Attacks have been demonstrated on eavesdropping computer displays by utilising these emissions as a side-channel ...
Leveraging Electromagnetic Side-Channel Analysis for the Investigation of IoT Devices
AbstractInternet of Things (IoT) devices have expanded the horizon of digital forensic investigations by providing a rich set of new evidence sources. IoT devices includes health implants, sports wearables, smart burglary alarms, smart ...
A survey of electromagnetic side-channel attacks and discussion on their case-progressing potential for digital forensics
AbstractThe increasing prevalence of Internet of Things (IoT) devices has made it inevitable that their pertinence to digital forensic investigations will increase into the foreseeable future. These devices produced by various vendors often ...
Comments