Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
Evaluating and Detecting Timing Sid-Channel Attacks on Javascript and Web Acsembly
Mazahery, Mohammad Erfan | 2020
494
Viewed
- Type of Document: M.Sc. Thesis
- Language: Farsi
- Document No: 53341 (19)
- University: Sharif University of Technology
- Department: Computer Engineering
- Advisor(s): Bayat Sarmadi, Siavash
- Abstract:
- Side-channel attacks are one of the strongest attacks in hardware security. They exploits the information leaked from the implementation of cryptography systems. One of the most common side channel attacks is Timing-side-channel attacks that exploit the time difference to transmit the information. In recent years, considerable researches have been done on memory-based attacks include DRAM-based attacks and cache attacks as two sub-categories of timing-side-channel attacks. The constraint of these attacks is that adversary must be in the vicinity of the victim system. Since 2015, to overcome this constraint, the researches on implementing timing-side-channel attacks remotely using Javascript have been started and much attention has been paid to it. Despite the advantages of JavaScript, there some challenges to perform these attacks. Different researches, While overcoming these challenges, implemented different timing side-channel attacks on JavaScript. After introducing WebAssembly, this language was used to improve the performance and access level of these attacks. In this research, we first represent a survey on timing side-channel attacks on JavaScript and WebAssembly, classification and evaluation of them, as the first comprehensive survey research on this field. In the following, different time measuring techniques for these attacks, will be evaluated and our WebAssembly memory based timer will be represented. While evaluating timers, the most appropriate timers will be introduced. Finally, a detection-based countermeasure for timing side-channel attacks on JavaScript and WebAssembly will be represented. It can detect the malicious codes in the web pages and the timers that are used in them. This method is evaluated With different metrics. Three important evaluated metrics, Precision, Recall, and F-measure are: 0.967, 1, and 0.983
- Keywords:
- Side Channel Attacks ; Chronometere ; Malicious Attack ; WebAssembly ; JavaScript ; Malicious Code Detection
Digital Object List
-
محتواي کتاب
- view
Bookmark
- فهرست شکلها
- فهرست جدولها
- مقدمه
- پیشزمینه
- پژوهشهای مرتبط پیشین
- ارزیابی حملات و روشهای زمانسنجی
- تشخیص کد مخرب
- نتیجهگیری و کارهای آتی
- مراجع
- واژهنامه انگلیسی به فارسی
- واژهنامه فارسی به انگلیسی