research-article

A Comprehensive Survey of Attacks without Physical Access Targeting Hardware Vulnerabilities in IoT/IIoT Devices, and Their Detection Mechanisms

Authors:

Nikolaos-Foivos Polychronou,

Pierre-Henri Thevenon,

Vincent BeroulleAuthors Info & Claims

ACM Transactions on Design Automation of Electronic Systems (TODAES), Volume 27, Issue 1

Article No.: 1, Pages 1 - 35

https://doi.org/10.1145/3471936

Published: 13 September 2021 Publication History

Abstract

With the advances in the field of the Internet of Things (IoT) and Industrial IoT (IIoT), these devices are increasingly used in daily life or industry. To reduce costs related to the time required to develop these devices, security features are usually not considered. This situation creates a major security concern. Many solutions have been proposed to protect IoT/IIoT against various attacks, most of which are based on attacks involving physical access. However, a new class of attacks has emerged targeting hardware vulnerabilities in the micro-architecture that do not require physical access. We present attacks based on micro-architectural hardware vulnerabilities and the side effects they produce in the system. In addition, we present security mechanisms that can be implemented to address some of these attacks. Most of the security mechanisms target a small set of attack vectors or a single specific attack vector. As many attack vectors exist, solutions must be found to protect against a wide variety of threats. This survey aims to inform designers about the side effects related to attacks and detection mechanisms that have been described in the literature. For this purpose, we present two tables listing and classifying the side effects and detection mechanisms based on the given criteria.

References

[1]

Eltayeb Salih Abuelyaman and Balasubramanian Devadoss. 2005. Differential fault analysis. In Proceedings of the International Conference on Internet Computing. CSREA Press.

[2]

Ayaz Akram, Maria Mushtaq, Muhammad Khurram Bhatti, Vianney Lapotre, and Guy Gogniat. 2020. Meet the Sherlock Holmes’ of side channel leakage: A survey of cache SCA detection techniques. IEEE Access 8 (2020), 70836–70860.

[3]

Taha Atahan Akyildiz, Can Berk Guzgeren, Cemal Yilmaz, and Erkay Savas. 2019. MeltdownDetector: A runtime approach for detecting meltdown attacks. IACR Cryptol. ePrint Arch. 2019 (2019), 613. Retrieved from https://doieprint.iacr.org/2019/613.

[4]

ARM. 2009. ARM1176JZF-S technical reference manual (Revision H). Retrieved from https://developer.arm.com/documentation/ddi0301/h.

[5]

ARM. 2013. CoreSight Technical Introduction (Version 1.0). Retrieved from https://developer.arm.com/documentation/epm039795/latest.

[6]

ARM. 2016. ARMv8-M Processor Debug (Version 1.0). Retrieved from https://developer.arm.com/documentation/100734/0100/.

[7]

ARM. 2017. Arm Compiler User Guide (Version 6.9). Retrieved from https://developer.arm.com/documentation/100748/0609.

[8]

ARM. 2017. ARM Cortex-R52 Processor Technical Reference Manual (Version 1.0). Retrieved from https://developer.arm.com/documentation/100026/0100.

[9]

ARM. 2018. Arm Cortex-A76AE Core Technical Reference Manual (Version 0.1). Retrieved from https://developer.arm.com/documentation/101392/0000/.

[10]

Hagai Bar-El, Hamid Choukri, David Naccache, Michael Tunstall, and Claire Whelan. 2006. The sorcerer’s apprentice guide to fault attacks. Proc. IEEE 94, 2 (2006), 370–382.

[11]

Noemie Beringuier-Boher, Kamil Gomina, David Hely, Jean-Baptiste Rigaud, Vincent Beroulle, Assia Tria, Joel Damiens, Philippe Gendrier, and Philippe Candelier. 2014. Voltage glitch attacks on mixed-signal systems. In Proceedings of the 17th Euromicro Conference on Digital System Design. IEEE, 379–386.

Digital Library

[12]

Vincent Beroulle, Philippe Candelier, Stephan De Castro, Giorgio Di Natale, Jean-Max Dutertre, Marie-Lise Flottes, David Hély, Guillaume Hubert, Régis Leveugle, Feng Lu, Paolo Maistri, Athanasios Papadimitriou, Bruno Rouzeyre, Clément Tavernier, and Pierre Vanhauwaert. 2014. Laser-induced fault effects in security-dedicated circuits. In Proceedings of the IEEE International Conference on Very Large Scale Integration(IFIP Advances in Information and Communication Technology, Vol. 464), Luc Claesen, María Teresa Sanz-Pascual, Ricardo Reis, and Arturo Sarmiento-Reyes (Eds.). Springer, 220–240.

[13]

Ferdinand Brasser, Urs Müller, Alexandra Dmitrienko, Kari Kostiainen, Srdjan Capkun, and Ahmad-Reza Sadeghi. 2017. Software grand exposure: SGX cache attacks are practical. In Proceedings of the 11th USENIX Workshop on Offensive Technologies. USENIX Association. Retrieved from https://www.usenix.org/conference/woot17/workshop-program/presentation/brasser.

Digital Library

[14]

Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution. In Proceedings of the 27th USENIX Security Symposium. USENIX Association, 991–1008. Retrieved from https://www.usenix.org/conference/usenixsecurity18/presentation/bulck.

Digital Library

[15]

Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. 2019. Breaking virtual memory protection and the SGX ecosystem with foreshadow. IEEE Micro 39, 3 (2019), 66–74.

Digital Library

[16]

Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, and Daniel Gruss. 2019. A systematic evaluation of transient execution attacks and defenses. In Proceedings of the 28th USENIX Security Symposium. USENIX Association, 249–266. Retrieved from https://www.usenix.org/conference/usenixsecurity19/presentation/canella.

Digital Library

[17]

Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, and Daniel Gruss. 2019. A systematic evaluation of transient execution attacks and defenses. In Proceedings of the 28th USENIX Security Symposium. USENIX Association, 249–266. Retrieved from https://www.usenix.org/conference/usenixsecurity19/presentation/canella.

Digital Library

[18]

Gaetan Canivet, Paolo Maistri, Régis Leveugle, Jessy Clédière, Florent Valette, and Marc Renaudin. 2011. Glitch and laser fault attacks onto a secure AES implementation on a SRAM-Based FPGA. J. Cryptol. 24, 2 (2011), 247–268.

Digital Library

[19]

Pierre Carru. 2017. Attack trustzone with rowhammer. Retrieved from https://grehack.fr/2017/program.

[20]

Thomas M. Chen and Saeed Abu-Nimeh. 2011. Lessons from Stuxnet. Computer 44, 4 (2011), 91–93.

Digital Library

[21]

Marco Chiappetta, Erkay Savas, and Cemal Yilmaz. 2016. Real time detection of cache-based side-channel attacks using hardware performance counters. Appl. Soft Comput. 49 (2016), 1162–1174.

Digital Library

[22]

Haehyun Cho, Penghui Zhang, Donguk Kim, Jinbum Park, Choong-Hoon Lee, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn. 2018. Prime+Count: Novel cross-world covert channels on ARM TrustZone. In Proceedings of the 34th Computer Security Applications Conference. ACM, 441–452.

Digital Library

[23]

JongHyeon Cho, TaeHyun Kim, TaeHun Kim, and Youngjoo Shin. 2019. Real-Time Detection on cache side channel attacks using performance counter monitor. In Proceedings of the International Conference on Information and Communication Technology Convergence. IEEE, 175–177.

[24]

Jean-Michel Cioranesco, Jean-Luc Danger, Tarik Graba, Sylvain Guilley, Yves Mathieu, David Naccache, and Xuan Thuy Ngo. 2014. Cryptographically secure shields. In Proceedings of the IEEE International Symposium on Hardware-oriented Security and Trust. IEEE Computer Society, 25–31.

[25]

Intel Corporation. 2017. Intel® 64 and IA32 Architectures Performance Monitoring Events. Intel Corporation.

[26]

Intel Corporation. 2020. Q2 2018 speculative execution side channel update. Retrieved from https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html.

[27]

Alan Ehret, Karen Gettings, Bruce R. Jordan, and Michel A. Kinsy. 2019. A survey on hardware security techniques targeting low-power SoC designs. In Proceedings of the IEEE High Performance Extreme Computing Conference. IEEE, 1–8.

[28]

David Fiser and William Gamazo Sanchez. 2018. Detecting attacks that exploit meltdown and spectre with performance counters. Retrieved from https://www.trendmicro.com/en_us/research/18/c/detecting-attacks-that-exploit-meltdown-and-spectre-with-performance-counters.html.

[29]

Pietro Frigo, Cristiano Giuffrida, Herbert Bos, and Kaveh Razavi. 2018. Grand pwning unit: Accelerating microarchitectural attacks with the GPU. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society, 195–210.

[30]

Ulf Frisk. 2016. pcileech. Retrieved from https://doigithub.com/ufrisk/pcileech.

[31]

Mohsen Ghasempour, Mikel Lujan, and Jim Garside. 2015. ARMOR: A Run-time Memory Hot-Row Detector. Retreived on 26 June, 2020 from http://apt.cs.manchester.ac.uk/projects/ARMOR/RowHammer/.

[32]

Guy Gogniat, Tilman Wolf, and Wayne P. Burleson. 2006. Reconfigurable security support for embedded systems. In Proceedings of the 39th Hawaii International International Conference on Systems Science. IEEE Computer Society.

Digital Library

[33]

Ben Gras, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. 2018. Translation leak-aside buffer: Defeating cache side-channel protections with TLB attacks. In Proceedings of the 27th USENIX Security Symposium. USENIX Association, 955–972. Retrieved from https://www.usenix.org/conference/usenixsecurity18/presentation/gras.

Digital Library

[34]

Daniel Gruss, David Bidner, and Stefan Mangard. 2015. Practical memory deduplication attacks in sandboxed JavaScript. In Proceedings of the 20th European Symposium on Research in Computer Security(Lecture Notes in Computer Science, Vol. 9326), Günther Pernul, Peter Y. A. Ryan, and Edgar R. Weippl (Eds.). Springer, 108–122.

Digital Library

[35]

Daniel Gruss, Moritz Lipp, Michael Schwarz, Daniel Genkin, Jonas Juffinger, Sioli O’Connell, Wolfgang Schoechl, and Yuval Yarom. 2018. Another flip in the wall of Rowhammer defenses. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society, 245–261.

[36]

Daniel Gruss, Clémentine Maurice, Anders Fogh, Moritz Lipp, and Stefan Mangard. 2016. Prefetch side-channel attacks: Bypassing SMAP and Kernel ASLR. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. ACM, 368–379.

Digital Library

[37]

Daniel Gruss, Clémentine Maurice, Klaus Wagner, and Stefan Mangard. 2016. Flush+Flush: A fast and stealthy cache attack. In Proceedings of the 13th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment(Lecture Notes in Computer Science, Vol. 9721), Juan Caballero, Urko Zurutuza, and Ricardo J. Rodríguez (Eds.). Springer, 279–299.

Digital Library

[38]

Daniel Gruss, Michael Schwarz, and Moritz Tipp. 2020. Retrieved from https://www.youtube.com/watch?v=UTSJf05pw-0.

[39]

Daniel Gruss, Raphael Spreitzer, and Stefan Mangard. 2015. Cache template attacks: Automating attacks on inclusive last-level caches. In Proceedings of the 24th USENIX Security Symposium. USENIX Association, 897–912. Retrieved from https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/gruss.

Digital Library

[40]

Naofumi Homma, Yu-ichi Hayashi, Noriyuki Miura, Daisuke Fujimoto, Daichi Tanaka, Makoto Nagata, and Takafumi Aoki. 2014. EM attack is non-invasive?—Design methodology and validity verification of EM attack sensor. In Proceedings of the 16th International Workshop on Cryptographic Hardware and Embedded Systems(Lecture Notes in Computer Science, Vol. 8731), Lejla Batina and Matthew Robshaw (Eds.). Springer, 1–16.

Digital Library

[41]

Jann Horn. 2018. Speculative execution, variant 4: Speculative store bypass. Retrieved from https://bugs.chromium.org/p/project-zero/issues/detail?id=1528.

[42]

Gorka Irazoqui, Thomas Eisenbarth, and Berk Sunar. 2018. MASCAT: Preventing microarchitectural attacks before distribution. In Proceedings of the 8th ACM Conference on Data and Application Security and Privacy. ACM, 377–388.

Digital Library

[43]

Yoongu Kim, Ross Daly, Jeremie Kim, Chris Fallin, Ji-Hye Lee, Donghyuk Lee, Chris Wilkerson, Konrad Lai, and Onur Mutlu. 2014. Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors. In Proceedings of the ACM/IEEE 41st International Symposium on Computer Architecture. IEEE Computer Society, 361–372.

Digital Library

[44]

Vladimir Kiriansky and Carl A. Waldspurger. 2018. Speculative buffer overflows: Attacks and defenses. CoRR abs/1807.03757 (2018).

[45]

Paul Kocher, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2018. Spectre attacks: Exploiting speculative execution. CoRR abs/1801.01203 (2018).

[46]

Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2019. Spectre attacks: Exploiting speculative execution. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, 1–19.

[47]

Constantinos Kolias, Georgios Kambourakis, Angelos Stavrou, and Jeffrey M. Voas. 2017. DDoS in the IoT: Mirai and other botnets. Computer 50, 7 (2017), 80–84.

Digital Library

[48]

Thomas Korak, Michael Hutter, Baris Ege, and Lejla Batina. 2014. Clock glitch attacks in the presence of heating. In Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography. IEEE Computer Society, 104–114.

Digital Library

[49]

Esmaeil Mohammadian Koruyeh, Khaled N. Khasawneh, Chengyu Song, and Nael B. Abu-Ghazaleh. 2018. Spectre returns! Speculation attacks using the return stack buffer. In Proceedings of the 12th USENIX Workshop on Offensive Technologies. USENIX Association. Retrieved from https://www.usenix.org/conference/woot18/presentation/koruyeh.

Digital Library

[50]

Deepa Krishnan and Adesh Mallya. 2020. A survey on security attacks in internet of things and challenges in existing countermeasures. In Proceedings of the International Conference on Wireless Communication. Springer, 463–469.

[51]

Andrew Kwong, Daniel Genkin, Daniel Gruss, and Yuval Yarom. 2020. RAMBleed: Reading bits in memory without accessing them. In Proceedings of the 41st IEEE Symposium on Security and Privacy.

[52]

Nica Latto. 2020. What Are Meltdown and Spectre?Avast Academy - Security - Other threats. Retrieved from https://www.avast.com/c-meltdown-spectre.

[53]

Eojin Lee, Ingab Kang, Sukhan Lee, G. Edward Suh, and Jung Ho Ahn. 2019. TWiCe: Preventing row-hammering by exploiting time window counters. In Proceedings of the 46th International Symposium on Computer Architecture. ACM, 385–396.

Digital Library

[54]

Congmiao Li and Jean-Luc Gaudiot. 2018. Online detection of Spectre attacks using microarchitectural traces from performance counters. In Proceedings of the 30th International Symposium on Computer Architecture and High Performance Computing. IEEE, 25–28.

[55]

Congmiao Li and Jean-Luc Gaudiot. 2019. Detecting malicious attacks exploiting hardware vulnerabilities using performance counters. In Proceedings of the 43rd IEEE Computer Software and Applications Conference. IEEE, 588–597.

[56]

Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown: Reading kernel memory from user space. In Proceedings of the 27th USENIX Security Symposium. USENIX Association, 973–990. Retrieved from https://www.usenix.org/conference/usenixsecurity18/presentation/lipp.

Digital Library

[57]

Fangfei Liu, Yuval Yarom, Qian Ge, Gernot Heiser, and Ruby B. Lee. 2015. Last-level cache side-channel attacks are practical. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society, 605–622.

Digital Library

[58]

Vaibhav G. Lokhande and Deepti Vidyarthi. 2019. A study of hardware architecture based attacks to bypass operating system security. Secur. Priv. 2, 4 (2019).

[59]

Fabien Majéric, Benoit Gonzalvo, and Lilian Bossuet. 2018. JTAG Fault injection attack. IEEE Embed. Syst. Lett. 10, 3 (2018), 65–68.

[60]

A. Theodore Markettos, Colin Rothwell, Brett F. Gutstein, Allison Pearce, Peter G. Neumann, Simon W. Moore, and Robert N. M. Watson. 2019. Thunderclap: Exploring vulnerabilities in operating system IOMMU protection via DMA from untrustworthy peripherals. In Proceedings of the 26th Network and Distributed System Security Symposium. The Internet Society. Retrieved from https://www.ndss-symposium.org/ndss-paper/thunderclap-exploring-vulnerabilities-in-operating-system-iommu-protection-via-dma-from-untrustworthy-peripherals/.

[61]

Ramya Jayaram Masti, Devendra Rai, Aanjhan Ranganathan, Christian Müller, Lothar Thiele, and Srdjan Capkun. 2015. Thermal covert channels on multi-core platforms. In Proceedings of the 24th USENIX Security Symposium. USENIX Association, 865–880. Retrieved from https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/masti.

Digital Library

[62]

Clémentine Maurice, Nicolas Le Scouarnec, Christoph Neumann, Olivier Heen, and Aurélien Francillon. 2015. Reverse engineering Intel last-level cache complex addressing using performance counters. In Proceedings of the 18th International Symposium on Research in Attacks, Intrusions, and Defenses(Lecture Notes in Computer Science, Vol. 9404), Herbert Bos, Fabian Monrose, and Gregory Blanc (Eds.). Springer, 48–65.

Digital Library

[63]

Benoît Morgan, Eric Alata, Vincent Nicomette, and Mohamed Kaâniche. 2016. Bypassing IOMMU protection against I/O attacks. In Proceedings of the 7th Latin-American Symposium on Dependable Computing. IEEE Computer Society, 145–150.

[64]

Bernard Ngabonziza, Daniel Martin, Anna Bailey, Haehyun Cho, and Sarah Martin. 2016. TrustZone explained: Architectural features and use cases. In Proceedings of the 2nd IEEE International Conference on Collaboration and Internet Computing. IEEE Computer Society, 445–451.

[65]

Zhenyu Ning and Fengwei Zhang. 2017. Ninja: Towards transparent tracing and debugging on ARM. In Proceedings of the 26th USENIX Security Symposium. USENIX Association, 33–49. Retrieved from https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/ning.

Digital Library

[66]

Zhenyu Ning and Fengwei Zhang. 2019. Hardware-assisted transparent tracing and debugging on ARM. IEEE Trans. Inf. Forens. Secur. 14, 6 (2019), 1595–1609.

Digital Library

[67]

Zhenyu Ning and Fengwei Zhang. 2019. Understanding the security of ARM debugging features. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, 602–619.

[68]

Graz University of Technology. 2018. Meltdown and Spectre vulnerabilities in modern computers leak passwords and sensitive data. Retrieved from https://doimeltdownattack.com/.

[69]

José R. García Ordaz, Marco Antonio Ramírez Salinas, Luis A. Villa Vargas, Herón Molina Lozano, and Cuauhtémoc Peredo Macías. 2012. A reorder buffer design for high performance processors. Computac. Sist. 16, 1 (2012). Retrieved from http://cys.cic.ipn.mx/ojs/index.php/CyS/article/view/1369.

[70]

Yossef Oren, Vasileios P. Kemerlis, Simha Sethumadhavan, and Angelos D. Keromytis. 2015. The spy in the sandbox: Practical cache attacks in JavaScript and their implications. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Indrajit Ray, Ninghui Li, and Christopher Kruegel (Eds.). ACM, 1406–1418.

Digital Library

[71]

Dag Arne Osvik, Adi Shamir, and Eran Tromer. 2006. Cache attacks and countermeasures: The case of AES. In Proceedings of the Cryptographers’ Track at the RSA Conference: Topics in Cryptology(Lecture Notes in Computer Science, Vol. 3860), David Pointcheval (Ed.). Springer, 1–20.

Digital Library

[72]

Mathias Payer. 2016. HexPADS: A platform to detect “stealth” attacks. In Proceedings of the 8th International Symposium on Engineering Secure Software and Systems(Lecture Notes in Computer Science, Vol. 9639), Juan Caballero, Eric Bodden, and Elias Athanasopoulos (Eds.). Springer, 138–154.

Digital Library

[73]

Colin Percival. 2005. Cache Missing for Fun and Profit.BSDCan.

[74]

Peter Pessl, Daniel Gruss, Clémentine Maurice, Michael Schwarz, and Stefan Mangard. 2016. DRAMA: Exploiting DRAM addressing for cross-CPU attacks. In Proceedings of the 25th USENIX Security Symposium. USENIX Association, 565–581. Retrieved from https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/pessl.

Digital Library

[75]

Sandro Pinto and Nuno Santos. 2019. Demystifying Arm TrustZone: A comprehensive survey. ACM Comput. Surv. 51, 6 (2019), 130:1–130:36.

Digital Library

[76]

Rui Qiao and Mark Seaborn. 2016. A new approach for Rowhammer attacks. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust. IEEE Computer Society, 161–166.

[77]

Pengfei Qiu, Dongsheng Wang, Yongqiang Lyu, and Gang Qu. 2019. VoltJockey: Breaching TrustZone by software-controlled voltage manipulation over multi-core frequencies. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. ACM, 195–209.

Digital Library

[78]

Xuanle Ren, Ronald D. Blanton, and Vítor Grade Tavares. 2016. A learning-based approach to secure JTAG against unseen scan-based attacks. In Proceedings of the IEEE Computer Society Symposium on VLSI. IEEE Computer Society, 541–546.

[79]

Kurt Rosenfeld and Ramesh Karri. 2010. Attacks and defenses for JTAG. IEEE Des. Test Comput. 27, 1 (2010), 36–47.

Digital Library

[80]

Nahi Jnanena Sadrusham. 2015. Timing Constraints. Retrieved from http://asic-soc.blogspot.com/2015/02/timing-constraints.html.

[81]

Marc Schink and Johannes Obermaier. 2019. Taking a look into execute-only memory. In Proceedings of the 13th USENIX Workshop on Offensive Technologies. USENIX Association. Retrieved from https://www.usenix.org/conference/woot19/presentation/schink.

Digital Library

[82]

Jayasree Sengupta, Sushmita Ruj, and Sipra Das Bit. 2020. A comprehensive survey on attacks, security issues and blockchain solutions for IoT and IIoT. J. Netw. Comput. Appl. 149 (2020).

[83]

Seyed Mohammad Seyedzadeh, Alex K. Jones, and Rami G. Melhem. 2017. Counter-based tree structure for row hammering mitigation in DRAM. IEEE Comput. Archit. Lett. 16, 1 (2017), 18–21.

Digital Library

[84]

Julian Stecklina and Thomas Prescher. 2018. LazyFP: Leaking FPU register state using microarchitectural side-channels. CoRR abs/1806.07480 (2018).

[85]

Patrick Stewin. 2013. A primitive for revealing stealthy peripheral-based attacks on the computing platform’s main memory. In Proceedings of the 16th International Symposium on Research in Attacks, Intrusions, and Defenses(Lecture Notes in Computer Science, Vol. 8145), Salvatore J. Stolfo, Angelos Stavrou, and Charles V. Wright (Eds.). Springer, 1–20.

Digital Library

[86]

Patrick Stewin and Iurii Bystrov. 2012. Understanding DMA malware. In Proceedings of the 9th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment(Lecture Notes in Computer Science, Vol. 7591), Ulrich Flegel, Evangelos P. Markatos, and William K. Robertson (Eds.). Springer, 21–41.

Digital Library

[87]

Jakub Szefer. 2019. Survey of microarchitectural side and covert channels, attacks, and defenses. J. Hardw. Syst. Secur. 3, 3 (2019), 219–234.

[88]

Shahin Tajik, Heiko Lohrke, Fatemeh Ganji, Jean-Pierre Seifert, and Christian Boit. 2015. Laser fault attack on physically unclonable functions. In Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography. IEEE Computer Society, 85–96.

Digital Library

[89]

Adrian Tang, Simha Sethumadhavan, and Salvatore J. Stolfo. 2017. CLKSCREW: Exposing the perils of security-oblivious energy management. In Proceedings of the 26th USENIX Security Symposium. USENIX Association, 1057–1074. Retrieved from https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/tang.

Digital Library

[90]

Victor van der Veen, Yanick Fratantonio, Martina Lindorfer, Daniel Gruss, Clémentine Maurice, Giovanni Vigna, Herbert Bos, Kaveh Razavi, and Cristiano Giuffrida. 2016. Drammer: Deterministic Rowhammer attacks on mobile platforms. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. ACM, 1675–1689.

Digital Library

[91]

Thomas Willhalm, Roman Dementiev, and Patrick Fay. 2012. Intel performance counter monitor-a better way to measure CPU utilization. Retrieved from Dosegljivo: https://software.intel.com/en-us/articles/intelperformance-countermonitor-a-better-way-to-measure-cpu-utilization.

[92]

Yuval Yarom and Katrina Falkner. 2014. FLUSH+RELOAD: A High resolution, low noise, L3 cache side-channel attack. In Proceedings of the 23rd USENIX Security Symposium. USENIX Association, 719–732. Retrieved from https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/yarom.

Digital Library

[93]

Ning Zhang, Kun Sun, Deborah Shands, Wenjing Lou, and Y. Thomas Hou. 2016. TruSpy: Cache side-channel information leakage from the secure world on ARM devices. IACR Cryptol. ePrint Arch. 2016 (2016), 980. Retrieved from http://eprint.iacr.org/2016/980.

[94]

Zhiting Zhu, Sangman Kim, Yuri Rozhanski, Yige Hu, Emmett Witchel, and Mark Silberstein. 2017. Understanding the security of discrete GPUs. In Proceedings of the General Purpose GPUs Conference. ACM, 1–11.

Digital Library

Cited By

Arunkumar SGowtham MRevathi NKrishnaprasath V(2024)Enhancing industrial security with iot-based passive intrusion detection and segmentationSalud, Ciencia y Tecnología - Serie de Conferencias10.56294/sctconf20249343(934)Online publication date: 20-Jun-2024
https://doi.org/10.56294/sctconf2024934
Ishrat MKhan WAhmad FAl Farsi MAbidin S(2024)Comprehensive Analysis of Attacks and Defenses in IoT Sensory Big Data AnalysisTechnological Advancements in Data Processing for Next Generation Intelligent Systems10.4018/979-8-3693-0968-1.ch002(24-57)Online publication date: 18-Mar-2024
https://doi.org/10.4018/979-8-3693-0968-1.ch002
Pevtsov EDemenkova TIndrishenok AFilimonov V(2024)Identification of digital device hardware vulnerabilities based on scanning systems and semi-natural modelingRussian Technological Journal10.32362/2500-316X-2024-12-4-23-3912:4(23-39)Online publication date: 5-Aug-2024
https://doi.org/10.32362/2500-316X-2024-12-4-23-39
Show More Cited By

Index Terms

A Comprehensive Survey of Attacks without Physical Access Targeting Hardware Vulnerabilities in IoT/IIoT Devices, and Their Detection Mechanisms
1. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
    1. Intrusion detection systems
  2. Security in hardware

Recommendations

A Comprehensive Survey on Attacks, Security Issues and Blockchain Solutions for IoT and IIoT
Abstract
In recent years, the growing popularity of Internet of Things (IoT) is providing a promising opportunity not only for the development of various home automation systems but also for different industrial applications. By leveraging ...
DDoS attacks in Industrial IoT: A survey
Abstract
As the IoT expands its influence, its effect is becoming macroscopic and pervasive. One of the most discernible effects is in the industries where it is known as Industrial IoT (IIoT). IIoT provides automated, comprehensive, regressive and easy-...
Attacks on Resource-Constrained IoT Devices and Security Solutions

An IoT is a complex system of interconnected electronic devices that exchange data over the network. Due to the sensitive nature of the data involved in this new technological paradigm, security measures must be taken with great care. Researchers can ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Design Automation of Electronic Systems

ACM Transactions on Design Automation of Electronic Systems Volume 27, Issue 1

January 2022

230 pages

ISSN:1084-4309

EISSN:1557-7309

DOI:10.1145/3483335

Editor:
X. Sharon Hu
University of Notre Dame, USA

Issue’s Table of Contents

Copyright © 2021 Association for Computing Machinery.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Journal Family

ACM Journals for the Design of Smart and Connected Systems

Publication History

Published: 13 September 2021

Accepted: 01 June 2021

Revised: 01 May 2021

Received: 01 January 2021

Published in TODAES Volume 27, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Refereed

Funding Sources

French government’s IRT Nanoelec program

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

14
Total Citations
View Citations
649
Total Downloads

Downloads (Last 12 months)144
Downloads (Last 6 weeks)5

Reflects downloads up to 10 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Arunkumar SGowtham MRevathi NKrishnaprasath V(2024)Enhancing industrial security with iot-based passive intrusion detection and segmentationSalud, Ciencia y Tecnología - Serie de Conferencias10.56294/sctconf20249343(934)Online publication date: 20-Jun-2024
https://doi.org/10.56294/sctconf2024934
Ishrat MKhan WAhmad FAl Farsi MAbidin S(2024)Comprehensive Analysis of Attacks and Defenses in IoT Sensory Big Data AnalysisTechnological Advancements in Data Processing for Next Generation Intelligent Systems10.4018/979-8-3693-0968-1.ch002(24-57)Online publication date: 18-Mar-2024
https://doi.org/10.4018/979-8-3693-0968-1.ch002
Pevtsov EDemenkova TIndrishenok AFilimonov V(2024)Identification of digital device hardware vulnerabilities based on scanning systems and semi-natural modelingRussian Technological Journal10.32362/2500-316X-2024-12-4-23-3912:4(23-39)Online publication date: 5-Aug-2024
https://doi.org/10.32362/2500-316X-2024-12-4-23-39
Kebande VAwad A(2024)Industrial Internet of Things Ecosystems Security and Digital Forensics: Achievements, Open Challenges, and Future DirectionsACM Computing Surveys10.1145/363503056:5(1-37)Online publication date: 12-Jan-2024
https://dl.acm.org/doi/10.1145/3635030
Mehta APadaria ABavisi DUkani VThakkar PGeddam RKotecha KAbraham A(2024)Securing the Future: A Comprehensive Review of Security Challenges and Solutions in Advanced Driver Assistance SystemsIEEE Access10.1109/ACCESS.2023.334720012(643-678)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2023.3347200
Dev DBiradar VChandrasekhar VSahni Vkulkarni PNegi P(2024)Uncertainty determination and reduction through novel approach for industrial IOTMeasurement: Sensors10.1016/j.measen.2023.10099531(100995)Online publication date: Feb-2024
https://doi.org/10.1016/j.measen.2023.100995
Kumar SAhlawat PSahni J(2024) IoT malware detection using static and dynamic analysis techniques: A systematic literature review SECURITY AND PRIVACY10.1002/spy2.444Online publication date: 19-Jul-2024
https://doi.org/10.1002/spy2.444
Polychronou NThevenon PPuys MBeroulle V(2023)A Hybrid Solution for Constrained Devices to Detect Microarchitectural Attacks2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)10.1109/EuroSPW59978.2023.00033(259-269)Online publication date: Jul-2023
https://doi.org/10.1109/EuroSPW59978.2023.00033
Gerodimos AMaglaras LFerrag MAyres NKantzavelou I(2023)IoT: Communication protocols and security threatsInternet of Things and Cyber-Physical Systems10.1016/j.iotcps.2022.12.0033(1-13)Online publication date: 2023
https://doi.org/10.1016/j.iotcps.2022.12.003
El-Zawawy MKaliyar PConti MKatsikas S(2023)Honey-list based authentication protocol for industrial IoT swarmsComputer Communications10.1016/j.comcom.2023.09.012211:C(239-253)Online publication date: 1-Nov-2023
https://dl.acm.org/doi/10.1016/j.comcom.2023.09.012
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Issue’s Table of Contents