skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: A Lightweight Delay-based Authentication Scheme for DMA Attack Mitigation
With the extensive application of the Direct Memory Access (DMA) technique, the efficiency of data transfer between the peripheral and the host machine has been improved dramatically. However, these optimizations also introduce security vulnerabilities and expose the process of data transmission to DMA attacks that utilize the feature of direct access to steal the data stored in the live memory on the victim system. In this paper, we propose a lightweight scheme to provide resilience to DMA attacks without physical and protocol-level modification. The proposed scheme constructs a unique identifier for each DMA-supported PCIe device based on profiling time and builds a trusted database for authentication. The experimental result shows that the proposed methodology eliminates most of the noise produced in the measuring process for identifier construction and the success rate of authentication is 100% for all the devices.  more » « less
Award ID(s):
1814420
PAR ID:
10286475
Author(s) / Creator(s):
; ; ; ;
Date Published:
Journal Name:
International Symposium on Quality Electronic Design (ISQED 2021)
Page Range / eLocation ID:
263 to 268
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; (, Cryptography)
    null (Ed.)
    Direct Memory Access (DMA) is a state-of-the-art technique to optimize the speed of memory access and to efficiently use processing power during data transfers between the main system and a peripheral device. However, this advanced feature opens security vulnerabilities of access compromise and to manipulate the main memory of the victim host machine. The paper outlines a lightweight process that creates resilience against DMA attacks minimal modification to the configuration of the DMA protocol. The proposed scheme performs device identification of the trusted PCIe devices that have DMA capabilities and constructs a database of profiling time to authenticate the trusted devices before they can access the system. The results show that the proposed scheme generates a unique identifier for trusted devices and authenticates the devices. Furthermore, a machine learning–based real-time authentication scheme is proposed that enables runtime authentication and share the results of the time required for training and respective accuracy. 
    more » « less
  2. ; ; (, Applied Sciences)
    Pattern unlock is a popular screen unlock scheme that protects the sensitive data and information stored in mobile devices from unauthorized access. However, it is also susceptible to various attacks, including guessing attacks, shoulder surfing attacks, smudge attacks, and side-channel attacks, which can achieve a high success rate in breaking the patterns. In this paper, we propose a new two-factor screen unlock scheme that incorporates surface electromyography (sEMG)-based biometrics with patterns for user authentication. sEMG signals are unique biometric traits suitable for person identification, which can greatly improve the security of pattern unlock. During a screen unlock session, sEMG signals are recorded when the user draws the pattern on the device screen. Time-domain features extracted from the recorded sEMG signals are then used as the input of a one-class classifier to identify the user is legitimate or not. We conducted an experiment involving 10 subjects to test the effectiveness of the proposed scheme. It is shown that the adopted time-domain sEMG features and one-class classifiers achieve good authentication performance in terms of the F 1 score and Half of Total Error Rate (HTER). The results demonstrate that the proposed scheme is a promising solution to enhance the security of pattern unlock. 
    more » « less
  3. ; ; ; (, IEEE Transactions on Vehicular Technology)
    This article proposes authentication and physical layer security schemes to improve secure communications between the electric vehicle (EV) and charging infrastructure in dynamic wireless power transfer (DWPT) systems. In particular, a double-encryption with the signature (DoES) scheme is proposed for session key exchange between EV and charging station which provides data authenticity and integrity. To enable low-latency authentication between EV and power transmitter (PT) in DWPT systems, a sign-encrypt-message (SEM) authentication code scheme is designed leveraging symmetric keys for dynamic charging, which ensures privacy and resistance to tampering attacks. The artificial noise-based physical layer security (AN-based PLS) scheme is also proposed at the physical layer to degrade the wiretapped signal quality of multiple eavesdroppers operating in non-colluding and colluding cases. Closed-form expressions for the secrecy outage probability (SOP) and intercept probability (IP) of the considered system with the non-colluding case are derived to show that the proposed AN-based PLS scheme provides lower SOP and IP than the conventional ones without AN. The distance between eavesdroppers and the PT also affects the system SOP and IP in both non-colluding and colluding cases. Moreover, the EV using the DoES scheme takes 52 ms for obtaining session keys from the charging station while it only spends 8.23 ms with the SEM scheme to authenticate with PT for the charging process. 
    more » « less
  4. ; ; ; ; (, 2018 IEEE International Conference on Communications (ICC))
    Smart personal insulin pumps have been widely adopted by type 1 diabetes. However, many wireless insulin pump systems lack security mechanisms to protect them from malicious attacks. In previous works, the read-write attacks over RF channels can be launched stealthily and could jeopardize patients' lives. Protecting patients from such attacks is urgent. To address this issue, we propose a novel visible light channel based access control scheme for wireless infusion insulin pumps. This scheme employs an infrared photodiode sensor as a receiver in an insulin pump, and an infrared LED as an emitter in a doctor's reader (USB) to transmit a PIN/shared key to authenticate the doctor's USB. The evaluation results demonstrate that our scheme can reliably pass the authentication process with a low false accept rate (0.05% at a distance of 5cm). 
    more » « less
  5. ; ; ; ; (, GLSVLSI '23: Proceedings of the Great Lakes Symposium on VLSI 2023)
    his work presents a sustainable cybersecurity solution using Physical Unclonable Functions (PUF), Trusted Platform Module (TPM), and Tangle Distributed Ledger Technology (DLT) for sustainable device and data security. Security-by-Design (SbD) or Hardware- Assisted Security (HAS) solutions have gained much prominence due to the requirement of tamper-proof storage for hardwareassisted cryptography solutions. Designing complex security mechanisms can impact their efficiency as IoT applications are more decentralized. In the proposed architecture, we presented a novel TPM-enabled PUF-based security mechanism with effective integration of PUF with TPM. The proposed mechanism is based on the process of sealing the PUF key in the TPM, which cannot be accessed outside the TPM and can only be unsealed by the TPM itself. A specified NV-index is assigned to each IoT node for sealing the PUF key to TPM using the Media Access Control (MAC) address. Access to the TPM's Non-Volatile Random Access Memory (NVRAM) is defined by the TPM's Enhanced Authorization policies as specified by the Trust Computing Group (TCG). The proposed architecture uses Tangle for sustainable data security and storage in decentralized IoT systems through a Masked Authentication Messaging (MAM) scheme for efficient and secure access control to Tangle. We validated the proposed approach through experimental analysis and implementation, which substantiates the potential of the presented PUFchain 4.0 for decentralized IoT-driven security solutions. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email