Dissertation Defense Schedule
Academic Excellence
Sharing original dissertation research is a principle to which the University of Delaware is deeply committed. It is the single most important assignment our graduate students undertake and upon completion is met with great pride.
We invite you to celebrate this milestone by attending their dissertation defense. Please review the upcoming dissertation defense schedule below and join us!
PROGRAM | Electrical & Computer Engineering
Investigating Mobile and Peripheral Side Channels for Attack and Defense
By: Patrick Cronin Chair: Chase Cotton
ABSTRACT
Advances in computing technology and convenience have dramatically altered the way the world conducts business. The reliance on face to face meetings, phone calls, postal service mail, large filing rooms, and hand computing have largely fallen out of favor, and have been replaced by constantly connected mobile smartphones, increasing productivity, convenience, and revenue. When all of this data becomes too ungainly or secret to move across the internet modern computers have eschewed an ungainly number of competing standards (parallel, serial, etc.) and settled on USB mass storage devices.
While these mobile devices have enabled incredible convenience, they have done little to thwart insidious data stealing attacks. This dissertation focuses on a specific type of cyber attack; side channels. Side channel attacks identify components of a system that are shared by multiple processes and then monitor an observable characteristic (timing, temperature, power, acoustics) of that component to identify information about the system. We examine the utilization of side channels for both attack and defense in mobile and peripheral platforms.
First, we examine the security of the content that appears on mobile phone screens, identifying that many user input actions result in large onscreen animations which cause noticeable disturbances in the power trace of the device. We discover that these disturbances can be accurately classified with a machine learning system, enabling an attacker to learn exactly what buttons a user presses and perform an in-depth study on stealing user lock screen passcodes.
Next, we investigate how users move data, examining the security issues brought about by USB flash drives. We examine the low-level timing characteristics of USB flash drives and determine that each individual device contains a uniquely identifiable timing pattern that can be exploited to construct a defense that identifies whether a drive is authorized for use on the target device. We examine the robustness of this defensive method in multiple scenarios.
Finally, we notice a trend in computing towards more mobile devices and more accessible architectures, specifically noting a recent move of some laptop designers from x86 to ARM. We identify that the driving force behind this shift is the rapid increase in ARM’s power to performance ratio, partly brought about by major modifications to the core and cache architectures. We examine whether these major changes now enable attacks that were originally only feasible on x86 devices. We specifically examine an attack which fingerprints the websites that users visit and use its success to construct a novel GPU based channel within the ARM architecture for website fingerprinting.
The Process
Step-by-Step
Visit our “Step-by-Step Graduation Guide” to take you through the graduation process.From formatting your Dissertation to Doctoral Hooding procedures.
Dissertation Manual
Wondering how to set up the format for your paper. Refer to the “UD Thesis/Dissertation Manual” for formatting requirements and more.
Defense Submission Form
This form must be completed two weeks in advance of a dissertation defense to meet the University of Delaware Graduate and Professional Education’s requirements.