Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360899
Pranshu Bajpai, Cody Carter, Daria Tarasova, David Ackley, Ian Masterson, Jamie Schmidt, R. Enbody
Symmetric ciphers are more efficient for bulk encryption than asymmetric ciphers, however there is a lack of published studies providing relevant metrics pertaining to bulk encryption with RSA in modern computing environments. As key escrow systems proposed against ransomware provide alternative routes for data restoration, ransomware developers will seek to deploy resistant cryptosystems. In this study, we examine the use of a popular asymmetric cipher (RSA) for bulk encryption. We provide metrics for both encryption time and ciphertext expansion while examining the impact of different encryption parameters such as key size and block size. In addition, we consider supplementing encryption with compression to combat both ciphertext expansion and encryption time. Our goal is to highlight the need for solutions against the ransomware that use externally generated asymmetric key pairs for bulk encryption.
{"title":"The Suitability of RSA for Bulk Data Encryption","authors":"Pranshu Bajpai, Cody Carter, Daria Tarasova, David Ackley, Ian Masterson, Jamie Schmidt, R. Enbody","doi":"10.1109/WIFS49906.2020.9360899","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360899","url":null,"abstract":"Symmetric ciphers are more efficient for bulk encryption than asymmetric ciphers, however there is a lack of published studies providing relevant metrics pertaining to bulk encryption with RSA in modern computing environments. As key escrow systems proposed against ransomware provide alternative routes for data restoration, ransomware developers will seek to deploy resistant cryptosystems. In this study, we examine the use of a popular asymmetric cipher (RSA) for bulk encryption. We provide metrics for both encryption time and ciphertext expansion while examining the impact of different encryption parameters such as key size and block size. In addition, we consider supplementing encryption with compression to combat both ciphertext expansion and encryption time. Our goal is to highlight the need for solutions against the ransomware that use externally generated asymmetric key pairs for bulk encryption.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"62 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115528011","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360884
Quentin Giboulot, P. Bas, R. Cogranne
Current schemes in steganography relying on synchronization are all based on a general heuristic to take into account interactions between embedding changes. However these approaches, while often competitive, lack a clear model for the relationship between pixels/DCT coefficient and the distortion function, and, as such, do not give any guarantees in terms of detectabilty. To solve this problem, we herein propose a synchronized side-informed scheme in the JPEG domain based on minimizing statistical detectability which achieves state-of-the- art performances. This is done by exploiting a statistical model that takes into account correlations between DCT coefficients and adding an optimal steganographic-signal with covariance which is a scaled version of the cover noise covariance. This method allows a clear understanding of the reasons why, depending on the processing pipeline, synchronization using both intra and inter-block dependencies allows such gains in performance.
{"title":"Synchronization Minimizing Statistical Detectability for Side-Informed JPEG Steganography","authors":"Quentin Giboulot, P. Bas, R. Cogranne","doi":"10.1109/WIFS49906.2020.9360884","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360884","url":null,"abstract":"Current schemes in steganography relying on synchronization are all based on a general heuristic to take into account interactions between embedding changes. However these approaches, while often competitive, lack a clear model for the relationship between pixels/DCT coefficient and the distortion function, and, as such, do not give any guarantees in terms of detectabilty. To solve this problem, we herein propose a synchronized side-informed scheme in the JPEG domain based on minimizing statistical detectability which achieves state-of-the- art performances. This is done by exploiting a statistical model that takes into account correlations between DCT coefficients and adding an optimal steganographic-signal with covariance which is a scaled version of the cover noise covariance. This method allows a clear understanding of the reasons why, depending on the processing pipeline, synchronization using both intra and inter-block dependencies allows such gains in performance.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125553499","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360896
R. Cogranne, Quentin Giboulot, P. Bas
This paper briefly summarizes the ALASKA#2 steganalysis challenge which has been organized on the Kaggle machine learning competition platform. We especially focus on the context, the organization (rules, timeline, evaluation and material) as well as on the outcome (number of competitors, submission, findings, and final results). While both steganography and steganalysis were new to most of the competitors, they were able to leverage their skills in Deep Learning in order to design detection methods that perform significantly better than current art in steganalysis. Despite the fact that these solutions come at an important computational cost, they clearly indicate new directions to explore in steganalysis research.
{"title":"ALASKA#2: Challenging Academic Research on Steganalysis with Realistic Images","authors":"R. Cogranne, Quentin Giboulot, P. Bas","doi":"10.1109/WIFS49906.2020.9360896","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360896","url":null,"abstract":"This paper briefly summarizes the ALASKA#2 steganalysis challenge which has been organized on the Kaggle machine learning competition platform. We especially focus on the context, the organization (rules, timeline, evaluation and material) as well as on the outcome (number of competitors, submission, findings, and final results). While both steganography and steganalysis were new to most of the competitors, they were able to leverage their skills in Deep Learning in order to design detection methods that perform significantly better than current art in steganalysis. Despite the fact that these solutions come at an important computational cost, they clearly indicate new directions to explore in steganalysis research.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"23 5","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120905720","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360893
Benedikt Lorch, Anatol Maier, C. Riess
Many methods in image forensics are sensitive to varying amounts of JPEG compression. To mitigate this issue, it is either possible to a) build detectors that better generalize to unknown JPEG settings, or to b) train multiple detectors, where each is specialized to a narrow range of JPEG qualities. While the first approach is currently an open challenge, the second approach may silently fail, even for only slight mismatches in training and testing distributions. To alleviate this challenge, we propose a forensic detector that is able to express uncertainty in its predictions. This allows detecting test samples for which the training distribution is not representative. More specifically, we propose Bayesian logistic regression as an instance of an infinite ensemble of classifiers. The ensemble agrees in its predictions from test samples similar to the training data but its predictions diverge for unknown test samples. The applicability of the proposed method is evaluated on the task of detecting JPEG double compression. The detector achieves high performance on two goals simultaneously: It accurately detects double-JPEG compression, and it accurately indicates when the test data is not covered by the training data. We assert that the proposed method can assist a forensic analyst in assessing detector reliability and in anticipating failure cases for specific inputs.
{"title":"Reliable JPEG Forensics via Model Uncertainty","authors":"Benedikt Lorch, Anatol Maier, C. Riess","doi":"10.1109/WIFS49906.2020.9360893","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360893","url":null,"abstract":"Many methods in image forensics are sensitive to varying amounts of JPEG compression. To mitigate this issue, it is either possible to a) build detectors that better generalize to unknown JPEG settings, or to b) train multiple detectors, where each is specialized to a narrow range of JPEG qualities. While the first approach is currently an open challenge, the second approach may silently fail, even for only slight mismatches in training and testing distributions. To alleviate this challenge, we propose a forensic detector that is able to express uncertainty in its predictions. This allows detecting test samples for which the training distribution is not representative. More specifically, we propose Bayesian logistic regression as an instance of an infinite ensemble of classifiers. The ensemble agrees in its predictions from test samples similar to the training data but its predictions diverge for unknown test samples. The applicability of the proposed method is evaluated on the task of detecting JPEG double compression. The detector achieves high performance on two goals simultaneously: It accurately detects double-JPEG compression, and it accurately indicates when the test data is not covered by the training data. We assert that the proposed method can assist a forensic analyst in assessing detector reliability and in anticipating failure cases for specific inputs.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128082677","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360900
Davide Capoferri, Clara Borrelli, Paolo Bestagini, F. Antonacci, A. Sarti, S. Tubaro
Manipulating speech audio recordings through splicing is a task within everyone’s reach. Indeed, it is very easy to collect through social media multiple audio recordings from well-known public figures (e.g., actors, politicians, etc.). These can be cut into smaller excerpts that can be concatenated in order to generate new audio content. As a fake speech from a famous person can be used for fake news spreading and negatively impact on the society, the ability of detecting whether a speech recording has been manipulated is a task of great interest in the forensics community. In this work, we focus on speech audio splicing detection and localization. We leverage the idea that distinct recordings may be acquired in different environments, which are typically characterized by distinctive reverberation cues. Exploiting this property, our method estimates inconsistencies in the reverberation time throughout a speech recording. If reverberation inconsistencies are detected, the audio track is tagged as manipulated and the splicing point time instant is estimated.
{"title":"Speech Audio Splicing Detection and Localization Exploiting Reverberation Cues","authors":"Davide Capoferri, Clara Borrelli, Paolo Bestagini, F. Antonacci, A. Sarti, S. Tubaro","doi":"10.1109/WIFS49906.2020.9360900","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360900","url":null,"abstract":"Manipulating speech audio recordings through splicing is a task within everyone’s reach. Indeed, it is very easy to collect through social media multiple audio recordings from well-known public figures (e.g., actors, politicians, etc.). These can be cut into smaller excerpts that can be concatenated in order to generate new audio content. As a fake speech from a famous person can be used for fake news spreading and negatively impact on the society, the ability of detecting whether a speech recording has been manipulated is a task of great interest in the forensics community. In this work, we focus on speech audio splicing detection and localization. We leverage the idea that distinct recordings may be acquired in different environments, which are typically characterized by distinctive reverberation cues. Exploiting this property, our method estimates inconsistencies in the reverberation time throughout a speech recording. If reverberation inconsistencies are detected, the audio track is tagged as manipulated and the splicing point time instant is estimated.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126552973","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360910
Pu Sun, Yuezun Li, H. Qi, Siwei Lyu
The recent development of Deep Neural Networks (DNN) has significantly increased the realism of AI-synthesized faces, with the most notable examples being the DeepFakes. The DeepFake technology can synthesize a face of target subject from a face of another subject, while retains the same face attributes. With the rapidly increased social media portals (Facebook, Instagram, etc), these realistic fake faces rapidly spread though the Internet, causing a broad negative impact to the society. In this paper, we describe Landmark Breaker, the first dedicated method to disrupt facial landmark extraction, and apply it to the obstruction of the generation of DeepFake videos. Our motivation is that disrupting the facial landmark extraction can affect the alignment of input face so as to degrade the DeepFake quality. Our method is achieved using adversarial perturbations. Compared to the detection methods that only work after DeepFake generation, Landmark Breaker goes one step ahead to prevent DeepFake generation. The experiments are conducted on three state-of-the-art facial landmark extractors using the recent Celeb-DF dataset.
{"title":"Landmark Breaker: Obstructing DeepFake By Disturbing Landmark Extraction","authors":"Pu Sun, Yuezun Li, H. Qi, Siwei Lyu","doi":"10.1109/WIFS49906.2020.9360910","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360910","url":null,"abstract":"The recent development of Deep Neural Networks (DNN) has significantly increased the realism of AI-synthesized faces, with the most notable examples being the DeepFakes. The DeepFake technology can synthesize a face of target subject from a face of another subject, while retains the same face attributes. With the rapidly increased social media portals (Facebook, Instagram, etc), these realistic fake faces rapidly spread though the Internet, causing a broad negative impact to the society. In this paper, we describe Landmark Breaker, the first dedicated method to disrupt facial landmark extraction, and apply it to the obstruction of the generation of DeepFake videos. Our motivation is that disrupting the facial landmark extraction can affect the alignment of input face so as to degrade the DeepFake quality. Our method is achieved using adversarial perturbations. Compared to the detection methods that only work after DeepFake generation, Landmark Breaker goes one step ahead to prevent DeepFake generation. The experiments are conducted on three state-of-the-art facial landmark extractors using the recent Celeb-DF dataset.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121330821","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360885
Tamio-Vesa Nakajima, Andrew D. Ker
We adapt the Syndrome-Trellis Code algorithm to generative steganography, giving a method for sampling from a specified distribution subject to linear constraints. This allows the use of syndrome codes, popular in cover-modification methods, for cover-generation steganography. The SyndromeTrellis Sampler works directly on independent and Markov-chain distributions, and can be plugged into an existing STC-based method to extend it to Gibbs fields that can be decomposed into conditionally-independent sublattices. We give some experiments to show that the method is correct, and to quantify how the payload condition forces the sampled distribution away from the target. The results show that the secrecy of the parity-check matrix of the syndrome code is important. We also show how to exploit sparsity in the conditional cover distribution, in a simple example from linguistic steganography.
{"title":"The Syndrome-Trellis Sampler for Generative Steganography","authors":"Tamio-Vesa Nakajima, Andrew D. Ker","doi":"10.1109/WIFS49906.2020.9360885","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360885","url":null,"abstract":"We adapt the Syndrome-Trellis Code algorithm to generative steganography, giving a method for sampling from a specified distribution subject to linear constraints. This allows the use of syndrome codes, popular in cover-modification methods, for cover-generation steganography. The SyndromeTrellis Sampler works directly on independent and Markov-chain distributions, and can be plugged into an existing STC-based method to extend it to Gibbs fields that can be decomposed into conditionally-independent sublattices. We give some experiments to show that the method is correct, and to quantify how the payload condition forces the sampled distribution away from the target. The results show that the secrecy of the parity-check matrix of the syndrome code is important. We also show how to exploit sparsity in the conditional cover distribution, in a simple example from linguistic steganography.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125601690","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360908
Shan Jin, R. Bettati
Previous works have proven that power consumption side-channel attacks, such as the Template Attack and the Stochastic Model, are effective for small secrets, such as those with 8 or 16 bits. However, directly applying those side-channel attacks on systems with large secrets, for example AES 128, is computationally intractable. Attackers usually apply a divide-and-conquer strategy to partition the secret in order to scale to larger numbers of bits. In the case of AES, divide-and-conquer strategy based side-channel attacks are usually launched on either the first round or the last round of the AES encryption. In this paper, we propose an efficient and pragmatic attack strategy that exploits the samples from multiple rounds, which significantly improves the key recovery compared to standard divide-and-conquer strategies.
{"title":"Reinforcement-Based Divide-and-Conquer Strategy for Side-Channel Attacks","authors":"Shan Jin, R. Bettati","doi":"10.1109/WIFS49906.2020.9360908","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360908","url":null,"abstract":"Previous works have proven that power consumption side-channel attacks, such as the Template Attack and the Stochastic Model, are effective for small secrets, such as those with 8 or 16 bits. However, directly applying those side-channel attacks on systems with large secrets, for example AES 128, is computationally intractable. Attackers usually apply a divide-and-conquer strategy to partition the secret in order to scale to larger numbers of bits. In the case of AES, divide-and-conquer strategy based side-channel attacks are usually launched on either the first round or the last round of the AES encryption. In this paper, we propose an efficient and pragmatic attack strategy that exploits the samples from multiple rounds, which significantly improves the key recovery compared to standard divide-and-conquer strategies.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131156775","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360907
Tetsuro Ishizuka, Yodai Watanabe
Secret sharing is a method of encrypting a secret into multiple pieces called shares so that only qualified sets of shares can be employed to reconstruct the secret. Audio secret sharing (ASS) is an example of secret sharing whose decryption can be performed by human ears. The aim of this paper is to extend the existing result of ASS schemes encrypting audio secrets to the general threshold case. For this purpose, the decryption function is extended from the sum of shares to the weighted sum of shares. Moreover, the notion of noise tolerance is introduced and used to generalize the existing formulation of ASS schemes. Based on this generalized formulation, a construction of ASS schemes encrypting audio secrets is provided and its security and noise tolerance are examined.
{"title":"Threshold audio secret sharing schemes encrypting audio secrets","authors":"Tetsuro Ishizuka, Yodai Watanabe","doi":"10.1109/WIFS49906.2020.9360907","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360907","url":null,"abstract":"Secret sharing is a method of encrypting a secret into multiple pieces called shares so that only qualified sets of shares can be employed to reconstruct the secret. Audio secret sharing (ASS) is an example of secret sharing whose decryption can be performed by human ears. The aim of this paper is to extend the existing result of ASS schemes encrypting audio secrets to the general threshold case. For this purpose, the decryption function is extended from the sum of shares to the weighted sum of shares. Moreover, the notion of noise tolerance is introduced and used to generalize the existing formulation of ASS schemes. Based on this generalized formulation, a construction of ASS schemes encrypting audio secrets is provided and its security and noise tolerance are examined.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121391039","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360902
Clément Gaine, D. Aboulkassimi, S. Pontié, J. Nikolovski, J. Dutertre
Smartphones have a complex hardware and software architecture. Having access to their full memory space can help solve judicial investigations. We propose a new privilege escalation technique in order to access hidden contents and execute sensitive operations. While classical forensic tools mostly exploit software vulnerabilities, it is based on a hardware security evaluation technique. Electromagnetic fault injection is such a technique usually used for microcontrollers or FPGA security characterization. A security function running at 1.2GHz on a 64-bit SoC with a Linux-based OS was successfully attacked. The Linux authentication module uses this function to verify the password correctness by comparing two hash values. Hence, this work constitutes a step towards smartphones privilege escalation through electromagnetic fault injection. This approach is interesting for addressing forensic issues on smartphones.
{"title":"Electromagnetic Fault Injection as a New Forensic Approach for SoCs","authors":"Clément Gaine, D. Aboulkassimi, S. Pontié, J. Nikolovski, J. Dutertre","doi":"10.1109/WIFS49906.2020.9360902","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360902","url":null,"abstract":"Smartphones have a complex hardware and software architecture. Having access to their full memory space can help solve judicial investigations. We propose a new privilege escalation technique in order to access hidden contents and execute sensitive operations. While classical forensic tools mostly exploit software vulnerabilities, it is based on a hardware security evaluation technique. Electromagnetic fault injection is such a technique usually used for microcontrollers or FPGA security characterization. A security function running at 1.2GHz on a 64-bit SoC with a Linux-based OS was successfully attacked. The Linux authentication module uses this function to verify the password correctness by comparing two hash values. Hence, this work constitutes a step towards smartphones privilege escalation through electromagnetic fault injection. This approach is interesting for addressing forensic issues on smartphones.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127548223","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: