Article
A Survey of Electromagnetic Side-Channel Attacks and Discussion on their Case-Progressing Potential for Digital Forensics
Contribution Summary
This paper presents a comprehensive survey of electromagnetic side-channel attacks and their potential applications in digital forensics on Internet of Things (IoT) devices. The authors discuss the increasing prevalence of IoT devices and the challenges they pose to digital forensic investigations, including the encryption of data and the limited standard interfaces for communication. They explore the use of electromagnetic side-channel analysis as a non-intrusive technique for recovering cryptographic keys and other sensitive information from IoT devices. The paper reviews the literature on various EM side-channel analysis attack techniques and identifies promising avenues for research and future applications. The authors also discuss the potential of EM side-channel attacks to overcome the encryption problem in digital forensics on IoT devices and identify the shortage of reliable tools and frameworks available for utilizing EM side-channel analysis in digital forensic investigations.
Keywords: Electromagnetic side-channel attacks; Internet-of-things (IoT); Digital forensics; Data encryption; Side-channel analysis; EM emissions; Power analysis; Acoustic emanations
Abstract
The increasing prevalence of Internet of Things (IoT) devices has made it inevitable that their pertinence to digital forensic investigations will increase into the foreseeable future. These devices produced by various vendors often posses limited standard interfaces for communication, such as USB ports or WiFi/Bluetooth wireless interfaces. Meanwhile, with an increasing mainstream focus on the security and privacy of user data, built-in encryption is becoming commonplace in consumer-level computing devices, and IoT devices are no exception. Under these circumstances, a significant challenge is presented to digital forensic investigations where data from IoT devices needs to be analysed. This work explores the electromagnetic (EM) side-channel analysis literature for the purpose of assisting digital forensic investigations on IoT devices. EM side-channel analysis is a technique where unintentional electromagnetic emissions are used for eavesdropping on the operations and data handling of computing devices. The non-intrusive nature of EM side-channel approaches makes it a viable option to assist digital forensic investigations as these attacks require, and must result in, no modification to the target device. The literature on various EM side-channel analysis attack techniques are discussed - selected on the basis of their applicability in IoT device investigation scenarios. The insight gained from the background study is used to identify promising future applications of the technique for digital forensic analysis on IoT devices - potentially progressing a wide variety of currently hindered digital investigations.
BibTeX
@article{sayakkara2019EMSideChannelsForensics,
author={Sayakkara, Asanka and Le-Khac, Nhien-An and Scanlon, Mark},
title="{A Survey of Electromagnetic Side-Channel Attacks and Discussion on their Case-Progressing Potential for Digital Forensics}",
journal="{Digital Investigation}",
year=2019,
month=07,
volume="29",
number="1",
pages="43-54",
publisher={Elsevier},
doi="https://doi.org/10.1016/j.diin.2019.03.002",
url="https://www.sciencedirect.com/science/article/pii/S1742287618303840",
keywords = "Electromagnetic Side-Channel Attacks, Internet-of-Things (IoT), Digital Forensics, Data Encryption",
abstract="The increasing prevalence of Internet of Things (IoT) devices has made it inevitable that their pertinence to digital forensic investigations will increase into the foreseeable future. These devices produced by various vendors often posses limited standard interfaces for communication, such as USB ports or WiFi/Bluetooth wireless interfaces. Meanwhile, with an increasing mainstream focus on the security and privacy of user data, built-in encryption is becoming commonplace in consumer-level computing devices, and IoT devices are no exception. Under these circumstances, a significant challenge is presented to digital forensic investigations where data from IoT devices needs to be analysed. This work explores the electromagnetic (EM) side-channel analysis literature for the purpose of assisting digital forensic investigations on IoT devices. EM side-channel analysis is a technique where unintentional electromagnetic emissions are used for eavesdropping on the operations and data handling of computing devices. The non-intrusive nature of EM side-channel approaches makes it a viable option to assist digital forensic investigations as these attacks require, and must result in, no modification to the target device. The literature on various EM side-channel analysis attack techniques are discussed -- selected on the basis of their applicability in IoT device investigation scenarios. The insight gained from the background study is used to identify promising future applications of the technique for digital forensic analysis on IoT devices -- potentially progressing a wide variety of currently hindered digital investigations."
}