When the computer attacks the target devices

Hackers and researchers are increasingly interested in hardware attacks on electronic devices. These make it possible to circumvent security protocols, to track Internet users or simply to destroy machines.

When mentioning a computer attack, one thinks above all else that the virus is making its way through zigzag lines of code. However, the idea that these threats consist of programs that attack other programs is reductive. o . program SoftwareIt operates thanks to a group of electronic components which are referred to as the hardware part, or hardware. This ranges from a chip in a motion-detecting sensor to turn on the light in front of the garage, to dozens of the latest processors inside a supercomputer.

Why (and how) do you attack matter?

There are two main scenarios. Side-channel attacks are a way to circumvent cryptographic security software protocols, which rely on mathematical problems that are too complex to be solved by anyone without the key. Instead of forcing these algorithms, the attacker analyzes the functioning of the devices, through their energy consumption or their computation time, while executing these algorithms to infer their secrets.

The chips in our bank cards can be data theft targets, especially when making contactless payments.

In the other broad category, corrupt attacks consist of a push hardware in its fortifications, for example by heating it beyond its limits, to block a computer system. In either case, the purpose is usually to restore information rather than destroy the device.

If the software is updated regularly, computer components can remain unchanged for many years and being replaced by each new threat will be at an astronomical cost.

These attacks were initially conceived to steal bank data on our credit card chipsLilian Bosset, a professor at Jean Monnet University in Saint-Etienne and a member of the Hubert Curien Laboratory, explains.. These methods are now applied to mobile phones, whose circuits are not well protected. However, the situation is worse in the Internet of Things, where devices are ubiquitous and not at all secure, if at all.. » Whether they aim to hardware where is the software, Attacks pass through flaws. Computer security researchers track these same flaws, with the goal of correcting them before they are discovered by malicious people.

But while software vulnerabilities can sometimes be fixed with a few lines of code, changing hardware is more difficult. It joins another interest to attack it: if the software is updated regularly, computer components can remain unchanged for many years and be replaced by every new threat that will have an astronomical cost.

IoT as a gateway

Device attacks are generally divided into two typesexplains Clementine Morris, a CNRS researcher in the CRISTAL Laboratory. We first find hardware-by-hardware attacks, and hardware-by-software attacks. I am primarily interested in this second scenario and side channel attacks. »

The presence of objects attached to the antennas is an additional vulnerability, since certain attacks can be carried out at a distance of several tens of meters.

Attacks also take advantage of the fact that electronic devices are increasingly connected. While efforts are made to protect computers, this is not necessarily the case for other devices associated with them. The presence of objects attached to the antennas is an additional vulnerability, since certain attacks can be carried out at a distance of several tens of meters. ” Systems become increasingly complex and interconnected, and face more complex paths of attackLiliane Bosset explains. The point of entry into the system, which is usually the least secure part, is not necessarily the end target of the attack. »

Take for example Stuxnet, a virus likely designed by US and Israeli services, which managed to make its way into Iran’s nuclear program in 2010.

Speak and break a file hardware

attacks hardware Through programs often pass through an Internet browser, which will execute a script in a programming language such as JavaScript. There is no need to download and install questionable software, such an attack can happen simply by clicking on a malicious web page. ” In hardware-to-device side channel attacks, current consumption and electromagnetic fields give indications of activity Hardware, Clementine Morris continues. One can detect when it performs encryption activities and attack it in time to retrieve the encryption keys.»

Some attacks rely on encrypted scripts as here in JavaScript.

In particular, there is a bug attack called Rowhammer.js, which accesses all of a computer’s physical memory by causing electrical charges to move. The commonly used image describes the Rowhammer.js principle as drumming on a door we’re not interested in, until the vibrations resonate and the target door actually opens. Because if we have the idea of ​​a completely virtual and immaterial computer, it is nevertheless based on electronic components operating from very tangible physical phenomena. ” Electricity consumption and light emissions also tell us about the activity of transistorsLiliane Bosset adds. We know that they use up the most power when they change state, that is, when they manipulate information. You can sometimes read sequence 0 and 1 directly on an oscilloscope. . And if that’s not enough, various artificial intelligence techniques are deciphering this information more accurately.

Identify users by their segments

To dig deeper into these physical vulnerabilities, Lilian Bossuet’s Sesam team exploited a platform of four lasers, designed by Alphanov, of which CNRS is a founding member, to target components. Thus researchers are able to modify pieces of information during program execution, thus changing instructions and values. Then the systems become very weak. The material displays other weaknesses, and is specifically targeted for fingerprint(fingerprints). This concept consists in searching for ways to identify Internet users, most often without their knowledge. It’s not necessarily about getting back to their identity, but rather getting to know a user who might return to the site, see their activity before they came there, etc. The best known digital fingerprints are cookies and often use IP addresses. If these items pass through the software part, hackers and researchers realize that it can also be done hardware .

Alphanov four-point laser bench, used to physically alter bits of information during program execution.

The Spirals team, where Clementine Morris works, developed DrawnApart technology from Ben-Gurion University of the Negev (Israel) fingerprintGPU-based: A computer graphics processor. ” We were able to distinguish between two GPUs of the same brand and model that run the same operating system The researcher explains. one anotherfingerprint The program, we started from scratch every time the user updated their browser. There, we can track him as long as he keeps the same GPU, which probably won’t change for several years . The length of time that the tracking is kept is actually a key parameter, because there is little point in keeping track of the navigation of Internet users briefly.

The material is specifically intended for fingerprint (fingerprints). This concept consists in searching for ways to identify Internet users, most often without their knowledge.

To work, DrawApart uses a JavaScript script that is executed by an Internet browser. This software forces the GPU to simulate drawing points in 3D space. By generating accurate enough statistics about this task, DrawnApart is able to determine the finer details of each segment. DrawnApart can be prevented from running by blocking Java or WebGL scripts, but this deprives the user of legitimate functionality based on these two technologies. For example, content on many web pages will appear disorganized and some media, such as videos, will not play.

Researchers in the laboratory of Hubert Curien are also interested in fingerprinttools. ” We study non-reproducible bodily functions,”Microelectronic fingerprints that exploit subtle differences between transistors in typically similar circuitssays Lilian Bosset. By measuring these aberrations, we can track the material, but also target one circuit instead of another during an attack.. This approach was first developed to combat counterfeiting and theft circuits. However, the topic of cybersecurity has gradually established itself, in particular to reveal when an integrated circuit performs cryptographic calculations, which makes it possible to find out when it is attacked.

Integrated circuits opened under an electromagnetic probe to analyze the fingerprints of the devices.

But how do you protect yourself from all these threats? ” By trying to photograph our work, we realized that security solutions are perfectly compatible with barrier gesturesLilian Bosset laughs. For performance reasons, many processors share cache areas, where they can leave information that then becomes vulnerable. It is necessary to think of new architectures that make it possible to isolate actually critical information. But enhancing security necessarily comes at a price. If it were accepted for banking or military applications, it would be difficult to bear for traditional or domestic uses.. »

Find all computer security content in our profile:
cyber security goal

Leave a Comment

Your email address will not be published.