前沿领域
侧信道
- EUCLEAK:Revealing and Breaking Infineon ECDSA Implementation on the Way Paper
- New Side-Channel Attack on ARM: Implications for IoT Security
- Wireless Charging Power Side-Channel Attacks
- side channels: power analysis
- kbd-audio: Acoustic keyboard eavesdropping (github.com)
- DensePose From WiFi
- Hertzbleed Attack:Side-Channel Attack allows to remotely steal encryption keys from AMD and Intel chips
- Charger-Surfing: Exploiting a Power Line Side-Channel for Smartphone Information Leakage
- GhostTalk: Interactive Attack on Smartphone Voice System Through Power Line 译文
- GhostTouch: Targeted Attacks on Touchscreens without Physical Touch 译文
- DolphinAttack: Inaudible Voice Commands
- SurfingAttack: 超声波与语音助手交互的隐秘攻击
- 利用激光雷达将小米扫地机器人改造为窃听器
- Light Commands:利用激光向 MEMS 麦克风注入命令
- Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification
- DeWiCam: 基于流量分析的隐藏的偷拍摄像头检测
- 漂亮侧信道:从timeless attack到pipeline的放大攻击
- Security Engineering: A Guide to Building Dependable Distributed Systems,3rd Edition (Chapter 19 Side Channels)
- Keytap3: acoustic keyboard eavesdropping source
故障注入
- Can You Get Root With Only a Cigarette Lighter?
- SECGlitcher (Part 1) - Reproducible Voltage Glitching on STM32 Microcontrollers
- Shedding too much Light on a Microcontroller’s Firmware Protection
- ElectronicCats/faultycat: Faulty Cat is a low-cost Electromagnetic Fault Injection (EMFI) tool, designed specifically for self-study and hobbiest research
- How to voltage fault injection
- Exception(al) Failure - Breaking the STM32F1 Read-Out Protection
- Breaking Mifare DESFire MF3ICD40: Power Analysis and Templates in the Real World?
- CVE-2021-43327 Renesas RX65 Glitching
- ESP32_nRF52_SWD: This software brings you the possibility to Read and Write the internal Flash of the Nordic nRF52 series with an ESP32
- 绕过APPROTECT提取nRF52840固件(CVE-2020-27211复现)
- nRF52 平台芯片电压毛刺注入绕过调试保护
- Bypassing the Renesas RH850/P1M-E read protection using fault injection
- Replicant: Reproducing a Fault Injection Attack on the Trezor One
- BAM BAM!! On Reliability of EMFI for in-situ Automotive ECU Attacks?
- Bypassing the Renesas RH850/P1M-E read protection using fault injection
- Replicant: Reproducing a Fault Injection Attack on the Trezor One 译文
- Flash BASH: A tool which automates glitching and allows for precise timing attacks
- Enter the EFM32 Gecko
- The PocketGlitcher
- nRF52 Debug Resurrection (APPROTECT Bypass) Part 1 Silde
- nRF52 Debug Resurrection (APPROTECT Bypass) Part 2
- Pwn MBedTLS on ESP32: DFA Warm-up
- Attacking USB Gear with EMFI PDF
- Espressif ESP32: Bypassing Secure Boot using EMFI
- Fill your Boots: Enhanced Embedded BootloaderExploits via Fault Injection and Binary Analysis
- Fault Injection - Pin2pwn
- Shedding too much Light on a Microcontroller’s Firmware Protection | USENIX