前沿领域
侧信道
- side channels: power analysis
- kbd-audio: Acoustic keyboard eavesdropping (github.com)
- DensePose From WiFi
- Hertzbleed Attack:Side-Channel Attack allows to remotely steal encryption keys from AMD and Intel chips
- Charger-Surfing: Exploiting a Power Line Side-Channel for Smartphone Information Leakage
- GhostTalk: Interactive Attack on Smartphone Voice System Through Power Line 译文
- GhostTouch: Targeted Attacks on Touchscreens without Physical Touch 译文
- DolphinAttack: Inaudible Voice Commands
- SurfingAttack: 超声波与语音助手交互的隐秘攻击
- 利用激光雷达将小米扫地机器人改造为窃听器
- Light Commands:利用激光向 MEMS 麦克风注入命令
- Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification
- DeWiCam: 基于流量分析的隐藏的偷拍摄像头检测
- 漂亮侧信道:从timeless attack到pipeline的放大攻击
- Security Engineering: A Guide to Building Dependable Distributed Systems,3rd Edition (Chapter 19 Side Channels)
- Keytap3: acoustic keyboard eavesdropping source
故障注入
- Breaking Mifare DESFire MF3ICD40: Power Analysis and Templates in the Real World?
- CVE-2021-43327 Renesas RX65 Glitching
- ESP32_nRF52_SWD: This software brings you the possibility to Read and Write the internal Flash of the Nordic nRF52 series with an ESP32
- 绕过APPROTECT提取nRF52840固件(CVE-2020-27211复现)
- nRF52 平台芯片电压毛刺注入绕过调试保护
- Bypassing the Renesas RH850/P1M-E read protection using fault injection
- Replicant: Reproducing a Fault Injection Attack on the Trezor One
- BAM BAM!! On Reliability of EMFI for in-situ Automotive ECU Attacks?
- Bypassing the Renesas RH850/P1M-E read protection using fault injection
- Replicant: Reproducing a Fault Injection Attack on the Trezor One
- Flash BASH: A tool which automates glitching and allows for precise timing attacks
- Enter the EFM32 Gecko
- The PocketGlitcher
- nRF52 Debug Resurrection (APPROTECT Bypass) Part 1 Silde
- nRF52 Debug Resurrection (APPROTECT Bypass) Part 2
- Pwn MBedTLS on ESP32: DFA Warm-up
- Attacking USB Gear with EMFI PDF
- Espressif ESP32: Bypassing Secure Boot using EMFI
- Fill your Boots: Enhanced Embedded BootloaderExploits via Fault Injection and Binary Analysis
- Fault Injection - Pin2pwn