Search Results (293)

The rapid expansion of the Internet of Things (IoT) has opened resource-limited devices to novel physical threats, such as Side-Channel Attacks (SCAs) and Hardware Trojans (HTs). Traditional security mechanisms are often not capable of standing against such hardware-based attacks, specifically on low-power System-on-Chip (SoC) where static defenses can incur 2× to 3× overhead in silicon area and power. Herein, the gap between hardware security and embedded AI is compositionally formulated for discussion. We present a comprehensive survey of the current hardware threat landscape and analyze the emergence of “Secure-by-Design” paradigms, specifically focusing on the integration of Edge AI and TinyML as active, on-chip intrusion detection mechanisms. This review presents a critical analysis of trade-offs for running lightweight ML models on hardware by comparing state-of-the-art approaches. Our analysis highlights that optimized architectures, such as Mamba-Enhanced Convolutional Neural Networks (CNNs) and Gated Recurrent Unit (GRU), can achieve detection accuracies exceeding 99% against SCA and >92% against stealthy Hardware Trojans, while offering up to 75% lower power consumption compared to standard deep learning baselines. Finally, open challenges such as adversarial attacks on defense models are briefly discussed, and the focus is put on future directions toward constructing secure chips based on robust, AI-driven technology. Full article

Event-based person re-identification (Re-ID) has recently emerged as a privacy-friendly alternative to conventional RGB-based surveillance. However, the security and adversarial robustness of these systems remain largely understudied. This paper presents a systematic investigation into the vulnerabilities of event-based person Re-ID models operating on 5-channel event voxels. We evaluate the impact of a one-step FGSM attack on query-side event voxel inputs and measure the resulting retrieval performance. Our experiments demonstrate a significant susceptibility: under subtle perturbations, the Top-1 accuracy drops drastically from 0.462 to 0.154. Critically, these adversarial inputs maintain high perceptual similarity to the original data, with an average SSIM of approximately 0.99 and an average PSNR of 45 dB, rendering the modifications nearly imperceptible. These findings suggest that the sparse and asynchronous nature of event-based person Re-ID, despite its potential privacy advantages, is highly susceptible to gradient-based exploits. This study highlights the need for robustness-aware design and defense mechanisms in event-based surveillance systems. Full article

Multi-tenancy is essential for scalable IoT–Cloud systems; however, it introduces complex security vulnerabilities at the intersection of shared cloud infrastructures and resource-constrained IoT environments. This systematic review evaluates next-generation security frameworks designed to enforce tenant isolation without violating the strict latency (<10 ms) and energy bounds of lightweight sensors. Adhering to PRISMA guidelines, we analyze selected high-quality studies to categorize intersectional threats, including cross-tenant data leakage, side-channel attacks, and privilege escalation. Our analysis identifies a critical, unresolved conflict: existing mitigation strategies often incur a 12% computational and communication overhead, creating a significant barrier for real-time applications. Furthermore, we critically analyze emerging technologies, including Zero Trust Architectures (ZTA), adaptive Artificial Intelligence (AI), blockchain, and Post-Quantum Cryptography (PQC). We find that direct PQC deployment is currently infeasible for LPWAN protocols due to key-size constraints (1.6 KB) that exceed typical payload limits. To address these challenges, we propose a novel multi-layer security design principle that offloads heavy isolation and cryptographic workloads to hardware-accelerated edge gateways, thereby maintaining tenant isolation without compromising real-time performance. Finally, this review serves as a roadmap for future research, highlighting federated learning and hardware enclaves as essential pathways for securing next-generation multi-tenant IoT ecosystems. Full article

The rapid expansion of Internet of Things (IoT) technologies has introduced diverse applications while simultaneously exposing devices to increasing cybersecurity risks. Sensitive data handled within IoT networks and the limited resources of connected devices make conventional intrusion detection methods often impractical. This work introduces an approach for detecting cyberattacks in IoT environments through side-channel analysis based on device power consumption. A lightweight machine learning framework is employed to identify anomalous behavior without disrupting normal device operation. Experiments conducted on various setups, including custom datasets and unseen attack patterns, confirm the system’s effectiveness and real-time detection capability. The proposed solution stands out for its simplicity, reproducibility, and ease of deployment across heterogeneous IoT infrastructures with minimal computational overhead. Full article

The growing dependence on third-party foundries for integrated circuit (IC) fabrication has created major security concerns because of hardware Trojan (HT) insertion risks. Traditional detection methods, including side-channel analysis and golden reference models, face limitations such as sensitivity to noise, high cost, and impracticality for large-scale deployment. This work introduces a machine learning framework for HT detection that eliminates the need for golden references. The framework automatically extracts statistical features from chip data, groups chips into clusters, and uses an internal filtering process to identify the most reliable patterns. These patterns are then used to guide a learning model that can accurately separate Trojan-infected chips from clean ones. Experimental evaluation demonstrates that the proposed method achieves high detection accuracy with zero false negatives, while remaining resilient against adversarial perturbations. These findings indicate that cluster-filtered pseudo-labeling provides a practical and scalable solution for enhancing hardware security in modern IC supply chains. Full article

We present a combined ML/NLP (Machine Learning, Natural Language Processing) pipeline for protecting cloud-based APIs (Application Programming Interfaces), which works both at the level of individual HTTP (Hypertext Transfer Protocol) requests and at the access log file reading mode, linking explicitly technical anomalies with business risks. The system processes each event/access log through parallel numerical and textual branches: a set of anomaly detectors trained on traffic engineering characteristics and a hybrid NLP stack that combines rules, TF-IDF (Term Frequency-Inverse Document Frequency), and character-level models trained on enriched security datasets. Their results are integrated using a risk-aware policy that takes into account endpoint type, data sensitivity, exposure, and authentication status, and creates a discrete risk level with human-readable explanations and recommended SOC (Security Operations Center) actions. We implement this design as a containerized microservice pipeline (input, preprocessing, ML, NLP, merging, alerting, and retraining services), orchestrated using Docker Compose and instrumented using OpenSearch Dashboards. Experiments with OWASP-like (Open Worldwide Application Security Project) attack scenarios show a high detection rate for injections, SSRF (Server-Side Request Forgery), Data Exposure, and Business Logic Abuse, while the processing time for each request remains within real-time limits even in sequential testing mode. Thus, the pipeline bridges the gap between ML/NLP research for security and practical API protection channels that can evolve over time through feedback and retraining. Full article

Instruction Set Architecture (ISA) extensions, particularly scalar cryptography extensions (Zk), combine the performance advantages of hardware with the adaptability of software, enabling the direct and efficient execution of cryptographic functions within the processor pipeline. This integration eliminates the need to communicate with external cores, substantially reducing latency, power consumption, and hardware overhead, making it especially suitable for embedded systems with constrained resources. However, current scalar cryptography extension implementations remain vulnerable to physical threats, notably power side-channel attacks (PSCAs). These attacks allow adversaries to extract confidential information, such as secret keys, by analyzing the power consumption patterns of the hardware during operation. This paper presents an optimized and secure implementation of the RISC-V scalar Advanced Encryption Standard (AES) extension (Zkne/Zknd) using Domain-Oriented Masking (DOM) to mitigate first-order PSCAs. Our approach features optimized assembly implementations for partial rounds and key scheduling alongside pipeline-aware microarchitecture optimizations. We evaluated the security and performance of the proposed design using the Xilinx Artix7 FPGA platform. The results indicate that our design is side-channel-resistant while adding a very low area overhead of 0.39% to the full 32-bit CV32E40S RISC-V processor. Moreover, the performance overhead is zero when the extension-related instructions are properly scheduled. Full article

With the widespread diffusion of personal Internet of Things (IoT) devices, Electromagnetic Side-Channel Attacks (EM-SCAs), which exploit electromagnetic emissions to uncover critical data such as cryptographic keys, are becoming extremely common. Existing shielding approaches typically rely on bulky or opaque materials, which limit integration in modern IoT environments; this motivates the need for a transparent, lightweight, and easily integrable solution. Thus, to address this threat, we propose the use of electromagnetic metasurfaces with shielding capabilities, fabricated with an optically transparent conductive film. This film can be easily integrated into glass substrates, offering a novel and discrete shielding solution to traditional methods, which are typically based on opaque dielectric media. The paper presents two proof-of-concept case studies for shielding against EM-SCAs. The first one investigates the design and fabrication of a passive metasurface aimed at shielding emissions from chip processors in IoT devices. The metasurface is conceived to attenuate a specific frequency range, characteristic of the considered IoT processor, with a target attenuation of 30 dB. At the same time, the metasurface ensures that signals from 4G and 5G services are not affected, thus preserving normal wireless communication functioning. Conversely, the second case study introduces an active metasurface for dynamic shielding/transmission behavior, which can be modulated through diodes according to user requirements. This active metasurface is designed to block undesired electromagnetic emissions within the 150–465 MHz frequency range, which is a common band for screen gleaning security threats. The experimental results demonstrate an attenuation of approximately 10 dB across the frequency band when the shielding mode is activated, indicating a substantial reduction in signal transmission. Both the case studies highlight the potential of transparent metasurfaces for secure and dynamic electromagnetic shielding, suggesting their discrete integration in building windows or other environmental structural elements. Full article

This paper presents the findings of a pilot study investigating the feasibility of recognizing keyboard keystroke sounds using Convolutional Neural Networks (CNNs) as a means of simulating an acoustic side-channel attack aimed at recovering typed text. A dedicated dataset of keyboard audio recordings was collected and preprocessed using signal-processing techniques, including Fourier-transform-based feature extraction and mel-spectrogram analysis. Data augmentation methods were applied to improve model robustness, and a CNN-based prediction architecture was developed and trained. A series of experiments was performed under multiple conditions, including controlled laboratory settings, scenarios with background noise interference, tests involving a different keyboard model, and evaluations following model quantization. The results indicate that CNN-based models can achieve high keystroke-prediction accuracy, demonstrating that this class of acoustic side-channel attacks is technically viable. Additionally, the study outlines potential mitigation strategies designed to reduce exposure to such threats. Overall, the findings highlight the need for increased awareness of acoustic side-channel vulnerabilities and underscore the importance of further research to more comprehensively understand, evaluate, and prevent attacks of this nature. Full article

Side-channel attacks leveraging microarchitectural components such as caches and translation lookaside buffers (TLBs) pose increasing risks to cryptographic and machine-learning workloads. This paper presents a comparative study of performance and side-channel leakage under two page-size configurations—standard 4 KB pages and 2 MB huge pages—using paired attacker–victim experiments instrumented with both Performance Monitoring Unit (PMU) counters and precise per-access timing using rdtscp(). The victim executes repeated, key-dependent memory accesses across eight cryptographic modes (AES, ChaCha20, RSA, and ECC variants) while the attacker records eight PMU features per access (cpu-cycles, instructions, cache-references, cache-misses, etc.) and precise rdtscp() timing. The resulting traces are analyzed using a multilayer perceptron classifier to quantify key-dependent leakage. Results show that the 2 MB huge-page configuration achieves a comparable key-classification accuracy (mean 0.79 vs. 0.77 for 4 KB) while reducing average CPU cycles by approximately 11%. Page-index identification remains near random chance (3.6–3.7% for PMU side-channels and 1.5% for timing side-channel), indicating no increase in measurable leakage at the page level. These findings suggest that huge-page mappings can improve runtime efficiency without amplifying observable side-channel vulnerabilities, offering a practical configuration for balancing performance and security in user-space cryptographic workloads. Full article

Acoustic Side-Channel Attacks (ASCAs) exploit the sound produced by keyboards and other devices to infer sensitive information without breaching software or network defenses. Recent advances in deep learning, large language models, and signal processing have greatly expanded the feasibility and accuracy of these attacks. To clarify the evolving threat landscape, this survey systematically reviews ASCA research published between January 2020 and February 2025. We categorize modern ASCA methods into three levels of text reconstruction—individual keystrokes, short text (words/phrases), and long-text regeneration— and analyze the signal processing, machine learning, and language-model decoding techniques that enable them. We also evaluate how environmental factors such as microphone placement, ambient noise, and keyboard design influence attack performance, and we examine the challenges of generalizing laboratory-trained models to real-world settings. This survey makes three primary contributions: (1) it provides the first structured taxonomy of ASCAs based on text generation granularity and decoding methodology; (2) it synthesizes cross-study evidence on environmental and hardware factors that fundamentally shape ASCA performance; and (3) it consolidates emerging countermeasures, including Generative Adversarial Network-based noise masking, cryptographic defenses, and environmental mitigation, while identifying open research gaps and future threats posed by voice-enabled IoT and prospective quantum side-channels. Together, these insights underscore the need for interdisciplinary, multi-layered defenses against rapidly advancing ASCA techniques. Full article

Cache-based side-channel attacks, specifically Flush+Reload and Prime+Probe, pose a critical threat to the confidentiality of AES-encrypted systems, particularly in shared resource environments such as Smart Agriculture IoT. While deep learning has shown promise in detecting these attacks, existing approaches based on Convolutional Neural Networks struggle with robustness when distinguishing between multiple attack vectors. In this paper, we propose a Transformer-based detection framework that leverages self-attention mechanisms to capture global temporal dependencies in cache timing traces. To overcome data scarcity issues, we constructed a comprehensive and balanced dataset comprising 10,000 timing traces. Experimental results demonstrate that while the baseline CNN model suffers a significant performance drop to 66.73% in mixed attack scenarios, our proposed Transformer model maintains a high classification accuracy of 94.00%. This performance gap represents a 27.27% absolute improvement, proving the proposed method effectively distinguishes between different attack types and benign system noise. We further integrate these findings into a visualization interface to facilitate real-time security monitoring. Full article

Electronic devices are now ubiquitous across both professional and personal domains, often containing sensitive information that should remain undisclosed to untrustworthy third parties. Consequently, there is an increased demand for effective security measures to prevent the leakage of confidential data. While some devices utilize mathematically secure algorithms to safeguard sensitive information, there remains a vulnerability to informational leaks through Side-Channel Attacks (SCAs) targeting hardware platforms. Non-profiled SCAs, including Correlation Power Analysis (CPA), are particularly practical since they require access only to the target device. In this study, we propose and investigate the use of Deep Learning (DL) techniques to enhance the effectiveness of non-profiled SCAs through an optimized Deep Learning Power Analysis (DLPA) algorithm. Optimized DLPA attacks are implemented using Multi-Layer Perceptron (MLP) and Convolutional Neural Network (CNN) models, and are applied to the PRIDE SBox-4 block across conventional CMOS-style circuits and secure Sense Amplifier-Based Logic (SABL) Dual Precharge Logic (DPL) structure circuits. Both FinFET and TFET device technologies are evaluated. The experimental results show that the optimized DLPA approach consistently outperforms traditional CPA attacks. The optimized DLPA method succeeds even against TFET-based SABL-DPL circuits, which are resistant to conventional techniques. These findings demonstrate the increased threat posed by DL-based SCAs and highlight the need for evaluating hardware security against advanced machine learning-based methods. Full article

The Loop-Back Quantum Key Distribution (LB-QKD) protocol establishes a bidirectional architecture in which a single photon travels forth and back through the same optical channel. Unlike conventional one-way schemes such as BB84, Alice performs both state preparation and measurement, while Bob acts as a passive polarization modulator and reflector. This design eliminates detectors at Bob’s side, minimizes synchronization requirements, and enables compact, low-power implementations suitable for quantum-mobile and IoT platforms. An extended three-basis configuration $\{X,Y,Z\}$ is introduced, preserving the simplicity of the two-basis scheme while improving noise tolerance through enhanced orthogonality-based filtering. Analytical modeling shows that the effective protocol error decreases from $E_{\mathrm{protocol}}^{\left(2\right)}=e/2$ to $E_{\mathrm{protocol}}^{\left(3\right)}=e/3$, achieving a 33% improvement in noise resilience. Despite its slightly lower sifting efficiency ($\eta =1/6$), the total information gain reaches $G=0.26$ bits per pulse, maintaining post-sifting throughput comparable to BB84. The protocol doubles the tolerable QBER of conventional QKD, sustaining secure operation up to $22\%$ for two bases and approximately $47.58\%$ for three bases. Its passive, self-verifying architecture enhances resistance to man-in-the-middle, photon-number-splitting, and side-channel attacks, providing a scalable and energy-efficient framework for secure key distribution and authentication in next-generation mobile and distributed quantum networks. Full article

TLS 1.3 is a crucial protocol for securing modern internet communications. To facilitate a smooth transition to post-quantum security, hybrid key exchange, which combines classical key exchange algorithms with post-quantum key encapsulation mechanisms (KEMs), is proposed to enhance the security of the current TLS 1.3 handshake. However, existing drafts and implementations of hybrid key exchange for TLS 1.3 primarily rely on CCA-secure KEMs (i.e., secure against chosen-ciphertext attacks) based on the Fujisaki-Okamoto (FO) transform. The re-encryption step in their decapsulation algorithms not only introduces additional performance overhead but also raises the risk of side-channel attacks. Although Huguenin-Dumittan and Vaudenay (Eurocrypt 2022) and Zhou et al. (Asiacrypt 2024) demonstrated that the weaker CPA-secure KEMs (i.e., secure against chosen-plaintext attacks) suffice for constructing a secure TLS 1.3 handshake, their analyses were limited to single-KEM settings and did not consider the hybrid key exchange scenario. This work challenges the necessity of CCA security by proving that CPA-secure KEMs are sufficient for the TLS 1.3 handshake even in the hybrid key exchange setting. We provide the first formal security proofs for this claim, covering both the classical random oracle model (ROM) and the quantum random oracle model (QROM), thereby ensuring security against quantum adversaries. To validate the practical benefits, we conduct an extensive performance evaluation based on the latest OpenSSL implementation. Our results show that using CPA-secure KEMs yields up to 44.8% performance improvement at the key exchange layer and up to approximately 9% acceleration for the full TLS 1.3 handshake. Beyond performance gains, this approach reduces the codebase’s attack surface by eliminating the re-encryption step, thereby mitigating a class of side-channel vulnerabilities. Our work positions CPA-secure KEMs as a secure, efficient, and practical alternative for standardizing and deploying post-quantum TLS 1.3 even with hybrid key exchange. Full article