*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************
Title: Analyzing Software using Unintentional Electromagnetic Emanations from Computing Devices
Committee:
Dr. Alenka Zajic, ECE, Chair , Advisor
Dr. Milos Prvulovic, CS
Dr. Moinuddin Qureshi, ECE
Dr. Tushar Krishna, ECE
Dr. Alex Orso, CS
Abstract:
This thesis develops methods to identify, quantify, and use information leaked in Electromagnetic (EM) emanations from a broad range of computing devices in a general (i.e. not application specific) way by synthesizing techniques from the fields of electromagnetics, computer architecture, and software engineering. Computers emit EM radiation (emanations) as a side effect of the voltage and current variations required to perform computation. Aside from cryptoanalysis, EM emanations provide information about a system's operation that may be useful in other applications. A number of emerging applications make use of EM emanations to extract new types of information from computing devices. For example, EM emanations can be used to determine or verify the execution path through a program for program profiling, debugging, and malware detection. These new applications require a more general approach that can be rapidly and automatically applied to numerous and diverse types of programs and computing devices. This approach requires automatic and systematic identification, quantification, and analysis of information embedded in EM emanations. Toward this goal, our research has developed (1) a methodology for quantifying the side channel signal created by single instruction differences in a computer programs, (2) a method for identifying existing signals within computing devices which are unintentionally amplitude modulated by program activity, (3) a method for profiling computer programs via EM emanations with zero hardware and software overhead, and (4) a method for detecting the presence of unknown code during executions of a known computer program using EM emanations alone at a distance of 3 meters.
