Cybersecurity aspects of embedded

systems
 1. Functional classifications
1.1 Integrity Attacks: Integrity of information refers to protecting information from being modified
by unauthorized parties.
 Network Attacks against Integrity
Salami attacks: Salami attacks are a series of minor data security attacks that together
result in a larger attack. For example, deducting a very small amount or money from a bank
account which is not noticeable. But when the deduct very small amounts from large number
of accounts, it become a huge amount.
Data diddling attacks: Data diddling is an illegal or unauthorized data alteration. Changing
data before or as it is input into a computer or output. Example: Account executives can
change the employee time sheet information of employees before entering to the HR payroll
application.
Trust relationship attacks: Trust relationship attacks exploit the trust between different
devices in a network.
Man-in-the-middle attacks: A man-in-the-middle attack is a type of network attack where
the attacker sits between two devices that are communicating to manipulate the data as it
moves between them.
Session hijacking attacks: Session hijacking is another type of network attack where the
attacker hacks a computer session to gain unauthorized access to information or services in
a computer system.f
1.2 Privacy Attacks

● A privacy attack takes seemingly innocuous (harmless)

released information and uses it to discern the private
details of individuals, thus demonstrating that such
information compromises privacy.
● For example, re-identification attacks have shown that it is
easy to link supposedly de-identified records to the identity
of the individual concerned.
 Network Attacks against Confidentiality
Attackers can use many methods to compromise confidentiality. Following are some of the common methods:
Packet Capturing (Packet Sniffing): Packet Capturing (Packet Sniffing) is a type of network attack where the attacker capture
the data packets (typically Ethernet frames) in travel. Once the data is captured, the attacker can read the sensitive data like
passwords or card numbers, if the network traffic is not encrypted. The most widely used packet capture software is Wireshark.
Note: Wireshark is not a hacking tool, it is a well known network protocol analyzer used to troubleshoot network problems. But
hackers misuse Wireshark with bad intentions.
Password Attacks: Password based attacks are used to hack the passwords of users of a target computer to gain access. Two
types of password attacks are dictionary based attack (where an attacker tries each of the words in a dictionary or commonly
used passwords to hack the user password) and brute force attack (where an attacker tries every single possible password
combinations using Brute Force hacking tools to hack the user password).
Port Scanning and Ping Sweeps: Port Scanning is a type of network attack, where the attacker tries to discover the services
running on a target computer by scanning the TCP/UDP ports. Here the attacker tries to establish connection to the TCP/UDP
ports to find out which ports are open on a target computer. After finding which TCP/UDP ports are open, the attacker can find
out which service is running on a target computer and which software product is running on a target computer. Finally attacker
can attack and hack the target computer negotiating vulnerability in that software product.
A ping sweep is another kind of network attack where the intruder sends ping ICMP ECHO packets to a a range of IP addresses
to find out which one respond with an ICMP ECHO REPLY . Thus the attacker can identify which computers are up and which
computers are down.
Dumpster Diving: Dumpster diving is searching through company dumpsters for any information that can be useful for an
attacker for attacking the network. Example: Serching for employee names, Software application product information, network
infrastructure device make and models etc.
Wiretapping: Wiretapping is a type of network attack where the attacker hacks the telecommunication devices listen to the
phone calls of others.
Keylogger: A keylogger is a program that runs in the background of a computer, logging the user’s keystrokes. After a user
enters a password, it is stored in the log created by the keylogger and forwarded to the attacker.
Phishing and Pharming: Phishing is an attempt to hack sensitive information (usually financial information like bank
userid/password credit card details etc), by sending unsolicited emails with faks URLs. Pharming is another network attack aimed
at redirecting the traffic of one website to another website.
Social Engineering: Social Engineering is type of attack in which someone with very good interactive skills manipulates others
into revealing information about network that can be used to steal data.
1.3 Availability Attacks
Availability of information refers to ensuring that authorized parties are able to access the
information when needed.
Information only has value if the right people can access it at the right times. Denying access to
information has become a very common attack nowadays.
How does one ensure data availability? Backup is key. Regularly doing off-site backups can limit the
damage caused by damage to hard drives or natural disasters. For information services that is
highly critical, redundancy might be appropriate. Having a off-site location ready to restore services
in case anything happens to your primary data centers will heavily reduce the downtime in case of
anything happens.
 Network Attacks against Avilability

DoS (Denial of Service attacks): DOS Attack is a type of attack to a network

server with large number or service requests with it cannot handle. DoS (Denial of
Service Attack) can causes the server to crash the server and legitimate users are
denied the service.
DDoS (Distributed Denial of Service attacks ): Distributed Denial of Service
attack (DDoS) is a type of DoS attack, originating from many attacking computers
from different geographical regions.
SYN flood attacks and ICMP flood attacks: SYN flood attacks are type of attacks
where attacker sends many TCPSYN packets to initiate a TCP connected, but
never send a SYN-ACK pack back. In ICMP flood attack the victim computer is
sent with many false ICMP packets.
Electrical power attacks: Attacks involve power loss, reduction, or spikes.
Server Room Environment attacks: Fire, Temperature, water, humidity etc
 2. Agent based classification
2.1 Physical attack
2.2 Side channel attack
2.3 Software attack
 2.1 Physical attack
2.1.1. Eavesdropping
● An eavesdropping attack, which are also known as a sniffing or snooping
attack, is an incursion where someone tries to steal information that
computers, smartphones, or other devices transmit over a network.
● An eavesdropping attack takes advantage of unsecured network
communications in order to access the data being sent and received.
● Eavesdropping attacks are difficult to detect because they do not cause
network transmissions to appear to be operating abnormally.
2.1.2 Microprobing
● One well-known invasive attack is called microprobing.
● Microprobing means attaching microscopic needles onto the internal wiring of
a chip; this can be used to either read out internal secrets that are not intended
to leave the chip, or it can be used for fault attacks.
 2.2 Side channel attack
Side channel analysis tools
• Probes
– Power: Intercept power circuitry with small
resistor
– EM: Coil with low noise amplifier
• Digital storage oscilloscope
• Computer with analysis and control software
Principle of power analysis
Principle of electromagnetic analysis
Principle of timing analysis
 2.3 Software attack
VIRUS
A type of malicious software that, when executed, replicates itself by modifying other computer
programs and inserting its own code.[1] When this replication succeeds, the affected areas are then
said to be "infected" with a computer virus.
TROJAN HORSE
In computing, a Trojan horse, or Trojan, is any malicious computer program which misleads users of
its true intent.
● A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans
can be employed by cyber-thieves and hackers trying to gain access to users' systems. Users are
typically tricked by some form of social engineering into loading and executing Trojans on their
systems. Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive
data, and gain backdoor access to your system. These actions can include:

● Deleting data
● Blocking data
● Modifying data
● Copying data
● Disrupting the performance of computers or computer networks

● Unlike computer viruses and worms, Trojans are not able to self-replicate.