PhD Alumni
Dr. Asanka Sayakkara
University College Dublin
Asanka Sayakkara completed his PhD in the School of Computer Science, UCD, under the co-supervision of Dr. Nhien-An Le-Khac and Dr. Mark Scanlon. He graduated from University of Colombo, Sri Lanka with a bachelors degree in Computer Science.
His PhD research evolved around forensics in IoT big data.
Research Output
Publications
Low-overhead and Non-invasive Electromagnetic Side-Channel Monitoring for Forensic-ready Industrial Control Systems
Digital Forensics Doctoral Symposium
This paper proposes a low-overhead and non-invasive electromagnetic side-channel monitoring approach for forensic-ready industrial control systems. It uses unintentional electromagnetic radiation emitted by Ethernet network cables to detect denial of service attacks with considerable accuracy, introducing an architecture for ICS infrastructure to be forensic-ready with minimal computational resources.
A Digital Forensic Methodology for Encryption Key Recovery from Black-Box IoT Devices
Proceedings of the 12th International Symposium on Digital Forensics and Security
This paper presents a novel digital forensic methodology for recovering encryption keys from black-box IoT devices using electromagnetic side-channel analysis (EM-SCA). The approach leverages machine learning techniques to enhance the digital forensic process, reducing key space and mitigating investigative roadblocks. This automated, adaptable system preserves forensic evidence integrity and ensures wide applicability in the evolving IoT landscape.
Revealing IoT Cryptographic Settings through Electromagnetic Side-Channel Analysis
Electronics
This study explores the application of Electromagnetic Side-Channel Analysis (EM-SCA) for non-invasively detecting cryptographic settings in IoT devices. The researchers used a machine learning-based approach to identify key lengths and algorithms employed in IoT devices, demonstrating a notable accuracy of 94.55% in distinguishing between AES and ECC operations. This method has significant implications for digital forensic investigations, offering a novel approach for uncovering encrypted data's cryptographic settings.
Ensuring Cross-Device Portability of Electromagnetic Side-Channel Analysis for Digital Forensics
Forensic Science International: Digital Investigation Vol. 48 pp. 301684
This study investigates the cross-device portability of Electromagnetic Side-Channel Analysis (EM-SCA) for digital forensics, exploring its applicability to various smart devices. The authors experiment with different devices, including iPhones and Nordic Semiconductor nRF52-DK, and demonstrate the effectiveness of transfer learning techniques in achieving high accuracy.
Data Exfiltration through Electromagnetic Covert Channel of Wired Industrial Control Systems
Applied Sciences Vol. 13 pp. 2928
This study demonstrates a novel attack vector on industrial control systems (ICS) that leverages electromagnetic (EM) radiation from wired Ethernet connections to exfiltrate sensitive information. The attack exploits compromised firmware to encode data into packet transmission patterns, which are then captured and demodulated by an attacker's software-defined radio. This covert channel facilitates data exfiltration from up to two meters away with a 10 bps data rate.
Identifying Internet of Things Software Activities using Deep Learning-based Electromagnetic Side-Channel Analysis
Forensic Science International: Digital Investigation Vol. 39 pp. 301308
This study explores the application of machine learning techniques to identify complex activities on IoT devices using electromagnetic side-channel analysis. The researchers created a dataset by running ten sorting algorithms on an Arduino device and used it to train various classification models, including deep learning models. The results show that convolutional neural networks can accurately predict the activity being executed with a high level of accuracy (99.6%).
Electromagnetic Side-Channel Analysis Methods for Digital Forensics on Internet of Things
School of Computer Science, University College Dublin
This thesis explores the potential of leveraging Electromagnetic Side-Channel Analysis (EM-SCA) as a forensic evidence acquisition method for Internet of Things (IoT) devices. A model for IoT forensics using EM-SCA methods is formulated, enabling investigators to perform complex forensic insight-gathering procedures without expertise in EM-SCA. A proof-of-concept, EMvidence, is implemented as an open-source software framework, utilizing a modular architecture to extract specific forensic insights from IoT devices. The thesis presents methods for acquiring forensic insights, including detecting cryptography-related events, firmware version, and malicious modifications to the firmware. Machine Learning algorithms are used to automatically identify known patterns of EM radiation with over 90% accuracy.
SoK: Exploring the State of the Art and the Future Potential of Artificial Intelligence in Digital Forensic Investigation
The 13th International Workshop on Digital Forensics (WSDF), held at the 15th International Conference on Availability, Reliability and Security (ARES)
This systematic overview of artificial intelligence (AI) in digital forensic investigation explores the current state of the art and future potential of AI in expediting digital forensic analysis and increasing case processing capacities. The authors discuss AI applications in data discovery, device triage, and other areas, highlighting current challenges and future directions.
Facilitating Electromagnetic Side-Channel Analysis for IoT Investigation: Evaluating the EMvidence Framework
Forensic Science International: Digital Investigation
This paper presents the EMvidence framework, a software tool that facilitates electromagnetic side-channel analysis for IoT investigation. The framework automates and simplifies the process of acquiring and analyzing electromagnetic signals from IoT devices, making it accessible to digital forensic investigators without specialized equipment or expertise.
Cutting through the Emissions: Feature Selection from Electromagnetic Side-Channel Data for Activity Detection
Forensic Science International: Digital Investigation Vol. 32 pp. 300927
This paper presents a systematic methodology to identify information leaking frequency channels from high dimensional EM data using multiple filtering techniques and machine learning. The approach is evaluated on a dataset of EM signals from an IoT device, demonstrating its effectiveness in reducing the number of channels from 20,000 to less than 100, improving real-time analysis efficiency.
EMvidence: A Framework for Digital Evidence Acquisition from IoT Devices through Electromagnetic Side-Channel Analysis
Forensic Science International: Digital Investigation Vol. 32 pp. 300907
This paper presents EMvidence, a software framework for digital forensic investigators to acquire evidence from IoT devices through electromagnetic side-channel analysis. The framework automates and performs electromagnetic side-channel evidence collection, making it a practical reality for digital forensic investigators.
A Survey of Electromagnetic Side-Channel Attacks and Discussion on their Case-Progressing Potential for Digital Forensics
Digital Investigation Vol. 29 pp. 43-54
This paper surveys electromagnetic side-channel attacks and their potential for digital forensics on IoT devices. It discusses the challenges of analyzing encrypted data from IoT devices and explores the use of electromagnetic side-channel analysis to recover cryptographic keys and other sensitive information.
Leveraging Electromagnetic Side-Channel Analysis for the Investigation of IoT Devices
Digital Investigation
This paper presents a novel methodology to inspect the internal software activities of IoT devices through their electromagnetic radiation emissions during live device investigation. The approach uses electromagnetic side-channel analysis (EM-SCA) to detect software activities, including cryptographic algorithms and malicious modifications, with high accuracy.
Accuracy Enhancement of Electromagnetic Side-channel Attacks on Computer Monitors
The Second International Workshop on Criminal Use of Information Hiding (CUING), part of the 13th International Conference on Availability, Reliability and Security (ARES)
This paper investigates the accuracy of electromagnetic side-channel attacks on computer monitors, focusing on factors beyond sampling rate and bandwidth. The authors evaluate noise removal, image blending, and image quality adjustments to improve image reconstruction accuracy, exploring avenues for future improvements in EM side-channel attacks.
Electromagnetic Side-Channel Attacks: Potential for Progressing Hindered Digital Forensic Analysis
Proceedings of the International Workshop on Speculative Side Channel Analysis (WoSSCA 2018)
This paper explores the potential of electromagnetic side-channel analysis in progressing hindered digital forensic investigations. The authors argue that EM side-channel attacks can provide a hands-off approach to accessing internal device information, overcoming encryption and limited standardization of IoT devices.