Skip to content
YakB

Cybersecurity

Material attack

Section titled “Material attack”
  • Side channel attack (timing attack, power analysis, electromagnetic analysis)
  • Intrusive attack (microprobe to record the internal state of the chip)
  • Material bug (0-day attack)
  • Sying on memory
  • Peripheral attack (e.g., USB attack, Thunderbolt, Keyboard, Mouse, Network card chip, battery chip, etc.)
  • Attack on optimization (e.g., Spectre and Meltdown)

OS Security

Section titled “OS Security”
  • rings
  • sandbox
  • virtual memory
  • Users isolation (password, key/chip, iris/fingerprint, etc.)
    • Password attack (e.g., brute-force attack, dictionary attack, rainbow table attack, etc.)
    • Password defense (e.g., salt, key stretching, unique password, etc.)
  • DAC (Discretionary Access Control) - permissions
  • MAC (Mandatory Access Control) - deny by default authorize on demand - SELinux, AppArmor, etc.

Software Security

Section titled “Software Security”
  • Buffer overflow attack (e.g., Heartbleed)
  • User input attack (e.g., SQL injection, XSS, etc.)
  • Man-in-the-middle attack (e.g., ARP spoofing, DNS spoofing, etc.)
  • Misusage attack (CSRF: Cross-Site Request Forgery)
  • Hardcoded password attack