Ethernet energy scavenging: Parasitic power & cyber risk at the physical layer
Saebeler, Alec
This item is only available for download by members of the University of Illinois community. Students, faculty, and staff at the U of I may log in with your NetID and password to view the item. If you are trying to access an Illinois-restricted dissertation or thesis, you can request a copy through your library's Inter-Library Loan office or purchase a copy directly from ProQuest.
Permalink
https://hdl.handle.net/2142/107264
Description
Title
Ethernet energy scavenging: Parasitic power & cyber risk at the physical layer
Author(s)
Saebeler, Alec
Contributor(s)
Levchenko, Kirill
Issue Date
2020-05
Keyword(s)
Ethernet
energy harvesting
network security
power scavenging
parasitic power
hardware intrusion
Abstract
Cybersecurity considerations are increasingly at the forefront of modern product development
and system designs; the predominance of Ethernet protocol utilization for network connectivity
has created a significant physical layer attack vector. When anticipating challenges an adversary
would face in attempting to exploit this potential weakness, a significant obstacle to overcome is the
ability to effectively design circuitry capable of physical-layer network intrusion while simultaneously
achieving independent parasitic power draw without detection. At a macro-level, monitoring of a
host system would identify an extra piece of power circuitry supporting intrusive activity far more
easily than the detection of a self-contained device subtly drawing its power without additional wires.
The core of this research centers on determining the likelihood of an adversary syphoning power to
a device via the data signals processed by standard network activity, while simultaneously gaining
unauthorized access to targeted data. The underlying process of powering something via a nonpower
signal is known as energy scavenging. Successfully leveraging this process could position
an adversary to manipulate this attack vector. An approach is proposed where a small-form device
accesses data over an Ethernet connection while also powered by the same physical interface; this
method is arguably difficult to detect using standard cybersecurity monitoring. The result would be no perceivable impact on daily client/server activity while remaining undetected unless specifically
targeted. Potential approaches for achieving this objective are analyzed, while interpreting both
physical signal measurements and simulated outcomes for power draw and ranges of nominal
detectability. Additionally, the thesis asserts the likelihood of how future research might reveal
improved device functionality and define guidelines for research extensions. The work supports
the minimally intrusive nature of the design, explores viability, and establishes a design plan for
building a functioning prototype. Notwithstanding the complexity and challenges associated with
implementing such a design, its feasibility should promote an appropriately focused response.
Use this login method if you
don't
have an
@illinois.edu
email address.
(Oops, I do have one)
IDEALS migrated to a new platform on June 23, 2022. If you created
your account prior to this date, you will have to reset your password
using the forgot-password link below.
