“Firewall, intrusion detection and prevention systems (IDS/IPS) and malware infection alerts could, for instance, be visualized to expose a malicious actor’s previously unrecognized activity patterns,” he explains.
“By processing and analyzing very large log files, data visualization can help summarize and simplify the current state of a complex IT system in an accurate and elegant fashion.”
Reuille, who works as a security researcher at OpenDNS, also notes that smart data visualization, combined with intelligent data mining, “holds the key to better understanding and solving the complex problems security researchers face today.”
Eliott Jones, VP of User Experience at Rambus, concurs with Wilson’s assessment.
“Effectively extracting meaning from a vast amount of captured raw security-related data requires a highly intuitive user interface (UI) paired with enhanced visualization,” says Jones. “This combination creates an integrated meaning driven – rather than information driven – analytic environment that serves to optimize a platform’s efficiency and ultimately helps define its competitive advantage.”
As Jones points out, cutting-edge UI technologies for mobile devices and the Internet of Things (IoT) successfully engage a wide range of the user’s senses by facilitating simple, more natural methods of interacting with the environment that bring data to a human scale. At that point, it is both meaningful and actionable.
“That is precisely why Rambus engineers adopted design cues from consumer-centric products when developing the software layer of our DPA Workstation testing platform (DPAWS),” Jones continues. “To be sure, the current DPAWS software layer boasts an intuitive UI that integrates advanced visualization capabilities to bolster the efficiency of side-channel analysis.”
As we’ve previously discussed on Rambus Press, DPAWS evaluates resistance to a variety of side-channel attacks (SPA, DPA, HO-DPA and EMA) across multiple devices and platforms including smartphones, tablets, PoS terminals, CPUs, TVs, set-top boxes, FPGAs, smart cards and NFC tech.
Essentially, side-channel attacks are low-cost, non-invasive methods that enable attackers to extract secret cryptographic keys from electronic devices used during normal device operations.
DPA Countermeasures, developed by the Cryptography Research division of Rambus, feature a combination of software, hardware and protocol techniques designed to protect tamper-resistant devices from side-channel attacks. These include leak reduction, incorporating randomness, generating amplitude and temporal noise, as well as executing protocol-level countermeasures.
Perhaps the most effective method of thwarting side-channel attacks is to start with the core itself. Rambus offers both AES-128 and AES-256 cryptographic cores, both of which are fully capable of resisting both first– and second– order DPA attacks up to 10 million traces. The cores can also be optimized based on size, speed and security level requirements.