Profiling Running Applications in Connected Devices Through Side-Channel and Machine Learning Techniques

In the field of cybersecurity, the ability to gather detailed information about target systems is a critical component of the reconnaissance phase of cyber attacks. This phase, known as cybersecurity reconnaissance, involves techniques that adversaries use to collect information vital for the success of subsequent attack stages. Traditionally, reconnaissance activities include network scanning, sniffing, and social engineering, which allow attackers to map the network, identify vulnerabilities, and plan their exploits. In this paper, we explore a novel application of side-channel analysis within system-based reconnaissance. Side-channel attacks, typically used to extract cryptographic keys or sensitive data through indirect observations such as power consumption or electromagnetic emissions, are here repurposed for a different kind of system intrusion. Specifically, we demonstrate how side-channel analysis and machine learning techniques can classify running processes on a target system that are very popular in common IoT applications. This approach is particularly concerning for IoT environments where devices often control critical infrastructure or handle sensitive data. The ability to identify active applications can reveal operation patterns, system behaviors, and potential vulnerabilities that traditional security measures may not protect against. Moreover, in IoT scenarios, this information can be leveraged to orchestrate sophisticated attacks targeting specific services or to exploit timing-based vulnerabilities when certain critical applications are running. By categorizing this approach as a form of local system-based reconnaissance, we highlight its potential to silently gather critical information about a system’s state. Such capabilities represent a significant breach of privacy and provide attackers with the intelligence needed to carry out more targeted and effective attacks. This research also underscores the evolving nature of reconnaissance techniques and the growing risks of advanced side-channel cybersecurity methods.