Using Power-Anomalies to Counter Evasive Micro-Architectural Attacks in Embedded Systems
作者: Shijia Wei , Aydin Aysu , Michael Orshansky , Andreas Gerstlauer , Mohit Tiwari
关键词:
摘要: High-assurance embedded systems are deployed for decades and expensive to re-certify – hence, each new attack is an unpatchable problem that can only be detected by monitoring out-of-band channels such as the system’s power trace or electromagnetic emissions. Micro-Architectural attacks, example, have recently come prominence since they break all existing software-isolation based security hammering memory rows gain root privileges abusing speculative execution shared hardware leak secret data. This work first use anomalies in detect evasive micro-architectural attacks. To this end, we introduce power-mimicking attacks including DRAM-rowhammer side/covert-channel speculation-driven study their evasiveness. We then quantify operating range of power-anomalies detector using Odroid XU3 board showing rowhammer cannot evade detection while covert channel but forced operate at a 36× 7× lower bandwidth. Our power-anomaly efficient embedded-of-band into (e.g.,) programmable batteries. While rowhammer, side-channel, defenses require invasive code- hardware-changes general-purpose systems, show simple effective defense systems. Power-anomalies help future-proof against vulnerabilities likely emerge like phase-change memories accelerators become mainstream.
sci-hub.se 参考文章(60)
John Mark Agosta, Denver Dash, Abraham Bachrach, Eve Schooler, Jaideep Chandrashekar, Alex Newman, Branislav Kveton, When gossip is good: distributed probabilistic inference for detection of slow network intrusions national conference on artificial intelligence. pp. 1115- 1122 ,(2006)
Johannes Hoffmann, Stephan Neumann, Thorsten Holz, Mobile Malware Detection Based on Energy Fingerprints -- A Dead End? recent advances in intrusion detection. pp. 348- 368 ,(2013) , 10.1007/978-3-642-41284-4_18
Dario Floreano, Robert J. Wood, Science, technology and the future of small autonomous drones Nature. ,vol. 521, pp. 460- 466 ,(2015) , 10.1038/NATURE14542
Haining Wang, Zhang Xu, Zhenyu Wu, Whispers in the hyper-space: high-speed covert channel attacks in the cloud usenix security symposium. pp. 9- 9 ,(2012)
Ke Wang, Janak J. Parekh, Salvatore J. Stolfo, Anagram: A Content Anomaly Detector Resistant to Mimicry Attack Lecture Notes in Computer Science. pp. 226- 248 ,(2006) , 10.1007/11856214_12
M.R. Guthaus, T. Mudge, R.B. Brown, D. Ernst, T.M. Austin, J.S. Ringenberg, MiBench: A free, commercially representative embedded benchmark suite ieee international symposium on workload characterization. pp. 3- 14 ,(2001) , 10.1109/WWC.2001.15
Emmanouil Vasilomanolakis, Shankar Karuppayah, Max Mühlhäuser, Mathias Fischer, Taxonomy and Survey of Collaborative Intrusion Detection ACM Computing Surveys. ,vol. 47, pp. 55- ,(2015) , 10.1145/2716260
Jin Wang, Ping Liu, Mary F.H. She, Saeid Nahavandi, Abbas Kouzani, Bag-of-words representation for biomedical time series classification Biomedical Signal Processing and Control. ,vol. 8, pp. 634- 644 ,(2013) , 10.1016/J.BSPC.2013.06.004
Shyamnath Gollakota, Haitham Hassanieh, Benjamin Ransford, Dina Katabi, Kevin Fu, They can hear your heartbeats: non-invasive security for implantable medical devices acm special interest group on data communication. ,vol. 41, pp. 2- 13 ,(2011) , 10.1145/2018436.2018438
Jeffrey H. Reed, Carlos R. Aguayo Gonzalez, Enhancing Smart Grid cyber security using power fingerprinting: Integrity assessment and intrusion detection 2012 Future of Instrumentation International Workshop (FIIW) Proceedings. pp. 1- 3 ,(2012) , 10.1109/FIIW.2012.6378346