Hiding in Plain Sight? On the Efficacy of Power Side Channel-Based Control Flow Monitoring

Han, Yi and Chan, Matthew and Aref, Zahra and Tippenhauer, Nils Ole and Zonouz, Saman
(2022) Hiding in Plain Sight? On the Efficacy of Power Side Channel-Based Control Flow Monitoring.
In: USENIX Security Symposium (USENIX Security).
Conference: USENIX-Security Usenix Security Symposium

[img]
Preview
Text
sec22summer_han.pdf

Download (3MB) | Preview

Abstract

Physical side-channel monitoring leverages the physical phenomena produced by a microcontroller (e.g. power con- sumption or electromagnetic radiation) to monitor program execution for malicious behavior. As such, it offers a promis- ing intrusion detection solution for resource-constrained em- bedded systems, which are incompatible with conventional security measures. This method is especially relevant in safety and security-critical embedded systems such as in industrial control systems. Side-channel monitoring poses unique chal- lenges for would-be attackers, such as: (1) limiting attack vectors by being physically isolated from the monitored sys- tem, (2) monitoring immutable physical side channels with uninterpretable data-driven models, and (3) being specifically trained for the architectures and programs on which they are applied to. As a result, physical side-channel monitors are conventionally believed to provide a high level of security. In this paper, we propose a novel attack to illustrate that, despite the many barriers to attack that side-channel moni- toring systems create, they are still vulnerable to adversarial attacks. We present a method for crafting functional malware such that, when injected into a side-channel-monitored sys- tem, the detector is not triggered. Our experiments reveal that this attack is robust across detector models and hardware im- plementations. We evaluate our attack on the popular ARM microcontroller platform on several representative programs, demonstrating the feasibility of such an attack and highlight- ing the need for further research into side-channel monitors.

Actions

Actions (login required)

View Item View Item