Document Type
Article
Publication Date
3-2019
Publication Source
IEEE Signal Processing Magazine
Abstract
The Internet of Things (IoT) and the Internet of Everything (IoE) have driven processors into nearly every powered de- vice, from thermostats to refrigerators to light bulbs. From a security perspective, the IoT and IoE create a new layer of sig- nals and systems that can provide insight into the internal opera- tions of a device via analog side channels. Our research focuses on leveraging these analog side channels in IoT/IoE processors to detect intrusions. Our goal is to defend against cyberattacks that insert malware into IoT devices by detecting deviations in the code running on their processors from known firmware. Our approach applies signal processing and machine-learning techniques to collected radio-frequency (RF) emissions of code running on the processor.
We describe our method of positioning a wide-bandwidth RF probe over the processor of the device under test (DuT) and then implementing classifiers to identify the code running on the device to detect, identify, and isolate register contents based on the signatures learned during the DuT characteriza- tion. The probe is placed to improve classifier discrimination between the instructions running on the DuT processor. At this selected location, the signatures of registers are subsequently extracted by separating the signals into execution components (i.e., instruction fetch and decode opcode). These techniques enable a significant reduction in feature dimensions, which improves the speed and accuracy of extracting the number of bit changes, also known as the Hamming distance (HD), in registers via the RF side channel. Using these signatures, we extract the HD of registers with a weighted average accuracy of greater than 99%.
Inclusive pages
49-58
ISBN/ISSN
1053-5888
Document Version
Published Version
Publisher
IEEE-INST Electrical Electronics Engineers INC
Volume
36
Peer Reviewed
yes
Issue
2
Sponsoring Agency
Air Force Research Laboratory; United States Department of Defense Defense Advanced Research Projects Agency (DARPA)
eCommons Citation
Riley, Ronald A.; Graham, James T.; Fuller, Ryan M.; Baldwin, Rusty O.; and Fisher, Ashwin, "A New Way to Detect Cyberattacks Extracting Changes in Register Values from Radio-Frequency Side Channels" (2019). Computer Science Faculty Publications. 201.
https://ecommons.udayton.edu/cps_fac_pub/201
Comments
This open-access article is provided for download in compliance with the publisher’s policy on self-archiving. To view the version of record, use the DOI: https://doi.org/10.1109/MSP.2018.2888893