Detecting Compromised Programs for Embedded System Applications

This paper proposes an approach for detecting compromised programs by analysing suitable features from an embedded system. Features used in this paper are the performance variance and actual program counter values of the embedded processor extracted during program execution. "Cycles per Instruction" is used as pre-processing block before the features are classified using a Self-Organizing Map. Experimental results demonstrate the validity of the proposed approach on detecting some common changes such as deletion, insertion and substitution of programs. Overall, correct detection rate for our system is above 90.9% for tested programs.

[1]  Cemal Hanilçi,et al.  Recognition of Brand and Models of Cell-Phones From Recorded Speech Signals , 2012, IEEE Transactions on Information Forensics and Security.

[2]  Min Wu,et al.  Data Hiding in Compiled Program Binaries for Enhancing Computer System Performance , 2005, Information Hiding.

[3]  Ingrid Verbauwhede,et al.  Machine learning attacks on 65nm Arbiter PUFs: Accurate modeling poses strict bounds on usability , 2012, 2012 IEEE International Workshop on Information Forensics and Security (WIFS).

[4]  Klaus D. McDonald-Maier,et al.  Overview of ICmetrics Technology – Security Infrastructure for Autonomous and Intelligent Healthcare System , 2011 .

[5]  Wouter Joosen,et al.  A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements , 2011, Requirements Engineering.

[6]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[7]  Ryan N. Rakvic,et al.  The Fuzzy Correlation between Code and Performance Predictability , 2004, 37th International Symposium on Microarchitecture (MICRO-37'04).

[8]  Srivaths Ravi,et al.  Secure embedded processing through hardware-assisted run-time monitoring , 2005, Design, Automation and Test in Europe.

[9]  Michael A. Arbib,et al.  The handbook of brain theory and neural networks , 1995, A Bradford book.

[10]  W. Gareth J. Howells,et al.  Normalizing Discrete Circuit Features with Statistically Independent values for incorporation within a highly Secure Encryption System , 2007, Second NASA/ESA Conference on Adaptive Hardware and Systems (AHS 2007).

[11]  Jana Dittmann,et al.  Proceedings of the 10th ACM workshop on Multimedia and security , 2008 .

[12]  Jiwu Huang,et al.  Detecting digital audio forgeries by checking frame offsets , 2008, MM&Sec '08.

[13]  Hessam Kooti,et al.  Hardware-Assisted Detection of Malicious Software in Embedded Systems , 2012, IEEE Embedded Systems Letters.

[14]  Helena Handschuh,et al.  Hardware Intrinsic Security from Physically Unclonable Functions , 2010, Towards Hardware-Intrinsic Security.

[15]  Trevor Mudge,et al.  MiBench: A free, commercially representative embedded benchmark suite , 2001 .

[16]  Petros Boufounos,et al.  Secure binary embeddings for privacy preserving nearest neighbors , 2011, 2011 IEEE International Workshop on Information Forensics and Security.

[17]  David Naccache,et al.  Towards Hardware-Intrinsic Security - Foundations and Practice , 2010, Information Security and Cryptography.

[18]  T. N. Vijaykumar,et al.  Accelerating private-key cryptography via multithreading on symmetric multiprocessors , 2003, 2003 IEEE International Symposium on Performance Analysis of Systems and Software. ISPASS 2003..