Spying on Temperature using DRAM

Today’s ubiquitous IoT devices make spying on, and collecting data from, unsuspecting users possible. This paper shows a new attack where DRAM modules, widely used in IoT devices, can be abused to measure the temperature in the vicinity of the device in order to spy on a user’s behavior. Specifically, the temperature dependency of the DRAM decay is used as a proxy for user’s behavior in the vicinity of the device. The attack can be performed remotely by only changing the software of an IoT device, without requiring hardware changes, and with a resolution reaching 0.5°C. Potential defenses to the temperature spying attack are presented in this paper as well.

[1]  Stefan Katzenbeisser,et al.  Decay-Based DRAM PUFs in Commodity Devices , 2019, IEEE Transactions on Dependable and Secure Computing.

[2]  Miodrag Potkonjak,et al.  Trusted sensors and remote sensing , 2010, 2010 IEEE Sensors.

[3]  Onur Mutlu,et al.  An experimental study of data retention behavior in modern DRAM devices: implications for retention time profiling mechanisms , 2013, ISCA.

[4]  Gabi Nakibly,et al.  Gyrophone: Recognizing Speech from Gyroscope Signals , 2014, USENIX Security Symposium.

[5]  Adam Wierman,et al.  Exploiting a Thermal Side Channel for Power Attacks in Multi-Tenant Data Centers , 2017, CCS.

[6]  Vijay Varadharajan,et al.  TrustLite: a security architecture for tiny embedded devices , 2014, EuroSys '14.

[7]  P. Jaccard,et al.  Etude comparative de la distribution florale dans une portion des Alpes et des Jura , 1901 .

[8]  Subramanian S. Iyer,et al.  Field Tolerant Dynamic Intrinsic Chip ID Using 32 nm High-K/Metal Gate SOI Embedded DRAM , 2013, IEEE Journal of Solid-State Circuits.

[9]  Subramanian S. Iyer,et al.  A Self-Authenticating Chip Architecture Using an Intrinsic Fingerprint of Embedded DRAM , 2013, IEEE Journal of Solid-State Circuits.

[10]  Stefan Katzenbeisser,et al.  PUF-Based Software Protection for Low-End Embedded Devices , 2015, TRUST.

[11]  Arnab Raha,et al.  D-PUF: An intrinsically reconfigurable DRAM PUF for device authentication in embedded systems , 2016, 2016 International Conference on Compliers, Architectures, and Sythesis of Embedded Systems (CASES).

[12]  Gabi Nakibly,et al.  PowerSpy: Location Tracking Using Mobile Device Power Analysis , 2015, USENIX Security Symposium.

[13]  Stefan Katzenbeisser,et al.  Run-Time Accessible DRAM PUFs in Commodity Devices , 2016, CHES.

[14]  Amir Rahmati,et al.  Probable cause: The deanonymizing effects of approximate DRAM , 2015, 2015 ACM/IEEE 42nd Annual International Symposium on Computer Architecture (ISCA).

[15]  Stefan Katzenbeisser,et al.  Intrinsic Rowhammer PUFs: Leveraging the Rowhammer effect for improved security , 2017, 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).