Classifying Solid State Drive Firmware via Side-Channel Current Draw Analysis

Solid State Drives (SSDs) are a form of non-volatile computer memory that have become ubiquitous in the information technology industry, replacing traditional magnetic Hard Disk Drives (HDDs) in numerous conventional systems and enabling new applications in the fields of embedded systems and data infrastructure. Compared to HDDs, modern SSDs have competitive storage density, faster read and write times, lower power consumption, and greater impact resistance. However, compared to HDD technology, SSDs have a more complex data storage architecture, which necessitates integrated firmware that interfaces between a host system and the hardware of the SSD, called the Flash Translation Layer (FTL). Because the host system interacts only with the FTL and not the SSD itself, the SSD can be viewed as a black box system, with known input and output but no information about its inner workings. Characterizing internal operations of an SSD is relevant for forensics, diagnostics, and security applications. One possible solution to this problem is to observe the side-channel current draw of the SSD as it operates. If firmware variants have distinguishable differences in their current signatures, a classifier can be trained to make class predictions. Investigating this proposed solution, the current draw of two firmware versions of a Crucial SSD were analyzed as the drive executed a series of file operations. Identifying relevant signal features, standard machine learning techniques were employed to develop models that correctly classified the firmware loaded on the SSD with over 98% accuracy given only a recording of their current draw signals during file operations.

[1]  Fei Wu,et al.  Analysis of the File System and Block IO Scheduler for SSD in Performance and Energy Consumption , 2011, 2011 IEEE Asia-Pacific Services Computing Conference.

[2]  Alexander S. Szalay,et al.  Performance modeling and analysis of flash-based storage devices , 2011, 2011 IEEE 27th Symposium on Mass Storage Systems and Technologies (MSST).

[3]  Apostolis Zarras,et al.  Towards Automated Classification of Firmware Images and Identification of Embedded Devices , 2017, SEC.

[4]  H. Howie Huang,et al.  Black-Box Performance Modeling for Solid-State Drives , 2010, 2010 IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems.

[5]  C. Steger,et al.  Energy Consumption Measurement Technique for Automatic Instruction Set Characterization of Embedded Processors , 2007, 2007 IEEE Instrumentation & Measurement Technology Conference IMTC 2007.

[6]  Alireza Ejlali,et al.  An Accurate Instruction-Level Energy Estimation Model and Tool for Embedded Systems , 2013, IEEE Transactions on Instrumentation and Measurement.

[7]  Hau T. Ngo,et al.  Inferring read and write operations of solid-state drives based on energy consumption , 2016, 2016 IEEE 7th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON).

[8]  安藤 寛,et al.  Cross-Validation , 1952, Encyclopedia of Machine Learning and Data Mining.

[9]  Peter E. Hart,et al.  Nearest neighbor pattern classification , 1967, IEEE Trans. Inf. Theory.

[10]  Jun Yan,et al.  Accurate and Low-Overhead Process-Level Energy Estimation for Modern Hard Disk Drives , 2013, 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing.

[11]  Trevor Hastie,et al.  An Introduction to Statistical Learning , 2013, Springer Texts in Statistics.

[12]  Christof Paar,et al.  SCANDALee: A side-ChANnel-based DisAssembLer using local electromagnetic emanations , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[13]  Peter A. Lachenbruch,et al.  Robustness of the linear and quadratic discriminant function to certain types of non‐normality , 1973 .

[14]  Hau T. Ngo,et al.  Inferring trimming activity of solid-state drives based on energy consumption , 2016, 2016 IEEE International Instrumentation and Measurement Technology Conference Proceedings.

[15]  Hans C. Jessen,et al.  Applied Logistic Regression Analysis , 1996 .

[16]  P. Welch The use of fast Fourier transform for the estimation of power spectra: A method based on time averaging over short, modified periodograms , 1967 .