Multi-Modal Side Channel Data Driven Golden-Free Detection of Software and Firmware Trojans

Prashanth Krishnamurthy, Virinchi Roy Surabhi, Hammond Pearce, Ramesh Karri, Farshad Khorrami

Research output: Contribution to journalArticlepeer-review

Abstract

This study explores data-driven detection of firmware/software Trojans in embedded systems <italic>without</italic> golden models. We consider embedded systems such as single board computers and industrial controllers. While prior literature considers side channel based anomaly detection, this study addresses the following central question: is anomaly detection feasible when using low-fidelity simulated data without using data from a known-good (golden) system? To study this question, we use data from a simulator-based proxy as a stand-in for unavailable golden data from a known-good system. Using data generated from the simulator, one-class classifier machine learning models are applied to detect discrepancies against expected side channel signal patterns and their inter-relationships. Side channels fused for Trojan detection include multi-modal <italic>side channel</italic> measurement data (such as Hardware Performance Counters, processor load, temperature, and power consumption). Additionally, fuzzing is introduced to increase detectability of Trojans. To experimentally evaluate the approach, we generate low-fidelity data using a simulator implemented with a component-based model and an information bottleneck based on Gaussian stochastic models. We consider example Trojans and show that fuzzing-aided golden-free Trojan detection is feasible using simulated data as a baseline.

Original languageEnglish (US)
Pages (from-to)1-13
Number of pages13
JournalIEEE Transactions on Dependable and Secure Computing
DOIs
StateAccepted/In press - 2022

Keywords

  • Anomaly detection
  • anomaly detection
  • Data models
  • embedded system
  • Embedded systems
  • Frequency measurement
  • golden-free
  • Integrated circuit modeling
  • machine learning
  • Temperature measurement
  • Trojan detection
  • Trojan horses

ASJC Scopus subject areas

  • Computer Science(all)
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Multi-Modal Side Channel Data Driven Golden-Free Detection of Software and Firmware Trojans'. Together they form a unique fingerprint.

Cite this