IDEA: Intrusion Detection Through Electromagnetic-Signal Analysis For Critical Embedded and Cyber-Physical Systems
IDEA: Intrusion Detection Through Electromagnetic-Signal Analysis For Critical Embedded and Cyber-Physical Systems
3, MAY/JUNE 2021
Abstract—We propose a novel framework called IDEA that exploits electromagnetic (EM) side-channel signals to detect malicious activity
on embedded and cyber-physical systems (CPS). IDEA first records EM emanations from an uncompromised reference device to establish a
baseline of reference EM patterns. IDEA then monitors the target device’s EM emanations. When the observed EM emanations deviate from
the reference patterns, IDEA reports this as an anomalous or malicious activity. IDEA does not require any resource or infrastructure on, or any
modification to, the monitored system itself. In fact, IDEA is isolated from the target device, and monitors the device without any physical contact.
We evaluate IDEA by monitoring the target device while it is executing embedded applications with malicious code injections such as Distributed
Denial of Service (DDoS), Ransomware and code modification. We further implement a control-flow hijack attack, an advanced persistent threat,
and a firmware modification on three CPSs: an embedded medical device called SyringePump, an industrial Proportional-Integral-Derivative
(PID) Controller, and a Robotic Arm, using a popular embedded system, Arduino UNO. The results demonstrate that IDEA can detect different
attacks with excellent accuracy (AUC > 99.5%, and 100 percent detection with less than 1 percent false positives) from distances up to 3 m.
Index Terms—Electromagnetic emanations, electromagnetic side-channel, security of cyber-physical systems, side-channel signal analysis,
malware detection
1 INTRODUCTION
To address these issues, we propose a novel framework related work, Section 4 details our method for intrusion
called IDEA that uses electromagnetic (EM) side-channel detection, Section 5 presents experimental setup and evalu-
signals to detect malicious activity on CPSs. The first step in ations, Section 6 discusses limitations of IDEA and direc-
IDEA is to record EM emanations from an uncompromised tions for future research, and finally Section 7 presents
device to create a baseline dictionary of signal fragments some concluding remarks.
which correspond to the normal behavior of the device.
Then, IDEA continuously monitors the target device’s EM 2 THREAT MODEL
emanations, comparing the observed EM emanations
against the baseline dictionary. When no malware is pres- IDEA is an external monitoring system for high-assurance
ent, the device’s EM emanations match the entries in the CPSs (such as embedded medical devices), and can detect
baseline dictionary well. If, however, the observed EM ema- execution of malware through EM side-channel of the target
nations deviate significantly from the entries in the baseline device. The envisioned threat model in this paper involves
dictionary, we report this as an anomaly which is poten- the following assumptions:
tially caused by a malware. 1. The monitoring framework (IDEA) has no a priori
To evaluate IDEA, we port different malware behaviors knowledge about the nature of the attack or its EM
such as a DDoS cyber-attack, a Ransomware attack, and a signature(s) and only relies on the signatures for the
source code modification on an Intel-Altera’s FPGA Nios-II monitored application itself. We assume that IDEA
softcore. In addition, we implement three CPSs, a medical always has correct reference models for malware-
embedded device called SyringePump, a proportional- free signatures of the monitored applications and
integral-derivative (PID) controller for an industrial solder- these models are stored in IDEA and can not be
ing iron, and a robotic arm for an assembly line, with Ardu- compromised.
ino UNO - a popular embedded system. We exploit a 2. The adversary has physical and/or remote access to
buffer-overflow + control-flow hijack attack, an advanced the target device, and has a prior knowledge of the
persistent threat (APT), and a firmware modification attack device and its software. The attacker can thus exploit
on these CPSs respectively. Experimental evaluation reveals any vulnerability (e.g., a buffer-overflow) to execute
that IDEA can detect DDoS and Ransomware malware with a malicious activity on the system by either launch-
a 100 percent accuracy (with no false positives), and stealth- ing a separate thread/process and starting a poten-
ier code-modification with an Area Under the Curve (AUC) tial cyber-attack (e.g., DDoS) or modifying/re-using
> 97.5% from distances up to 3 m. Furthermore, IDEA can the existing application to disrupt or change the orig-
successfully detect all instances of attacks on the imple- inal functionality of the targeted system (e.g., con-
mented CPSs without reporting any false positive. trol-flow hijack). Furthermore, the adversary can
Finally, we evaluate IDEA with insertions of unknown even modify the system’s source code and libraries
(untrained-on) snippets of signals into an original reference and/or reprogram the system to start a malicious
signal to find the smallest insertion that can be reliably activity. However, as mentioned earlier, IDEA does
detected. The results show that IDEA can detect intrusions not know anything about the nature of the attack
that consist of roughly 200 instructions on FPGA, and roughly and only reports an error if an anomaly is detected
800 instructions on an Internet of Things (IoT) development which may be caused by an actual attack (true posi-
board, with a 100 percent accuracy and zero false positive. tive), or it may not (false positive).
This approach for external monitoring of intrusion on
devices used on critical infrastructures has several
advantages: 3 RELATED WORK
Traditionally, attackers have exploited unintentional elec-
(1) Non-intrusive Monitoring: The target device is not tromagnetic leaks [43], [44], [45] and other analog side-chan-
perturbed or modified in any way. The monitor does nel signals such as power consumption [46] or acoustic
not impose any overhead, nor does it use any emission [47], [48] to extract sensitive information from vic-
resource on the monitored device. In fact, the target tim systems. Researchers have also demonstrated methods
device can be monitored from a distance without for systematically identifying and quantifying EM side-
any physical contact. channel signals [49], [50]. Apart from cryptographic key
(2) Isolation: The monitor is isolated from the target extraction, researchers have also leveraged EM side-chan-
device. Hence, the integrity of the monitor cannot be nels for hardware Trojan detection [51], [52], and for
compromised even when the monitored device itself enhanced physical authentication [53].
is completely compromised. More recently, researchers have proposed several
(3) Zero-Day Protection: IDEA identifies malicious activ- approaches to monitor a device’s power fluctuations for
ity using the trusted references only, without any a- malware detection (e.g., [33], [34], [36], [37], [54], [55]). For
priori knowledge of malware signatures or vulner- instance, VirusMeter [33] monitors battery power usage to
abilities. This means that no training on malware or identify “long-term” mobile malware, while [34] measures
anomalous behavior is needed, and ensures protec- similarities between power signatures to detect energy-
tion against zero-day attacks and obviates the need greedy malwares. Furthermore, researchers have leveraged
for regular updates for new malware signatures. power consumption monitoring for integrity assessment
The rest of this paper is organized as follows: Section 2 of Software Defined Radios (SDR) [35] and for malware
states the envisioned threat model, Section 3 discusses the detection in embedded medical devices [36]. Power
Authorized licensed use limited to: Institute of Information EngineeringCAS. Downloaded on September 27,2023 at 02:22:33 UTC from IEEE Xplore. Restrictions apply.
1152 IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 18, NO. 3, MAY/JUNE 2021
Finger-Printing Inc. [35] measures processors power con- any markers or any other changes) and without any access
sumption and compares against stored trusted signatures to the source code or the control flow graph. In addition,
for integrity assessment of SDRs, and WattsUpDoc [36] IDEA is free from error propagation. Hence, a few rare false
extracts statistical and spectral features from dynamic power mis-matches do not have a compounding impact on the
consumption to identify anomalous or malicious activity on overall performance of the algorithm. As a result, IDEA
embedded medical devices. Liu et al. [37] provide code exe- achieves 100 percent detection rate without any false posi-
cution tracking based on the power signal using an HMM tives for detecting malwares such as Ransomware and
model to recover most likely executed instruction sequence DDoS. The performance is even more impressive consider-
with a revised Viterbi algorithm. While these works can be ing that IDEA is trained and monitored with different user-
very effective in some scenarios, they are ineffective when inputs (i.e., the training and the monitored executions fol-
the immediate access to the device is not possible (e.g., due lowed different control flow paths through the program).
to packaging) and/or the monitor has to be placed in some So, there is a considerable variability between the training
distance from the device (unlike using EM). Moreover, and the monitored program execution, which renders the
another advantage of using EM over power consumption is anomaly detection more difficult, and the performance eval-
that EM signals usually have much more bandwidth than uation more realistic and reliable. Unlike some existing
power traces, i.e., EM signals may provide much more infor- methods (e.g., WattsUpDoc), IDEA does not require train-
mation per unit time and provide a better resolution (and ing on the malware itself, and hence is effective against
accuracy) to detect very small changes (e.g., firmware modi- zero-day attacks. Furthermore, IDEA is equally effective
fication) in high-speed systems. both inside and outside loops.
In addition, recent research has exploited EM side- Apart from analog side-channels, telemetry data analysis
channel signals for profiling of software execution “as-is”, has also been exploited for network intrusion detection in
without any hardware or software modifications or instru- ICS [41]. Likewise, behavior rule based intrusion detection
mentation [38], [56]. Zero Overhead Profiling (ZOP) [38] system for critical medical CPSs has been demonstrated [42].
exploits signatures of emanated EM signals for software However, both of the systems struggle to achieve high
profiling. To profile a program, it performs a depth-first detection rate at low (or near-zero) false positive rate, which
search (DFS) through the program’s control flow graph to is a prerequisite for monitoring any critical CPS. For ease of
determine the lowest-cost path from the tree’s root (the reference, we compare all these methods with the proposed
entry of the program) to a leaf node (any exit of the pro- IDEA in Table 1.
gram). While ZOP [38] achieves 94 percent accuracy for pro-
filing acyclic paths, DFS is prone to error propagation (i.e., 4 IDEA OVERVIEW
any false prediction is likely to lead to a cascade of false pre-
dictions). As a consequence, ZOP can generate a large false Fig. 1 illustrates the workflow of IDEA. The signals in both
positive rate. Furthermore, ZOP needs access to the source training and monitoring phase are demodulated, low-pass
code to insert markers for training, and requires complete filtered, and sampled before they are subjected to the main
knowledge of the program’s control flow graph for monitor- part of IDEA signal processing, which exploits techniques
ing. All of these severely limit its practicality for anomaly/ similar to template-based pattern matching to identify
malware detection. In contrast, Spectral profiling [56] anomalous (hence, potentially malicious) activity during
observes that periodic program activities, such as loops, the program execution. In the training phase, IDEA learns a
often generate periodic EM side-channel signals, which in dictionary of reference EM signatures or “words” by execut-
turn generate spectral peaks at the frequencies that corre- ing trusted programs on an uncompromised reference
sponds to the loop’s per-iteration durations. Thus [56] device. Next, in the monitoring phase, it continuously moni-
exploits Short Time Fourier Transform (STFT) to identify tors the target device’s EM signal by matching it and recon-
such spectral peaks and uses them for loop-level profiling structing it using the dictionary. When the reconstruction
of program execution. Moreover, [39] extends the spectral error is above a predefined threshold (i.e., there is a signifi-
profiling, and exploits the spectral peaks for intrusion detec- cant deviation from the reference EM signatures),
tion. Any injection of instructions inside an existing loop IDEA reports an anomaly (intrusion). The rest of this section
alters the loop’s iteration time, and hence causes a deviation describes IDEA in more detail.
or shift in the frequency of the spectral peak, which [39]
exploits for intrusion detection. While this approach can 4.1 AM Demodulation
accurately detect changes as small as two instructions inside Unintentional EM emanations occur at various frequencies,
a loop in the program, it can only detect very large devia- but of particular importance is the frequency band centered
tions ( > 500,000 instructions) outside loops. around the clock frequency of the processor, a.k.a. Central
In contrast, IDEA starts with a training set of trusted exe- Processing Unit (CPU). This is because this frequency band
cutions of a program to be monitored and learns a dictio- contains signals that are primarily a function of the instruc-
nary of fixed length “words” or windows of EM signals. tion sequence executed by the CPU. Each processor cycle,
The monitoring consists of splitting the signal into same- the CPU draws a current which is a direct result of the
length windows and matching them against the dictionary, instruction(s) being executed. Much of this instruction-
and producing a dictionary-based reconstruction of the sig- dependent current is drawn by the CPU clock circuitry and
nal. IDEA then flags large deviations between the observed by circuitry which does new computations (i.e., switches on
and reconstructed signal as anomalous (e.g., malware). So, and off) every CPU clock cycle. This creates a strong current
the training can be accomplished on “live” runs (without at the CPU clock frequency which acts as a carrier modulated
Authorized licensed use limited to: Institute of Information EngineeringCAS. Downloaded on September 27,2023 at 02:22:33 UTC from IEEE Xplore. Restrictions apply.
KHAN ET AL.: IDEA: INTRUSION DETECTION THROUGH ELECTROMAGNETIC-SIGNAL ANALYSIS FOR CRITICAL EMBEDDED AND... 1153
TABLE 1
Comparison of Related Work with the IDEA in Terms of Type of Side-Channel, Type of Device, Software
or Hardware Intrusion, and Performance
by the clock-to-cycle variations in program activity (i.e., exe- common with a communications system since the device is a
cuted instructions). These currents flow through wires within transmitter which (inefficiently and unintentionally) trans-
the processor and on the device’s printed circuit board mits a message signal carrying information about program
(PCB). At CPU and memory clock frequencies (and their har- activity using an amplitude modulated carrier (i.e., the clock
monics) the EM emanations created can propagate far signal). We can then receive and demodulate this signal
enough to be observed with a high signal to noise ratio [57]. using wireless communications techniques. All EM signals,
When observed this way, the emanating device has much in both in the training phase and in the monitoring phase, are
AM demodulated at the processor clock frequency, low-pass 4.2.3 Dictionary Reduction through Clustering
filtered with an anti-aliasing filter, and sampled before being Next, we apply clustering to reduce the number of dictionary
sent for signal processing. entries. All applications have loops, which tend to generate
repetitive EM patterns. Likewise, the same control flow paths
4.2 Training Phase: Dictionary Learning are often reiterated at different points of the execution, and
The training phase consists of learning a dictionary of EM generate similar EM patterns. Consequently, the reference
signatures through the execution of trusted programs on a dictionary can have a large number of words or patterns that
reference device. We execute trusted programs on an uncom- are very similar, and correspond to the same code execution.
promised device, and observe and record the corresponding The objective of clustering is to assign similar words or EM
EM signals. We use different inputs to execute different con- patterns into a single cluster, and exploit the cluster centroid
trol flow paths as described in [38]. Ideally, we would like to as the representative of the cluster. Using cluster centroids as
observe all possible control flow paths. However, in a practi- dictionary words improves the computational efficiency by
cal scenario, this may require too many inputs (hence, too reducing the number of dictionary entries.
many training examples). For example, a twenty level nested As the number of clusters k (i.e., the number of unique EM
IF ELSE condition will have 220 ¼ 1048576 different execu- patterns) is not known a priori, popular clustering algorithms
tion paths. Nevertheless, we aim at observing most control such as k-means can not be used for the dictionary reduction.
flow execution paths, and try to ensure that even if there are Instead, we use a threshold based clustering, where threshold
unobserved control flow paths, they are either highly t is used as a parameter. Given a cluster centroid ci , the algo-
unlikely or relatively brief. These goals are the same as those rithm proceeds by alternating between two steps:
that guide program testing, so program inputs created to Assignment Step. Assign each unassigned word wp whose
provide good test coverage of a program are highly likely to euclidean distance from the centroid ci is less than the
also satisfy the needs of IDEA training. Once we have the threshold t to the cluster Si
training signals, we learn the dictionary words using the fol-
lowing process. Si ¼ fwp : kwp ci k2 < t ^ wp 2
= Sj 8j; 1 j < ig:
(2)
4.2.1 Learning Words
Update Step. Update the cluster centroid ci by averaging
The demodulated EM signal is split into multiple overlapping
all members of cluster Si
short-duration windows that are recorded as dictionary
entries or “words”. These words correspond to the EM signa- 1 X
ture of the underlying program execution. All dictionary ci ¼ wp : (3)
jSi j w 2S
words have the same word-length l. Each word is shifted by s p i
Fig. 4. Top green curve: Original program execution; Bottom red curve:
Program execution with intrusion; Black curve: IDEA-reconstructed signal.
Note that black curve better matches with green than with red curve.
Fig. 5. Histogram for maximum mean squared reconstruction error with different word-lengths.
set of input-dependent and hardware behaviors that is not which snippets of insertions from an “untrained” program
represented in the dictionary, a smaller word length are treated as intrusion. Fig. 6 shows the ROC curve for differ-
increases the probability that the dictionary contains a word ent word-shifts for an intrusion of 128 samples. It is clear that
that matches the window for most of its duration, and thus s ¼ 1 performs the best, and the larger s results in smaller
still produces a reasonably small reconstruction distance. AUC. This results is intuitive as s ¼ 1 mimics shift invariant
In order to estimate the optimal word-length l, we insert signal matching most closely. However, it should be noted
snippets of untrained signals into the trained or trusted ref- that, the detection performance for s ¼ 2 is comparable to that
erence signals. First, we record EM signals by executing a of s ¼ 1. Hence, s ¼ 2 can be exploited to reduce the computa-
benchmark program with different inputs. Next, we follow tional requirements. The number of entries in the dictionary
a 10 fold cross validation to test each of these signals with would be roughly halved for s ¼ 2 compared to s ¼ 1. So, the
and without an “untrained” insertion from a different memory requirement would be halved, and consequently, so
benchmark program. Here, signals without insertion repre- would be the computational time. Nevertheless, as we intend
sent class 0 or “known”, while signals with insertion corre- to highlight the performance of our system, we use s ¼ 1 in
spond to class 1 or “intrusion”. Fig. 5 shows the histograms the remainder of this paper.
corresponding to “known” and “intrusion” with different
word-lengths. For w ¼ 16 samples, the Maximum Mean
Squared Reconstruction Error (MMSRE) is low for both 4.4.3 Filter Order
known (or trained) and intrusion (or untrained) signals (i.e., In order to justify the use of the SMA filter and to determine
even an untrained signal can be matched with words in the its optimal length, consider the following detection prob-
dictionary). As a result, the two histograms overlap. How- lem. Let ðnÞ , xðnÞ yðnÞ denote the error signal, defined
ever, for w ¼ 32 samples, MMSRE corresponding to the as the difference between the monitored and reconstructed
known signal is significantly lower than that of the intru- signals. Observing an L-samples segment thereof
sion, and there exists a clear threshold between the two clas- ðn L þ 1Þ; . . . ; ðnÞ, we wish to decide whether:
ses. When the word-length is much larger, i.e., w ¼ 128
samples, MMSRE for both known and intrusion signals gets H0 : This is a valid program execution segment; or
much higher (i.e., even a trained signal cannot be matched H1 : This is an intrusion code segment.
with low euclidean distance). Hence, the two histograms We begin by attributing two simplified statistical models
cannot be separated anymore. to the error signal under each hypothesis: ðnÞ is assumed to
These experimental evaluations reveal that for any intru-
sion larger than 256 samples, IDEA can achieve Area Under
the Curve (AUC) better than 0.9995 on the Receiver Operat-
ing Characteristic (ROC) curve for any word-length
between 32 to 64 samples. If not specified differently, the
rest of the paper assumes word-length w ¼ 32 of samples.
This corresponds to 5 ms of execution time, which is about
250 processor clock cycles on the FPGA board.
4.4.2 Word-Shift
Another parameter that impacts the performance of IDEA is a
word-shift. Each “word” in the dictionary has to be shifted
some number of samples from the previous one in order to
compensate for hardware activities such as cache hit or miss.
We estimate the optimal word-shift s through experimental
evaluation. Again, we exploit a 10 fold cross validation in Fig. 6. ROC curves for intrusion detection with different word-shift.
Authorized licensed use limited to: Institute of Information EngineeringCAS. Downloaded on September 27,2023 at 02:22:33 UTC from IEEE Xplore. Restrictions apply.
KHAN ET AL.: IDEA: INTRUSION DETECTION THROUGH ELECTROMAGNETIC-SIGNAL ANALYSIS FOR CRITICAL EMBEDDED AND... 1157
be an independent, identically distributed (iid) zero-mean behind the resulting test remains valid, justifying the use of
Gaussian process, but with a different variance under each the SMA filter and the choice of L. For example, the possibil-
of the different hypotheses: ity of short occurrences of large errors under H0 would
merely increase the mean and variance of e~ðnÞ under H0 ,
H0 : ðnÞ N ð0; s 20 Þ thereby increasing the false positive rate. Nevertheless, the
H1 : ðnÞ N ð0; s 21 Þ dependence of this rate on L remains monotonically
where s 20 < s 21 are fixed variances (presumed known, for decreasing, still supporting our choice of the largest possi-
now). The Likelihood Ratio Test (LRT) for deciding between ble L that does not breech H1 .
the two hypotheses then takes the form
5 EXPERIMENTAL EVALUATION
fððn L þ 1Þ; . . . ; ðnÞjH1 Þ H1
5 h; (6) In this section we present our experimental results on
fððn L þ 1Þ; . . . ; ðnÞjH0 Þ H 0 detecting several different types of malware on different
applications and embedded systems. It is important to
where fðjHi Þ denotes the conditional joint probability dis-
emphasize that IDEA is not limited to these applications
tribution function (pdf) of the observations given
and/or malware, but fundamentally can be applied to any
Hi ; i ¼ 0; 1, and h is a threshold value. Substituting Gauss-
system that has observable EM emanations.
ian distributions and taking the log we get
TABLE 2
Experimental Results for Three Malware on Three CPSs
in [63]). To implement an APT on this application, we 5.3 Experiments with IoT Devices
assume that the adversary’s malware (like in Stuxnet) has To demonstrate the robustness of IDEA, we also use it to
already infiltrated the system and can reprogram the device. monitor an A13-OLinuXino (Cortex A8 processor) IoT board.
The adversary’s goal is to change a critical value under Unlike the FPGA-based system that runs the application “on
some conditions, which in turn can cause damage to the bare metal,” this board runs a Linux operating system (OS).
overall physical system. In our evaluation, we made a mali- The defensive mechanisms already present in the OS make it
cious modification to the source code so that the tempera- harder to inject prototype malware activity. Instead, we
ture history is altered under a specific condition (e.g., for a model malware injection by injecting snippets of signals
specific model number). Consequently, the system will set a from a different (not-trained-on) program. For this experi-
wrong temperature. The injected code is only 2 lines of code ment, we use Replace as the reference program, on to which
(i.e., IF(X) THEN LASTTEMPHISTORY = RANDOMVALUE). signal-snippets from Print Tokens were inserted as anoma-
The final system in our evaluation is a robotic arm. lous (not-trained-on) signal. This approach also allows injec-
Robotic arms are often used for manufacturing, and are crit- tions of any chosen duration, and use of different signals for
ical components of many modern factory. Robotic arms typ- different injection instances. In contrast, construction of even
ically receive inputs/commands from a user and/or one short-duration actual malware instance is very challeng-
sensors and move objects based on these inputs. There is a ing. For example, a single packet sent in a DDoS attack, or
growing concern in security of these CPSs since they are single-block encryption in Ransomware, lasts much longer
typically connected to the network and are exposed to than any of our signal-snippet injections.
cyber-threats (e.g., [64]). A simple implementation of such a To allow a direct comparison between our real-malware
robot can be found in [65]. For this system, we implement a and signal-snippet injections, we also perform signal-snip-
firmware modification attack, where we assume that the refer- pet injection experiments on the DE-1 FPGA board. We use
ence libraries (e.g., library for Servo, Serial, etc.) are compro- 10-fold cross validation, and test signals from a trained
mised (this can be also considered as a zero-day benchmark program Replace, with or without insertions or
vulnerability). Note that, we assume that IDEA’s training intrusions from Print Tokens. Fig. 12 shows the experimental
contains the “unmodified” version of these library (baseline results. We can observe that intrusions longer than 256 sam-
reference data). In this attack, we modify a subroutine ples (i.e., 200 instructions or 40 ms length) on the FPGA are
(writeMicroseconds()) in Arduino’s Servo library [66] by add- detected with an AUC of 99.95 percent. For the IoT board,
ing an extra if condition to change the speed of Servo motor an AUC better than 99.8 percent is achieved for intrusions
randomly and reprogram the system with this compro- with at least 1024 samples (i.e., 800 instructions or 7.94 ms
mised library, assuming that the adversary is interested in length). The difference in duration of the intrusion that is
causing a malfunction in arm’s movement. needed to achieve the same AUC on the two devices is
Setup. An Arduino UNO with an ATMEGA328p micro- mainly due to OS activity that is present on the IoT board
processor clocked at 16 MHz is used to implement the and absent on the FPGA board. This OS activity introduces
CPSs. A magnetic probe is used to receive EM signals from variation in the signals, increasing reconstruction error even
the device. Fig. 11 shows the experimental setup for the for valid executions. This, in turn, raises the reconstruction
SyringePump. For all measurements, we use a commercially error threshold for reporting an anomaly at a given confi-
available SDR receiver (Ettus Research B200-mini) to record dence level, so more anomalous samples are needed to
the signal. B200-mini costs significantly lower than a spec- reach this increased reconstruction error threshold.
trum analyzer and makes IDEA a practical option for moni-
toring security-critical systems. For each CPS, we use 25
randomly selected signals for training and 25 malware-free 6 LIMITATIONS AND FUTURE WORK
and 25 malware-afflicted signals for testing. A major concern for commercial deployment of the
Detection Performance. Table 2 summarizes the detection IDEA monitoring system is its cost. However, we envision
accuracy of IDEA on the three CPSs. As seen in the table, in that IDEA will be deployed to monitor critical and high-
all cases, IDEA has successfully detected every instances of assurance CPSs, e.g., critical infrastructures, military sys-
a malware without reporting any false positive which tems, hospital equipment etc. In such scenarios, the cost of
Authorized licensed use limited to: Institute of Information EngineeringCAS. Downloaded on September 27,2023 at 02:22:33 UTC from IEEE Xplore. Restrictions apply.
KHAN ET AL.: IDEA: INTRUSION DETECTION THROUGH ELECTROMAGNETIC-SIGNAL ANALYSIS FOR CRITICAL EMBEDDED AND... 1161
ACKNOWLEDGMENTS
This work has been supported in part by US National Science
Foundation (NSF) grant 1563991 and DARPA LADS contract
FA8650-16-C-7620. The views and findings in this paper are
those of the authors and do not necessarily reflect the views
of the US National Science Foundation and DARPA.
REFERENCES
[1] INTEL a guide to the internet of things infographic. [Online]. Avail-
able: https://www.intel.com/content/www/us/en/internet-of-
things/infographics/guide-to-iot.html, Accessed on: Mar. 01, 2018.
[2] M. M. Chui, M. Löffler, and R. Roberts, “The internet of things,”
McKinsey Quarterly, Mar. 2010.
Fig. 12. Receiver operating characteristic curves for intrusion detection [3] R. Richards, “High-assurance cyber military systems (HACMS),”
on a FPGA (top) and on an IoT device (bottom). Defense Advanced Research Project Agency. MIL, Mar. 2016.
[4] E. Colbert, “Security of cyber-physical systems,” J. Cyber Secur. Inf.
deployment (e.g., cost of antenna, software-defined radio Syst., vol. 5, no. 1, pp. 40–47, Jan. 2017.
and signal processing) is offset by the cost of the monitored [5] T. M. Chen and S. Abu-Nimeh, “Lessons from Stuxnet,” Comput.,
vol. 44, no. 4, pp. 91–93, 2011.
system and by the cost and consequences of security breach. [6] R. Langner, “Stuxnet: Dissecting a cyberwarfare weapon,” IEEE
In addition, deployment of IDEA is relatively simple; Secur. Privacy, vol. 9, no. 3, pp. 49–51, May/Jun. 2011.
IDEA does not make any change to the monitored system, [7] N. Falliere, L. O. Murchu, and E. Chien, “W32. Stuxnet dossier,”
and thus creates no regulatory, safety, or disruption concern White paper, Symantec Corp., Security Response, vol. 5, no. 6, 2011.
[8] E. Nakashima and S. Mufson, “Hackers have attacked foreign util-
for the system. ities, CIA analyst says,” Washington Post, Jan. 19, 2008.
Another important limitation with IDEA is its scalability. [9] K. Parrish, “Hackers can gain control of an insulin pump to inject
IDEA requires very high training coverage, which is difficult a harmful dose into patients,” Oct. 05, 2016. [Online]. Available:
http://www.digitaltrends.com/computing/johnson-animas-
to achieve for larger programs. However, we exploit software onetouch-ping-insulin-pump-vulnerable-hacker-attack/
engineering techniques that ensure high path coverage for [10] C. Li, A. Raghunathan, and N. K. Jha, “Hijacking an insulin pump:
training. Moreover, IDEA stores EM patterns corresponding Security attacks and defenses for a diabetes therapy system,” in
to normal program activities in a reference dictionary. This dic- Proc. 13th IEEE Int. Conf. e-Health Netw. Appl. Serv., 2011, pp. 150–156.
[11] G. Loukas, Cyber-Physical Attacks: A Growing Invisible Threat.
tionary may grow prohibitively large for larger applications. London, U.K.: Butterworth-Heinemann, 2015.
While we use clustering to keep the dictionary size manage- [12] Cybersecurity for networked medical devices is a shared respon-
able, future work should investigate feature dimensionality sibility: FDA safety reminder, Nov. 04, 2009. [Online]. Available:
reduction techniques (e.g., principal component analysis) to https://www.fda.gov/MedicalDevices/Safety/
AlertsandNotices/ucm189111.htm
further optimize the dictionary size without sacrificing the [13] Cybersecurity for medical devices and hospital networks: FDA safety
detection accuracy. In addition, future research should focus communication, Jun. 17, 2013. [Online]. Available: https://www.fda.
on extending IDEA’s capability to monitor multiple devices gov/MedicalDevices/Safety/AlertsandNotices/ucm189111.htm
[14] I. Zeifman, D. Bekerman, and B. Herzberg, “Breaking down Mirai:
simultaneously and to monitor multi-core processors. An IoT DDoS botnet analysis,” Imperva, 2016. [Online]. Available:
https://www.incapsula.com/blog/malware-analysis-mirai-ddos-
botnet.html
7 CONCLUSIONS [15] R. Brewer, “Ransomware attacks: Detection, prevention and
cure,” Netw. Secur., vol. 2016, no. 9, pp. 5–9, 2016.
This paper proposes a novel framework called IDEA that [16] D. F. Sittig and H. Singh, “A Socio-technical approach to prevent-
uses electromagnetic (EM) side-channel signals to detect ing, mitigating, and recovering from ransomware attacks,” Appl.
malicious program activity on CPSs. IDEA first records EM Clinical Informat., vol. 7, no. 2, 2016, Art. no. 624.
[17] A. Humayed, J. Lin, F. Li, and B. Luo, “Cyber-physical systems
emanations from an uncompromised device to establish a security—A survey,” IEEE Internet Things J., vol. 4, no. 6,
baseline of uncompromised EM patterns. Then, IDEA con- pp. 1802–1831, Dec. 2017.
tinuously monitors the device’s EM emanations, comparing
Authorized licensed use limited to: Institute of Information EngineeringCAS. Downloaded on September 27,2023 at 02:22:33 UTC from IEEE Xplore. Restrictions apply.
1162 IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 18, NO. 3, MAY/JUNE 2021
[18] Z.-K. Zhang, M. C. Y. Cho, C.-W. Wang, C.-W. Hsu, C.-K. Chen, [40] Y. Han, S. Etigowni, H. Liu, S. Zonouz, and A. Petropulu, “Watch
and S. Shieh, “IoT security: Ongoing challenges and research me, but don’t touch me! Contactless control flow monitoring via
opportunities,” in Proc. IEEE 7th Int. Conf. Service-Oriented Comput. electromagnetic emanations,” in Proc. ACM SIGSAC Conf. Comput.
Appl., 2014, pp. 230–234. Commun. Secur., 2017, pp. 1095–1108. [Online]. Available: http://
[19] K. Dunham, “Evaluating anti-virus software: Which is best?” Inf. doi.acm.org/10.1145/3133956.3134081
Syst. Secur., vol. 12, no. 3, pp. 17–28, 2003. [41] S. Ponomarev and T. Atkison, “Industrial control system network
[20] A. Mohaisen and O. Alrawi, “AV-Meter: An evaluation of antivi- intrusion detection by telemetry analysis,” IEEE Trans. Depend.
rus scans and labels,” in Proc. Int. Conf. Detection Intrusions Mal- Secure Comput., vol. 13, no. 2, pp. 252–260, Mar./Apr. 2016.
ware Vulnerability Assessment, 2014, pp. 112–131. [42] R. Mitchell and R. Chen, “Behavior rule specification-based intru-
[21] C. Foundation, “Automated malware analysis - Cuckoo sandbox.” sion detection for safety critical medical cyber physical systems,”
[Online]. Available: http://www.cuckoosandbox.org/ IEEE Trans. Depend. Secure Comput., vol. 12, no. 1, pp. 16–30, Jan./
[22] C. Willems, T. Holz, and F. Freiling, “Toward automated dynamic Feb. 2015.
malware analysis using CWSandbox,” IEEE Secur. Privacy, vol. 5, [43] D. Agrawal and B. Archambeault, “J. R. Rao and P. Rohatgi:
no. 2, pp. 32–39, Mar./Apr. 2007. The EM side–channel (s),” In Proc. Int. Workshop Cryptographic
[23] S. Das, Y. Liu, W. Zhang, and M. Chandramohan, “Semantics- Hardware Embedded Syst., Springer, Berlin, Heidelberg, 2002,
based online malware detection: Towards efficient real-time pro- pp. 29–45.
tection against malware,” IEEE Trans. Inf. Forensics Secur., vol. 11, [44] D. Genkin, L. Pachmanov, I. Pipman, and E. Tromer, “Stealing
no. 2, pp. 289–302, Feb. 2016. keys from PCs using a radio: Cheap electromagnetic attacks on
[24] J. Demme, M. Maycock, J. Schmitz, A. Tang, A. Waksman, windowed exponentiation,” in Proc. Int. Workshop Cryptographic
S. Sethumadhavan, and S. Stolfo, “On the feasibility of online mal- Hardware Embedded Syst., 2015, pp. 207–228.
ware detection with performance counters,” ACM SIGARCH Com- [45] M. Alam, H. A. Khan, M. Dey, N. Sinha, R. Callan, A. Zajic, and
put. Archit. News, vol. 41, no. 3, pp. 559–570, 2013. M. Prvulovic, “One&done: A single-decryption EM-based attack
[25] M. Ozsoy, K. N. Khasawneh, C. Donovick, I. Gorelik, on openSSL’s constant-time blinded RSA,” in Proc. 27th USENIX
N. Abu-Ghazaleh, and D. Ponomarev, “Hardware-based malware Conf. Sec. Symp., USENIX Association, 2018, pp. 585–602.
detection using low-level architectural features,” IEEE Trans. Com- [46] P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” in
put., vol. 65, no. 11, pp. 3332–3344, Nov. 2016. Proc. Annu. Int. Cryptology Conf., Springer, 1999, pp. 388–397.
[26] A. Tang, S. Sethumadhavan, and S. J. Stolfo, “Unsupervised [47] D. Genkin, A. Shamir, and E. Tromer, “RSA key extraction via
anomaly-based malware detection using hardware features,” in low-bandwidth acoustic cryptanalysis,” in Proc. Int. Cryptology
Proc. Int. Workshop Recent Advances Intrusion Detection, 2014, Conf., 2014, pp. 444–461.
pp. 109–129. [48] Y. Berger, A. Wool, and A. Yeredor, “Dictionary attacks using key-
[27] A. Viswanathan, K. Tan, and C. Neuman, “Deconstructing the board acoustic emanations,” in Proc. 13th ACM Conf. Comput. Com-
assessment of anomaly-based intrusion detectors,” in Proc. Int. mun. Secur., 2006, pp. 245–254.
Workshop Recent Advances Intrusion Detection, 2013, pp. 286–306. [49] R. Callan, A. Zajic, and M. Prvulovic, “A practical methodology
[28] C. Warrender, S. Forrest, and B. Pearlmutter, “Detecting intru- for measuring the side-channel signal available to the attacker for
sions using system calls: Alternative data models,” in Proc. IEEE instruction-level events,” in Proc. 47th Annu. IEEE/ACM Int. Symp.
Symp. Secur. Privacy, 1999, pp. 133–145. Microarchit., 2014, pp. 242–254.
[29] B. B. Kang and A. Srivastava, “Dynamic malware analysis,” in [50] R. Callan, A. Zajic, and M. Prvulovic, “FASE: Finding amplitude-
Encyclopedia of Cryptography and Security, 2nd ed. Berlin, Germany: modulated side-channel emanations,” ACM SIGARCH Comput.
Springer, 2011, pp. 367–368. Archit. News, vol. 43, no. 3, pp. 592–603, 2015.
[30] N. Scaife, H. Carter, P. Traynor, and K. R. Butler, [51] J. Balasch, B. Gierlichs, and I. Verbauwhede, “Electromagnetic cir-
“CryptoLock (and drop it): Stopping ransomware attacks on cuit fingerprints for hardware trojan detection,” in Proc. IEEE Int.
user data,” in Proc. IEEE 36th Int. Conf. Distrib. Comput. Syst., Symp. Electromagn. Compat., Aug. 2015, pp. 246–251.
2016, pp. 303–312. [52] O. S€oll, T. Korak, M. Muehlberghuber, and M. Hutter, “EM-based
[31] K. Tian, D. Yao, B. G. Ryder, and G. Tan, “Analysis of code detection of hardware trojans on FPGAs,” in Proc. IEEE Int. Symp.
heterogeneity for high-precision classification of repackaged Hardware-Oriented Secur. Trust, May 2014, pp. 84–87.
malware,” in Proc. IEEE Secur. Privacy Workshops, 2016, [53] K. Sakiyama, M. Kasuya, T. Machida, A. Matsubara, Y. Kuai,
pp. 262–271. Y. I. Hayashi, T. Mizuki, N. Miura, and M. Nagata, “Physical
[32] A. Nourian and S. Madnick, “A systems theoretic approach to the authentication using side-channel information,” in Proc. 4th Int.
security threats in cyber physical systems applied to stuxnet,” Conf. Inf. Commun. Technol., May 2016, pp. 1–6.
IEEE Trans. Depend. Secure Comput., vol. 15, no. 1, pp. 2–13, [54] G. A. Jacoby, R. Marchany, and N. Davis, “Battery-based intrusion
Feb. 2018. detection a first line of defense,” in Proc. 5th Annu. IEEE SMC Inf.
[33] L. Liu, G. Yan, X. Zhang, and S. Chen, “VirusMeter: Preventing Assurance Workshop, 2004, pp. 272–279.
your cellphone from spies,” in Proc. Int. Workshop Recent Advances [55] T. K. Buennemeyer, T. M. Nelson, L. M. Clagett, J. P. Dunning,
Intrusion Detection, 2009, pp. 244–264. R. C. Marchany, and J. G. Tront, “Mobile device profiling and
[34] H. Kim, J. Smith, and K. G. Shin, “Detecting energy-greedy anom- intrusion detection using smart batteries,” in Proc. 41st Annu.
alies and mobile malware variants,” in Proc. 6th Int. Conf. Mobile Hawaii Int. Conf. Syst. Sci., 2008, pp. 296–296.
Syst. Appl. Serv., 2008, pp. 239–252. [56] N. Sehatbakhsh, A. Nazari, A. Zajic, and M. Prvulovic, “Spectral
[35] C. R. A. Gonz alez and J. H. Reed, “Power fingerprinting in SDR profiling: Observer-effect-free profiling by monitoring EM ema-
integrity assessment for security and regulatory compliance,” nations,” in Proc. 49th Annu. IEEE/ACM Int. Symp. Microarchit.,
Analog Integr. Circuits Signal Process., vol. 69, no. 2/3, 2011, 2016, pp. 1–11.
Art. no. 307. [57] A. Zajic and M. Prvulovic, “Experimental demonstration of
[36] S. S. Clark, B. Ransford, A. Rahmati, S. Guineau, J. Sorber, W. Xu, electromagnetic information leakage from modern processor-
and K. Fu, “WattsUpDoc: Power side channels to nonintrusively memory systems,” IEEE Trans. Electromagn. Compat., vol. 56, no. 4,
discover untargeted malware on embedded medical devices,” in pp. 885–893, Aug. 2014.
Proc. USENIX Conf. Safety Secur. Privacy Interoperability Health Inf. [58] N. S. Altman, “An introduction to kernel and nearest-neighbor
Technol., 2013, pp. 9–9. nonparametric regression,” Amer. Statistician, vol. 46, no. 3,
[37] Y. Liu, L. Wei, Z. Zhou, K. Zhang, W. Xu, and Q. Xu, “On code pp. 175–185, 1992.
execution tracking via power side-channel,” in Proc. ACM SIGSAC [59] G. Rothermel, S. Elbaum, A. Kinneer, and H. Do, “Software-arti-
Conf. Comput. Commun. Secur., 2016, pp. 1019–1031. [Online]. fact infrastructure repository,” 2006. [Online]. Available: http://
Available: http://doi.acm.org/10.1145/2976749.2978299 sir.unl.edu/portal
[38] R. Callan, F. Behrang, A. Zajic, M. Prvulovic, and A. Orso, [60] N. Andronio, S. Zanero, and F. Maggi, “HelDroid: Dissecting and
“Zero-overhead profiling via EM emanations,” in Proc. 25th Int. detecting mobile ransomware,” in Proc. Int. Workshop Recent
Symp. Softw. Testing Anal., 2016, pp. 401–412. Advances Intrusion Detection, 2015, pp. 382–404.
[39] A. Nazari, N. Sehatbakhsh, M. Alam, A. Zajic, and M. Prvulovic, [61] [Online]. Available: https://www.ettus.com/product/details/
“EDDIE: EM-based detection of deviations in program exe- USRP-B200mini, Accessed on: May 3, 2017.
cution,” in Proc. 44th Annu. Int. Symp. Comput. Archit., 2017, [62] Open syringe-pump source code and project. [Online]. Available:
pp. 333–346. [Online]. Available: http://doi.acm.org/10.1145/ https://github.com/naroom/OpenSyringePump, Last Accessed
3079856.3080223 on: Aug. 01, 2018.
Authorized licensed use limited to: Institute of Information EngineeringCAS. Downloaded on September 27,2023 at 02:22:33 UTC from IEEE Xplore. Restrictions apply.
KHAN ET AL.: IDEA: INTRUSION DETECTION THROUGH ELECTROMAGNETIC-SIGNAL ANALYSIS FOR CRITICAL EMBEDDED AND... 1163
[63] PID controller soldering iron code and project. [Online]. Arie Yeredor (M’99-SM’02) received the BSc
Available: https://github.com/sfrwmaker/soldering_controller, (summa cum laude) and PhD degrees in electri-
Last Accessed on: Aug. 01, 2018. cal engineering from Tel-Aviv University (TAU),
[64] D. Quarta, M. Pogliani, M. Polino, F. Maggi, A. M. Zanchettin, and Tel-Aviv, Israel, in 1984 and 1997, respectively.
S. Zanero, “An experimental security analysis of an industrial robot He is currently an associate professor with the
controller,” in Proc. IEEE Symp. Secur. Privacy, May 2017, pp. 268–286. School of Electrical Engineering, TAU, where his
[65] Robotic arm code and project. [Online]. Available: https:// research and teaching areas are in statistical and
lifehacker.com/build-a-kickass-robot-arm-the-perfect-arduino- digital signal processing and estimation theory.
project-1700643747, Last Accessed on: Aug. 01, 2018. He also held a consulting position in these
[66] Arduino servo refrence library. [Online]. Available: https:// research areas with NICE Systems, Inc., Ra’a-
www.arduino.cc/en/Reference/Servo, Last Accessed on: Aug. nana, Israel, from 1990 to 2015. In 2015-16, he
01, 2018. has been on Sabbatical Leave from TAU as a visiting professor with the
Georgia Institute of Technology, Atlanta, Georgia. He serves as a senior
Haider Adnan Khan received the BSc degree in area editor of the IEEE Transactions on Signal Processing, as a member
electrical and electronic engineering from the Ban- of the IEEE Signal Processing Society’s Signal Processing Theory and
gladesh University of Engineering and Technology, Methods (SPTM) Technical Committee, and as chair of the Signal Proc-
in 2006 and the MSc degree in electrical engineer- essing chapter of IEEE Israel Section. He has been awarded the yearly
ing and information technology from the Karlsruhe Best lecturer of the Faculty of Engineering Award (at TAU) seven times.
Institute of Technology, Germany, in 2011. He is He is a senior member of the IEEE.
working toward the PhD degree in the School of
Electrical and Computer Engineering, Georgia
Institute of Technology focusing on electromag- Milos Prvulovic (S’97-M’03-SM’09) received the
netic information leakage from computing devices. BSc degree in electrical engineering from the
Since 2016, he has been a graduate research University of Belgrade, in 1998, and the MSc and
assistant with the Electromagnetic Measurements in Communications and PhD degrees in computer science from the
Computing ðEMC 2 Þ Lab. His research interests span areas of digital signal University of Illinois at Urbana-Champaign, in
processing, machine learning, and computer vision. 2001 and 2003, respectively. He is a professor
with the School of Computer Science, Georgia
Institute of Technology, where he joined in 2003.
Nader Sehatbakhsh received the BSc degree in His research interests include computer architec-
electrical and electronic engineering from the Uni- ture, especially hardware support for software
versity of Tehran, in 2013 and the MSc degree in monitoring, debugging, and security. He is a past
electrical engineering from the Georgia Institute recipient of the NSF CAREER award, and a senior member of the ACM,
of Technology, in 2016. He is working toward the IEEE, and IEEE Computer Society.
PhD degree in the School of Computer Science,
Georgia Institute of Technology focusing on com- (S’99-M’09-SM’13) received the
Alenka Zajic
puter architecture, embedded system, and hard-
BSc and MSc degrees form the School of Elec-
ware security. Since 2014, he has been a graduate
trical Engineering, University of Belgrade, in
research assistant with CompArch and Electro-
2001 and 2003, respectively, and the PhD
magnetic Measurements in Communications and
degree in electrical and computer engineering
Computing ðEMC 2 Þ Labs. He won the best paper award in MIRCO’49 for
from the Georgia Institute of Technology, in
his work on using EM side-channel signals for software profiling.
2008. Currently, she is an associate professor
with the School of Electrical and Computer Engi-
Luong N. Nguyen received the BSc degree in neering, Georgia Institute of Technology. She
electrical and computer engineering from the was the recipient of the 2017 NSF CAREER
Hanoi University of Science and Technology, in award, 2012 Neal Shepherd Memorial Best
2013 and the MSc degree in electrical and com- Propagation Paper Award, the Best Paper Award at the International
puter engineering from the Seoul National Univer- Conference on Telecommunications 2008, and the Best Student Paper
sity, in 2016. He is working toward the PhD Award at the 2007 Wireless Communications and Networking Confer-
degree in the School of Electrical and Computer ence. Her research interests span areas of electromagnetic, wireless
Engineering, Georgia Institute of Technology communications, signal processing, and computer engineering. She is
focusing on digital circuit design, software and a senior member of the IEEE.
hardware security, and embedded system. Since
2016, he has been a graduate research assistant
with the Electromagnetic Measurements in Communications and Com- " For more information on this or any other computing topic,
puting ðEMC 2 Þ Lab. His current research interests span areas of ASIC please visit our Digital Library at www.computer.org/csdl.
design and computer architecture.
Authorized licensed use limited to: Institute of Information EngineeringCAS. Downloaded on September 27,2023 at 02:22:33 UTC from IEEE Xplore. Restrictions apply.