Run-Time ROP Attack Detection on Embedded Devices Using Side Channel Power Analysis

IF 1.7 4区计算机科学 Q3 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

IEEE Embedded Systems Letters Pub Date : 2024-12-05 DOI:10.1109/LES.2024.3445256

Jinyao Xu;Danny Abraham;Ian G. Harris

引用次数: 0

Abstract

Return-oriented programming (ROP) have emerged as great threats to the modern embedded systems. ROP attacks can be used to either bypass credential verification or modify RAM contents. In this letter, we introduce a simple side-channel technique for the run-time ROP detection. We use processors’ power consumption pattern as an indicator for the potential ROP attacks, which can be deployed across different platforms. We avoid the computational complexities of training machine learning models by using a simple linear comparison algorithm to compare the known and unknown power patterns to discern anomalies. For evaluation, we implement both the ROP attacks in multiple scenarios on the benchmarks with various complexity levels. We demonstrate the robustness of our approach and also outline some potential overheads that the approach incurs for the run-time ROP detection.

查看原文本刊更多论文

基于侧信道功率分析的嵌入式设备运行时ROP攻击检测

面向返回的编程（ROP）已经成为现代嵌入式系统的巨大威胁。ROP攻击可以用来绕过凭证验证或修改RAM内容。在这封信中，我们介绍了一种简单的侧信道技术，用于运行时ROP检测。我们使用处理器的功耗模式作为潜在ROP攻击的指示器，可以跨不同平台部署。我们通过使用简单的线性比较算法来比较已知和未知的功率模式来识别异常，从而避免了训练机器学习模型的计算复杂性。为了进行评估，我们在具有不同复杂级别的基准测试的多个场景中实现了这两种ROP攻击。我们演示了该方法的健壮性，并概述了该方法在运行时ROP检测中可能产生的一些开销。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Embedded Systems Letters Engineering-Control and Systems Engineering

CiteScore

3.30

自引率

0.00%

发文量

期刊介绍： The IEEE Embedded Systems Letters (ESL), provides a forum for rapid dissemination of latest technical advances in embedded systems and related areas in embedded software. The emphasis is on models, methods, and tools that ensure secure, correct, efficient and robust design of embedded systems and their applications.