应用程序分析综合传感器欺骗攻击

Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security Pub Date : 2017-04-02 DOI:10.1145/3052973.3053038

I. Pustogarov, T. Ristenpart, Vitaly Shmatikov

{"title":"应用程序分析综合传感器欺骗攻击","authors":"I. Pustogarov, T. Ristenpart, Vitaly Shmatikov","doi":"10.1145/3052973.3053038","DOIUrl":null,"url":null,"abstract":"In a sensor spoofing attack, an adversary modifies the physical environment in a certain way so as to force an embedded system into unwanted or unintended behaviors. This usually requires a thorough understanding of the system's control logic. The conventional methods for discovering this logic are manual code inspection and experimentation. In this paper, we design a directed, compositional symbolic execution framework that targets software for the popular MSP430 family of microcontrollers. Using our framework, an analyst can generate traces of sensor readings that will drive an MSP430-based embedded system to a chosen point in its code. As a case study, we use our system to generate spoofed wireless signals used as sensor inputs into AllSee, a recently proposed low-cost gesture recognition system. We then experimentally confirm that AllSee recognizes our adversarially synthesized signals as \"gestures.\"","PeriodicalId":20540,"journal":{"name":"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security","volume":"36 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":"{\"title\":\"Using Program Analysis to Synthesize Sensor Spoofing Attacks\",\"authors\":\"I. Pustogarov, T. Ristenpart, Vitaly Shmatikov\",\"doi\":\"10.1145/3052973.3053038\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In a sensor spoofing attack, an adversary modifies the physical environment in a certain way so as to force an embedded system into unwanted or unintended behaviors. This usually requires a thorough understanding of the system's control logic. The conventional methods for discovering this logic are manual code inspection and experimentation. In this paper, we design a directed, compositional symbolic execution framework that targets software for the popular MSP430 family of microcontrollers. Using our framework, an analyst can generate traces of sensor readings that will drive an MSP430-based embedded system to a chosen point in its code. As a case study, we use our system to generate spoofed wireless signals used as sensor inputs into AllSee, a recently proposed low-cost gesture recognition system. We then experimentally confirm that AllSee recognizes our adversarially synthesized signals as \\\"gestures.\\\"\",\"PeriodicalId\":20540,\"journal\":{\"name\":\"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security\",\"volume\":\"36 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-04-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3052973.3053038\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3052973.3053038","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 15

摘要

在传感器欺骗攻击中，攻击者以某种方式修改物理环境，从而迫使嵌入式系统产生不想要的或意想不到的行为。这通常需要对系统的控制逻辑有透彻的理解。发现这种逻辑的传统方法是手工代码检查和实验。在本文中，我们为流行的MSP430系列微控制器设计了一个定向的、组合的符号执行框架。使用我们的框架，分析人员可以生成传感器读数的跟踪，将基于msp430的嵌入式系统驱动到其代码中的选定点。作为一个案例研究，我们使用我们的系统生成欺骗无线信号，作为传感器输入AllSee，一个最近提出的低成本手势识别系统。然后，我们通过实验证实，AllSee将我们的对抗合成信号识别为“手势”。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Using Program Analysis to Synthesize Sensor Spoofing Attacks

In a sensor spoofing attack, an adversary modifies the physical environment in a certain way so as to force an embedded system into unwanted or unintended behaviors. This usually requires a thorough understanding of the system's control logic. The conventional methods for discovering this logic are manual code inspection and experimentation. In this paper, we design a directed, compositional symbolic execution framework that targets software for the popular MSP430 family of microcontrollers. Using our framework, an analyst can generate traces of sensor readings that will drive an MSP430-based embedded system to a chosen point in its code. As a case study, we use our system to generate spoofed wireless signals used as sensor inputs into AllSee, a recently proposed low-cost gesture recognition system. We then experimentally confirm that AllSee recognizes our adversarially synthesized signals as "gestures."

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

自引率

0.00%

发文量