PFP Technology White Paper

Transcription

1 PFP Technology White Paper Summary PFP Cybersecurity solution is an intrusion detection solution based on observing tiny patterns on the processor power consumption. PFP is capable of detecting intrusions and zero day attacks across all layers of the execution stack, from hardware to application layer. PFP does not require installing any software on the target platform, allowing the monitoring of systems with limited resources for which there is no commercial solution available. PFP is a proven technology that has been successfully demonstrated on simple and complex platforms. Introduction Traditional cyber defense approaches have been unable to prevent adversaries from compromising critical systems. Existing monitoring approaches, such as antivirus, depend on having explicit knowledge of the attacks themselves and miss new attacks ften called zero-day attacks. Furthermore, a significant number of systems controlling critical infrastructure have no antivirus commercially available because they are implemented in embedded and resource constrained platforms, have legacy processors, or utilize unique hardware. The range of potential cyber targets keeps expanding, putting systems once thought to be safe well within reach. For example, the Stuxnet attack to industrial control systems targeted programmable logic controllers, a platform that had not been attacked before. The PFP Cybersecurity solution is a novel approach for integrity assessment that utilizes a physical side channel (power consumption) to obtain information about the internal execution status in a processor, across the full execution stack and independent of the platform or application. PFP is implemented using an external monitor and is capable of detecting, with extreme accuracy, when a cyber-attack has compromised the target system. PFP is applicable to new and legacy systems and is complementary to existing cyber security solutions. PFP Technology In CMOS 1 digital circuits, every time there is a transition from 1 to 0, or 0 to 1, there is a transient current drain resulting from a brief short circuit in the gates and the charge and discharge of parasitic capacitance. In a processor, the total power consumed in a given clock cycle is determined by the total number of bit transitions that take place during that cycle. PFP is based on taking fine-grained traces of the processor s power consumption to identify the unique patterns created by the specific sequence of bit transitions during execution. 1 Complementary metal oxide semiconductor 2013 PFP Cybersecurity is a Power Fingerprinting, Inc.Company 1

2 FIG 1. PFP Monitor The concept behind a PFP monitor, shown in FIG 1, is relatively straightforward. It consists of three main elements common to all pattern recognition systems: sensing, feature extraction, and classification. Sensing involves measuring, directly or indirectly, the instantaneous current drain. This measurement can be accomplished using a variety of approaches, including current or electromagnetic probes. We explain sensing in more detail later in the paper. PFP compares the captured traces against a baseline reference and looks for deviations beyond what is considered normal for that target execution. The baseline references uniquely identify the execution of a given software routine/path. They are extracted in a controlled environment before the system is deployed. The stored references are used by the PFP monitor to detect unauthorized execution deviations in real-time. The level of expected deviation during normal operation is identified during the characterization process and determines a threshold between normal and anomalous execution. When the observed traces cannot be matched with any of the baseline references, within a reasonable tolerance, it is determined that an intrusion has occurred. PFP Sensors Sensors play an important role because they capture the signals from the processor and they are the only element of the monitor that has to reside in close proximity to the target. PFP sensors observe, with fine detail, the instantaneous current drain of the processing element during execution and they do this in a small form-factor and low cost. There are different technical options to implement PFP sensors, including current and electromagnetic probes. Current sensors include current probes and current mirrors that can be introduced into the chip or board design of new systems. Electromagnetic (EM) sensors include near-field antennas that pick up the changes in the electric or magnetic fields caused by processor execution. EM sensors have the advantage that can be used to retrofit legacy devices without modifications to the target platform. EM sensors can also be introduced into new board designs with little cost impact by adding the traces that make up the probe as part of the PCB layout. PFP Characterization PFP is based on detecting anomalies and deviations from baseline references. These references describe the expected power consumption and how much variation is considered normal. PFP references can be extracted using different approaches. One of the most straightforward methods includes having a gold sample of the target platform. In this scenario, PFP baselines are determined by executing the gold sample in a controlled environment while observing its power consumption. This process, depicted in FIG 2, is very close to automated software testing, thus PFP can leverage existing tools to facilitate the 2013 PFP Cybersecurity is a Power Fingerprinting, Inc.Company 2

3 baseline extraction process. While references are unique to a specific target system, the process to extract them is general and can be applied across platforms and applications. FIG 2. PFP Characterization Process Ideally, a reference is extracted from every execution path in the target. Industrial control and embedded systems with limited complexity present excellent opportunities for complete characterization, as their process execution is limited in functionality (as compared to an enterprise server for example). In cases when extracting a reference for every execution path is not feasible due to complexity, characterization is focused on critical modules of the system (e.g. Kernel, Boot sequences, cypher, etc.) with help from synchronization artifacts. This way, PFP can monitor the integrity of the target modules every time they are executed. There are two other options to extract baseline references when a trusted gold sample is not available. For example, it is possible to use simulation to extract references from basic hardware systems, or one can use statistical methods to extract references from populations of devices in the field where only a few samples are expected to be compromised. A common concern in the characterization of hardware systems for supply-chain risk management is how to guarantee that the gold sample has not been already compromised. In this case, it is possible to perform the regular characterization on the target and then perform destructive reverse engineering on the gold sample. If the destructive test shows no indication of tampering, then the extracted PFP references can be trusted. PFP Monitoring and Response During monitoring, PFP looks for deviations from the baseline references to determine whether an intrusion has occurred. This operation is performed by a separate device, independent of the target. After the sensor has captured the traces, the data can be processed locally or remotely over a network. In the monitoring process, FIG 3, captured traces are processed by the PFP monitor and quantitatively compared against the baseline references. When the observed traces cannot be matched to any of the stored references, within a reasonable tolerance, it is determined that an intrusion has occurred. FIG 3. PFP Monitor and Dashboard When an intrusion is determined, PFP has different options to respond. Generic responses, such as raising an alarm and logging the event, are very generic and can be applied to a large variety of systems. More sophisticated responses are also possible, such as blocking access to peripherals or resetting 2013 PFP Cybersecurity is a Power Fingerprinting, Inc.Company 3

4 the target, but their application depends on the properties and needs of the target system. The performance and effectiveness of a PFP monitor is largely determined by false positives or false alarms. PFP can combine several traces captured from different execution instances of the target modules and increase the accuracy of its estimates and reduce the chances of making an error. In other words, it is possible for a PFP monitor to achieve an arbitrary small probability of false alarm provided that enough execution instances can be observed. PFP Advantages and Applications PFP enables security monitoring and integrity assessment on platforms that would otherwise not have the processing resources necessary to perform it. PFP operates at the bit transitions level and gets status information directly from the hardware, but without its explicit cooperation. This characteristic allows PFP to be agnostic of the software stack or operating system, and to be applied to legacy systems. More importantly, it allows PFP to monitor the lowest levels of the software stack, enabling the detection of covert attacks, Kernel rootkits, BIOS/Firmware attacks, and even hardware Trojans. PFP provides several advantages compared to traditional execution monitoring and intrusion detection systems. PFP uses fine-grained measurements of the power consumption, which makes it extremely difficult for attackers to evade. PFP is effective against zero-day attacks, independent from attack vector or vulnerability exploited, and applicable to any platform. Furthermore, because the monitor is a physically separated and independent from the target, it provides effective isolation to prevent attacks on the monitor itself and eliminates monitoring overhead. The principles behind PFP apply to any digital circuit. Therefore, PFP can provide intrusion detection and supply chain risk management in a variety of applications, including, but not limited to: Critical embedded systems Industrial control systems Mobile systems Critical infrastructure Weapon systems Medical devices, etc. PFP Results and Demonstrations Demonstration results, both academic and commercial, are encouraging and provide a solid foundation for PFP. Several academic, peer-reviewed conference and journal papers have been published on PFP [1-5]. In addition to these academic publications, PFP has been demonstrated on different platforms in commercial and R&D projects. Brief summaries of these projects are provided below. Embedded Linux PFP demonstrated its ability to monitor the execution of kernel modules involved on the execution of the chmod command on the Angstrom Embedded Linux distribution. The PFP monitor was able to differentiate small changes on execution at the Kernel level, even when there was no observable difference in functional behavior. The performance, accuracy, and level of detail in the execution assessment by PFP cannot be achieved using traditional security mechanisms without explicit 2013 PFP Cybersecurity is a Power Fingerprinting, Inc.Company 4

5 cooperation from the processor and without introducing significant performance overhead. For this project, the PFP monitor was configured to monitor the execution of the Linux chmod command. This command changes the file mode bits of a file and controls which users can access files and directories and what operations can be performed in them. So, the chmod command, among other things, can be used to determine who can read, write, and execute a file. In Linux, the owner of file is authorized to make changes to its mode bits by calling chmod. If an unauthorized user tries to modify the mode bits, the OS would reject the operation. In the Linux OS, however, there are privileged users, such as Root, with complete access to all files who can run chmod in any file. While there is no functional difference between the execution of chmod as the owner of a file (Owner) or as Root, there is a clear difference in terms of execution and behavior. From a monitoring perspective, it is of great value to be able to identify whether a command is being executed as Root or as some other user. For instance, most malicious intrusions start by escalating privileges (obtaining Root access), then modifying the system (e.g. stealing information or installing backdoors). Thus, PFP can greatly improve the integrity analysis of systems and help quickly identify malicious intrusions and unauthorized modifications. FIG 4 shows the PFP monitoring results of this experiment. The figure shows a clear separation between traces captured during the execution as Owner and as Root. FIG 4. Sample distributions and their fits of PFP discriminatory features from chmod traces Android The ability of PFP to operate in complex platforms was demonstrated by monitoring Android. Experimental results showed the ability of PFP to detect small execution deviations, emulating the behavior of conditional attacks such as time or logic bombs, in the Android user space. A PFP monitor was able to successfully identify tampering in an Android app that included a small conditional execution (writing a file) even when the required condition is not met and no observable malicious action was performed The ability of PFP to monitor all layers of the execution stack was demonstrated in another project. The PFP monitor was able to detect tampering at the bootloader, which the first software executed upon power up and before the OS. The specific intrusion detected could be used to disguise the presence of counterfeit components in critical systems. In the last Android example, a PFP monitor was able to detect a successful jailbreak attempt by real-world malware. In addition, the PFP monitor was able to deploy an effective 2013 PFP Cybersecurity is a Power Fingerprinting, Inc.Company 5

6 response to prevent the malware from further compromising the system. A related short video of this project can be seen at: Siemens PLC One of the main advantages of PFP is its ability to monitor the integrity of platforms that do not have the computational resources necessary to support traditional security approaches. Industrial control systems (ICS) fall in this category, including Supervisory, Control, and Data Acquisition (SCADA) systems. ICS and SCADA systems are ubiquitous in critical infrastructure, including water treatment and distribution, transportation systems, oil and gas pipelines, electrical power transmission and distribution, wind farms, defense systems, and large communication systems. ICS evolved during a time when they were considered out of the reach of malicious attackers. As the systems evolved and networking access was enabled to allow remote monitoring, ICS were left vulnerable to attacks, while security solutions tailored for them were notoriously absent. ICSs are especially vulnerable to cyber-attacks due to their computational resource constraints, which restrict their ability to support existing monitoring mechanisms. Furthermore, many of these platforms are implemented with legacy or special processors not supported by commercial cyber security solutions. Using COTS components PFP successfully detected a malicious intrusion in a Siemens PLC. For this demonstration, the original control logic in a Siemens S7 PLC is characterized and monitored. A malicious intrusion similar in operation to Stuxnet is then introduced. When a trigger condition is present, the intrusion activates and sabotages the operation of the control system while hiding its actions from the operators. Similar to Stuxnet, when the trigger condition is not present the intrusion goes into a dormant state. When dormant, the intrusion has no impact on the logic operation and produces no suspicious network traffic. PFP successfully detected the malicious intrusion even when the trigger condition is not present. The intrusion s act of checking for the trigger condition is enough for PFP to catch it. A short video of this demonstration can be seen at: Xilinx FPGA In another project, a PFP monitor was able to assess the integrity of hardware using an FPGA and detect tampering introduced at the supply chain. The target platform is a Xilinx Spartan 3 FPGA. The original design is tampered, introducing potentially harmful functionality, but which is activated only under a specific condition. Traditional functional and acceptance testing are unlikely to detect such conditional tamper, as the trigger conditions are chosen such that they are only activated by very specific inputs, unlikely to ever be present under normal operation. The PFP monitor, however, was able to successfully detect the hardware tampering, even when the trigger condition is not present, because the very act of checking for the condition by the trojan is an anomaly! A short video of this demonstration can be seen at: PFP Cybersecurity is a Power Fingerprinting, Inc.Company 6

7 References [1] C. R. Aguayo Gonzalez and J. H. Reed, Power Fingerprinting in SDR and CR Integrity Assessment, IEEE MILCOM [2] C. R. Aguayo Gonzalez and J. H. Reed, Dynamic Power Consumption Monitoring in SDR and CR Regulatory Compliance, SDR Forum Conference. DC, Dec., [3] C. R. Aguayo Gonzalez and J. H. Reed, Power Fingerprinting in Unauthorized Software Execution Detection for SDR Regulatory Compliance, Proc. of the Wireless Innovation Forum Technical Conf. Wash. DC, Dec [4] C. R. Aguayo Gonzalez and J. H. Reed, Detecting Unauthorized Software Execution in SDR using Power Fingerprinting, IEEE MILCOM [5] C. R. Aguayo Gonzalez and J. H. Reed, Power Fingerprinting in SDR Integrity Assessment for Security and Regulatory Compliance, Analog Integrated Circuits and Signal Processing, Springer. Nov, PFP Cybersecurity is a Power Fingerprinting, Inc.Company 7