Impedance Leakage Vulnerability and its Utilization in Reverse-engineering Embedded Software

• URL: http://arxiv.org/abs/2310.03175v2
• Date: Wed, 13 Dec 2023 22:57:24 GMT
• Title: Impedance Leakage Vulnerability and its Utilization in Reverse-engineering Embedded Software
• Authors: Md Sadik Awal, Md Tauhidur Rahman,
• Abstract summary: impedance is an inherent property of a device that can be exploited to leak information through an unintended side channel. This paper demonstrates that the impedance of an embedded device is not constant and directly relates to the programs executed on the device. We use this phenomenon as impedance leakage and use this as a side channel to extract software instructions from protected memory.
• Score: 1.7495213911983414
• License: http://creativecommons.org/licenses/by-sa/4.0/
• Abstract: Discovering new vulnerabilities and implementing security and privacy measures are important to protect systems and data against physical attacks. One such vulnerability is impedance, an inherent property of a device that can be exploited to leak information through an unintended side channel, thereby posing significant security and privacy risks. Unlike traditional vulnerabilities, impedance is often overlooked or narrowly explored, as it is typically treated as a fixed value at a specific frequency in research and design endeavors. Moreover, impedance has never been explored as a source of information leakage. This paper demonstrates that the impedance of an embedded device is not constant and directly relates to the programs executed on the device. We define this phenomenon as impedance leakage and use this as a side channel to extract software instructions from protected memory. Our experiment on the ATmega328P microcontroller and the Artix 7 FPGA indicates that the impedance side channel can detect software instructions with 96.1% and 92.6% accuracy, respectively. Furthermore, we explore the dual nature of the impedance side channel, highlighting the potential for beneficial purposes and the associated risk of intellectual property theft. Finally, potential countermeasures that specifically address impedance leakage are discussed.

Related papers

• Lost and Found in Speculation: Hybrid Speculative Vulnerability Detection [15.258238125090667]
  We introduce Specure, a novel pre-silicon verification method composing hardware fuzzing with Information Flow Tracking (IFT) to address speculative execution leakages. Specure identifies previously overlooked speculative execution vulnerabilities on the RISC-V BOOM processor and explores the vulnerability search space 6.45x faster than existing fuzzing techniques.
  arXiv  Detail & Related papers  (2024-10-29T21:42:06Z)
• BEEAR: Embedding-based Adversarial Removal of Safety Backdoors in Instruction-tuned Language Models [57.5404308854535]
  Safety backdoor attacks in large language models (LLMs) enable the stealthy triggering of unsafe behaviors while evading detection during normal interactions. We present BEEAR, a mitigation approach leveraging the insight that backdoor triggers induce relatively uniform drifts in the model's embedding space. Our bi-level optimization method identifies universal embedding perturbations that elicit unwanted behaviors and adjusts the model parameters to reinforce safe behaviors against these perturbations.
  arXiv  Detail & Related papers  (2024-06-24T19:29:47Z)
• Impedance vs. Power Side-channel Vulnerabilities: A Comparative Study [1.5566524830295307]
  Physical side channels emerge from the relation between internal computation or data with observable physical parameters of a chip. In this study, we conduct a comparative analysis of the impedance side channel, which has been limitedly explored, and the well-established power side channel. Our findings indicate that impedance analysis demonstrates a higher potential for cryptographic key extraction compared to power side-channel analysis.
  arXiv  Detail & Related papers  (2024-05-10T04:44:34Z)
• Lazy Layers to Make Fine-Tuned Diffusion Models More Traceable [70.77600345240867]
  A novel arbitrary-in-arbitrary-out (AIAO) strategy makes watermarks resilient to fine-tuning-based removal. Unlike the existing methods of designing a backdoor for the input/output space of diffusion models, in our method, we propose to embed the backdoor into the feature space of sampled subpaths. Our empirical studies on the MS-COCO, AFHQ, LSUN, CUB-200, and DreamBooth datasets confirm the robustness of AIAO.
  arXiv  Detail & Related papers  (2024-05-01T12:03:39Z)
• Privacy Preserving Anomaly Detection on Homomorphic Encrypted Data from IoT Sensors [0.9831489366502302]
  Homomorphic encryption schemes are promising solutions as they enable the processing and execution of operations on IoT data while still encrypted. We propose a novel privacy-preserving anomaly detection solution designed for homomorphically encrypted data generated by IoT devices.
  arXiv  Detail & Related papers  (2024-03-14T12:11:25Z)
• Information Leakage through Physical Layer Supply Voltage Coupling Vulnerability [2.6490401904186758]
  We introduce a novel side-channel vulnerability that leaks data-dependent power variations through physical layer supply voltage coupling (PSVC) Unlike traditional power side-channel attacks, the proposed vulnerability allows an adversary to mount an attack and extract information without modifying the device.
  arXiv  Detail & Related papers  (2024-03-12T23:39:54Z)
• RandOhm: Mitigating Impedance Side-channel Attacks using Randomized Circuit Configurations [6.388730198692013]
  We introduce RandOhm, which exploits a moving target defense (MTD) strategy based on the partial reconfiguration (PR) feature of mainstream FPGAs. We demonstrate that the information leakage through the PDN impedance could be significantly reduced via runtime reconfiguration of the secret-sensitive parts of the circuitry. In contrast to existing PR-based countermeasures, RandOhm deploys open-source bitstream manipulation tools to speed up the randomization and provide real-time protection.
  arXiv  Detail & Related papers  (2024-01-17T02:22:28Z)
• AI-Based Energy Transportation Safety: Pipeline Radial Threat Estimation Using Intelligent Sensing System [52.93806509364342]
  This paper proposes a radial threat estimation method for energy pipelines based on distributed optical fiber sensing technology. We introduce a continuous multi-view and multi-domain feature fusion methodology to extract comprehensive signal features. We incorporate the concept of transfer learning through a pre-trained model, enhancing both recognition accuracy and training efficiency.
  arXiv  Detail & Related papers  (2023-12-18T12:37:35Z)
• Safe and Robust Watermark Injection with a Single OoD Image [90.71804273115585]
  Training a high-performance deep neural network requires large amounts of data and computational resources. We propose a safe and robust backdoor-based watermark injection technique. We induce random perturbation of model parameters during watermark injection to defend against common watermark removal attacks.
  arXiv  Detail & Related papers  (2023-09-04T19:58:35Z)
• Over-the-Air Federated Learning with Privacy Protection via Correlated Additive Perturbations [57.20885629270732]
  We consider privacy aspects of wireless federated learning with Over-the-Air (OtA) transmission of gradient updates from multiple users/agents to an edge server. Traditional perturbation-based methods provide privacy protection while sacrificing the training accuracy. In this work, we aim at minimizing privacy leakage to the adversary and the degradation of model accuracy at the edge server.
  arXiv  Detail & Related papers  (2022-10-05T13:13:35Z)
• Untargeted Backdoor Watermark: Towards Harmless and Stealthy Dataset Copyright Protection [69.59980270078067]
  We explore the untargeted backdoor watermarking scheme, where the abnormal model behaviors are not deterministic. We also discuss how to use the proposed untargeted backdoor watermark for dataset ownership verification.
  arXiv  Detail & Related papers  (2022-09-27T12:56:56Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.