Malicious activity detection in lightweight wearable and iot devices using signal stitching

Fatih Karabacak, Umit Ogras, Sule Ozev

Research output: Contribution to journalArticlepeer-review

Abstract

The integrated circuit (IC) manufacturing process involves many players, from chip/board design and fabrication to firmware design and installation. In today’s global supply chain, any of these steps are prone to interference from rogue players, creating a security risk. Therefore, manufactured devices need to be verified to perform only their intended operations since it is not economically feasible to control the supply chain and use only trusted facilities. This paper presents a detection technique for malicious activity that can stem from hardware or firmware Trojans. The proposed technique relies on (i) repetitious side-channel sample collection of the active device, (ii) time-domain stitching, and (iii) frequency domain analysis. Since finding a trusted sample is generally impractical, the proposed technique is based on self-referencing to remove the effects of environmental or device-to-device variation in the frequency domain. We first observe that the power spectrum of the Trojan activity is confined to a low-frequency band. Then, we exploit this fact to achieve self-referencing using signal detection theory. The proposed technique’s effectiveness is demonstrated through experiments on a wearable electronics prototype and system-on-chip (SoC) under a variety of practical scenarios. Experimental results show the proposed detection technique enables a high overall detection coverage for malicious activities of varying types with 0.8 s monitoring time overhead, which is negligible.

Original languageEnglish (US)
Article number3408
JournalSensors
Volume21
Issue number10
DOIs
StatePublished - May 2 2021

Keywords

  • Flexible electronic security
  • Hardware/firmware trojan detection
  • IoT security
  • Malicious activity detection
  • Self-referenced trojan detection
  • Side-channel analysis
  • Spectrum analysis
  • Wearable electronic device security

ASJC Scopus subject areas

  • Analytical Chemistry
  • Information Systems
  • Atomic and Molecular Physics, and Optics
  • Biochemistry
  • Instrumentation
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Malicious activity detection in lightweight wearable and iot devices using signal stitching'. Together they form a unique fingerprint.

Cite this