260 likes | 445 Views
SecureCore : A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems. Man-Ki Yoon, Sibin Mohan, Jaesik Choi, Jung- Eun Kim, Lui Sha Dept. of Computer Science, UIUC Information Trust Institute, UIUC Lawrence Berkeley National Lab Apr 9 th , 2013 .
E N D
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems Man-Ki Yoon, Sibin Mohan,Jaesik Choi,Jung-Eun Kim, LuiSha Dept. of Computer Science, UIUC Information Trust Institute, UIUC Lawrence Berkeley National Lab Apr 9th, 2013
Increased Capability Rethinking Real-Time Embedded System Security • More Vulnerable to Security Attacks • More Networked • Open, Standard Platform SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
SecureCore Architecture • Intrusion Detection, not prevention • Most critical component: control application • System recovery upon detection • Behavior monitoring • Predictable timing behaviors of real-time apps • Profile using statistical learning • Multicore-based core-to-core monitoring • On-chip HW for processor state inspection • Hypervisor-based protection/isolation SecureCore Architecture SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Rest of the Talk • System and Application Model • Timing-based Intrusion Detection (Overview) • SecureCore • Architecture Design • Timing-based Intrusion Detection (Detail) • Implementation and Evaluation • Limitations and Future Work SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
System and Application Model • Multicore-based Real-Time Control System Time Controller Sensor data Actuation cmd • Threat Model:Malicious code execution • Embedded in the control code • Activated after system initialization • Irrelevant how it gained entry SecureCore MonitoredCore Actuation cmd Sensor data Physical plant SecureCore Architecture SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Timing-Based Intrusion Detection • Idea: Deterministic timingof real-time applications • Any malicious activity consumes finite timeto execute • Deviation from expected timing → Suspicious! Block 1 Malicious Code Block 3 Block 2 Block 4 Block 5 Observed Legitimate Block 6 SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Timing-Based Intrusion Detection • Idea: Deterministic timing of real-time applications • Any malicious activity consumes finite timeto execute • Deviation from expected timing → Suspicious! Block 1 Block 3 Block 2 Block 4 Block 5 Block 6 SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Timing-Based Intrusion Detection • Idea: Deterministic timing of real-time applications • Any malicious activity consumes finite timeto execute • Deviation from expected timing → Suspicious! Block 1 Block 3 Block 2 Block 4 Block 5 Block 6 SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Outline • System and Application Models • Timing-based Intrusion Detection (Overview) • SecureCore • Architecture Design • Timing-based Intrusion Detection (Detail) • Implementation and Evaluation • Limitations and Future Work SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
SecureCore Architecture Monitored Core Secure Core Decision Module Timing Trace Module Secure Monitor Safety Ctrl. Complex Controller Scratch Pad Memory I/O Proxy OS OS Inter-Core Communication Hypervisor Actuation Command Sensor Data • Hypervisor • Memory space separation • Trust base Timing Trace Module (TTM) Read processor states when a trace instruction is executed • Scratch Pad Memory (SPM) • Stores a sequence of trace information • Only visible to the secure core • I/O Proxy • Manages I/O to/from the plant • Prevent I/O data obfuscation • Secure Monitor • Verify the legitimacy of an execution • Use timing profile • SimplexArchitecture [Sha, 2001] • For reliable & loss-less control Plant SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Timing-Based Intrusion Detection • Block-levelmonitoring • Narrowing estimation domain • Less variation, better accuracy • Block boundary: check point • Detect unexpected flow deviations Block 1 Block 3 Block 2 Block 4 Block 5 Block 6 SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
How to Get Timing Profiles Statistical Learning Block 1 Block 1 Block 3 Block 3 Block 2 Block 2 Block 4 Block 4 Block 5 Block 5 Block 6 Block 6 Block 6 Block 6 Block 6 Block 6 SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Timing Trace Module SPM Layout Trace Instructions • Read Timestampand Program Counter from the processor registers • Addri= BA – PCi(i.e., relative address from BA) • PID registration for preventing traces from being forged • BA: Base Address ( = PC of INST_REG_PID) SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Raw Traces (Addr1, t1) (Addr2,t2) Addr1 INST_TRACE Block 1 (Addr3, t3) (Addr7,t4) Addr2 INST_TRACE (Addr1, t5) Block 3 (Addr2,t6) Addr4 INST_TRACE Block 2 (Addr4,t7) (Addr6,t8) INST_TRACE Addr3 Block 4 Block 5 (Addr7,t9) (Addr1, t10) INST_TRACE INST_TRACE Addr5 Addr6 (Addr2,t11) (Addr4,t12) Block 6 (Addr5,t13) Addr7 INST_TRACE (Addr7,t14) … SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Trace Tree (Addr1, t1) Addr1 (Addr2,t2) t2-t1 (Addr3, t3) t6-t5 Block 1 t11-t10 (Addr7,t4) Addr2 (Addr1, t5) Addr2 • From a trace tree, we can get • Execution time samples (each node) • Legitimate execution flows t7-t6 (Addr2,t6) t12-t11 Block 3 … t3- t2 (Addr4,t7) Addr4 Addr4 Block 2 … (Addr6,t8) t8-t7 t13-t12 (Addr7,t9) Block 5 Block 4 … … Addr3 (Addr1, t10) Addr5 Addr6 (Addr2,t11) Same execution block, but on different paths. Each has its own timing profile (Addr4,t12) t4- t3 t14-t13 t9-t8 Block 6 Block 6 Block 6 (Addr5,t13) … … … (Addr7,t14) … Addr7 Addr7 Addr7 SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Timing Profile • What is a good estimation of execution times? • Min & max, mean, … • Not representative • Cannot capture variations well • Probabilistic timing model • Estimate the likelihoods of execution times! • Probability distribution • Parametric vs. Non-parametric distribution • Unknown shape SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Execution Time Profile Using Kernel Density Estimation (KDE) • Non-parametric Probability Density Function Estimation Given samples of execution times Draw scaled distribution at each sample point Sum them up Example 3 (Figure is from CSCE 666 Pattern Analysis by Ricardo Gutierrez-Osuna at TAMU) 2 Kernelfunction 1 Estimated pdf Bandwidth (Smoothing constant) • Kernel & bandwidth affect shapeandsmoothness • Gaussian kernel SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Intrusion Detection Using Timing Profiles PDF of the Execution Time of an example block How much deviation should we consider malicious? Threshold test Malicious Legitimate • E.g.,or • At leastof measurements were close to Highly likely Multiple peaks: different inputs or system effects SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Summary of Timing-Based Intrusion Detection Monitored Core Secure Core Addr1 Timing Trace Module Secure Monitor Complex Controller Block 1 Block 1 Addr2 (Addr1, ti) Addr2 Scratch Pad Memory Block 3 (Addr2,ti+1) Block 3 Block 2 (Addr4,ti+2) Addr4 Block 2 Addr4 [Profile] [Run-time Execution] (Addr6,ti+3) Block 4 Block 5 (Addr7,ti+4) Block 4 Block 5 Addr3 Traverse and check Addr5 Addr6 Block 6 Trace Block 6 Block 6 Block 6 Addr7 Addr7 Addr7 SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Outline • System and Application Models • Timing-based Intrusion Detection (Overview) • SecureCore • Architecture Design • Timing-based Intrusion Detection (Detail) • Implementation and Evaluation • Limitations and Future Work SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Implementation Host PC Simics (P4080) Secure Core Monitored Core DM TTM CC SM SC IOP SPM Linux 2.6.34 LWE Inverted Pendulum (IP) Dynamics Hypervisor Serial (tty) Pseudo Terminal (pts) Byte channel • Inverted Pendulum Control • Controller and dynamics (cart position, rod’s angle) • Generated from Simulink IP model • Freescale P4080 on Simics • Only two cores (Core 0 and 1) • Cache (L1 and L2) and bus models for system effects • ISA modification for trace instruction SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Application Model • IP Control + FFT (EEMBC) FFT Init 0 + 1 meter FFT Phase #1 Malicious code PathID = 1, 2 • Injected at the end of FFT Phase #3 • Simple loop(some array copy) • 440, 720, 1000 cycles for 1,3,5 loops • (FFT Phase#3: ~260,000 cycles) • Activated when the cart passes +0.7 m • Execute randomlythereafter • Loop execution • Sends old actuation cmd FFT Phase #2 PathID = 0 1 run if PathID = 0, 1 FFT Phase #3 2 runs if PathID = 2 IP Control Timing Profile • Total exec time: 850,000 ~ 1,200,000 cycles (~1ms) • Control period: 10 ms • ~10,000 runs (no malicious code activation) • ‘ksdensity’ (Matlab) for Gaussian KDE SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Early Detection (1%) Loop count: 3 ( ~ 720 cycles) Simplex only Simplex only Attack activated Attack activated Attack activated Our method No attack No attack No attack No attack No protection No protection No protection SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Intrusion Detection Accuracy • Criteria: False prediction rates • False positive: predict “malicious” when not • False negative: fail to detect a real attack Real Predicted False negative rates False positive rates Trade off: Low ? High ? High More false alarms Detect well Low Miss often Fewer false alarms SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Limitations and Future Work • Limitations • Low detection accuracy for short malicious code → More deterministic execution • Still high false positive → Long-term monitoring • Other future work • Monitoring multiple applications on multiple cores • Monitoring of other behavioral aspects (e.g., Memory, I/O) • Multi-dimensional monitoring SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Thank you SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems