IDEA: Intrusion Detection through Electromagnetic-Signal Analysis for Critical Embedded and Cyber-Physical Systems

Haider Adnan Khan, Nader Sehatbakhsh, Luong N. Nguyen, Robert L. Callan, Arie Yeredor, Milos Prvulovic, Alenka Zajic*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

23 Scopus citations

Abstract

We propose a novel framework called IDEA that exploits electromagnetic (EM) side-channel signals to detect malicious activity on embedded and cyber-physical systems (CPS). IDEA first records EM emanations from an uncompromised reference device to establish a baseline of reference EM patterns. IDEA then monitors the target device's EM emanations. When the observed EM emanations deviate from the reference patterns, IDEA reports this as an anomalous or malicious activity. IDEA does not require any resource or infrastructure on, or any modification to, the monitored system itself. In fact, IDEA is isolated from the target device, and monitors the device without any physical contact. We evaluate IDEA by monitoring the target device while it is executing embedded applications with malicious code injections such as Distributed Denial of Service (DDoS), Ransomware and code modification. We further implement a control-flow hijack attack, an advanced persistent threat, and a firmware modification on three CPSs: an embedded medical device called SyringePump, an industrial Proportional-Integral-Derivative (PID) Controller, and a Robotic Arm, using a popular embedded system, Arduino UNO. The results demonstrate that IDEA can detect different attacks with excellent accuracy (AUC > 99.5%, and 100 percent detection with less than 1 percent false positives) from distances up to 3 m.

Original languageEnglish
Article number8786207
Pages (from-to)1150-1163
Number of pages14
JournalIEEE Transactions on Dependable and Secure Computing
Volume18
Issue number3
DOIs
StatePublished - 1 May 2021

Funding

FundersFunder number
National Science Foundation1563991
Defense Advanced Research Projects AgencyFA8650-16-C-7620

    Keywords

    • Electromagnetic emanations
    • electromagnetic side-channel
    • malware detection
    • security of cyber-physical systems
    • side-channel signal analysis

    Fingerprint

    Dive into the research topics of 'IDEA: Intrusion Detection through Electromagnetic-Signal Analysis for Critical Embedded and Cyber-Physical Systems'. Together they form a unique fingerprint.

    Cite this