POWERALERT: Integrity checking using power measurement and a Game-Theoretic strategy

Ahmed M. Fawaz, Mohammad A. Noureddine, William H. Sanders

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We propose POWERALERT, an efficient external integrity checker for untrusted hosts. Current attestation systems suffer from shortcomings, including requiring a complete checksum of the code segment, from being static, use of timing information sourced from the untrusted machine, or using imprecise timing information such as network round-trip time. We address those shortcomings by (1) using power measurements from the host to ensure that the checking code is executed and (2) checking a subset of the kernel space over an extended period. We compare the power measurement against a learned power model of the execution of the machine and validate that the execution was not tampered. Finally, POWERALERT randomizes the integrity checking program to prevent the attacker from adapting. We model the interaction between POWERALERT and an attacker as a time-continuous game. The Nash equilibrium strategy of the game shows that POWERALERT has two optimal strategy choices: (1) aggressive checking that forces the attacker into hiding, or (2) slow checking that minimizes cost. We implement a prototype of POWERALERT using Raspberry Pi and evaluate the performance of the integrity checking program generation.

Original languageEnglish (US)
Title of host publicationProceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages514-525
Number of pages12
ISBN (Electronic)9781538655955
DOIs
StatePublished - Jul 19 2018
Event48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018 - Luxembourg City, Luxembourg
Duration: Jun 25 2018Jun 28 2018

Publication series

NameProceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018

Other

Other48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018
CountryLuxembourg
CityLuxembourg City
Period6/25/186/28/18

Fingerprint

Costs

Keywords

  • attestation
  • game theory
  • integrity checking
  • power attestation

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications
  • Hardware and Architecture
  • Energy Engineering and Power Technology

Cite this

Fawaz, A. M., Noureddine, M. A., & Sanders, W. H. (2018). POWERALERT: Integrity checking using power measurement and a Game-Theoretic strategy. In Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018 (pp. 514-525). [8416511] (Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/DSN.2018.00059

POWERALERT : Integrity checking using power measurement and a Game-Theoretic strategy. / Fawaz, Ahmed M.; Noureddine, Mohammad A.; Sanders, William H.

Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018. Institute of Electrical and Electronics Engineers Inc., 2018. p. 514-525 8416511 (Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Fawaz, AM, Noureddine, MA & Sanders, WH 2018, POWERALERT: Integrity checking using power measurement and a Game-Theoretic strategy. in Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018., 8416511, Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018, Institute of Electrical and Electronics Engineers Inc., pp. 514-525, 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018, Luxembourg City, Luxembourg, 6/25/18. https://doi.org/10.1109/DSN.2018.00059
Fawaz AM, Noureddine MA, Sanders WH. POWERALERT: Integrity checking using power measurement and a Game-Theoretic strategy. In Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018. Institute of Electrical and Electronics Engineers Inc. 2018. p. 514-525. 8416511. (Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018). https://doi.org/10.1109/DSN.2018.00059
Fawaz, Ahmed M. ; Noureddine, Mohammad A. ; Sanders, William H. / POWERALERT : Integrity checking using power measurement and a Game-Theoretic strategy. Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018. Institute of Electrical and Electronics Engineers Inc., 2018. pp. 514-525 (Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018).
@inproceedings{7f7b2c9486384fd68e175835fe3abe9a,
title = "POWERALERT: Integrity checking using power measurement and a Game-Theoretic strategy",
abstract = "We propose POWERALERT, an efficient external integrity checker for untrusted hosts. Current attestation systems suffer from shortcomings, including requiring a complete checksum of the code segment, from being static, use of timing information sourced from the untrusted machine, or using imprecise timing information such as network round-trip time. We address those shortcomings by (1) using power measurements from the host to ensure that the checking code is executed and (2) checking a subset of the kernel space over an extended period. We compare the power measurement against a learned power model of the execution of the machine and validate that the execution was not tampered. Finally, POWERALERT randomizes the integrity checking program to prevent the attacker from adapting. We model the interaction between POWERALERT and an attacker as a time-continuous game. The Nash equilibrium strategy of the game shows that POWERALERT has two optimal strategy choices: (1) aggressive checking that forces the attacker into hiding, or (2) slow checking that minimizes cost. We implement a prototype of POWERALERT using Raspberry Pi and evaluate the performance of the integrity checking program generation.",
keywords = "attestation, game theory, integrity checking, power attestation",
author = "Fawaz, {Ahmed M.} and Noureddine, {Mohammad A.} and Sanders, {William H.}",
year = "2018",
month = "7",
day = "19",
doi = "10.1109/DSN.2018.00059",
language = "English (US)",
series = "Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "514--525",
booktitle = "Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018",
address = "United States",

}

TY - GEN

T1 - POWERALERT

T2 - Integrity checking using power measurement and a Game-Theoretic strategy

AU - Fawaz, Ahmed M.

AU - Noureddine, Mohammad A.

AU - Sanders, William H.

PY - 2018/7/19

Y1 - 2018/7/19

N2 - We propose POWERALERT, an efficient external integrity checker for untrusted hosts. Current attestation systems suffer from shortcomings, including requiring a complete checksum of the code segment, from being static, use of timing information sourced from the untrusted machine, or using imprecise timing information such as network round-trip time. We address those shortcomings by (1) using power measurements from the host to ensure that the checking code is executed and (2) checking a subset of the kernel space over an extended period. We compare the power measurement against a learned power model of the execution of the machine and validate that the execution was not tampered. Finally, POWERALERT randomizes the integrity checking program to prevent the attacker from adapting. We model the interaction between POWERALERT and an attacker as a time-continuous game. The Nash equilibrium strategy of the game shows that POWERALERT has two optimal strategy choices: (1) aggressive checking that forces the attacker into hiding, or (2) slow checking that minimizes cost. We implement a prototype of POWERALERT using Raspberry Pi and evaluate the performance of the integrity checking program generation.

AB - We propose POWERALERT, an efficient external integrity checker for untrusted hosts. Current attestation systems suffer from shortcomings, including requiring a complete checksum of the code segment, from being static, use of timing information sourced from the untrusted machine, or using imprecise timing information such as network round-trip time. We address those shortcomings by (1) using power measurements from the host to ensure that the checking code is executed and (2) checking a subset of the kernel space over an extended period. We compare the power measurement against a learned power model of the execution of the machine and validate that the execution was not tampered. Finally, POWERALERT randomizes the integrity checking program to prevent the attacker from adapting. We model the interaction between POWERALERT and an attacker as a time-continuous game. The Nash equilibrium strategy of the game shows that POWERALERT has two optimal strategy choices: (1) aggressive checking that forces the attacker into hiding, or (2) slow checking that minimizes cost. We implement a prototype of POWERALERT using Raspberry Pi and evaluate the performance of the integrity checking program generation.

KW - attestation

KW - game theory

KW - integrity checking

KW - power attestation

UR - http://www.scopus.com/inward/record.url?scp=85051080305&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85051080305&partnerID=8YFLogxK

U2 - 10.1109/DSN.2018.00059

DO - 10.1109/DSN.2018.00059

M3 - Conference contribution

AN - SCOPUS:85051080305

T3 - Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018

SP - 514

EP - 525

BT - Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018

PB - Institute of Electrical and Electronics Engineers Inc.

ER -