POWERALERT: Integrity checking using power measurement and a Game-Theoretic strategy

Ahmed M. Fawaz, Mohammad A. Noureddine, William H. Sanders

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We propose POWERALERT, an efficient external integrity checker for untrusted hosts. Current attestation systems suffer from shortcomings, including requiring a complete checksum of the code segment, from being static, use of timing information sourced from the untrusted machine, or using imprecise timing information such as network round-trip time. We address those shortcomings by (1) using power measurements from the host to ensure that the checking code is executed and (2) checking a subset of the kernel space over an extended period. We compare the power measurement against a learned power model of the execution of the machine and validate that the execution was not tampered. Finally, POWERALERT randomizes the integrity checking program to prevent the attacker from adapting. We model the interaction between POWERALERT and an attacker as a time-continuous game. The Nash equilibrium strategy of the game shows that POWERALERT has two optimal strategy choices: (1) aggressive checking that forces the attacker into hiding, or (2) slow checking that minimizes cost. We implement a prototype of POWERALERT using Raspberry Pi and evaluate the performance of the integrity checking program generation.

Original languageEnglish (US)
Title of host publicationProceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages514-525
Number of pages12
ISBN (Electronic)9781538655955
DOIs
StatePublished - Jul 19 2018
Event48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018 - Luxembourg City, Luxembourg
Duration: Jun 25 2018Jun 28 2018

Publication series

NameProceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018

Other

Other48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018
CountryLuxembourg
CityLuxembourg City
Period6/25/186/28/18

Keywords

  • attestation
  • game theory
  • integrity checking
  • power attestation

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications
  • Hardware and Architecture
  • Energy Engineering and Power Technology

Fingerprint Dive into the research topics of 'POWERALERT: Integrity checking using power measurement and a Game-Theoretic strategy'. Together they form a unique fingerprint.

  • Cite this

    Fawaz, A. M., Noureddine, M. A., & Sanders, W. H. (2018). POWERALERT: Integrity checking using power measurement and a Game-Theoretic strategy. In Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018 (pp. 514-525). [8416511] (Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/DSN.2018.00059