TRUSTGUARD: STANDALONE FPGA-BASED SECURITY MONITORING THROUGH POWER SIDE-CHANNEL

Abstract

The Internet-of-Thing (IoT) era inspires a surge of networked embedded devices in the real world. However, cyber-attacks such as malware intrusions pose severe concerns about the security of the entire IoT space by hijacking the devices, altering the application’s execution, and/or causing a denial of services. Traditional operating-system-level and built-in hardware detection solutions either induce drastic performance degradation or incur high overhead to the system, failing to provide protection in a timely and affordable fashion. On the other hand, external side-channel-based security monitoring becomes an attractive scheme for addressing the dilemma because the observable physical properties of a running electronic device, such as power consumption and electromagnetic (EM) emanations, can deliver a good amount of information for the underlying operations. In this article, we present TrustGuard, a standalone security monitoring framework integrating both power side-channel capturing and machine learning (ML)-based malware detection capabilities on the same field-programmable gate array (FPGA) fabric. We eliminate the need for dedicated sampling equipment like an oscilloscope with an ON-chip configurable sensor FPGA analog-to-digital converter (ADC) and enable agile prototyping of ML accelerator for attack detection through the high-level synthesis (HLS) technique. We deploy the outcome hardware sensor and security monitor on the Xilinx ZCU104 platform to target the prevalent BeagleBone Black (BBB) board by profiling the behaviors of uncompromised benchmark applications and discovering the anomalies introduced by the attack vectors, including malware infections, code injection, and code reuse. The experimental results demonstrate the performance and effectiveness of TrustGuard by achieving more than 90% malware detection accuracy.

Let's Talk