SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems Man-Ki Yoon, Sibin Mohan, Jaesik Choi, Jung-Eun Kim, Lui Sha Dept. of Computer Science, UIUC Information Trust Institute, UIUC Lawrence Berkeley National Lab Apr 9 th , 2013
26
Embed
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems Man-Ki Yoon, Sibin Mohan, Jaesik Choi, Jung-Eun Kim, Lui.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded SystemsMan-Ki Yoon, Sibin Mohan, Jaesik Choi, Jung-Eun Kim, Lui
Sha
Dept. of Computer Science, UIUCInformation Trust Institute, UIUC Lawrence Berkeley National Lab
Apr 9th, 2013
2
Rethinking Real-Time Embedded System Security
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Increased Capability
More Networked
Open, Standard Platform
More Vulnerable to
Security Attacks
3SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded
Systems
SecureCore Architecture
Intrusion Detection, not prevention•Most critical component: control application•System recovery upon detection
Behavior monitoring•Predictable timing behaviors of real-time apps•Profile using statistical learning
Multicore-based core-to-core monitoring•On-chip HW for processor state inspection•Hypervisor-based protection/isolation
SecureCore Architecture
4
Rest of the Talk
• System and Application Model• Timing-based Intrusion Detection (Overview)• SecureCore
• Implementation and Evaluation• Limitations and Future Work
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
5
• Multicore-based Real-Time Control System
System and Application Model
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Physical plant
Time
Controller
Sensor data
Sensor data
Actuation cmd
Actuation cmd
Threat Model: Malicious code execution• Embedded in the control code• Activated after system initialization
• Irrelevant how it gained entry
SecureCore MonitoredCore
SecureCore Architecture
6
Timing-Based Intrusion Detection
• Idea: Deterministic timing of real-time applications – Any malicious activity consumes finite time to execute– Deviation from expected timing → Suspicious!
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Block 1
Block 2
Block 3
Block 4 Block 5
Block 6
𝒆𝟏
𝒆𝟐
𝒆𝟑
𝒆𝟒 𝒆𝟓
𝒆𝟔
Malicious Code
𝑒3∗≠𝑒3
Observed Legitimate
7
Timing-Based Intrusion Detection
• Idea: Deterministic timing of real-time applications – Any malicious activity consumes finite time to execute– Deviation from expected timing → Suspicious!
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Block 1
Block 2
Block 3
Block 4 Block 5
Block 6
𝑒1
𝑒2
𝑒3
𝑒4 𝑒5
𝑒6
𝑒6∨ h𝑝𝑎𝑡 1=3𝑚𝑠𝑒6∨ h𝑝𝑎𝑡 2=7𝑚𝑠𝑒6∨ h𝑝𝑎𝑡 3=5𝑚𝑠
𝑒6∨ h𝑝𝑎𝑡 2 , 𝑖𝑛𝑝𝑢𝑡 𝑋=7𝑚𝑠
𝑒6∨ h𝑝𝑎𝑡 2 , 𝑖𝑛𝑝𝑢𝑡𝑌=9𝑚𝑠
𝑒6∨ h𝑝𝑎𝑡 2 , 𝑖𝑛𝑝𝑢𝑡 𝑋=?𝑚𝑠
Execution time variations
Controlflow path Input values
System effects(e.g., shared
resource)
8
Timing-Based Intrusion Detection
• Idea: Deterministic timing of real-time applications – Any malicious activity consumes finite time to execute– Deviation from expected timing → Suspicious!
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Block 1
Block 2
Block 3
Block 4 Block 5
Block 6
𝑒1
𝑒2
𝑒3
𝑒4 𝑒5
𝑒6
𝑒6∨ h𝑝𝑎𝑡 1=3𝑚𝑠𝑒6∨ h𝑝𝑎𝑡 2=7𝑚𝑠𝑒6∨ h𝑝𝑎𝑡 3=5𝑚𝑠
𝑒6∨ h𝑝𝑎𝑡 2 , 𝑖𝑛𝑝𝑢𝑡 𝑋=3𝑚𝑠
𝑒6∨ h𝑝𝑎𝑡 2 , 𝑖𝑛𝑝𝑢𝑡𝑌=2𝑚𝑠
𝑒6∨ h𝑝𝑎𝑡 2 , 𝑖𝑛𝑝𝑢𝑡 𝑋=?𝑚𝑠
Execution time variations
Controlflow path Input values
System effects(e.g., shared
resource)• Profile probabilistic execution time model
• Estimate Prob(e*)• Capture even legitimate variations
Statistical learning-based profiling/detection
272000 274000 276000 278000 280000 2820000.0000
0.0002
0.0004
0.0006
0.0008
0.0010
0.0012
0.0014
0.0016
0.0018
0.0020
Execution Time
Prob
. Den
sity
9
Outline
• System and Application Models• Timing-based Intrusion Detection (Overview)• SecureCore
- PID registration for preventing traces from being forged - BA: Base Address ( = PC of INST_REG_PID)- Read Timestamp and Program Counter from the processor registers- Addri = BA – PCi (i.e., relative address from BA)
14
Raw Traces
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
Block 1
Block 2
Block 3
Block 4 Block 5
Block 6
INST_TRACE
INST_TRACE
INST_TRACE
INST_TRACE
INST_TRACE INST_TRACE
INST_TRACE
Addr1
Addr2
Addr3
Addr4
Addr6Addr5
Addr7
(Addr1, t5)
(Addr2, t6)
(Addr4, t7)
(Addr6, t8)
(Addr7, t9)
(Addr1, t10)
(Addr2, t11)
(Addr4, t12)
(Addr5, t13)
(Addr7, t14)…
(Addr1, t1)
(Addr3, t3)
(Addr7, t4)
(Addr2, t2)
15
Trace Tree
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
(Addr1, t5)
(Addr2, t6)
(Addr4, t7)
(Addr6, t8)
(Addr7, t9)
(Addr1, t10)
(Addr2, t11)
(Addr4, t12)
(Addr5, t13)
(Addr7, t14)…
(Addr1, t1)
(Addr3, t3)
(Addr7, t4)
(Addr2, t2)Addr1
Addr3
Addr2
Addr7
Blo
ck 1
Blo
ck 2
Blo
ck 6
Addr4
Addr5
Addr7
Blo
ck 6
Blo
ck 4
Addr2
Addr6
Addr7
Addr4
Blo
ck 6
Blo
ck 3
Blo
ck 5
t2-t1
t3- t2
t4- t3
t6-t5
t11-t10
t7-t6
t12-t11
t13-t12
t9-t8
t8-t7
t14-t13
…… …
…
… ……
Same execution block, but on
different paths.
Each has its own timing profile
From a trace tree, we can get• Execution time samples (each node)• Legitimate execution flows
16
Timing Profile
• What is a good estimation of execution times?– Min & max, mean, …
• Not representative• Cannot capture variations well
– Probabilistic timing model• Estimate the likelihoods of execution times!
– Probability distribution• Parametric vs. Non-parametric distribution
– Unknown shape
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
17
(Fig
ure
is fr
om C
SCE
666
Patt
ern
Anal
ysis
by
Rica
rdo
Guti
erre
z-O
suna
at T
AMU
)
Example
Execution Time Profile Using Kernel Density Estimation (KDE)
• Non-parametric Probability Density Function Estimation
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
1
2
3
1. Given samples of execution times
2. Draw scaled distribution at each sample point
3. Sum them up
- Kernel & bandwidth affect shape and smoothness- Gaussian kernel
Estimated pdf
Kernel function
Bandwidth (Smoothing constant)
18
Intrusion Detection Using Timing Profiles
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
272000 274000 276000 278000 280000 2820000.0000
0.0002
0.0004
0.0006
0.0008
0.0010
0.0012
0.0014
0.0016
0.0018
0.0020
Execution Time
Prob
. Den
sity
PDF of the Execution Time of an example block
Highly likely
Multiple peaks: different inputs or system effects
How much deviation should we consider malicious?
Threshold test
Prob(𝑒¿¿∗)<𝜽 ¿Prob(𝑒¿¿∗)≥ 𝜽 ¿
Malicious
Legitimate
•E.g., or
•At least of measurements were close to
19
Summary of Timing-Based Intrusion Detection
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
ComplexController
SecureMonitor
Monitored Core Secure CoreTimingTrace
Module
ScratchPad
Memory
Addr1
Addr3
Addr2
Addr7
Blo
ck 1
Blo
ck 2
Blo
ck 6
Addr4
Addr5
Addr7
Blo
ck 6
Blo
ck 4
Addr2
Addr6
Addr7
Addr4
Blo
ck 6
Blo
ck 3
Blo
ck 5
[Profile]
Block 1
Block 2
Block 3
Block 4
Block 5
Block 6
[Run-time Execution]
(Addr1, ti)
(Addr2, ti+1)
(Addr4, ti+2)
(Addr6, ti+3)
(Addr7, ti+4)
Trace
Traverse andcheck
20
Outline
• System and Application Models• Timing-based Intrusion Detection (Overview)• SecureCore
• Activated when the cart passes +0.7 m• Execute randomly thereafter
• Loop execution• Sends old actuation cmd
Timing Profile• ~10,000 runs (no malicious code activation)• ‘ksdensity’ (Matlab) for Gaussian KDE
• Total exec time: 850,000 ~ 1,200,000 cycles (~1ms)• Control period: 10 ms
23
Early Detection
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
0 5 10 15 20 25 300
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
1.1
1.2
Time (sec)
Car
t pos
ition
(m
eter
)
No attack
(1%)Loop count: 3 ( ~ 720 cycles)
0 5 10 15 20 25 300
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
1.1
1.2
Time (sec)
Car
t pos
ition
(m
eter
)
No attack
No protection
Attack activated
0 5 10 15 20 25 300
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
1.1
1.2
Time (sec)
Car
t pos
ition
(m
eter
)
No attack
No protection
Simplex only
Attack activated
0 5 10 15 20 25 300
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
1.1
1.2
Time (sec)
Car
t pos
ition
(m
eter
)
No attack
No protection
Simplex only
Our methodAttack activated
24
Intrusion Detection Accuracy
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
• Criteria: False prediction rates– False positive: predict “malicious” when not– False negative: fail to detect a real attack
PredictedReal
1/1024 (0.10%)
7/1015 (0.69%)
1 loop 3 loops 5 loops
827/1022 (81%) 574/1046 (55%) 130/1098 (12%)
578/1050 (55%) 117/1011 (12%) 0/1024 (0%)
False positive rates False negative rates
Trade off: Low ? High ?
Detect well More false alarms
Miss often Fewer false alarms272000 274000 276000 278000 280000 282000
Execution Time
Prob
abili
ty
Low
High
25
Limitations and Future Work
• Limitations– Low detection accuracy for short malicious code
→ More deterministic execution
– Still high false positive→ Long-term monitoring
• Other future work– Monitoring multiple applications on multiple cores– Monitoring of other behavioral aspects (e.g., Memory, I/O)– Multi-dimensional monitoring
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems
26
Thank you
SecureCore: A Multicore-based Intrusion Detection Architecture for Real-Time Embedded Systems