protecting 5g systems using side- channel information
TRANSCRIPT
Protecting 5G Systems Using Side-Channel Information
NSF Workshop on Next-G Security
Oct 15th, 2020
Some Background Info.
• PFP Cybersecurity is a spin-off of Wireless@VT• Use side channels (e.g., power, EM, heat, …) to
validate hardware and software.• Started from research in validating software to a
hardware radio platform • All systems (small or large) use power and
malware or Trojans can’t escape from using power.• Initial seed funding though NSF SBIR and STTR
Program, Phase I and Phase II. • Biggest hurdle – think non-traditional physical
cybersecurity to those in the field.
2
THANK YOU NSF !
General Approach
• Signal detection/classification/anomaly detection of analog signals (side-channels).• Baseline characterization from “gold product” or crowd-sourcing
• New application is for malware and hardware Trojan detection (supply chain).
33
t
s(t)
Unauthorized/Unexpected execution cause side-channel patterns to deviate from Baselines
MeasuredBaseline
Clock cycle
PFP Side-Channel Patterns
DUT
DCPower
+V
EMI
PFP Zero Trust Monitoring: Supply Chain Screening and Cyber Kill Chain DisruptionSupply Chain Screening• Detect counterfeit/banned
hardware and firmware tampering
Operational Monitoring• Detect stealth attacks in
machine time and disrupt the attack cyber kill chain
PFP Cybersecurity Company Proprietary 4
Attacker exploits Faulty API – Authentication bypass
Exploit Buffer Overflow to gain access to the router
Break network isolation
Modify PLC logic, which also spoofs the HMI
1
2
3
4
PFP Real-time detection results: Independent PFP monitors detect the individual intrusions and track adversary’s lateral movements
1
2 3
4
IP Camera
Router
PLC
HW Trojan Detection in Xilinx FPGA• DC Current Sensor and Keysight
Digitizer• Time/Frequency Feature Extraction• Bayes Classifier
Server BMC Firmware Tamper Detection• Loading additional modules at boot• EM Sensor and pMon 751• Envelope Analysis and HOS features
Normal
Dormant
ActiveIntrusion Detection & Adversary Lateral Movements Tracking
• Adversary moves from one target to the next• Each device being monitored real-time by PFP (EM and DC)
Cyber Kill Chain/Lateral Movement Attack Description
Router
IP Camera
PLC
HMI
DMZ
pMon751
pMon751
pMon751
Attacker
1
2
3
4
Attacker exploits Faulty API – Authentication bypass
Exploit Buffer Overflow to gain access
Three-Stage- Attack to break network Isolation
Bingo! Modify PLC logic, which spoofs the HMI
Attackers Goal: re-program PLC on the Industrial network
PFP P3Scan
Alerts to SIEM
Target System Network
PFP Monitoring Network
5
Real-time Cyber Kill Chain Tracking in Critical Infrastructure
• Simultaneously monitor multiple devices in a critical infrastructure setup and detect attacks in real time to track adversaries’ lateral movement.
Attacker exploits Faulty API –Authentication bypass
Exploit Buffer Overflow to gain access to the router
Break network isolation
Modify PLC logic, which also spoofs the HMI
1
2
3
4
PFP Real-time detection results: Independent PFP monitors detect the individual intrusions and track adversary’s lateral movements
1
2 3
4
IP Camera
Router
PLC
6
General thoughts
• Some tough problems.• Security for low power and cheap IoT devices.• Physical layer disruption for mission critical systems.• Knowing the integrity of the hardware/software.• Recognizing zero-day attacks• Insuring integrity of the encryption.• Certificate management.
• 6G will be AI centric• Starts with 5G, but outsanding issues.• Assuring integrity of AI – lots of issues with security and validation.
• We need to “think out of the box”
PFP Cybersecurity Company Proprietary 7
Backup Slides
PFP Cybersecurity Company Proprietary 8
Supermicro Server Attack: Exploiting BMC to Install Backdoor
PFP Cybersecurity Company Proprietary 9
Broad Attack Surface in a Server – Bare Metal
• Adversaries target much more than CPUs• Several bare metal
components difficult to protect• Hidden
memory/processors can be used to launch attacks on the main CPU or Exfiltrate information as covert channels
PFP Cybersecurity Company Proprietary 10
Evaluation Attack on Supermicro X10 Motherboard -> used in SWFTS TI20
Step by step attack break down:
• Attacker modifies BMC firmware to enable ssh• Attacker accesses BMC over SSH using IPMI
network with admin credentials• Attacker exploits SSH service to run payload on
BMC ARM core• Payload uses X-DMA to find kernel code
memory• Payload uses X-DMA to inject shellcode into the
kernel code• Kernel shellcode runs Python with a backdoor
command• Python backdoor connects back to the attacker,
providing a shell
11
IPMI NIC -> BMC CPU -> PCIe bus -> CPU
Instrumenting Server BMC with EM Probe
PFP Cybersecurity Company Proprietary 12
Complete Demo Block Diagram
PFP Cybersecurity Company Proprietary 13
Supermicro X10 Server
Analog(LNA & LPF)*
pMon 751P2Scan Host Computer
Syslog Notifications
Isolated Network
AttackerSyslog Server
BMC
EM Sensor
*Low-Noise Amplifier (LNA)Low-Pass Filter (LPF)
Supermicro Server
BMC attack’s three steps: 1) load a modified firmware, 2) use X-DMA to inject shellcode in CPU kernel, 3) install backdoor
Supermicro Server
BMC Attack Description
14
Use Supermicro web interface
tools
Step 1: Modifies BMC firmware• Modifies BMC firmware to enable ssh
o This process is done on a Local PCo Enable ssh then copy over the Backdoor
exploit• The modified BMC code is updated on the BMC
using Supermicro web interface tools on the Local PC
Exploit ssh to run payload on BMC
ARM CPU.
Step 2: Run exploit script on Local PC • PFP runs exploit.sh on Local PC• Exploit.sh copies payload from the Local PC to
BMC (using ssh) and executes the payload on the BMC.
• Payload uses X-DMA to inject shellcode into the kernel code
PFP Cybersecurity Company Proprietary
Step 3: Install Backdoor • Kernel shellcode runs Python with a backdoor
command• Python backdoor connects back to the
attacker, providing a shell
X-DMA ExploitSSH Run exploit.sh uses ssh enabled BMC
code to copy payload to BMC.
Back Door
Supermicro Server
BMC Attack 1st Stage Detection: Firmware Implant
15
Normal BootTampered Boot (SSH)
EM Envelope Analysis
RMS
Enve
lope
(EM
Sig
nal)
Sample Index
BMC Attack 2nd Stage Detection: X-DMA Exploit
PFP Cybersecurity Company Proprietary 16
Cybersecurity in 5G Mission-Critical Systems
• Traditional solutions are inadequate for emerging threats• Beyond desktops – control, weapons,
and navigation systems are at risk,
• Untrusted supply chain –hardware/firmware tampering• Software only solutions cannot
reliably detect HW tamper
• Zero-Trust requires independent assessment/verification for security
17
Unintended Emissions and Machine Learning: Independent Assessment and Zero Trust
• Side channels, e.g. power behavior or electromagnetic emissions, used to perform nondestructive, unobtrusive evaluation of 5G systems to assess the integrity of hardware/firmware and detect tampering• Support Zero Trust Architecture with independent monitoring
18
t
s(t)
Unauthorized/Unexpected execution cause side-channel patterns to deviate from Baselines
MeasuredBaseline
Clock cycle
PFP Side-Channel Patterns
DUT
DCPower
+V
EMI
Other Examples
PFP Cybersecurity Company Proprietary 19
PLC Control Flow Tracking
©2020 Power Fingerprinting Inc. Distribution authorized to U.S. Government Agencies only. Other requests for this document shall be referred to DARPA
20
History: Minimum Sensitivity Evaluation
• Introduce the smallest possible execution deviation (one bit)
©2020 Power Fingerprinting Inc. Distribution authorized to U.S. Government Agencies only. Other requests for this document shall be referred to DARPA
21
//Target code infinite loopwhile(1){
//Restart TIM0//Trigger
_asmnopiorwf j, 0, 0 //w = 0fandlw 0x00 //w = 00movf j, 0, 0 //w = 0fandlw 0x00 //w = 00movf k, 0, 0 //Change k 1 bitmovlw 0x00 //w = 00xorwf j, 0, 0 //w = 0fmovlw 0x00 //w = 00iorwf j, 0, 0 //w = 0fxorlw 0x00 //w = 00nop... x 10nop
_endasm}
0 200 400 600 800 1000 1200 1400
-0.02
-0.01
0
0.01
0.02
0.03
0.04
Signature Sample Index
Inst
anta
nous
Cur
rent
Dra
in
Averaged Signature Traces (Base and Alternative Executions)
Base executionAlt (-1 bit transition)
500 550 600 650 700 750 800 850
-0.02
-0.01
0
0.01
0.02
0.03
0.04
Signature Sample Index
Inst
anta
nous
Cur
rent
Dra
in
Averaged Signature Traces (Base and Alternative Executions)
Base executionAlt (-1 bit transition)
0 0.002 0.004 0.006 0.008 0.01 0.0120
50
100
150
200
250
300
350
400
450
Inst
ance
cou
nt
Euclidean distance to base signature
Euclidean Distance PCA (All instructions)
BaseModified
0 1 2 3
x 10-4
0
100
200
300
400
500
600
Inst
ance
cou
nt
Euclidean distance to base signature
Euclidean Distance LDA
BaseModified
3rd Party Evaluation Samsung Galaxy S5
• Disabling App Signature Verifications
22
UAV Flight Computer 3rd Party Blind Evaluation
PFP Features ROC Curve
23
Partner Boot execution
Switch to emergency boot Periodically
fetch network code
FPGA Hardware Trojan Detection Details
PFP Cybersecurity Company Proprietary 24
Target and Measurement Setup
PFP Cybersecurity Company Proprietary 25
Digitizer: Keysight CX3300
Target: Xilinx Spartan 3e FPGA 4-Bit Counter
LEDs
Encond_1
Tamper: Emulated backdoor• Invert output only when cond_1 is true
PFP VOM HW Trojan Detection Results
PFP Cybersecurity Company Proprietary 26