Research On Device Security Based On Electromagnetic Radiation Characteristics

The importance of information security is increasing,and the upper layers of information systems are increasingly dependent on and trust the underlying firmware and hardware.Any hardware vulnerability underlying the information system can seriously reduce its security,so the need to implement better security at the physical layer of the hardware is becoming more apparent in order to ensure information security.With the development of more sophisticated and cheaper measuring equipment,the electromagnetic characteristics of the external radiation when the chip is working,the advanced attack threat to the physical layer has been extended from military and government to commercial products,which is a major security problem that cannot be ignored.With the rapid development of the Internet and chip technologies,various embedded intelligent electronic devices,software,sensors,and execution components are interconnected through a network,so that data can be easily exchanged with each other.After more than 20 years of development,while these smart devices have penetrated people's production and life,security risks have also appeared frequently.The security issues faced by embedded devices are more complex than traditional information security.They often fail to run overly complex protection systems due to the power consumption,functionality,and volume constraints.The physical layer security of these devices has become the focus of research information systems.The smart device security protection mechanism is relatively weak,and in the current situation,it is impossible to ensure the security,availability and reliability of the system during operation.Based on the physical characteristics of electromagnetic radiation,this dissertation studies the leakage of electromagnetic radiation data from switching power supply,the detection of abnormal behavior of embedded devices and continuous authentication from the bottom of hardware equipment.For computer systems containing confidential data,the existing protection scheme adopts a physical network isolation method to cut all suspicious connections by means of “physical isolation”.However,these isolation methods neglect the important device of switching power supply.Switching power supply is an essential power supply device for computer systems.The most important feature of switching power supply is that it can work in full-on and full-off switching states,and can emit some high amplitude,high frequency energy electromagnetic radiation.The electromagnetic radiation signal generated by the switching power supply can be used as a covert channel for leaking secret data.In this dissertation,the attacking problem of the covert channel of the switching power supply is studied.A proof of concept project,Powermitter,is proposed.The covert power channel can be established through the power adapter of the computing node to secretly transmit data to the external device.After establishing a covert communication channel for the electromagnetic radiation generated by the switching power supply,we further considers the information security problem brought about by electromagnetic radiation.The electromagnetic radiation is not only present in a single device such as a switching power supply.This phenomenon is common in various electronic devices.In this dissertation,the phenomenon of switching power supply radiation frequency variation caused by CPU load fluctuations is extended to the field of embedded chips,and it is found that the variation of the chip radiation spectrum will also follow the load variation of the main chip.We consider the correspondence between chip code behavior and radiation from the perspective of defense.We use support vector machine algorithm to classify chip radiation,which achieves the purpose of abnormal detection.The traditional security mechanism based on intrusion detection has limitations when applied to embedded devices.This dissertation proposes an embedded device based on chip radiation for the characteristics of limited resources of embedded devices,heterogeneous systems and high real-time requirements.By analyzing the chip radiant energy sequence of a given time window,it is judged whether it is an abnormal behavior.This is a non-intrusive detection method based on the physical characteristics of the radiant energy of the chip at work,universal,independent of the hardware architecture,and not limited to the operating system,and the embedded device is unpredictable for the detection process.It cannot be falsified or denied.After the completion of the chip-based anomaly detection research,this dissertation based on the LSTM neural network to determine the fine-grained working state of the chip,and achieve the purpose of continuous authentication of embedded devices.The identity authentication problem of embedded devices is related to the security of all devices connected to the system.The traditional authentication method is only verified at the time of login,which has great security risks for embedded devices that are unattended for long-term operation.In view of the “legality” verification problem of embedded devices in the running process,we propose the PATRIo T(Persistent Authentication Through Radiation of Io T)continuous authentication scheme.On the basis of the previous work of CREBAD,the electromagnetic radiation generated by the main chip of the device is analyzed more finely,and the working mode of the embedded device can be described in multiple dimensions and fine-grained.In summary,aiming at the security problems faced by Io T devices,we take the electromagnetic radiation characteristics of the physical layer of the device as the starting point from the attack and defense aspects,and conducts security research on the Io T devices.Firstly,from the perspective of attack,the physical isolation security of key devices was evaluated and the vulnerability was discovered.Then,from the perspective of defense,while it is difficult to detect the anomaly of embedded devices,an anomaly detection scheme based on electromagnetic radiation characteristics is proposed.For the problem of lack of continuous identity authentication for embedded devices,a finegrained electromagnetic based persistent authentication scheme is proposed.This dissertation gives corresponding solutions to the security and privacy issues faced by the security,availability and reliability of key devices.It provides useful theoretical support for the security assessment and protection of Io T devices.