Using Power Fingerprinting (PFP) to Monitor the Integrity and Enhance Security of Computer Based Systems
0 Assignments
0 Petitions
Accused Products
Abstract
Procedures are described for enhancing target system execution integrity determined by power fingerprinting (PFP): by integrating PFP into the detection phase of comprehensive defense-in-depth security; by deploying a network of PFP enabled nodes executing untrusted devices with predefined inputs forcing a specific state sequence and specific software execution; by embedding module identification information into synchronization signaling; by combining signals from different board elements; by using malware signatures to enhance PFP performance; by automatic characterization and signature extraction; by providing secure signature updates; by protecting against side-channel attacks; performing real-time integrity assessment in embedded platform by monitoring their dynamic power consumption and comparing it against signatures from trusted code, including pre-characterizing power consumption of the platform by concentrating on trace sections carrying the most information about the internal execution status; by using PFP from sequence of bit transitions to detect deviations from authorized execution of software in a digital processor.
-
Citations
33 Claims
-
1-13. -13. (canceled)
-
14. A method, comprising:
-
receiving a signal representing power consumption of a first electronic device during operation associated with authorized code; identifying a portion of the signal corresponding to a user-inserted marker associated with the authorized code, the portion of the signal being associated with a signature portion from a signature that was generated from a second electronic device during operation associated with the pre-defined code and associated with the user-inserted marker; and synchronizing the portion of the signal with the signature portion based on the user-inserted marker. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method, comprising:
-
receiving a signal representing a user-defined marker; revising an authorized code based on the user-defined marker to produce a revised code; causing a processor to execute the revised code for each execution path within the revised code from a plurality of execution paths within the revised code; receiving, for each execution path from the plurality of execution paths, a signal representing power consumption of the processor during execution of the revised code to define a plurality of signals representing power consumption; processing each signal from the plurality of signals representing power consumption to define a composite signal having a random characteristic reduced; and extract a feature from the from the composite signal to define a signature for the revised code. - View Dependent Claims (24, 25, 26, 27, 28)
-
-
29. A method, comprising:
-
receiving a signal representing power consumption of a first electronic device during operation, the signal associated with a plurality of signature signals that were generated from a second electronic device during operation of authorized code, each signature signal from the plurality of signature signals being uniquely associated with an aspect of the authorized code from a plurality of aspects of the authorized code; and comparing the signal to a plurality of signature to extract a feature. - View Dependent Claims (30, 31, 32, 33)
-
Specification