SBIR Phase I: Hardware-Assisted Security Monitoring for Embedded and Wireless Systems Using Power Fingerprinting
This Small Business Innovation Research (SBIR) Phase I project aims to demonstrate the technical and commercial feasibility of a novel approach called Power Fingerprinting (PFP) for integrity assessment and intrusion detection in critical embedded and wireless systems based on side-channel analysis by an external monitor. Such integrity assessment approach is fundamental for protecting critical systems from cyber attacks in government agencies, financial institutions, military command, and industrial control. PFP treats cyber security as a signal detection and classification problem and introduces tangible quantitative metrics for security and trust. Phase I objectives include: (1) demonstrate the feasibility of characterizing kernel modules and core applications for embedded systems; 2) extract behavioral signatures to improve performance; 3) develop techniques to compensate for variations in power consumption due to manufacturing and environmental variations; and 4) create a general architecture for the application of PFP. The research will be performed using Angstrom Linux on a Beagleboard embedded platform, from which PFP signatures will be extracted and used to detect malicious intrusions in blind tests. The expected result is to achieve over 95% accuracy in detecting execution anomalies during blind tests and provide a baseline to develop a commercial PFP monitor prototype in Phase II. The broader impact/commercial potential of this project includes the development of an innovative mechanism for early detection of cyber attacks to critical infrastructure from well-funded adversaries. Such attacks, if not promptly discovered, that can steal state secrets and intellectual property with devastating consequences to national security. PFP brings a new perspective to cyber security treating it as a signal detection and classification problem and introducing tangible quantitative metrics for integrity and trust. PFP addresses a growing need to secure critical embedded systems. PFP is very difficult to evade, adds little overhead in the processor being monitored, and is effective against zero-day attacks. In comparison, traditional cyber security monitoring approaches are susceptible to evasion and ineffective against new attacks because they depend on known malware signatures. These features make PFP capable of detecting sophisticated covert attacks and rootkits, such as the recent Stuxnet worm. PFP has dual application in the commercial and government markets, particularly for resource-constrained and embedded platforms, including smart phones, smart grid, critical industrial control, and tactical communication devices. PFP has the potential to become a fundamental player in cyber-security by protecting the nation?s infrastructure and promoting further development of the economic base and employment.
Small Business Information at Submission:
Power Fingerprinting, Inc.
2200 Kraft Drive, Suite 1200 R Blacksburg, VA 24060-6748
Number of Employees: