ハードウェア攻撃に対する警報システム(An alarm system against hardware attacks)

ad
ad
ad
ad

2つのシンプルなアンテナで、コンピュータのハードウェアを物理的な操作から保護することができる Two simple antennas can protect computer hardware against physical manipulation

2022-06-07 マックス・プランク研究所

Radio-monitored: An electromagnetic signal transmitter and receiver antenna can detect hardware attacks on a circuit board because the attack changes the characteristic radio wave pattern in the device.
© Michael Schwettmann

ボーフムのマックス・プランク・セキュリティ・プライバシー研究所とボーフムのルール大学のチームが示したように、機器内の1つのアンテナからの信号は特徴的な電磁波パターンを生成し、それを2つ目のアンテナが受信するようになっています。攻撃者が例えば針金で機器を操作すると、電波パターンが変化し、警報装置のように操作を知らしめる。

<関連情報>

アンチ・タンパー・ラジオ 計算機システムにおけるシステムレベルの改ざん検知 Anti-Tamper Radio: System-Level Tamper Detection for Computing Systems

Paul Staat,Johannes Tobisch,Christian Zenger,Christof Paar,
43rd IEEE Symposium on Security and Privacy, San Francisco, USA, 2022, Conference Proceedings
DOI:10.1109/SP46214.2022.00067

Abstract

A whole range of attacks becomes possible when adversaries gain physical access to computing systems that process or contain sensitive data. Examples include side-channel analysis, bus probing, device cloning, or implanting hardware Trojans. Defending against these kinds of attacks is considered a challenging endeavor, requiring anti-tamper solutions to monitor the physical environment of the system. Current solutions range from simple switches, which detect if a case is opened, to meshes of conducting material that provide more fine-grained detection of integrity violations. However, these solutions suffer from an intricate trade-off between physical security on the one side and reliability, cost, and difficulty to manufacture on the other. In this work, we demonstrate that radio wave propagation in an enclosed system of complex geometry is sensitive against adversarial physical manipulation. We present an anti-tamper radio (ATR) solution as a method for tamper detection, which combines high detection sensitivity and reliability with ease-of-use. ATR constantly monitors the wireless signal propagation behavior within the boundaries of a metal case. Tamper attempts such as insertion of foreign objects, will alter the observed radio signal response, subsequently raising an alarm. The ATR principle is applicable in many computing systems that require physical security such as servers, ATMs, and smart meters. As a case study, we use 19″ servers and thoroughly investigate capabilities and limits of the ATR. Using a custom-built automated probing station, we simulate probing attacks by inserting needles with high precision into protected environments. Our experimental results show that our ATR implementation can detect 16 mm insertions of needles of diameter as low as 0.1 mm under ideal conditions. In the more realistic environment of a running 19″ server, we demonstrate reliable detection of 40 mm insertions of needles of diameter 1 mm for a period of 10 days.

タイトルとURLをコピーしました