Machine Learning Attacks and Countermeasures for PUF-Based IoT Edge Node Security
Abstract
The Internet of things (IoT) ecosystem has grown exponentially with the convergence of various technologies such as deep learning, sensor systems, and advances in computing platforms. With such a highly pervasive nature of “smart” devices, the nature of data being collected and processed can be increasingly private and require safeguards to ensure the data’s integrity and security. Physically unclonable functions (PUFs) have emerged as a lightweight, viable security protocol in the Internet of Things (IoT) framework. Malicious modeling of PUF architectures has proven to be difficult due to the inherently stochastic nature of PUF architectures. In this work, we show that knowledge of the underlying PUF structure is unnecessary to clone a PUF. We tackle the problem of cloning PUF-based edge nodes in different settings such as unencrypted, encrypted, and obfuscated challenges in an IoT framework. We present a novel non-invasive, architecture-independent, machine learning attack for robust PUF designs and can handle encryption and obfuscation-based security measures on the transmitted challenge response pairs (CRPs). We show that the proposed framework can successfully clone different PUF architectures, including those encrypted using two (2) different encryption protocols in DES and AES and with varying degrees of obfuscation. We also show that the proposed approach outperforms a two-stage brute force attack model. Finally, we offer a machine learning-based countermeasure, a discriminator, which can distinguish cloned PUF devices and authentic PUFs with an average accuracy of 96%. The proposed discriminator can be used for rapidly authenticating millions of IoT nodes remotely from the cloud server.
References
[1]
Aman MN, Chua KC, Sikdar B. Hardware Primitives-Based Security Protocols for the Internet of Things. In: Cryptographic Security Solutions for the Internet of Things, 2019:117–141. IGI Global
[2]
Aman, MN, Taneja S, Sikdar B, Chua KC, Alioto M. Token-based security for the Internet of Things with dynamic energy-quality tradeoff. IEEE Internet Things J. 2018;6(2):2843–2859.
[3]
Bokefode JD, Bhise AS, Satarkar PA, and Modani DG Developing a secure cloud storage system for storing IoT data by applying role based encryption Proc Comput Sci 2016 89 43-50
[4]
Braeken A PUF based authentication protocol for IoT Symmetry 2018 10 8 352
[5]
Cam-Winget N, Sadeghi A, Jin Y. Can IoT be secured: Emerging challenges in connecting the unconnected. In: Proceedings of the 53rd Annual Design Automation Conference, 2016:122. ACM
[6]
Chatterjee U, Chakraborty RS, and Mukhopadhyay D A PUF-based secure communication protocol for IoT ACM Trans Embed Comput Syst (TECS) 2017 16 3 67
[7]
Chatterjee U, Govindan V, Sadhukhan R, Mukhopadhyay D, Chakraborty RS, Mahata D, Prabhu MM. Building PUF based authentication and key exchange protocol for IoT without explicit crps in verifier database. IEEE Transactions on Dependable and Secure Computing. 2018.
[8]
Coppersmith D The data encryption standard (DES) and its strength against attacks IBM J Res Dev 1994 38 3 243-250
[9]
Daemen J and Rijmen V The design of Rijndael: AES-the advanced encryption standard 2013 Berlin Springer
[10]
Dodis Y, Reyzin L, and Smith A Cachin C and Camenisch JL Fuzzy extractors: how to generate strong keys from biometrics and other noisy data Advances in cryptology 2004 Berlin, Heidelberg EUROCRYPT 2004 523-540
[11]
Ganji F, Tajik S, Fäßler F, Seifert JP. Strong machine learning attack against PUFs with no mathematical model. Cryptology ePrint Archive, Report 2016/606 (2016). https://eprint.iacr.org/2016/606.
[12]
Gao Y, Li G, Ma H, Al-Sarawi SF, Kavehei O, Abbott D, Ranasinghe DC. Obfuscated challenge-response: A secure lightweight authentication mechanism for puf-based pervasive devices. In: 2016 IEEE International Conference on Pervasive Computing and Communication Workshops (PerCom Workshops), 2016:1–6. IEEE
[13]
Goodfellow I, Pouget-Abadie J, Mirza M, Xu B, Warde-Farley D, Ozair S, Courville A, and Bengio Y Generative adversarial nets Ad Neural Inform Process Syst 2014 2014 2672-2680
[14]
Herder C, Yu MD, Koushanfar F, and Devadas S Physical unclonable functions and applications: a tutorial Proc IEEE 2014 102 8 1126-1141
[15]
Idriss T, Idriss H, Bayoumi M. A PUF-based paradigm for IoT security. In: 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT), 2016:700–705. IEEE
[16]
Ishai Y, Prabhakaran M, Sahai A, Wagner D. Private circuits II: keeping secrets in tamperable circuits. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2006:308–327. Springer
[17]
Islam SA, Katkoori S. High-level synthesis of key based obfuscated RTL datapaths. In: 2018 19th International Symposium on Quality Electronic Design (ISQED), 2018:407–412.
[18]
Islam SA, Sah LK, Katkoori S. Empirical word-level analysis of arithmetic module architectures for hardware trojan susceptibility. In: 2018 Asian Hardware Oriented Security and Trust Symposium (AsianHOST), 2018:109–114.
[19]
Laguduva V, Islam SA, Aakur S, Katkoori S, Karam R. Machine learning based iot edge node security attack and countermeasures. In: 2019 IEEE Computer Society Annual Symposium on VLSI (ISVLSI), 2019:670–675. IEEE
[20]
Maes R, Tuyls P, Verbauwhede I. Low-overhead implementation of a soft decision helper data algorithm for SRAM PUFs. In: Cryptographic hardware and embedded systems-CHES 2009, 2009:332–347. Springer
[21]
Mahmoud A, Rührmair U, Majzoobi M, Koushanfar F. Combined modeling and side channel attacks on strong PUFs. Cryptology ePrint Archive, Report 2013/632 (2013). https://eprint.iacr.org/2013/632.
[22]
Meguerdichian S, Potkonjak M. Device aging-based physically unclonable functions. In: 2011 48th ACM/EDAC/IEEE Design Automation Conference (DAC), 2011:288–289. IEEE
[23]
Mispan MS, Halak B, Zwolinski M. Lightweight obfuscation techniques for modeling attacks resistant PUFs. In: 2017 IEEE 2nd International Verification and Security Workshop (IVSW), 2017:19–24.
[24]
Ostrovsky R, Scafuro A, Visconti I, Wadia A. Universally composable secure computation with (malicious) physically uncloneable functions. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2013:702–718. Springer
[25]
Pappu R, Recht B, Taylor J, Gershenfeld N. physical one-way functions. Science. 2002;297(5589):2026–30. http://science.sciencemag.org/content/297/5589/2026.
[26]
Ramnath VL, Aakur SN, Katkoori S. Latent space modeling for cloning encrypted PUF-based authentication. In: IFIP International Internet of Things Conference, 2019:142–158. Springer
[27]
Ray S, Bhunia S, Jin Y, Tehranipoor M. security validation in IoT space. In: 2016 IEEE 34th VLSI Test Symposium (VTS), 2016:1–1. IEEE
[28]
Rostami M, Majzoobi M, Koushanfar F, Wallach DS, and Devadas S Robust and reverse-engineering resilient puf authentication and key-exchange by substring matching IEEE Trans Emerg Top Comput 2014 2 1 37-49
[29]
Rostami M, Majzoobi M, Koushanfar F, Wallach DS, and Devadas S Robust and reverse-engineering resilient PUF authentication and key-exchange by substring matching IEEE Trans Emerg Top Comput 2014 2 1 37-49
[30]
Rührmair U Acquisti A, Smith SW, and Sadeghi AR Oblivious transfer based on physical unclonable functions Trust and trustworthy computing 2010 Berlin Heidelberg Springer 430-440
[31]
Rührmair U, Holcomb DE. PUFs at a glance. In: 2014 Design, Automation Test in Europe Conference Exhibition (DATE), 2014:1–6 .
[32]
Rührmair U, Sehnke F, Sölter J, Dror G, Devadas S, Schmidhuber J. modeling attacks on physical unclonable functions. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS ’10, 2010:237–249. ACM, New York, NY, USA.
[33]
Rührmair U, Xu X., Sölter J, Mahmoud A. Koushanfar F, Burleson W. Power and timing side channels for pufs and their efficient exploitation. Cryptology ePrint Archive, Report 2013/851 (2013). https://eprint.iacr.org/2013/851.
[34]
Sehgal A, Perelman V, Kuryla S, and Schonwalder J Management of resource constrained devices in the internet of things IEEE Commun Mag 2012 50 12 144-149
[35]
Srivastava N Improving neural networks with dropout Univ Toronto 2013 182 566 7
[36]
Stergiou C, Psannis KE, Kim BG, and Gupta B Secure integration of IoT and cloud computing Fut Gen Comput Syst 2018 78 964-975
[37]
Suh GE, Devadas S. Physical unclonable functions for device authentication and secret key generation. In: 2007 44th ACM/IEEE Design Automation Conference, 2007:9–14
[38]
Suo H, Wan J, Zou C, Liu J. Security in the internet of things: a review. In: 2012 international conference on computer science and electronics engineering, vol. 3, 2012:648–651. IEEE
[39]
Vijayakumar A, Patil VC, Prado CB, Kundu S. Machine learning resistant strong PUF: Possible or a pipe dream? In: 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), 2016:19–24.
[40]
Wang X, Zhang J, Schooler EM, Ion M. Performance evaluation of attribute-based encryption: Toward data privacy in the IoT. In: 2014 IEEE International Conference on Communications (ICC), 2014:725–730. IEEE
[41]
Yang K, Forte D, Tehranipoor M. Protecting endpoint devices in IoT supply chain. In: Proceedings of the IEEE/ACM International Conference on Computer-Aided Design, 2015:351–356. IEEE Press
[42]
Ye J, Hu Y, Li X. RPUF: Physical unclonable function with randomized challenge to resist modeling attack. In: 2016 IEEE Asian Hardware-Oriented Security and Trust (AsianHOST), 2016:1–6.
Recommendations
Countering Modeling Attacks in PUF-based IoT Security Solutions
Hardware fingerprinting has emerged as a viable option for safeguarding IoT devices from cyberattacks. Such a fingerprint is used to not only authenticate the interconnected devices but also to derive cryptographic keys for ensuring data integrity and ...
Efficient and Secure Group Key Management in IoT using Multistage Interconnected PUF
ISLPED '18: Proceedings of the International Symposium on Low Power Electronics and DesignSecure group-oriented communication is crucial to a wide range of applications in Internet of Things (IoT). Security problems related to group-oriented communications in IoT-based applications placed in a privacy-sensitive environment have become a ...
A top-down survey on securing IoT with machine learning: goals, recent advances and challenges
The Internet of Things (IoT) has seen it all from being just another innovation to a leading technology; it is now a binding force that interconnects various aspects of our lives. The IoT's tremendous growth is driven by emerging applications and evolving ...
Comments
Information & Contributors
Information
Published In
© Springer Nature Singapore Pte Ltd 2020.
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 27 August 2020
Accepted: 11 August 2020
Received: 01 June 2020
Author Tags
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 02 Sep 2024
Other Metrics
Citations
View Options
View options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in