Towards embedding attack detection on Systems-on-Chip
Connected devices are increasingly targeted by cyber-security attacks. Such attacks may exploit software bugs, e.g., to install malware, and can go as far as physically interfering with the device by, e.g., side channel attacks or fault attacks to recover secret keys. Software and physical attacks can be combined, and give place to mixed, powerful means to gain control of a system.
Attack detection is a field that receives more and more attention because it has the potential to address several attacks at once. Machine learning methods can be applied in two steps. An off-line characterisation of the logical and physical properties of the Systems-on-Chip can give an idea about what is the nominal behaviour of the system. Run-time monitoring may determine if there are deviations from this behaviour. This talk will survey recent approaches for attack detection on Systems-on-Chip, for malware, memory attacks, and side-channel attacks. Furthermore our results on the utilisation of binary classification to design lightweight memory access detectors will be presented. Finally we will discuss the need to monitor heterogeneous features, e.g., physical, architectural and software, and future directions for research.