Detecting Similar Code Segments Through Side Channel Leakage in Microcontrollers

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10779)

Abstract

We present new methods for detecting plagiarized code segments using side-channel leakage of microcontrollers. Our approach uses the dependency of side-channel leakage on processed data and requires that the implementation under test accepts varying known input data. Detection tools are built upon a similarity matrix that contains the absolute correlation coefficient for each combination of time samples of the two possibly different implementations as result of side channel measurements. These methods are evaluated on smartcards with ATMega163 microcontroller using different test applications written in assembly language. We show that our methods are highly robust even against a skilled adversary who modifies the original assembly code in various ways. Our approach is non-intrusive, so that the application does not need to be additionally watermarked in order to be protected—the resulting pattern of data leakage of the microcontroller executing the code is considered as its own watermark.

Keywords

Side-channel watermarking IP protection Code similarity analysis Similarity matrix Software reverse engineering Embedded software 

Notes

Acknowledgement

This work has been supported in parts by the German Federal Ministry of Education and Research (BMBF) through the project DePlagEmSoft, FKZ 03FH015I3.

References

  1. 1.
    Becker, G.T., Burleson, W., Paar, C.: Side-channel watermarks for embedded software. In: 9th IEEE NEWCAS Conference (NEWCAS 2011) (2011)Google Scholar
  2. 2.
    Becker, G., Strobel, D., Paar, C., Burleson, W.: Detecting software theft in embedded systems: a side-channel approach. IEEE Trans. Inf. Forensics Secur. 7(4), 1144–1154 (2012)CrossRefGoogle Scholar
  3. 3.
    Strobel, D., Bache, F., Oswald, D., Schellenberg, F., Paar, C.: SCANDALee: a side-ChANnel-based DisAssembLer using local electromagnetic emanations. In: Design, Automation, and Test in Europe (DATE), 9–13 March 2015 (2015)Google Scholar
  4. 4.
    Durvaux, F., Gérard, B., Kerckhof, S., Koeune, F., Standaert, F.-X.: Intellectual property protection for integrated systems using soft physical hash functions. In: Lee, D.H., Yung, M. (eds.) WISA 2012. LNCS, vol. 7690, pp. 208–225. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-35416-8_15 CrossRefGoogle Scholar
  5. 5.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_25 Google Scholar
  6. 6.
    Kerckhof, S., Durvaux, F., Standaert, F.-X., Gerard, B.: Intellectual property protection for FPGA designs with soft physical hash functions: first experimental results. In: 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 7–12, June 2013Google Scholar
  7. 7.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks Revealing the Secrets of Smart Cards. Springer, New York (2007).  https://doi.org/10.1007/978-0-387-38162-6 MATHGoogle Scholar
  8. 8.
    Atmel: ATmega163(L) Datasheet (revision E), February 2003Google Scholar
  9. 9.
    Atmel: Atmel AVR 8-bit Instruction Set Manual (revision 0856J), July 2014Google Scholar
  10. 10.
    Otte, D.: Avr-crypto-lib. https://www.das-labor.org/wiki/AVR-Crypto-Lib/en. Accessed Sept 2017
  11. 11.
    Poettering, B.: AVRAES: the AES block cipher on AVR controllers. http://point-at-infinity.org/avraes/. Accessed Sept 2017
  12. 12.
    Couroussé, D., Barry, T., Robisson, B., Jaillon, P., Potin, O., Lanet, J.-L.: Runtime code polymorphism as a protection against side channel attacks. In: Foresti, S., Lopez, J. (eds.) WISTP 2016. LNCS, vol. 9895, pp. 136–152. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-45931-8_9 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Bonn-Rhein-Sieg University of Applied SciencesSankt AugustinGermany
  2. 2.Ruhr-Universität BochumBochumGermany

Personalised recommendations