Detecting Similar Code Segments Through Side Channel Leakage in Microcontrollers
We present new methods for detecting plagiarized code segments using side-channel leakage of microcontrollers. Our approach uses the dependency of side-channel leakage on processed data and requires that the implementation under test accepts varying known input data. Detection tools are built upon a similarity matrix that contains the absolute correlation coefficient for each combination of time samples of the two possibly different implementations as result of side channel measurements. These methods are evaluated on smartcards with ATMega163 microcontroller using different test applications written in assembly language. We show that our methods are highly robust even against a skilled adversary who modifies the original assembly code in various ways. Our approach is non-intrusive, so that the application does not need to be additionally watermarked in order to be protected—the resulting pattern of data leakage of the microcontroller executing the code is considered as its own watermark.
KeywordsSide-channel watermarking IP protection Code similarity analysis Similarity matrix Software reverse engineering Embedded software
This work has been supported in parts by the German Federal Ministry of Education and Research (BMBF) through the project DePlagEmSoft, FKZ 03FH015I3.
- 1.Becker, G.T., Burleson, W., Paar, C.: Side-channel watermarks for embedded software. In: 9th IEEE NEWCAS Conference (NEWCAS 2011) (2011)Google Scholar
- 3.Strobel, D., Bache, F., Oswald, D., Schellenberg, F., Paar, C.: SCANDALee: a side-ChANnel-based DisAssembLer using local electromagnetic emanations. In: Design, Automation, and Test in Europe (DATE), 9–13 March 2015 (2015)Google Scholar
- 4.Durvaux, F., Gérard, B., Kerckhof, S., Koeune, F., Standaert, F.-X.: Intellectual property protection for integrated systems using soft physical hash functions. In: Lee, D.H., Yung, M. (eds.) WISA 2012. LNCS, vol. 7690, pp. 208–225. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-35416-8_15 CrossRefGoogle Scholar
- 6.Kerckhof, S., Durvaux, F., Standaert, F.-X., Gerard, B.: Intellectual property protection for FPGA designs with soft physical hash functions: first experimental results. In: 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 7–12, June 2013Google Scholar
- 8.Atmel: ATmega163(L) Datasheet (revision E), February 2003Google Scholar
- 9.Atmel: Atmel AVR 8-bit Instruction Set Manual (revision 0856J), July 2014Google Scholar
- 10.Otte, D.: Avr-crypto-lib. https://www.das-labor.org/wiki/AVR-Crypto-Lib/en. Accessed Sept 2017
- 11.Poettering, B.: AVRAES: the AES block cipher on AVR controllers. http://point-at-infinity.org/avraes/. Accessed Sept 2017
- 12.Couroussé, D., Barry, T., Robisson, B., Jaillon, P., Potin, O., Lanet, J.-L.: Runtime code polymorphism as a protection against side channel attacks. In: Foresti, S., Lopez, J. (eds.) WISTP 2016. LNCS, vol. 9895, pp. 136–152. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45931-8_9 CrossRefGoogle Scholar