Go to CCS 2020 homepageDeepPower: Non-intrusive and Deep Learning-based Detection of IoT Malware Using Power Side Channels
Abstract: The vulnerability of Internet of Things (IoT) devices to malware attacks poses huge challenges to current Internet security. The IoT malware attacks are usually composed of three stages: intrusion, infection and monetization. Existing approaches for IoT malware detection cannot effectively identify the executed malicious activities at intrusion and infection stages, and thus cannot help stop potential attacks timely. In this paper, we present DeepPower, a non-intrusive approach to infer malicious activities of IoT malware via analyzing power side-channel signals using deep learning. DeepPower first filters raw power signals of IoT devices to obtain suspicious signals, and then performs a fine-grained analysis on these signals to infer corresponding executed activities inside the devices. DeepPower determines whether there exists an ongoing malware infection by conducting a correlation analysis on these identified activities. We implement a prototype of DeepPower leveraging low-cost sensors and devices and evaluate the effectiveness of DeepPower against real-world IoT malware using commodity IoT devices. Our experimental results demonstrate that DeepPower is able to detect infection activities of different IoT malware with a high accuracy without any changes to the monitored devices.
0 Replies
Loading