Using Program Analysis to Synthesize Sensor Spoofing Attacks

I. Pustogarov, T. Ristenpart, Vitaly Shmatikov
{"title":"Using Program Analysis to Synthesize Sensor Spoofing Attacks","authors":"I. Pustogarov, T. Ristenpart, Vitaly Shmatikov","doi":"10.1145/3052973.3053038","DOIUrl":null,"url":null,"abstract":"In a sensor spoofing attack, an adversary modifies the physical environment in a certain way so as to force an embedded system into unwanted or unintended behaviors. This usually requires a thorough understanding of the system's control logic. The conventional methods for discovering this logic are manual code inspection and experimentation. In this paper, we design a directed, compositional symbolic execution framework that targets software for the popular MSP430 family of microcontrollers. Using our framework, an analyst can generate traces of sensor readings that will drive an MSP430-based embedded system to a chosen point in its code. As a case study, we use our system to generate spoofed wireless signals used as sensor inputs into AllSee, a recently proposed low-cost gesture recognition system. We then experimentally confirm that AllSee recognizes our adversarially synthesized signals as \"gestures.\"","PeriodicalId":20540,"journal":{"name":"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security","volume":"36 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3052973.3053038","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 15

Abstract

In a sensor spoofing attack, an adversary modifies the physical environment in a certain way so as to force an embedded system into unwanted or unintended behaviors. This usually requires a thorough understanding of the system's control logic. The conventional methods for discovering this logic are manual code inspection and experimentation. In this paper, we design a directed, compositional symbolic execution framework that targets software for the popular MSP430 family of microcontrollers. Using our framework, an analyst can generate traces of sensor readings that will drive an MSP430-based embedded system to a chosen point in its code. As a case study, we use our system to generate spoofed wireless signals used as sensor inputs into AllSee, a recently proposed low-cost gesture recognition system. We then experimentally confirm that AllSee recognizes our adversarially synthesized signals as "gestures."
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
应用程序分析综合传感器欺骗攻击
在传感器欺骗攻击中,攻击者以某种方式修改物理环境,从而迫使嵌入式系统产生不想要的或意想不到的行为。这通常需要对系统的控制逻辑有透彻的理解。发现这种逻辑的传统方法是手工代码检查和实验。在本文中,我们为流行的MSP430系列微控制器设计了一个定向的、组合的符号执行框架。使用我们的框架,分析人员可以生成传感器读数的跟踪,将基于msp430的嵌入式系统驱动到其代码中的选定点。作为一个案例研究,我们使用我们的系统生成欺骗无线信号,作为传感器输入AllSee,一个最近提出的低成本手势识别系统。然后,我们通过实验证实,AllSee将我们的对抗合成信号识别为“手势”。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security How Discover a Malware using Model Checking Localization of Spoofing Devices using a Large-scale Air Traffic Surveillance System CoverUp: Privacy Through "Forced" Participation in Anonymous Communication Networks Session details: Password & Auth 1
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1