IoT devices are systematically vulnerable to vendor introduced bugs, network as well as supply chain attacks. Further, unprotected and unmonitored physical access is common while single board computer based IoT devices have limited or no ability to detect and mitigate most types of attacks. Various methods have been described that use software based analysis, execution monitoring, and other cryptographic functions but these methods are not practical for small devices and often require modifications or additions to a simple sensor board that uses more power and is itself vulnerable to software bugs. Also, additional software space for non-mission code is difficult or not possible to add. This paper describes a novel light weight method to detect a compromise or abnormal behavior through the monitoring of readable and writable hardware elements on the device. An example prototype is described using an Arduino class device, common for many commercial sensing applications.
Andrew Toth, Dan Rapczynski, and Jason A. Wampler, "Lightweight hardware monitoring of IoT devices," Proc. SPIE 10630, Cyber Sensing 2018, 106300H (Presented at SPIE Defense + Security: April 18, 2018; Published: 3 May 2018); https://doi.org/10.1117/12.2305254.
Conference Presentations are recordings of oral presentations given at SPIE conferences and published as part of the conference proceedings. They include the speaker's narration along with a video recording of the presentation slides and animations. Many conference presentations also include full-text papers. Search and browse our growing collection of more than 14,000 conference presentations, including many plenary and keynote presentations.