Farid Molazem Tabrizi and Karthik Pattabiraman, Annual Computer Security Applications Conference (ACSAC), 2016. (Acceptance Rate: 23%) [ PDF | Talk ]
Videos of the Attacks on SEGMeter
Abstract: Smart embedded systems are core components of Internet of Things (IoT). Many vulnerabilities and attacks have been discovered against different classes of IoT devices. Therefore, developing a systematic mechanism to analyze the security of smart embedded systems will help developers discover new attacks, and improve the design and implementation of the system. In this paper, we formally model the functionalities of smart meters, as an example of a widely used smart embedded device, using rewriting logic. We also define a formal set of actions for attackers. Our formal model enables us to automatically analyze the system, and using model-checking, find all the sequences of attacker actions that transition the system to any undesirable state. We evaluate the analysis results of our model on a real smart meter, and find that a sizeable set of the attacks found by the model can be applied to the real meter, using only inexpensive, commodity off-the-shelf hardware.
-
Recent Papers
- The Statistical Assessment of Bayes-“sub”optimal Binary Machine Learning Classifier Risk
- RVDebloater: Mode-based Adaptive Firmware Debloating for Robotic Vehicles
- Requalizer: A Co-designed Information Flow Control and Quality of Service Management Framework
- ReSect: A Tool for Automated Analysis of Reentrancy Exploit Transactions on Blockchains
- Thinking Inside the Box: Injecting Realistic Radiation Faults in ML Accelerators
- ARMOR: Attack-Resilient Reinforcement Learning Control for UAVs
- Systems-Theoretic and Data-Driven Security Analysis in ML-enabled Medical Devices
- Feed-Forward Controller-Based Recovery for Robotic Vehicles from Physical Attacks
- Turnstile: Hybrid Information Flow Control Framework for Managing Privacy in Internet-of-Things Applications
- DLAFI: Software-Based Fault Injection for Permanent Faults in Deep Learning Accelerators
Pages
- About us
- Achievements
- Papers
- People
- Photos
- Projects
- Autonomous Systems and IoT Security
- Building Robust ML Systems against Training Data Faults
- Decentralized Finance (DeFi) and Blockchain Oracle Security
- Error Resilient ML Applications
- Membership Inference Attacks in Machine Learning Models
- Middleware for Edge Computing Applications
- Resilience Assessment of ML Models under Hardware Faults
- Smart Contract’s Security
- Software