Standards

Certification

Education & Training

Publishing

Conferences & Exhibits

Detecting Zero-Day Attacks in Real Time on Day Zero

Industrial Device Integrity Assessment – Hardware, OS & Software Malware Detection

© 2014 PFP Cybersecurity

2

Thurston Brooks

Mr. Brooks is focused on new technologies and solutions for industrial and commercial applications for the protection of critical infrastructure. He has more than 30 years developing and managing a wide variety of solutions for military and industrial applications. Mr. Brooks has engineering degrees from the University of Florida (BS) and the Massachusetts Institute of Technology (MS) with a thesis in Human-Machine Systems and Controls. He also has a University of Chicago MBA. He was a key member of the IEEE/NIST Committee on Smart Sensors (IEEE 1451). Mr. Brooks has published or presented in more than 40 industry journals, symposiums and conferences, and holds two patents. One patented product won 1993 Star Tech Award for Best New Product in Washington Technology magazine.

The Detection Gap

“On any given day, some 50 percent or more of known malware is undetectable.” CounterTack

“Signature-based antivirus is dead” ZDNet

“The Antivirus Era Is Over” MIT Technology Review

“We don’t actually know how to scan for malware. We can’t stop it, because we can’t find it. “ Scientific American

• Malware in embedded devices (partial list)

– SCADA/PLC Attacks: Stuxnet, both dormant and active

– Router Attacks: Routing table, forced write, etc.

– Bios Attacks: Root Kits

– Mobile Device Attacks: RATC

• Supply Chain

– Trojan Integrated Circuits: Designed in US, produced in China with backdoor

Cyber Security Trends

4

“Software solutions are no longer enough for software attacks”

“The Hardware Assisted Defense”

Improving Critical Infrastructure Cybersecurity Executive Order 13636 Preliminary Cybersecurity Framework (10-22-2013)

− Anomalous activity is detected in a timely manner and the potential impact of events is understood.

− A baseline of normal operations and procedures is identified and managed.

− The physical environment is monitored to detect potential cybersecurity events.

Signature Recognition

Based

HardwareAssisted

AnomalyDetection

PhysicalLayer

SoftwareOnly

Today’s

SOTA

Cutting

Edge

Tech

Standards

for the

Future

BaselineNormal

Current Solutions & What we Need

5

Physical

Layer

Application

Layer

Network

Layer

Current Vendors

Hardware

Assisted

Today TheTrend

Software

Execution

OS

BIOS

Hardware

Out-of-Band

Detection

A New Approach using Sideband Analysis – Quantitative and Deterministic

6

� Detect intrusions by anomaly detection on the processor’s power consumption

Compare New

Data with the

Baseline

Evaluate Next

Module

Side-Channel

Non-Contact

New Power

Trace

Anomaly? Alert

User

yes

no

Real Time and Near Zero False Positive

PFP Monitoring

How Sideband Cyber Attack Discovery Works

7

CPU

Memory

Power Supply

SCADA System

CurrentMonitor

Control Valve In Plant

Plant Operator Monitors Plant

Create Baseline of Instantaneous

Power Usage

Monitoring Unit

PFP Monitoring

Cyber Attack Discovery by Monitoring Power Changes

8

CPU

Memory

Power Supply

SCADA System

CurrentMonitor

Match Signature

Control Valve In Plant

Plant Operator Sees Everything

is Good

Monitoring Unit

ONLY ONE “BIT” ISDIFFERENT

PFP matches Signature

Cyber Attack Recognition Thru Power Discrepancies

9

CPU

Memory

Power Supply

SCADA System

CurrentMonitor

Hacker Injects Malicious Code

Instantly detect

Anomaly in baseline

Plant Operator is “Alerted” System

Compromised

MONITORING ELECTRICAL SIGNATURE

ALLOWS ONE TO “SEE” THE CHANGE

Control Valve In Plant

Monitoring Unit

ONLY ONE “BIT” ISDIFFERENT

PFP matches Signature

Cyber Attack Recognition Thru Power Discrepancies

10

CPU

Memory

Power Supply

SCADA System

CurrentMonitor

Hacker Injects Malicious Code

Instantly detect

Anomaly in baseline

Plant Operator is “Alerted” System

Compromised

MONITORING ELECTRICAL SIGNATURE

ALLOWS ONE TO “SEE” THE CHANGE

Control Valve In Plant

Monitoring Unit

The End-to-End Approach

11

� A disruptive, effective and simple solution- Detect the zero-day attack- Detect both Active & Dormant attacks- No Added Software Needed- Non-intrusive (no electrical contact)- Scalable from chips, boards, devices, systems, etc.- Nearly impossible to evade

Non-Contact

Sensors

Analytics

Chips

SCADA

Networks

Computers

Mobile

Dash Board

For SaaS

Probes

• COTS probes • Low-cost custom design with and

without connectors• Traces on boards or chips have no

cost impact

12

Scanner Probe•COTS

Monitor Probe•COTS•$25 with connector

Board Monitor •<$1•No connector

Board Level•Traces on board

•Free

Chip Level•Traces or active circuits on chip

•Free

The Deployment Process

Exploration • Identify probe requirements• Identify sampling requirements

Characterization • Extract PFP baseline feature sets

Integration• Set user-defined parameters• Create Response policy• Develop Dashboard / UI / API

Monitoring• Assess integrity• Initiate response• Update UI

Maintenance • New version characterization• System updates

13

A Sample Deployment

14

Identify the target device

Establish the baseline

with a Scanner

Verify the monitoring

solution

Set up a Monitor with the verified

solution

In-Field baseline update?

Maintenance and ongoing monitoring

0 2 4 6 8 10 12 14x 10

8-4-2024681012

Frequency

PS

D D

iffer

ence

0 2 4 6 8 10 12 14x 10

8-4-202468

1012)

Frequency

PS

D D

iffer

ence

Devices to be monitored Baseline Anomaly

Cloud-basedand

third-party monitoring solutions

Testing at Savannah River National Lab

Enable new baseline with

software update or on demand

Threats in Semiconductor

• Detecting tampering (kill switch or back door) in chips and modules

• An emulated backdoor– Invert output only when cond_1

is true

4-Bit Counter

LEDs

Encond_1

0 1 2 3 4 5 6 7 80

1

2

3

4

5

6

7

8

9

10

11FPGA Demo, MalMode 1.1 Active

Sam

ple

PD

FMaximum Error

Original App

Tampered App

Cond_1: True

DORMANT

Kill switch loaded

Cond_1: False

ACTIVE

Kill switch Activated

baseline

Deterministic, no false positive

0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 50

2

4

6

8

10

12

14FPGA Demo, MalMode 1.1 Inactive

Sam

ple

PD

F

Maximum Error

Original App

Tampered App

FPGA Short Videohttp://youtu.be/3VVuUG7z1qo 15

Clear separation = no false positive

Threats in Android

• Android OS running on the Motorola Droid Processor

• Malware distributed in the Official Android Market – Used by DroidDream,

DroidKungFu, and other malware

• RageAgainstTheCage(RATC) Privilege Escalation Attack

• Monitored Kernel integrity

16

� Single pass assessment results

1 2 3 4 5 6 7 80

0 .1

0 .2

0 .3

0 .4

0 .5

0 .6

0 .7

0 .8

0 .9

D is ta n c e fro m s ig n a tu re

Den

sity

S e tu id re s u lts d is tr ib u tio n a n d fit

O rig ina l e x e c . t rac es

lo g -n o rm a l fi t-E A G A IN e x e c . t rac es

W e ibu ll fit

Proven for sophisticated CPUs and

Operating Systems

Threats in PLCs (Stuxnet)

• On a Siemens PLC (SIMATIC S7-1200) in both Dormant and Active Modes, targeted by Stuxnet (similar to the Iranian setup)

• PLC Logic: Tank level control

Process

HighSensor

PLC

LowSensor

Pump

Out1: level

over sensor

0: levelbelow sensor

0 0.5 1 1.5 2 2.5 3 3.5 4 4.50

2

4

6

8

10

12

14

16

18PLC Demo, Tamper Active L0 H1

Sam

ple

PD

F

Maximum Error

Original App

Tampered App

0 0.5 1 1.5 2 2.5 3 3.5 4 4.50

2

4

6

8

10

12

14

16

18PLC Demo, Tamper Inactive L0 H1

Sam

ple

PD

F

Maximum Error

Original App

Tampered App

Active post processing tamper

ACTIVE

Codes activated

Disabled post processing tamper

DORMANT

Codes loaded in memory

baseline

Real-Time, Continuous MonitoringPLC Short Videohttp://youtu.be/biRAlt7VbPk 17

Allen Bradley SLC-500 PLC Savannah River Nuclear Laboratory

• Initial step, sample the RF emissions given off by the PLC’s processor for each execution path.

• The sampled time series of an execution path is referred to as a trace

18

Allen Bradley SLC-500 PLC Savannah River Nuclear Laboratory

• Compute the statistical characteristics of the execution path.

• Ideally each cycle of the execution path will be identical within a reasonable amount of uncertainty

19

Clear Separation on Deviation from Normal

Thurston Brooks tbrooks@powerfingerprinting.com240-750-9154

VISIT US IN BOOTH #409FOR A DEMO

20

2014-2015 Products

• eMonitor – standalone unit and probe. Available in convenient DIN-rail mountable form-factors

21

PFP Analytics

Software

Inside

PFP “Scientific” Dashboard

� P2Scan – kit for users to evaluate and monitor their devices for corruption.

� CoreCloud – a SaaS solution that provides cloud-based analytics

� SIEM API – a software API for interfacing to 3rd-party Security Information and Event Management

User’s Equipment

Product Development

• Reducing size, weight, power, and cost

22

P2Scan-L(Laboratory ID System)

•COTS•Bench-top•High-end

P2Scan-P(Production System)

•COTS•Compact•Portable

eMonitor•COTS•Small Form Factor

•DIN Rail Mount

Embedded Board-Level

•PFP embedded on Customer board

Chip•FPGA•Stand-alone silicone, or

• Integrated IP

LaboratoryProbe

•COTS

ProductionProbe

•COTS•$25 with connector

Low-Cost Probe

•<$1•No connector

Embedded Probe

•Traces on board

•Free

Chip Level•Traces or active circuits on chip

•Free

Proofs of Concept

• Network - Wireless – Attacks such as kernel, routing

table, forced write to storage, etc.

• Semiconductor– Detecting tampering (kill switch

or back door) in chips and modules

• SCADA– Siemens PLC (SIMATIC S7-

1200) in both Dormant and Active Modes, targeted by Stuxnet

• Android OS Kernel integrity– RageAgainstTheCage (RATC)

Privilege Escalation Attack• Others – Medical, Mobile

23

3D printed probe

Commercialprobe