CREBAD:基于芯片辐射的物联网设备异常检测方案

CREBAD:Chip Radio Emission Based Anomaly Detection Scheme of IoT Devices

随着物联网的飞速发展,物联网设备的安全问题受到了广泛的关注.物联网设备的软硬件特性导致其极易遭受各类攻击.对物联网设备的异常检测成为近年的热点,传统的基于入侵检测、流量分析等防护方式无法适用于物联网设备的软硬件环境.针对这一问题,提出了基于芯片辐射的异常检测方案,以物联网设备在工作时向外辐射的电磁波信号作为检测依据,采用遗传算法和近似熵理论对原始信号进行特征提取和选择后,利用一类支持向量机对正常行为产生的辐射信号进行训练.该方案具有无侵入的特性,无需对原有系统进行任何软硬件改造,适用于现有物联网设备.最后的实验结果表明:与其他常用的异常检测方案相比,该方案能够更有效地检测物联网设备的异常行为,具有较高的准确性和较低的误报率.

with the rapid development of the Internet of things（IoT）,IoT security issues have received widespread attention.The hardware and software features of IoT devices make them extremely vulnerable to all types of attacks.Anomaly detection of IoT devices has become a hot spot in recent years.The traditional protection methods based on intrusion detection and traffic analysis can not adapt to the hardware and software environment of IoT devices.In order to solve this problem,an anomaly detection scheme based on chip radiation is proposed. By using the electromagnetic wave signals of IoT devices radiating outwards during operation as detection basis,the original signals are extracted and selected by genetic algorithm and approximate entropy.Finally,the signal of normal behavior radiation is trained using a one-class support vector machine algorithm.The program has non-invasive features,without the need for any transformation of the original system hardware and software,applying to the existing IoT devices.The final experimental results show that compared with other commonly used anomaly detection schemes,this scheme can detect the abnormal behavior of IoT devices more effectively,with higher accuracy and lower false alarm rate.