CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 11417 > Article
Presentation + Paper
24 April 2020 Automated clustering of EM side-channel emissions to detect anomalous device behavior
Chris Mesterharm, Rauf Izmailov, Scott Alexander, Simon Tsang
Author Affiliations +
Proceedings Volume 11417, Cyber Sensing 2020; 114170C (2020) https://doi.org/10.1117/12.2563471
Event: SPIE Defense + Commercial Sensing, 2020, Online Only
Abstract
In this paper, we present a technique to label and record consistent device modes using an isolated system that can sense the side-channel electromagnetic emanations (EM) of the device. This allows us to characterize the device's normal behavior and detect anomalous behavior that is a result of a security breach of the device. Our technique does not require any prior knowledge of the device or its behavior and is based on a new density-based clustering technique. Our clustering technique uses the training data to create a density map over the instance space by approximating the density of any point by counting the number of points in a fixed radius ball centered at that point. The radius is computed to ensure that a majority of the training data has a low relative error density estimate. This density map is used to incrementally build the clusters in order of the density of the training data. Our approach is similar to DBSCAN but our modifications allow us to remove difficult to set parameters and allow the algorithm to discover clusters of greatly different densities. Given that accurate density estimates are difficult in high-dimensional spaces, we perform experiments after applying PCA to reduce the number of dimensions while retaining much of the clustering structure. We have applied this technique to various devices and confirmed the discovery of device behavior by running code with a known looping behavior that is mirrored in our mode predictions. This has allowed us to detect deviations in device behavior that correspond to unauthorized code running on the device.
Conference Presentation
© (2020) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Chris Mesterharm, Rauf Izmailov, Scott Alexander, and Simon Tsang "Automated clustering of EM side-channel emissions to detect anomalous device behavior", Proc. SPIE 11417, Cyber Sensing 2020, 114170C (24 April 2020); https://doi.org/10.1117/12.2563471
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 10 PAGES + PRESENTATION
DOWNLOAD PAPER SAVE TO MY LIBRARY
WATCH
PRESENTATION
GET CITATION
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Principal component analysis
Data processing
Visualization
Signal processing
Machine learning
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top