Attack Injection into Avionic Systems through Application Code Mutation
| Autor: | Vincent Nicomette, Eric Alata, Nathalie Feyt, Mohamed Kaaniche, Alienor Damien |
|---|---|
| Přispěvatelé: | THALES, Équipe Tolérance aux fautes et Sûreté de Fonctionnement informatique (LAAS-TSF), Laboratoire d'analyse et d'architecture des systèmes (LAAS), Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées-Université Fédérale Toulouse Midi-Pyrénées-Centre National de la Recherche Scientifique (CNRS)-Université Toulouse III - Paul Sabatier (UT3), Université Fédérale Toulouse Midi-Pyrénées-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées, THALES [France], Université Toulouse Capitole (UT Capitole), Université de Toulouse (UT)-Université de Toulouse (UT)-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Université de Toulouse (UT)-Institut National des Sciences Appliquées (INSA)-Université Toulouse - Jean Jaurès (UT2J), Université de Toulouse (UT)-Université Toulouse III - Paul Sabatier (UT3), Université de Toulouse (UT)-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université de Toulouse (UT)-Université Toulouse Capitole (UT Capitole), Université de Toulouse (UT) |
| Rok vydání: | 2019 |
| Předmět: |
business.industry
Computer science media_common.quotation_subject 02 engineering and technology Intrusion detection system Avionics [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] Software 020204 information systems Embedded system Threat model 0202 electrical engineering electronic engineering information engineering Code (cryptography) [INFO.INFO-ES]Computer Science [cs]/Embedded Systems business Function (engineering) Host (network) Vulnerability (computing) media_common |
| Zdroj: | 2019 IEEE/AIAA 38th Digital Avionics Systems Conference (DASC) 2019 IEEE/AIAA 38th Digital Avionics Systems Conference (DASC), Sep 2019, San Diego, United States. pp.1-8, ⟨10.1109/DASC43569.2019.9081616⟩ |
| DOI: | 10.1109/dasc43569.2019.9081616 |
| Popis: | International audience; Given the continuous increase of malicious threats targeting embedded systems, the potential malicious modification of an aircraft application, by exploiting an unknown software or hardware vulnerability of the execution platform, must be seriously considered for future systems. Indeed, an insider attack breaking the organization's security measures to insert a malicious function on board could have significant consequences. Various solutions can be investigated to provide enhanced protection against such threats, including intrusion detection techniques. To design an Intrusion Detection System (IDS), and more specifically to evaluate its performance, abnormal data are required. However, to our knowledge, there is no publicly available attack data for aircraft applications. This paper proposes an approach and a tool aiming at automatically performing application code mutations that mimic the behavior of malevolent pieces of code introduced inside an application. The approach relies on three code modification strategies, designed to cover both generic and specific mutations. The tool takes into account the specific characteristics of avionic applications (dedicated hardware, real-time execution, threat model). This paper describes the architecture and implementation details of the tool, as well as some experiments, in which it is used in order to calibrate a Host-based Intrusion Detection System (HIDS) that we are currently implementing. For that purpose, specific code changes are introduced, targeting application integrity and availability as well as safety. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|