Securing IoT Devices Using Dynamic Power Management: Machine Learning Approach

Abstract

The shift in paradigm from cloud computing toward edge has resulted in faster response times, a more secure and energy-efficient edge. Internet-of-Things (IoT) devices form a vital part of the edge, but despite legions of benefits it offers, increasing vulnerabilities and escalation in malware generation has rendered them insecure. Software-based approaches are prominent in malware detection, but they fail to meet the requirements for IoT devices. Dynamic power management (DPM) is architecture agnostic and inherently pervasive component existing in all low-power IoT devices. In this article, we demonstrate dynamic voltage and frequency scaling (DVFS) states form a signature pertinent to an application, and its runtime variations comprise of features essential for securing IoT devices against malware attacks. We have demonstrated this proof of concept by performing experimental analysis on a Snapdragon 820 mobile processor, hosting the Android operating system (OS). We developed a supervised machine learning model for application classification and malware identification by extracting features from the DVFS states time series. The experimental results show > 0.7~F1 score in classifying different android benchmarks and >0.88 in classifying benign and malware applications when evaluated across different DVFS governors. We also performed power measurements under different governors to evaluate power-security aware governor. We have observed higher detection accuracy and lower power dissipation under settings of the ondemand governor.