Machine Learning Attack and Defense on Voltage Over-scaling-based Lightweight Authentication

TL;DR

This paper investigates machine learning attacks on a voltage over-scaling-based lightweight authentication protocol for IoT devices and proposes a dynamic obfuscation method to enhance its resistance against such attacks.

Contribution

It introduces a novel ML attack model on VOS-based authentication and proposes a dynamic obfuscation mechanism to significantly improve security against these attacks.

Findings

ML models can clone VOS authentication with up to 99.65% accuracy.

The proposed DOMK reduces ML prediction accuracy to below 51.2%.

The method enhances security of lightweight IoT authentication protocols.

Abstract

It is a challenging task to deploy lightweight security protocols in resource-constrained IoT applications. A hardware-oriented lightweight authentication protocol based on device signature generated during voltage over-scaling (VOS) was recently proposed to address this issue. VOS-based authentication employs the computation unit such as adders to generate the process variation dependent error which is combined with secret keys to create a two-factor authentication protocol. In this paper, machine learning (ML)-based modeling attacks to break such authentication is presented. We also propose a dynamic obfuscation mechanism based on keys (DOMK) for the VOS-based authentication to resist ML attacks. Experimental results show that ANN, RNN and CMA-ES can clone the challenge-response behavior of VOS-based authentication with up to 99.65% predication accuracy, while the predication accuracy is less than 51.2% after deploying our proposed ML resilient technique.