Presentation is loading. Please wait.

Presentation is loading. Please wait.

My Smartphone Knows What You Print: Exploring Smartphone-based Side-channel Attacks Against 3D Printers By Chen Song, Feng Lin, Zongjie Ba, Kui Ren, Chi.

Published byMelvin Douglas Modified over 7 years ago

Similar presentations

Presentation on theme: "My Smartphone Knows What You Print: Exploring Smartphone-based Side-channel Attacks Against 3D Printers By Chen Song, Feng Lin, Zongjie Ba, Kui Ren, Chi."— Presentation transcript:

1 My Smartphone Knows What You Print: Exploring Smartphone-based Side-channel Attacks Against 3D Printers By Chen Song, Feng Lin, Zongjie Ba, Kui Ren, Chi Zhou, Wenyao Xu Presented by xizhe qiu Good afternoon, my name is Xizhe and today I will be presenting this article about side-channel attacks on 3d printers using smartphones, written by Song et al

2 Motivation – 3D printing
3D printing are increasingly becoming popular Highly intellectual property (IP) sensitive information IP protection for 3D printing still largely underexplored 3D printing are increasingly applied to multiple industries, revolutionizing the manufacturing process of many products, within which, some of the products are highly intellectual property sensitive. However, intellectual property protection for 3D printing technology are still largely underexplored.

3 Motivation – Smartphones
Extremely common Well Equipped with onboard sensors Perfect Tool for launching Side-channel Attacks At the same time, smartphones are extremely common and putting them somewhere near a printer would likely receive no attention, plus they are well equipped with various onboard sensors, making them the perfect tool for launching side channel attacks on 3D printers.

4 Problem Is it possible to use smartphones to hack intellectual property information from a working 3D printer by using side-channel signals generated by the 3D printer? This raises a serious issue, is it possible to use smartphones to steal intellectual property information from a working 3D printer by using the side-channel signals generated by the 3D printer? To find out, Song et al conducted an end-to-end study in attempt to create a model for such attacks.

5 Background – 3D Printing
3D printing builds objects by melting and applying layers of thermoplastic material Two domains: Cyber domain and Physical domain 3D printing is a new type of manufacturing process, using special printers to build objects by melting and applying layers and layers of thermoplastic material. 3D printing can be divided into two domains: the cyber domain and the physical domain.

6 Background – Cyber Domain
Everything from designing an object model to the resulting toolpath file G-code: most common format for toolpath files Toolpath file contains all the operational instruction of 3D printer to build the object ie. Contains all IP information of the design In general, the cyber domain contains everything from designing an object model using a CAD software to generating the resulting toolpath file, where G-code is the most common format. The toolpath file contains all the operational instructions for the 3D printer to control the printing nozzle and so, it contains all the IP information of the design. This file is then passed into the physical domain, which is the printer itself, for the actual printing.

7 Background – Physical Domain
Printing header moves horizontally Platform move vertically Printing Header A typical 3D printer looks like this, the printing header with a nozzle underneath is placed at the top of the printer and can only move horizontally. A platform stays in the middle and when the printing starts, the platform is raised to an initial height and gradually moves downwards one layer at a time as the printer prints layer by layer.

8 Background – Primitive Operations
Layer movement: printing on X-Y plane or changing layer on Z-axis Header movement: header is printing at low speed or aligning position at high speed Axial movement: nozzle is moving in X-axis or Y-axis Direction movement: which direction are the nozzle moving in one of the X or Y axis During printing, there are four primitive operations involved: Layer movement, whether the printer is printing in the horizontal plane or changing layer on the Z-axis. Header movement, whether the header is printing at a low speed, or aligning the position at a high speed. Axial movement, whether the nozzle is moving in the X-axis or Y-axis and Directional movement, which direction the nozzle moves in the X-axis or Y-axis. Different electromechanical motors in the 3D printer controls these operations and each motor generates a different set of side-channel signals.

9 Background – Side-channel Attack
Any attack based on the information of the device gathered from the physical world So what is a Side channel attack? It refers to any attack based on the information of the device gathered from the physical world, in this case, the attack uses the signals generated from these motors to construct the IP information of the design.

10 Idea Attacker places phone Phone records data Attacker collects phone
Data analyzed and results in: Full IP attack or Partial IP attack Full IP attack Partial IP attack The whole idea of the attack is to suppose an object is getting printed by a 3D printer. The attacker would place their phone near the printer to collect side-channel information. During printing, the phone gathers the side channel data and when the printing finishes, the attacker collects their phone and walk away. The data collected will be applied with analysis functions and converted back into G-code. If the attacker obtains the full original IP information then the attacker performed a full IP attack. However, if only part of the original IP information is obtained, then it is a partial IP attack.

11 Details – Acoustic Data
Collected 20cm away from printer using Nexus 5 Analysed with support vector machine (SVM) Well predicts axial movement (whether the nozzle is moving on X- axis or Y-axis) Badly predicts directional movement (which direction is the nozzle moving in the X-axis or Y-axis) Different motors produces different sounds Rotation of magnets inside motors produces similar sounds There are two types of side channel data that a smartphone could collect and they are acoustic data and magnetic data. Song et al used the Nexus 5 and placed it 20cm away from the printer to collect acoustic data. The acoustic data is analysed using support vector machine (also called SVM). It turns out that the SVM classifier could well classify the axial movement, whether the nozzle is moving on the X axis or Y axis , but badly predicts the directional movement, which direction is the nozzle moving in the X axis or Y axis. The acoustic data contains useful information for the axial movement because each axis is controlled by a different motor and each motor generates their own distinct sound due to the differing mechanical structures. However, the acoustic data doesn’t contain much information in the directional movement because directional movement is determined by which direction the magnets inside each motor rotates and the sound generated by the magnet turning both directions are very similar.

12 Details – Magnetic Data
Analyzed with SVM Different rotations of the magnet inside motors produces opposite magnetic field Directional movement easily determined To detect directional movements, Song et al used the Nexus 5 to collect the magnetic data and the magnetic data is analysed using SVM as well. What they found was motor’s each rotation directions produces opposite magnetic fields thus the directional movements could be easily determined using magnetic data. Based on these findings, Song et al introduced a magnetic enhanced side channel attack model.

13 Details – Magnetic Enhanced Side-channel Attack Model
Data acquisition Pre-processing with Savitzky-Golay filter Primitive operation analysis Obtain frames of printer operation parameters IP reconstruction to generate original IP information The first phase is data acquisition, which is the phase where the smartphone gathers side channel information as discussed in the previous slides. The second phase is pre-processing, this is the phase where interferences such as white noise are removed using Savitzky-Golay filter and separated into separate frames with a fixed frame size. The final phase is primitive operation analysis, where the four primitive operations in 3D printing are analyzed: layer movement and header movement are analysed using acoustic data because different actions in these movements produces very different sounds. Axial movement are analyzed using acoustic data as mentioned in the previous slides and directional movement are analyzed using magnetic data as mentioned in the previous slide as well. Eventually after the three phases, we obtain the predicted printer operation parameters in each frame and IP reconstruction could be initiated to reconstruct the original IP information.

14 Results Over 89% of primitive operations were correctly identified
Based on frame size of 200ms Larger frame size = more accurate = less detail the result of the model turns out to be mostly accurate, with at least 89% of primitive operations to be correctly identified. This accuracy is based on the frame size of 200ms and they found that the larger the frame size, the more accurate the model becomes. This is because as the frames get larger, the more information are included in each frame thus giving the classifier more information to predict the operations. However, we cannot just make the frames as large as we could because as the frames get larger, the less detail we could have on the reconstructed IP information.

15 Results Examples of reconstructed design
Now let’s look at some examples of reconstructed design using this model, the red lines are the original designs and the black lines are the reconstructed shapes. As we can see, the reconstructed shapes are basically correct with only minor offsets.

16 limitations Distance effect Printing speed effect
Ambient noise effect - limitation from Savitzky-Golay filter Phone must stay stationary Song et al discussed some of the limitations to the attack model, the first one is the distance effect, that the attack effectiveness highly depends on the side-channel range, where increasing the distance of the phone to the printer from 20cm to 40cm resulted in the mean tendency error to increase from 5.87% to 34.45%. The second limitation is the print speed effect, where the printing speed of the nozzle depends on the material used for printing. If the printing speed differs from the training data of the SVM classifier then the SVM classifier may have a hard time classifying the data. The third limitation is the ambient noise effect, where loud ambient acoustic and magnetic noises will affect the classification of the data because Savitzky-Golay filter cannot filter heavy ambient noises. The fourth limitation is the phone must stay stationary during the data acquisition phase resulting in the easy disruption of the attack.

17 Criticism – Issues with the Article
Difficult to obtain training data of many 3D printers for SVM classifier Could never be 100% accurate Assumed physical access to the 3D printer Environmental variables were never mentioned nor controlled What happens when there’s another 3D printer nearby? Song et al has proven the possibility of conducting a side channel attack on 3D printers and they did a great job highlighting some of the limitations to the attack model, however, there are still some issues to the article that we should address. The first issue is the SVM classifier used in the model. For the SVM classifier to function correctly, like all supervised machine learning models, the classifier must be supplied with a training set of data as the basis of classification. On the other hand, there exists many different 3D printers on the market that likely produces different sounds. This means before analyzing the side-channel information recorded on the phone, the attacker must first supply the classifier with the training data for the particular printer they attacked. This limits the attacker to only attack the same type of printer they could get the training data for. Even if the attacker could get their hands on the training data, the classifier could never be able to reconstruct the original design 100% correctly. Considering the stolen design may be highly intellectual property sensitive, the information may be far more sophisticated than the examples we showed here and a few minor classification mistakes by the classifier could render the reconstructed information useless. the author also assumed that the attacker has access to the target 3D printer, however, most of the times these printers are only accessible by staff members, combining this with the first issue, the model becomes really restrictive on who could actually pull this off. The article never mentioned the environmental variables of the experiment when the data is gathered by the phone, for example the ambient noise and magnetic level, which raises the question: what if there’s another 3D printer nearby that’s generating signals as well? Would that interfere with the target data acquisition?

18 Criticism – Possible Improvements
Several ideas and models remained as theories, would be great to be implemented and tested Introduce controlled variable Song et al proposed several ideas and models to make the attack model more practical and powerful, such as solving the issue of the phone must stay stationary by applying Euler’s rotation matrix. However, these ideas and models were not tested and remained as a theory, It would be a great improvement if these ideas and models could be implemented and tested. Also as discussed in the previous slide, it would be great if the authors could have controlled variables during the data acquisition phage

19 Thank you Thank you

Download ppt "My Smartphone Knows What You Print: Exploring Smartphone-based Side-channel Attacks Against 3D Printers By Chen Song, Feng Lin, Zongjie Ba, Kui Ren, Chi."

Similar presentations

Halliburton Makes Oil Exploration Safer Using MATLAB and Neural Networks MATLAB® and Neural Networks MathWorks Products Used: MATLAB Compiler MATLAB Neural.

Halliburton Makes Oil Exploration Safer Using MATLAB and Neural Networks MATLAB® and Neural Networks MathWorks Products Used: MATLAB Compiler MATLAB Neural.
This terms course Last term we both worked on learning 2 things –Processing –The concepts of graphics etc. This term will focus more on the basic concepts.

This terms course Last term we both worked on learning 2 things –Processing –The concepts of graphics etc. This term will focus more on the basic concepts.
System Design and Analysis

System Design and Analysis
1 Psych 5500/6500 The t Test for a Single Group Mean (Part 5): Outliers Fall, 2008.

1 Psych 5500/6500 The t Test for a Single Group Mean (Part 5): Outliers Fall, 2008.
Computer Aided Design/Modelling

Computer Aided Design/Modelling
Introduction to Systems Analysis and Design Trisha Cummings.

Introduction to Systems Analysis and Design Trisha Cummings.
GODIAN MABINDAH RUTHERFORD UNUSI RICHARD MWANGI.  Differential coding operates by making numbers small. This is a major goal in compression technology:

GODIAN MABINDAH RUTHERFORD UNUSI RICHARD MWANGI.  Differential coding operates by making numbers small. This is a major goal in compression technology:
How Hard Disks Work. Hard disks were invented in the 1950s. They started as large disks up to 20 inches in diameter holding just a few megabytes. They.

How Hard Disks Work. Hard disks were invented in the 1950s. They started as large disks up to 20 inches in diameter holding just a few megabytes. They.
Data Analysis 1 Mark Stamp. Topics  Experimental design o Training set, test set, n-fold cross validation, thresholding, imbalance, etc.  Accuracy o.

Data Analysis 1 Mark Stamp. Topics  Experimental design o Training set, test set, n-fold cross validation, thresholding, imbalance, etc.  Accuracy o.
Attribute- Assisted Seismic Processing and Interpretation 3D CONSTRAINED LEAST-SQUARES KIRCHHOFF PRESTACK TIME MIGRATION Alejandro.

Attribute- Assisted Seismic Processing and Interpretation 3D CONSTRAINED LEAST-SQUARES KIRCHHOFF PRESTACK TIME MIGRATION Alejandro.
Testing -- Part II. Testing The role of testing is to: w Locate errors that can then be fixed to produce a more reliable product w Design tests that systematically.

Testing -- Part II. Testing The role of testing is to: w Locate errors that can then be fixed to produce a more reliable product w Design tests that systematically.
ICT IGCSE.  Introducing or changing a system needs careful planning  Why?

ICT IGCSE.  Introducing or changing a system needs careful planning  Why?
Tom Wilson, Department of Geology and Geography Environmental and Exploration Geophysics II tom.h.wilson Department of Geology.

Tom Wilson, Department of Geology and Geography Environmental and Exploration Geophysics II tom.h.wilson Department of Geology.
Change in your CAD Project File - it happens all the time in robotics.

Change in your CAD Project File - it happens all the time in robotics.
Today’s Agenda  Reminder: HW #1 Due next class  Quick Review  Input Space Partitioning Software Testing and Maintenance 1.

Today’s Agenda  Reminder: HW #1 Due next class  Quick Review  Input Space Partitioning Software Testing and Maintenance 1.
1 A first look at the KEK tracker data with G4MICE Malcolm Ellis 2 nd December 2005.

1 A first look at the KEK tracker data with G4MICE Malcolm Ellis 2 nd December 2005.
( McNeese Everest Speed of Sound ) Columbia Scientific Balloon Facility Palestine,Tx May 2008.

( McNeese Everest Speed of Sound ) Columbia Scientific Balloon Facility Palestine,Tx May 2008.
Yield Cleaning Software and Techniques OFPE Meeting 10-27-2015.

Yield Cleaning Software and Techniques OFPE Meeting
Turning a Mobile Device into a Mouse in the Air

Turning a Mobile Device into a Mouse in the Air
TBAS: Enhancing Wi-Fi Authentication by Actively Eliciting Channel State Information Muye Liu, Avishek Mukherjee, Zhenghao Zhang, and Xiuwen Liu Florida.

TBAS: Enhancing Wi-Fi Authentication by Actively Eliciting Channel State Information Muye Liu, Avishek Mukherjee, Zhenghao Zhang, and Xiuwen Liu Florida.

Similar presentations

Ads by Google