Presentation is loading. Please wait.

Presentation is loading. Please wait.

My Smartphone Knows What You Print Exploring Smartphone-based Side-channel Attacks Against 3D Printers Article by: Chen Song, Feng Lin, Zongjie Ba, Kui.

Published byNickolas Murphy Modified over 7 years ago

Similar presentations

Presentation on theme: "My Smartphone Knows What You Print Exploring Smartphone-based Side-channel Attacks Against 3D Printers Article by: Chen Song, Feng Lin, Zongjie Ba, Kui."— Presentation transcript:

1 My Smartphone Knows What You Print Exploring Smartphone-based Side-channel Attacks Against 3D Printers Article by: Chen Song, Feng Lin, Zongjie Ba, Kui Ren, Chi Zhou, Wenyao Xu Presented by: Hui Yie Teh

2 3D Printing 3D printing (a.k.a. additive printing) is widely used to manufacture products that are highly intellectual property (IP) sensitive This is because 3D printing is: Efficient Allows creativity Affordable Used in industries such as: Medical Aerospace Architecture Education Nowadays, 3D printing is commonly used to manufacture products that are highly intellectual property (IP) sensitive This is because they are: Efficient as they save time and cost (less waste material) Allows creativity (allows flexible creation of complex geometric construction) Affordable They are used in a wide range of industries such as the medical, aerospace, architecture and education sectors Extra notes: Intellectual property: intangible property that is the result of creativity such as patents and copyright e.g. design of the product Affordable: 3D printers and the materials are affordable – few hundred dollars ($200 - $700?) Image from:

3 Problem Any common person with a smartphone can enter within the range of a 3D printer and collect side-channel data Completely inconspicuous cause of ubiquity of smartphones No need for physical contact with the printer Attacker does not have to be in the surrounding area However, these 3D printers produce sound and other side-channels when constructing an object So any common person with a smartphone can enter within the range of a 3D printer and start collecting side-channel data Side-channel data - any information gained from the physical domain e.g. sound, electromagnetic leaks and timing information This is unsuspicious as mobile phones are widely used and it is completely normal for people to leave their phones everywhere (on table where printer is at) No need physical contact with printer and the attacker does not have to be around to collect data

4 Motivation Purpose of this paper is to:
study side-channel attacks against 3D printers using smartphones to see if the IP information can be inferred through these side-channel attacks IP protection in the physical domain is still largely unexplored Has been discussed before in the cyber domain Therefore, this paper studies the side-channel attacks against 3D printers using smartphones and to see if there can be any IP leakage from these side-channel attacks Also attacks against 3D printers in the physical domain is still largely unexplored as compared to attacks in the cyber domain has been discussed before, giving rise to encryption and watermark to protect IP in the cyber domain To explain a little more about the physical domain and the cyber domain, I’ll talk about the background of 3D printing

5 Background Cyber domain: 3D digital design data
Object model is created in a Computer Aided Design (CAD) software Converted to STL file – standard object file Computer Aided Manufacturing (CAM) generates toolpath file Toolpath file (G-code) Physical domain: 3D physical object 3D printer manufactures the object 3D printing is broken down into the 2 mentioned domains The design an object is created in the cyber domain by firstly using computer aided design software. It is then converted into a standard object file and from that, the computer aided manufacturing software generates the toolpath file. The most common toolpath file is G-code So in the G-code, it includes all the operational instructions of the printing process To put it simply, they are instructions on where to move, how fast to move, and what path to follow as well as the printer settings such as the temperature, coordinates Thus, all IP information is in the G-code and if it can be inferred, there will be IP leakage and product replication As for the physical domain, it is the actual construction of the object Extra notes: CAD: the use of computer systems to aid in the creation, modification, analysis or optimization of a design. STL file: standard object file where the model is represented by the surface geometry composed of triangular facets CAM: the use of software to control machine tools and related ones in the manufacturing of workpieces, : module slices the model into uniform layers and generates the toolpath file

6 Background In this study, a Fused Deposition Modelling (FDM) 3D printer is used 4 primitive printer operations: Layer movement - whether the printer prints in the same layer or change to the next layer. Header movement - whether header prints object or aligns position Axial movement - whether nozzle moves in X or Y axis in the X-Y plane Directional movement - which direction the nozzle moves in X or Y axis FDM is a type of 3D printer that uses a material such as a thermoplastic filament, which is heated to its melting point and then extruded, layer by layer, to create a 3D object. Layer movement: whether the printer prints in the same layer or change to the next layer. Header movement: whether header prints object or aligns position Axial movement: whether nozzle moves in X or Y axis in the X-Y plane Directional movement: which direction the nozzle moves in X or Y axis (left/right for X-axis or up/down for Y-axis)

7 Background Acoustic and magnetic side-channels
Acoustic side-channel helps predict the axial movement well, but not the directional movement. Each axis is controlled by one motor and each motor produces different sounds The directional movement is controlled by a rotor and electromagnets which produces similar sounds, but distinguishable patterns in the magnetic field Magnetic side-channel is used to predict directional movement instead Preliminary studies done in the article found that the acoustic side-channel(sound) predict the axial movement well, but not the directional movement. This is because each axis is controlled by one motor which produces distinct sounds. However, the directional movement is controlled by a rotor and electromagnets in the motor (as seen in the image above) which produces similar sounds. But it has distinct patterns in the magnetic field. Therefore, magnetic side-channel is used to extract information about the directional movement instead

8 Idea Place a smartphone nearby a 3D printer
Have a data recording application on the smartphone Reconstruct G-code based on the side-channel information gathered The idea is to have a smartphone nearby a 3D printer that collects acoustic and magnetic side-channel data Through a recording application on the smartphone This is to see if able to reconstruct G-code based on the side-channel information gathered

9 Details 3D printer used in the study: Smartphone used in the study:
Ultimaker 2 Go Smartphone used in the study: Nexus 5 Built-in sensors such as microphones and magnetometer sensor Uses the magnetic-enhanced IP side-channel attack framework for 3D printers via smartphones in the physical domain This study uses the Ultimaker 2 Go 3D printer And Nexus 5 smartphone with built in sensors such as microphones and magnetometer sensors The phone is placed 20cm away from the 3D printer The attack is then conducted using the magnetic-enhanced IP side-channel attack framework.

10 Details The framework is visualized as shown and it has 3 modules that are highlighted: Side-channel information : where we gather data Printing plan extraction: where we extract information of the primitive operations based on the side-channel data gathered IP reconstruction: reconstruct the G-code based on the previous module Will go through each one in more detail The proposed magnetic-enhanced IP side-channel attack framework

11 Side-channel Information
Data acquisition Smartphone recording application that continuously collect side channel data Pre-processing Remove light ambient noises using the Savitzky-Golay filter Separated into frames with fixed size Has 2 parts Data acquisition part which is done through the recording app that continuously collects the magnetic and acoustic side-channel data at the same time Pre-processing part which removes light ambient noises such as such as white noise using the Savitzky-Golay filter It is then separated into frames of fixed sizes Extra notes: Savitzky-Golay filter: A digital filter that can be applied to a set of digital data points for the purpose of smoothing the data, that is, to increase the signal-to-noise ratio without greatly distorting the signal.

12 Printing Plan Extraction
Predict the printer operations based on the data frames collected Parameter extraction step for each data frame: Layer movement analysis Header movement analysis Axial movement analysis Directional movement analysis Then, all information is integrated Support Vector Machines (SVM) is used to predict the primitive movement Through the data frames collected, we then use that to predict the primitive printer operations. As mentioned before, have 4 primitive operations Layer, header and axial movement analysis uses the acoustic side-channel data as the sounds produced by these movements are clearly distinguishable and can be extracted from the acoustic side-channel data Directional movement extraction is based on the magnetic side-channel for reasons as explained before Then the information is integrated and the SVM machine learning algorithm is used as classifiers to predict the primitive movement operations. Extra notes: Feature extraction is used to enhance the SVM model. Two types of features extracted: Temporal features: Time domain features which are simple to extract and have easy physical interpretation, like: the energy of signal, zero crossing rate, maximum amplitude, minimum energy, etc. Spectral features: Frequency based features which are obtained by converting the time based signal into the frequency domain using the Fourier Transform, like: fundamental frequency, frequency components, etc Layer movement analysis the actuation system for the platform is very different from the one for the nozzle because it contains a deformed bar instead of the belt. Thus, platform movement (Z-plane) generates unique acoustic signal and the acoustic channel model can be applied Header movement analysis During extrusion of material, header prints with regular printing speed. When header performs a quick alignment, the material is no longer extruded and a much faster speed is applied to avoid stringing effect. Fast movements generate acoustic signal with significant pattern. Thus, use acoustic channel model. Axial movement analysis: Acoustic channel model since the sound produced by the two motors(one for X and one for Y) are different Directional movement analysis: Use magnetic channel model cause the directional movement is controlled by the motors which use electromagnets to change the direction and this produces similar sounds.

13 IP reconstruction Obtain predicted printer operation parameters
Converted into G-code - Lastly, the IP reconstruction is done by having the predicted printer operations parameters converted into G-code

14 Results Primitive operation models:
For the primitive operation predictions, it is seen that almost all the primitive operations were predicted with high accuracy of 90% and above, However, there is one that is slightly below 90% which is the X-left directional movement A frame size of 200ms is chosen for the evaluation. As to why this is chosen, the authors carried out the study with different frame sizes and found that smaller frame size lowers the classification accuracy because that means there are less characteristic information contained in each frame. However, bigger frame sizes will affect the quality of the printing process. Thus, the frame size of 200ms chosen as a trade-off between model accuracy and resolution of the printing process Primitive operation models: Almost all primitive operations were classified more than 90% correctly, except for the X-left directional movement which has an accuracy of 89.9% Based on the frame size of 200ms Chosen as a trade-off between model accuracy and resolution of the printing process

15 Results Simple design Complex design
Manage to replicate successfully with an average Mean Tendency Error (MTE) of 5.87% for 4 layers Complex design The complex shape of the object is still successfully replicated, though a little less accurately with an average MTE of 9.67% The few outliers caused by misclassifications, mostly by previous X directional movements A simple and complex design is reconstructed to test the feasibility of the attack. It is repeated in several layers and then compared with the original shape (red = original shape, black = reconstructed shape) For the simple design, the low average MTE of 5.87% indicate that the attack is successful and the original design IP was accurately replicated As for the complex design, it is a little less accurate with an increase in MTE of about 4%. But the complex shape of the object is still replicated Few outliers, mostly in the Y axis. They are most likely generated by the misclassifications of the previous X directional movements Extra notes: MTE: assesses the geometrical reconstruction based on the relative shape difference The X directional movement are less accurate than the Y directional movements. X-left and X-right gives the worst performance, with 89.9% and 91.2% accuracy. They do a little more poorly compared to Y-up and Y-down, up to almost 5% difference in accuracy

16 Limitations Distance Ambient noise Printing speed Carry-on attack
Advanced shapes The authors discussed the limitations of their study Distance: It is seen that the average MTE increases by up to 30% when the distance doubled from 20cm to 40cm. Thus, in order to keep the accuracy of the framework, the phone needs to be relatively near. Ambient noise: light ambient noises were filtered out using the Savitzky-Golay filter but strong ones (or unexpected ones) are not taken into account in the experiment Different printing speeds, carry-on attack and advanced shapes replication such as circles and arcs are also not done in the study Extra notes: Distance: Need to keep the phone relatively near since magnetic side-channel diminish a lot with distance (need it to be ~20cm) Carry-on attack: can’t be done since mobile phones have to be stationary during the data collection part Advanced shapes: such as circle, ellipse and arc might cause complications in identifying the printing state (whether material is extruded or not)because the nozzle motion trajectory becomes convoluted.

17 Criticisms Explored a practice enhancement to allow the attack to be orientation- independent Other FDM 3D printers 3D printer variation e.g. selective laser sintering and selective laser melting Other nearby 3D printers Did well explaining the limitations and next steps they will take in the future Also, good that they did a practice enhancement to obtain orientation-independent magnetic data. So to carry out the attack, the smartphone don’t need to be placed in the same orientation as the one in the study However, I noted that this study only uses one FDM printer model, would be good to see how this attack framework perform in other models e.g. MakerBot (it might affect the accuracy of the X directional movement) Also the attack model from this study cannot be used in other 3D printers e.g. selective laser sintering as their structure varies from the FDM printers This paper does not mention what happens if there are other 3D printers nearby. This might affect the side-channel data collected and they did not clarify what happens if it’s so ?Have fixed frame size in the experiments. But to capture smaller movements, we need smaller frame size. However, for faster speeds, we need larger frame size. A trade-off is needed depending on the situation and they can maybe incorporate adaptive frame size to increase the accuracy of the attack model. Extra notes: Orientation independent attack: Used for magnetic side-channel only since acoustic side-channel propagates in a sphere. Done by Euler’s rotation theorem selective laser sintering that uses a laser as the power source to sinter powdered material (typically metal), aiming the laser automatically at points in space defined by a 3D model, binding the material together to create a solid structure. Sintering: process of compacting and forming a solid mass of material by heat or pressure without melting it to the point of liquefaction. Smaller frame size: so that the temporal resolution of the features extracted can be increased Larger frame size: to increase the frequency resolution for better spectral features

18 Thank you Questions?

Download ppt "My Smartphone Knows What You Print Exploring Smartphone-based Side-channel Attacks Against 3D Printers Article by: Chen Song, Feng Lin, Zongjie Ba, Kui."

Similar presentations

3D Printing Change this title.

3D Printing Change this title.
QR Code Recognition Based On Image Processing

QR Code Recognition Based On Image Processing
November 12, 2013Computer Vision Lecture 12: Texture 1Signature Another popular method of representing shape is called the signature. In order to compute.

November 12, 2013Computer Vision Lecture 12: Texture 1Signature Another popular method of representing shape is called the signature. In order to compute.
Using Surfcam to Produce a Numeric Control (NC) Program An Introduction to the CAD/CAM Process Instructions for 3 Axis Programming Using the D&M CNC Milling.

Using Surfcam to Produce a Numeric Control (NC) Program An Introduction to the CAD/CAM Process Instructions for 3 Axis Programming Using the D&M CNC Milling.
Rapid prototyping is a computer program that constructs three-dimensional models of work derived from a Computer Aided Design (CAD) drawing. With the use.

Rapid prototyping is a computer program that constructs three-dimensional models of work derived from a Computer Aided Design (CAD) drawing. With the use.
Mohammed Rizwan Adil, Chidambaram Alagappan., and Swathi Dumpala Basaveswara.

Mohammed Rizwan Adil, Chidambaram Alagappan., and Swathi Dumpala Basaveswara.
Manufacturing Engineering Department Lecture 9 – Automated Inspection

Manufacturing Engineering Department Lecture 9 – Automated Inspection
MPEG MPEG-VideoThis deals with the compression of video signals to about 1.5 Mbits/s; MPEG-AudioThis deals with the compression of digital audio signals.

MPEG MPEG-VideoThis deals with the compression of video signals to about 1.5 Mbits/s; MPEG-AudioThis deals with the compression of digital audio signals.
Audio Compression Usha Sree CMSC 691M 10/12/04. Motivation Efficient Storage Streaming Interactive Multimedia Applications.

Audio Compression Usha Sree CMSC 691M 10/12/04. Motivation Efficient Storage Streaming Interactive Multimedia Applications.
TEMPLATE DESIGN © 2008 www.PosterPresentations.com Detecting User Activities Using the Accelerometer on Android Smartphones Sauvik Das, Supervisor: Adrian.

TEMPLATE DESIGN © Detecting User Activities Using the Accelerometer on Android Smartphones Sauvik Das, Supervisor: Adrian.
AUTOMATED INSPECTION (Part 2).

AUTOMATED INSPECTION (Part 2).
Design for Engineering Unit 6- Research and Development Rapid Prototyping Systems.

Design for Engineering Unit 6- Research and Development Rapid Prototyping Systems.
LASER AND ADVANCES IN METROLOGY

LASER AND ADVANCES IN METROLOGY
Time Series Data Analysis - I Yaji Sripada. Dept. of Computing Science, University of Aberdeen2 In this lecture you learn What are Time Series? How to.

Time Series Data Analysis - I Yaji Sripada. Dept. of Computing Science, University of Aberdeen2 In this lecture you learn What are Time Series? How to.
What in the SAMCRO Is 3D Printing?.

What in the SAMCRO Is 3D Printing?.
September 23, 2014Computer Vision Lecture 5: Binary Image Processing 1 Binary Images Binary images are grayscale images with only two possible levels of.

September 23, 2014Computer Vision Lecture 5: Binary Image Processing 1 Binary Images Binary images are grayscale images with only two possible levels of.
8. 1 MPEG MPEG is Moving Picture Experts Group On 1992 MPEG-1 was the standard, but was replaced only a year after by MPEG-2. Nowadays, MPEG-2 is gradually.

8. 1 MPEG MPEG is Moving Picture Experts Group On 1992 MPEG-1 was the standard, but was replaced only a year after by MPEG-2. Nowadays, MPEG-2 is gradually.
Part I: Image Transforms DIGITAL IMAGE PROCESSING.

Part I: Image Transforms DIGITAL IMAGE PROCESSING.
7 elements of remote sensing process 1.Energy Source (A) 2.Radiation & Atmosphere (B) 3.Interaction with Targets (C) 4.Recording of Energy by Sensor (D)

7 elements of remote sensing process 1.Energy Source (A) 2.Radiation & Atmosphere (B) 3.Interaction with Targets (C) 4.Recording of Energy by Sensor (D)
Lecture 3 The Digital Image – Part I - Single Channel Data 12 September 2007 1.

Lecture 3 The Digital Image – Part I - Single Channel Data 12 September

Similar presentations

Ads by Google