ThermWare: Toward Side-channel Defense for Tiny IoT Devices

Thumbnail Image


Garg, N et al.pdf (4.96 MB)
No. of downloads: 2

Publication or External Link





Nakul Garg, Irtaza Shahid, Erin Avllazagaj, Jennie Hill, Jun Han† , Nirupam Roy. 2023. ThermWare: Toward Side-channel Defense for Tiny IoT Devices. In The 24th International Workshop on Mobile Computing Systems and Applications (HotMobile ’23), February 22–23, 2023, Newport Beach, CA, USA. ACM, New York, NY, USA, 8 pages.


As malware in IoT devices !ourishes, defenses are lacking. Traditional antivirus or intrusion detection-based defense techniques fail for the limited computational capabilities and the large diversity of platforms and environments. In this paper, we present ThermWare, a non-intrusive screening method to detect anomalous operations on embedded devices at run-time. ThermWare relies on the observation that electronic circuits generate subtle patterns of heat at the component level when the corresponding module is accessed by the micro-operations (e.g., file-write) of the running code. We propose the use of these side-channel heat signatures captured by a thermal camera to determine the sequence of underlying computations in real time. An early implementation of ThermWare shows success in detecting common malware routines in general-purpose IoT devices. We envision leveraging the thermal side-channel to track the internal operations of an embedded device, which can potentially lead to broader applications in engineering embedded systems, monitoring device health and run-time capacity, assisting embedded coding optimization, and physical layer security analysis.