Embedded Systems Security & Implementation in Atm (1)
-
Upload
krishnaraja86 -
Category
Documents
-
view
1.096 -
download
2
Transcript of Embedded Systems Security & Implementation in Atm (1)
EMBEDDED SYSTEMS SECURITY ANDIMPLEMENTATION IN ATM
ANGEL COLLEGE OF ENGINEERING AND TECHNOLOGY TIRUPUR
PAPER PARESENTED BY:
M.KARTHICK, M.MANOJ KUMAR,
FINAL YEAR, FINAL YEAR,
ECE DEPARTMENT ECE DEPARTMENT
EMAIL:
ABSTRACT:
In the modern world , the
Embedded system plays a vital role in
the electronic component manufacturing
purposes, such as Video games,
Wearable computer, multiple levels of
wireless networking, media caching,
Mobile phones. It also reached a peak on
its application in ATM. Generally
today’s people are filled with a lot of
tensions, appointments, etc. So it is a
tough job to keep the ATM cards more
securely, if there is a card theft.
Shoulder surfing, Fake PIN pad overlay,
PIN interception are the ways by which
PIN number is captured. In the following
topics we see about the frauds and
attacks in ATM and ways to prevent it.
INTRODUCTION:
Embedded system is a
special purpose computer system, which
is completely encapsulated by the device
it controls. It is a computer controlled
system. The core of any embedded
system is a microprocessor, programmed
to perform a few tasks. The first modern
embedded system was the Apollo
Guidance Computer, developed by
Charles Stark Draper at the MIT
Instrumentation Laboratory.
EMBEDDED OPERATING SYSTEM
Real-time operating systems
(RTOS) like VxWorks, C Executive and
RTX are used, but systems that provide
more power to their users require a more
powerful embedded operating system
such as Microsoft Windows NT
embedded, Windows CE, Embedded
linux, chorus and Palm operating
system.
EMBEDDED SOFTWARE
The programs on an
embedded system must run with real-
time constraints with limited hardware
resources: often, there is no disk drive,
operating system, keyboard or screen. A
flash drive may replace the rotating
media, and a small keypad and LCD
screen may be used in place of a PC’s
keyboard and screen. The firmware is
the software embedded in hardware
devices, e.g. ROM/Flash memory chips.
DANGER IS CLOSER HOME
Many embedded systems
interact with the real world. This
proximity can lead to serious
consequences like property damage,
personal injury and even death if an
embedded system is tampered or
exploited. Embedded systems have no
real system administrator hence there is
nobody to ensure that only strong
passwords are used, so anyone can
attack the system.
TAXONOMY OF ATTACKS
This shows a broad classification of
attacks on Embedded system
* Based on the
functional objectives attacks.
*Based on agents or
means used.
SECURITY REQUIREMENTS
Embedded System
architectures need to be flexible
enough to support the rapid
evolution of security mechanisms
and standards. Secure storage
involves securing information in
the embedded system’s storage
devices, external or internal to the
system.
SECURING AGAINST SOFTWARE
ATTACKS
These attacks are
implemented through agents such as
viruses,worms and Trojan horses,
and can compromise the security of a
system from all standpoints-integrity,
privacy and availability.
Malicious software agents
mount software attacks by either
vulnerabilities or exposures.
Vulnerability allows the attacker to
gain direct access to the end system,
while an exposure, is where the
attacker may indirectly exploit to
gain access.
Debugging is especially difficult in
the embedded world.
The above figure shows the
various software security practices
applied in software design life cycle
(SDLC). Memory devices are the
favourite targets for internal attacks
because they hold both the product’s
firmware and sensitive data.
Several vendors offer secure
memory devices to protect internal data.
For e.g, as shown below the Dallas
semiconductor provides 1128 bits of 5V
EEPROM partitioned into 4 pages of
256 bits, a 64-bit write-only secret, and
as many as 5 general-purpose read/write
registers.
SOFTWAR
E SECURITY STANDARDS
In an effort to establish
standards for system security, USA,
Canada and several European nations
created the Common Criteria for
Information Technology Security
Evaluation e.g., Evaluation-assurance
levels(EAL’s) and Multiple Independent
Levels of Security(MILS).Green Hills
Software, Linux Works and Wind River
Software are vendors working on MILS-
complaint RTOS for military and
defence systems.
SECURING AGAINST HARDWARE
ATTACKS
The design of a secure
product enclosure is crucial to prevent
attackers from gaining access to the
internal circuitry. Opening a product is
as simple as loosening a few screws or
prying open the side with tools.
TAMPER MECHANISMS
It is to prevent any attempt
by an attacker to perform an
unauthorized electronic action against
the device. Tamper mechanisms are
divided into four groups: Prevention,
evidence, detection and
response/recovery.
TAMPER PREVENTION
It include physical protection
mechanisms(hardened steel enclosures,
locks, encapsulation or security
screws),hardware design(e.g., circuit
implementations whose timing and
power characteristics are data
independent). A benefit is that physical
changes can be visually observed.
TAMPER DETECTION
It enables the hardware device to
be aware of tampering. The elapsed time
interval between the launch of an attack
and its detection needs to be kept as low
as possible. This mechanism typically
fall into one of the following three
groups:
Switches and pressure contacts to
detect the opening.
Radiation sensors for x-rays used
for seeing what is inside of a
sealed device, and ion beams
used for advanced attacks to
focus on specific electrical gates
within an IC.
Circuitry such as Nichrome wire
and fibre optics wrapped around
critical circuitry or specific
components on the board.
TAMPER RECOVERY/RESPONSE
It refers to techniques used to
ensure that the attack is countered,and
that the system returns to secure
operation. RSA Security’s SecurID is
one of the most popular two-stage
authentication systems and many
organization use it for identifying remote
users.
IMPLEMENTING COUNTER
MEASURES
The TrustZone
security technology from ARM is an
good example of how countermeasures
against software attacks are implemented
for an embedded system-on-chip.It
offers a more secure solution from a
trusted environment that provides a safe
initialization to the secure world, with
benefits that include:
Easier to certify software
applications.
Implementation of flexible
system-wide security,
without constraints.
Basis for consistent OS
support – a step towards CPU
security standardization and
all the economies of scales
that bring to the industry.
Software compatibility
between different TrustZone-
enabled SoCs.
Lower cost in terms of added
hardware and software.
Minimum impact on system
performance
ATM FRAUD AND SECURITY
INTRODUCTION
In recent years there has been a
proliferation of ATM frauds across the
globe. Managing the risk associated with
ATM fraud as well as diminishing its
impact are important issues that face
financial institutions as fraud techniques
have become more advanced with
increased occurrences. Recent
occurrences of ATM fraud range from
techniques such as shoulder surfing and
card skimming to highly advanced
techniques involving software tampering
and/or hardware modifications to divert,
or trap the dispensed currency.
GENERAL PRACTICES TO DETER
FRAUD
* Video Surveillance
* Awareness and Consumer
Education
* Remote Monitoring
ATM FRAUD TECHNIQUES AND
ITS PREVENTION
The different
techniques and methodologies of known
ATM fraud attempts on a global scale
and investigates recommended
approaches to prevent or deter these
types of fraud.
Card Theft
To obtain actual cards, criminals
have used a variety of card trapping
devices comprised of slim mechanical
devices, often encased in a plastic
transparent film, inserted into the card
reader throat. Hooks are attached to the
probes preventing the card from being
returned to the consumer at the end of
the transaction.
Preventing Card Theft
Card readers with the
capability to detect if the shutter is
closed completely can provide an
indication that a fishing device may have
been inserted into the card reader. By
using remote diagnostics to monitor the
ATM, error codes generated by the card
reader can be tracked. An increase in the
occurrence of error codes related to
cards readers could be an indication that
a fraud attempt is in progress.
Skimming Devices
Skimming is the most
frequently used method of illegally
obtaining card track data. “Skimmers”
are devices used by criminals to capture
the data stored in the magnetic strip of
the card. Reading and deciphering the
information on the magnetic stripes of
the card can be accomplished through
the application of small card readers in
close proximity to, or on top of, the
actual card reader input slot, so it is able
to read and record the information stored
on the magnetic track of the card.
The device is then removed,
allowing the downloading of the
recorded data. Skimming devices can be
smaller than a deck of cards and read the
magnetized strips on bankcards the way
credit card scanners or ATMs read card
information.They can capture and retain
the information from more than 200
cards, including account numbers,
balances and verification codes.
Prevent Skimming
The following “anti-
skimming” solutions can be introduced:
• Controlling the speed of the movement
of the card or intentional erratic
movement of the card during card
insertion and return by the motorized
card reader will confuse most skimming
devices and make it impossible for the
card information to be read accurately.
• Installing an auto alert system to
monitor the routine patterns of
withdrawals to help determine fraudulent
withdrawals.
• Migration towards chip cards and chip
card readers is less susceptible to
skimming
PIN Security
The PIN is one of the most important
elements needed to steal the identity of
an ATM user. The following techniques
may be used to capture the PIN number.
• Shoulder Surfing (Direct Observation
as the consumers enter their PIN
number)
• Fake PIN Pad Overlay
• PIN Interception
Shoulder Surfing
Shoulder Surfing is the act of
direct observation, watching what
number that person taps onto the keypad.
Sometimes miniature video cameras are
installed discretely on the fascia or
somewhere close to the PIN Pad, to
record the PIN entry information.
Preventing Shoulder Surfing
In addition to camera
surveillance, a mirror can be affixed to
the fascia of the ATM that would allow
users to easily see behind them as they
enter their information. The ergonomic
design of the ATM plays an important
part in preventing shoulder surfing as the
positioning of the keyboard, centered
directly below the monitor, allows for
the body to naturally cover the area of
pin entry.
Utilizing a Fake PIN Pad Overlay
A fake PIN pad is placed over
the original Keypad.This overlay
captures the PIN data and stores the
information into its memory. Hackers
may also attach a portable monitor and
card reader on top of the actual ATMs
monitor and card reader to obtain the
card and PIN information.
Preventing Fake PIN Pad Overlay
Educating ATM users to
be aware of abnormalities i.e., A
warning that there might be a PIN pad
overlay is no ***** asterisk appear on
the screen when the PIN is entered.
Utilizing ATM monitoring software
/services would enable notifications to
be sent to the network if there are
repetitive occurrences of a “time out
message” during PIN entry. These
messages could signify that a card has
been inserted into the ATM, but the
transaction has timed out because no
data has been entered and the card
returned, due to the pin pad overlay that
has received the PIN entry information.
PIN Interception
After the PIN is entered, the
information is captured in electronic
format through an electronic data
recorder. Capturing the PIN can be done
either inside the terminal, or as the PIN
is transmitted to the host computer for
the on-line PIN check. In order to
capture the PIN internally, the criminal
would require access to the
communication cable of the PIN pad
inside the terminal, which can more
easily be done, at off- premise locations.
Preventing PIN Interception
MasterCard and VISA are
requiring new PIN pad security
enhancements for ATMs that tie into
their network. In order to decrease PIN
theft fraud, they are now requiring an
encrypted PIN Pad in place of the
keypad. The EPP is a sealed module that
immediately encrypts the PIN entry so
that no “raw” PIN numbers are
accessible to electronic Hackers. In
regards to on-line communication, the
newly instituted Triple DES standard
strengthens the encryption algorithm.
Locks and Closing Devices
Mechanical Locks
Mechanical locks allow the
opening of the safe door only through
the combination of different keys,
whereby each key is in the hands of a
different person.
Electronic Locks
Electronic locks allow multiple
combinations, each assigned to a
different ATM maintenance facilitator,
or different passwords for the operator,
supervisor and conveyor. Some
electronic locks feature intelligence, i.e.:
allowing the opening of the safe only
during the specific time periods that
have been pre-programmed.
Alarms and Sensors
Alarms are intended to:
• Detect the open/closed state of the safe
door (also of the electronic cabinet of the
ATM).
• Monitor different parameters that can
be indicative of a robbery attempt.
• Report the status remotely to a
monitoring center.
Sensors
The list of the most common Sensors:
Type Alert Activity
Temperature Piercing with torch
Tilting Detachment of the
safe
Vibration Piercing with tools
(drilling,cutting),
wedging
A smoke pump was instituted in Brazil
to release smoke when an ATM was
violated by a physical attack, like
vibration or tilting. The sensor that
released the smoke also sends
notification to the monitoring center.
CONCLUSION
Thus the paper presents
what are the security requirements of
embedded system and ways to secure
from the attacks. The task of securing
the ATM in future lies at the hands of
the engineer at each level with a
desirable manner. Although historically,
various security issues have been
investigated in the context of
cryptography, network security and
computer security, the challenges
imposed by the process of securing
emerging environments or networks of
embedded systems compel us to take a
fresh look at the problem.