Spelling suggestions: "subject:"hardware attacks"" "subject:"hardware ttacks""
1 |
Systematic Analysis and Methodologies for Hardware SecurityMoein, Samer 18 December 2015 (has links)
With the increase in globalization of Integrated Circuit (IC) design and production,
hardware trojans have become a serious threat to manufacturers as well as
consumers. These trojans could be intensionally or accidentally embedded in ICs to
make a system vulnerable to hardware attacks. The implementation of critical applications
using ICs makes the effect of trojans an even more serious problem. Moreover,
the presence of untrusted foundries and designs cannot be eliminated since the need
for ICs is growing exponentially and the use of third party software tools to design
the circuits is now common. In addition if a trusted foundry for fabrication has to
be developed, it involves a huge investment. Therefore, hardware trojan detection
techniques are essential. Very Large Scale Integration (VLSI) system designers must
now consider the security of a system against internal and external hardware attacks.
Many hardware attacks rely on system vulnerabilities. Moreover, an attacker may
rely on deprocessing and reverse engineering to study the internal structure of a system
to reveal the system functionality in order to steal secret keys or copy the system.
Thus hardware security is a major challenge for the hardware industry. Many hardware
attack mitigation techniques have been proposed to help system designers build
secure systems that can resist hardware attacks during the design stage, while others
protect the system against attacks during operation.
In this dissertation, the idea of quantifying hardware attacks, hardware trojans,
and hardware trojan detection techniques is introduced. We analyze and classify hardware
attacks into risk levels based on three dimensions Accessibility/Resources/Time
(ART). We propose a methodology and algorithms to aid the attacker/defender to
select/predict the hardware attacks that could use/threaten the system based on the
attacker/defender capabilities. Because many of these attacks depends on hardware
trojans embedded in the system, we propose a comprehensive hardware trojan classification based on hardware trojan attributes divided into eight categories. An adjacency
matrix is generated based on the internal relationship between the attributes
within a category and external relationship between attributes in different categories.
We propose a methodology to generate a trojan life-cycle based on attributes determined
by an attacker/defender to build/investigate a trojan. Trojan identification
and severity are studied to provide a systematic way to compare trojans. Trojan
detection identification and coverage is also studied to provide a systematic way to
compare detection techniques and measure their e effectiveness related to trojan severity.
We classify hardware attack mitigation techniques based on the hardware attack
risk levels. Finally, we match these techniques to the attacks the could countermeasure
to help defenders select appropriate techniques to protect their systems against
potential hardware attacks. / Graduate / 0544 / 0984 / samerm@uvic.ca
|
2 |
High Speed Clock GlitchingDesiraju, Santosh 18 February 2015 (has links)
No description available.
|
3 |
Etude d'attaques matérielles et combinées sur les "System-on-chip" / Hardware and combined attacks on the "System-on-Chip"Majéric, Fabien 30 November 2018 (has links)
L'intérêt de la communauté de la sécurité numérique dans le domaine des Systems on Chip (SoC) s'est essentiellement focalisé sur les menaces logicielles, améliorant sans cesse le niveau de protection. Cependant, l'exploitation de ce vecteur d'attaque devenant de plus en plus difficile, il est fort probable que les attaques matérielles se multiplient. Par conséquent, il est primordial d'étudier ces dernières afin d'anticiper la menace qu'elles représentent. La sophistication de l'architecture et la rapidité d'évolution des technologies embarquées dans les SoC, justifient la mise en place d'une méthodologie adaptée pour évaluer efficacement leur niveau de sécurité. C'est dans ce contexte que cette thèse propose l'étude de cette catégorie d'attaques ainsi qu'un aperçu de leur impact sur la sécurité de ce type de systèmes. Alors que les architectures élaborées accroissent la difficulté de mise en place d'attaques physiques, elles augmentent également la surface d'attaque. Une première étude analyse les chemins d'attaques afin de déterminer les grandeurs physiques exploitables les plus pertinentes. Cette étape conduit, dans un deuxième temps, à l'élaboration de règles génériques pour l'évaluation sécuritaire des SoC présents sur le marché. Celles-ci combinent diverses techniques déjà utilisées dans le domaine de la carte à puce. L'ensemble de ce travail s'appuie sur plusieurs divers modules caractéristiques de la sécurité des SoC actuels. Tous les résultats soulignent que la complexité inhérente aux SoC n'est pas suffisante pour les protéger contre les attaques matérielles et l'implémentation des sécurités dans ces systèmes doit se faire sans se reposer sur cette propriété. / In the field of System on Chip (SoC), the digital security community has mainly focused on software threats; constantly working to improve the level of protection. Since the exploitation of this attack vector is becoming more and more difficult, it is most likely that the number of hardware attacks will increase. Therefore, it is essential to study these attacks in order to anticipate the threat they represent. The sophisticated architecture and the rapidly changing technologies embedded in the SoC justify the implementation of an adapted methodology, to effectively evaluate their level of security.In this context, this thesis examines the feasibility of this type of attacks and their impact on the security of these systems. While rich architectures increase the difficulty of setting up hardware attacks, they also increase the attack surface. Our study starts by analyzing the attack paths in order to determine the most relevant exploitable physical quantities. This has led to the development of a generic procedure for the security evaluation of SoCs on the market. This method combines various techniques that are already applied to smart cards. This entire work is based on several case studies related to various embedded modules characteristic of the security in current systems-on-chips. All the observed results lead to the same observations: the inherent complexity of SoCs is not sufficient to protect them against hardware attacks. The implementation of security in these systems must be done without relying on this property.
|
Page generated in 0.0479 seconds