Trojan Detection in Hardware Designs

Raju, Akhilesh

January 2017

No description available.

Engineering

Trojan detection

Hardware Trojans

Model checking

A multi-layer approach to designing secure systems: from circuit to software

Zhou, Boyou

04 June 2019

In the last few years, security has become one of the key challenges in computing systems. Failures in the secure operations of these systems have led to massive information leaks and cyber-attacks. Case in point, the identity leaks from Equifax in 2016, Spectre and Meltdown attacks to Intel and AMD processors in 2017, Cyber-attacks on Facebook in 2018. These recent attacks have shown that the intruders attack different layers of the systems, from low-level hardware to software as a service(SaaS). To protect the systems, the defense mechanisms should confront the attacks in the different layers of the systems. In this work, we propose four security mechanisms for computing systems: (i ) using backside imaging to detect Hardware Trojans (HTs) in Application Specific Integrated Circuits (ASICs) chips, (ii ) developing energy-efficient reconfigurable cryptographic engines, (iii) examining the feasibility of malware detection using Hardware Performance Counters (HPC). Most of the threat models assume that the root of trust is the hardware running beneath the software stack. However, attackers can insert malicious hardware blocks, i.e. HTs, into the Integrated Circuits (ICs) that provide back-doors to the attackers or leak confidential information. HTs inserted during fabrication are extremely hard to detect since their overheads in performance and power are below the variations in the performance and power caused by manufacturing. In our work, we have developed an optical method that identifies modified or replaced gates in the ICs. We use the near-infrared light to image the ICs because silicon is transparent to near-infrared light and metal reflects infrared light. We leverage the near-infrared imaging to identify the locations of each gate, based on the signatures of metal structures reflected by the lowest metal layer. By comparing the imaged results to the pre-fabrication design, we can identify any modifications, shifts or replacements in the circuits to detect HTs. With the trust of the silicon, the computing system must use secure communication channels for its applications. The low-energy cost devices, such as the Internet of Things (IoT), leverage strong cryptographic algorithms (e.g. AES, RSA, and SHA) during communications. The cryptographic operations cause the IoT devices a significant amount of power. As a result, the power budget limits their applications. To mitigate the high power consumption, modern processors embed these cryptographic operations into hardware primitives. This also improves system performance. The hardware unit embedded into the processor provides high energy-efficiency, low energy cost. However, hardware implementations limit flexibility. The longevity of theIoTs can exceed the lifetime of the cryptographic algorithms. The replacement of the IoT devices is costly and sometimes prohibitive, e.g., monitors in nuclear reactors.In order to reconfigure cryptographic algorithms into hardware, we have developed a system with a reconfigurable encryption engine on the Zedboard platform. The hardware implementation of the engine ensures fast, energy-efficient cryptographic operations. With reliable hardware and secure communication channels in place, the computing systems should detect any malicious behaviors in the processes. We have explored the use of the Hardware Performance Counters (HPCs) in malware detection. HPCs are hardware units that count micro-architectural events, such as cache hits/misses and floating point operations. Anti-virus software is commonly used to detect malware but it also introduces performance overhead. To reduce anti-virus performance overhead, many researchers propose to use HPCs with machine learning models in malware detection. However, it is counter-intuitive that the high-level program behaviors can manifest themselves in low-level statics. We perform experiments using 2 ∼ 3 × larger program counts than the previous works and perform a rigorous analysis to determine whether HPCs can be used to detect malware. Our results show that the False Discovery Rate of malware detection can reach 20%. If we deploy this detection system on a fresh installed Windows 7 systems, among 1,323 binaries, 198 binaries would be flagged as malware.

Computer engineering

Cryptographic acceleration

Hardware Trojan detection

Malware detection

Security

Hardware Security and Side Channel Power Analysis for 16X16 Booth Multiplier in 65nm CMOS Technology

Vissamsetty, Kanchan

30 August 2021

No description available.

Electrical Engineering

hardware security

side channel

CMOS technology

Trojan detection

Hardware Trojan Detection in Sequential Logic Designs

Dharmadhikari, Pranav Hemant

January 2018

No description available.

Computer Engineering

Hardware Trojans

Trojan Detection

Model Checking

Sequential Trojan

Trojan Circuit Simulation and Evaluation

Lafrenz, Nicholas K.

17 May 2010

No description available.

Computer Science

Electrical Engineering

Trojan detection

Trojan simulation

circuit simulation

Systematic Analysis and Methodologies for Hardware Security

Moein, Samer

18 December 2015

With the increase in globalization of Integrated Circuit (IC) design and production, hardware trojans have become a serious threat to manufacturers as well as consumers. These trojans could be intensionally or accidentally embedded in ICs to make a system vulnerable to hardware attacks. The implementation of critical applications using ICs makes the effect of trojans an even more serious problem. Moreover, the presence of untrusted foundries and designs cannot be eliminated since the need for ICs is growing exponentially and the use of third party software tools to design the circuits is now common. In addition if a trusted foundry for fabrication has to be developed, it involves a huge investment. Therefore, hardware trojan detection techniques are essential. Very Large Scale Integration (VLSI) system designers must now consider the security of a system against internal and external hardware attacks. Many hardware attacks rely on system vulnerabilities. Moreover, an attacker may rely on deprocessing and reverse engineering to study the internal structure of a system to reveal the system functionality in order to steal secret keys or copy the system. Thus hardware security is a major challenge for the hardware industry. Many hardware attack mitigation techniques have been proposed to help system designers build secure systems that can resist hardware attacks during the design stage, while others protect the system against attacks during operation. In this dissertation, the idea of quantifying hardware attacks, hardware trojans, and hardware trojan detection techniques is introduced. We analyze and classify hardware attacks into risk levels based on three dimensions Accessibility/Resources/Time (ART). We propose a methodology and algorithms to aid the attacker/defender to select/predict the hardware attacks that could use/threaten the system based on the attacker/defender capabilities. Because many of these attacks depends on hardware trojans embedded in the system, we propose a comprehensive hardware trojan classification based on hardware trojan attributes divided into eight categories. An adjacency matrix is generated based on the internal relationship between the attributes within a category and external relationship between attributes in different categories. We propose a methodology to generate a trojan life-cycle based on attributes determined by an attacker/defender to build/investigate a trojan. Trojan identification and severity are studied to provide a systematic way to compare trojans. Trojan detection identification and coverage is also studied to provide a systematic way to compare detection techniques and measure their e effectiveness related to trojan severity. We classify hardware attack mitigation techniques based on the hardware attack risk levels. Finally, we match these techniques to the attacks the could countermeasure to help defenders select appropriate techniques to protect their systems against potential hardware attacks. / Graduate / 0544 / 0984 / samerm@uvic.ca

Hardware Attack Mitigation

Hardware Attacks

Hardware Security

Hardware Trojan Detection

Hardware Trojans

3D-ART Schema

Anti-Counterfeit and Anti-Tamper Hardware Implementation using Hardware Obfuscation

Desai, Avinash R.

06 September 2013

Tampering and Reverse Engineering of a chip to extract the hardware Intellectual Property (IP) core or to inject malicious alterations is a major concern. First, offshore chip manufacturing allows the design secrets of the IP cores to be transparent to the foundry and other entities along the production chain. Second, small malicious modifications to the design may not be detectable after fabrication without anti-tamper mechanisms. Counterfeit Integrated Circuits (ICs) also have become an important security issue in recent years, in which counterfeit ICs that perform incorrectly or sub-par to the expected can lead to catastrophic consequences in safety and/or mission-critical applications, in addition to the tremendous economic toll they incur to the semiconductor industry. Some techniques have been developed in the past to improve the defense against such attacks but they tend to fall prey to the increasing power of the attacker. We present a new way to protect against tampering by a clever obfuscation of the design, which can be unlocked with a specific, dynamic path traversal. Hence, the functional mode of the controller is hidden with the help of obfuscated states, and the functional mode is made operational only on the formation of a specific interlocked Code-Word during state transition. A novel time-stamp is proposed that can provide the date at which the IC was manufactured for counterfeit detection. Furthermore, we propose a second layer of tamper resistance to the time-stamp circuit to make it even more difficult to modify. Results show that methods proposed offer higher levels of security with small area overhead. A side benefit is that any small alteration will be magnified via the obfuscated design proposed in these methods. / Master of Science

Anti-Counterfeit

Anti-Tamper

Trojan Detection Integrated Circuits

Seal

Time-Stamp

Accelerating Reverse Engineering Image Processing Using FPGA

Harris, Matthew Joshua

10 May 2019

No description available.

Computer Engineering

FPGA

OpenCV

Image Stitching

image matching

reverse engineering

multimodal matching

hardware Trojans

hardware Trojan detection

integrated circuit

Detecting Unauthorized Activity in Lightweight IoT Devices

January 2020

abstract: The manufacturing process for electronic systems involves many players, from chip/board design and fabrication to firmware design and installation. In today's global supply chain, any of these steps are prone to interference from rogue players, creating a security risk. Manufactured devices need to be verified to perform only their intended operations since it is not economically feasible to control the supply chain and use only trusted facilities. It is becoming increasingly necessary to trust but verify the received devices both at production and in the field. Unauthorized hardware or firmware modifications, known as Trojans, can steal information, drain the battery, or damage battery-driven embedded systems and lightweight Internet of Things (IoT) devices. Since Trojans may be triggered in the field at an unknown instance, it is essential to detect their presence at run-time. However, it isn't easy to run sophisticated detection algorithms on these devices due to limited computational power and energy, and in some cases, lack of accessibility. Since finding a trusted sample is infeasible in general, the proposed technique is based on self-referencing to remove any effect of environmental or device-to-device variations in the frequency domain. In particular, the self-referencing is achieved by exploiting the band-limited nature of Trojan activity using signal detection theory. When the device enters the test mode, a predefined test application is run on the device repetitively for a known period. The periodicity ensures that the spectral electromagnetic power of the test application concentrates at known frequencies, leaving the remaining frequencies within the operating bandwidth at the noise level. Any deviations from the noise level for these unoccupied frequency locations indicate the presence of unknown (unauthorized) activity. Hence, the malicious activity can differentiate without using a golden reference or any knowledge of the Trojan activity attributes. The proposed technique's effectiveness is demonstrated through experiments with collecting and processing side-channel signals, such as involuntarily electromagnetic emissions and power consumption, of a wearable electronics prototype and commercial system-on-chip under a variety of practical scenarios. / Dissertation/Thesis / Doctoral Dissertation Electrical Engineering 2020

Electrical engineering

Computer engineering

Engineering

Flexible Electronic Security

Hardware/Firmware Trojan Detection

IoT Security

Malicious Activity Detection

Side-Channel Analysis

Wearable Electronic Device Security

Image Stitching and Matching Tool in the Automated Iterative Reverse Engineer (AIRE) Integrated Circuit Analysis Suite

Bowman, David C.

24 August 2018

No description available.

Computer Engineering

Electrical Engineering

image processing

image stitching

image matching

reverse engineering

multimodal matching

hardware Trojans

hardware Trojan detection

integrated circuit