Database Forensics in the Service of Information Accountability

Pavlou, Kyriacos

04 November 2011

Poster won first place in the graduate division of Physical Sciences, Mathematics, Computer Engineering and Computer Science at GPSC Student Showcase 2011. / Regulations and societal expectations have recently expressed the need to mediate access to valuable databases, even by insiders. At one end of the spectrum is the approach of restricting access to information and on the other that of information accountability. The focus of the proposed work is effecting information accountability of data stored in databases. One way to ensure appropriate use and thus end-to-end accountability of such information is tamper detection in databases via a continuous assurance technology based on cryptographic hashing. In our current research we are working to show how to develop the necessary approaches and ideas to support accountability in high performance databases. This will include the design of a reference architecture for information accountability and several of its variants, the development of forensic analysis algorithms and their cost model, and a systematic formulation of forensic analysis for determining when the tampering occurred and what data were tampered with. Finally, for privacy, we would like to create mechanisms for allowing as well as (temporarily) preventing the physical deletion of records in a monitored database. In order to evaluate our ideas we will design and implement an integrated tamper detection and forensic analysis system. This work will show that information accountability is a viable alternative to information restriction for ensuring the correct storage, use, and maintenance of databases.

information accountability

security

database tamper detection

database forensics

Security of Non-Volatile Memories - Attack Models, Analyses, and Counter-Measures

Jang, Jae-Won

01 January 2015

The unprecedented demand for performance in the latest technologies will ultimately require changes in the way we design cache. Emerging high density embedded memories such as Spin-Transfer Torque Random Access Memory (STTRAM) have emerged as a possible candidate for universal memory due to its high speed, low power, non-volatility, and low cost. Although attractive, STTRAM is susceptible to contactless tampering through malicious exposure to magnetic field with the intention to steal or modify the bitcell content. In this thesis, we explore various attack techniques on STTRAM and then propose a novel array-based sensor to detect the polarity and magnitude of such attacks and then propose two design techniques to mitigate the attack. With our research, we have been able to successfully implement and accurately detect an attack while providing sufficient compensation window (few ns to ~100 us) to enable proactive protection measures. Finally, we show that variable-strength ECC can adapt correction capability to tolerate failures with various strength of an attack.

Contactless Tampering

On-Chip Tamper Mitigation

Replica

Variable ECC

Computer Engineering

Ceramic Materials for Administration of Potent Drugs

Cai, Bing

January 2015

This thesis aimed to investigate and document the potential of applying ceramics in two specific drug delivery applications: tamper-resistant opioid formulations and transdermal enhancement protrusions. Geopolymers were developed into the matrix for a tamper-resistant formulation, aiming to protect drug substances from non-medical abuse. The synthesis conditions and excipients composition of the geopolymer-based formulation were modified in this work to facilitate a stable and extended drug delivery. Results showed that 37ºC 100% humidity for 48 hours were applicable conditions to obtain geopolymer with suitable mechanical strength and porosity. Moreover, it was found that the integration of poly(methyl acrylate) into the geopolymer-based formulation could reduce the drug release at low pH and, meanwhile, maintain the mechanical strength. Therefore, the geopolymer-based drug formulations concluded from these studies were applied in oral and transdermal delivery systems. Evidence of the tamper-resistance of geopolymer-based oral and transdermal formulations was documented and compared to the corresponding commercial opioid formulations. The results provided experimental support for the positive effects of geopolymers as drug carriers for the tamper-resistance of oral and transdermal delivery systems. Self-setting bioceramics, calcium phosphate and calcium sulfate were fabricated into transdermal enhancement protrusions in this work for the first time. Results showed that, under mild conditions, both bioceramics could form pyramid-shaped needles in the micron size. The drug release from these needles could be controlled by the bulk surface area, porosity and degradation of the bioceramics. An in vitro insertion test showed that the bioceramic microneedles had enough mechanical strength to insert into skin. Further optimization on the geometry of needles and the substrate material was also performed. The higher aspect-ratio needles with a flexible and self-swellable substrate could release most of the drug content within 4 hours and could penetrate through the stratum corneum by manual insertion. This study explored the potential application of bioceramics in transdermal enhancement protrusions and showed promising indication of their future developments.

Tamper-resistance

Oral formulation

Transdermal formulation

Biomaterials

Microneedles

Digital image watermarking methods for copyright protection and authentication

Woo, Chaw-Seng

January 2007

The ease of digital media modification and dissemination necessitates content protection beyond encryption. Information hidden as digital watermarks in multimedia enables protection mechanism in decrypted contents. The aims of this research are three-fold: (i) to investigate the strength and limitations of current watermarking schemes, (ii) to design and develop new schemes to overcome the limitations, and (iii) to evaluate the new schemes using application scenarios of copyright protection, tamper detection and authentication. We focus on geometrically robust watermarking and semi-fragile watermarking for digital images. Additionally, hybrid schemes that combine the strength of both robust and semi-fragile watermarks are studied. Robust watermarks are well suited for copyright protection because they stay intact with the image under various manipulations. We investigated two major approaches of robust watermarking. In the synchronization approach, we employed motion estimation for watermark resynchronization. We also developed a novel watermark resynchronization method that has low computational cost using scale normalization and flowline curvature. In another approach, we firstly analyzed and improved a blind watermark detection method. The new method reduces significantly the computational cost of its watermark embedding. Secondly, we created a geometric invariant domain using a combination of transforms, and adapted the blind watermark detection method that we improved. It totally eliminates the need of resynchronization in watermark detection, which is a very desirable achievement that can hardly be found in existing schemes. On the other hand, semi-fragile watermarks are good at content authentication because they can differentiate minor image enhancements from major manipulations. New capabilities of semi-fragile watermarks are identified. Then, we developed a semi-fragile watermarking method in wavelet domain that offers content authentication and tamper localization. Unlike others, our scheme overcomes a major challenge called cropping attack and provides approximate content recovery without resorting to an original image. Hybrid schemes combine robust and semi-fragile watermarks to offer deductive information in digital media forensics. We firstly carried out a pilot study by combining robust and fragile watermarks. Then, we performed a comparative analysis on two implementation methods of a hybrid watermarking scheme. The first method has the robust watermark and the fragile watermark overlapped while the second method uses non-overlapping robust and fragile watermarks. Based on the results of the comparative analysis, we merge our geometric invariant domain with our semi-fragile watermark to produce a hybrid scheme. This hybrid scheme fulfilled the copyright protection, tamper detection, and content authentication objectives when evaluated in an investigation scenario.

digital watermark

image watermark

robust watermark

semi-fragile watermark

hybrid watermark

copyright protection

content authentication

tamper detection

tamper localization

self-embedding

self-authentication

self-recovery

Smart plombering och märkning / Smart seals and labels for tamper evidence applications

Lindén, Patricia

January 2006

<p>The background for this degree thesis is a need to replace the existing seal used to protect equipment containing secret or sensitive equipment used by Swedish Defence. The target design should satisfy both the need for tamper evidence and reduce Life Cycle Cost. In developing a new design for a seal, additional benefits such as improved logistics support and indication of attack methods such as heat and solvents have been considered.</p><p>The lack of guiding principles for end users of seals became evident during the interviews. Major concerns for the future are education of users, information about actions if a seal is broken and user liability.</p><p>The design work was divided into several phases. A feasibility study was performed including investigation of theory of labels, materials and possible technologies. The feasibility study also includes a requirement analysis based on interviews. This analysis was later used as a tool for evaluating different concepts.</p><p>Using the list of construction criteria and the morphologic matrix 27 different concepts where created. All of these concepts did not go further in the concept development but are described in the thesis as part of the result. Evaluation of methods for validation and verification was done to get a deeper understanding of material properties and facilitate the requirement process in future work.</p><p>The final result of the design process is two concepts. The first concept is based on 2D-barcode, thermocromic material and a double foil label in which the material at the bottom is brittle. The second concept contains active RFID protected by a brittle material and with clear guiding principles. Both concepts are suitable solutions. The reason for presenting two concepts is some remaining uncertainties with RFID technology used in the second concept.</p> / <p>Bakgrunden till examensarbetet är att plomberingen som försvaret använder idag för att skydda sina utrustningar mot intrång inte uppfyller försvarets krav. Den nuvarande konstruktionen är bl.a. tidskrävande och har en hög kostnad ur ett livscykelperspektiv.</p><p>Vid undersökning av problemet framkom även brister i de riktlinjer som finns runt plomberingen. Detta gäller framförallt utbildning och användarskyldigheter. Genom att utveckla en ny plombering för utrustningar i försvaret kommer eventuell hemlig information skyddas bättre.</p><p>För att systematiskt få fram bra koncept gjordes en omfattande förstudie. Förstudien innehåller utvärderingar av olika tekniker och material samt en teoridel om etiketter. I förstudien inkluderas även en behovsanalys som är baserad på intervjuer. Analysen användes sedan som hjälpmedel i de olika utvärderingarna i examensarbetet.</p><p>För att underlätta framtagningen av en kravställning vid upphandling har olika metoder för verifiering och validering utvärderats.</p><p>Genom konstruktionskriterielistan och den morfologiska matrisen skapades 27 koncept. Även om alla dessa koncept inte gick vidare till konceptutveckling bör de betraktas som en del av resultatet.</p><p>Resultatet av arbetet redovisas i två koncept. Det första konceptet bygger på 2D-streckkod, termokromfärg och dubbelt etikettmaterial varav det understa materialet är sprött. Det andra konceptet bygger på aktiv RFID med tydliga användarriktlinjer som är skyddat med sprött material.</p><p>Anledningen till att två koncept valdes som resultat beror på att båda visades vara lämpliga lösningar på problemet men även för att förberedda sig på eventuella osäkerheter runt RFID.</p>

Seal

label

tamper evident

RFID

Plombering

märkning

etikett

manipulation

RFID

Construction engineering

Konstruktionsteknik

Keeping Secrets in Hardware: the Microsoft Xbox(TM) Case Study

Huang, Andrew "bunnie"

26 May 2002

This paper discusses the hardware foundations of the cryptosystem employed by the Xbox(TM) video game console from Microsoft. A secret boot block overlay is buried within a system ASIC. This secret boot block decrypts and verifies portions of an external FLASH-type ROM. The presence of the secret boot block is camouflaged by a decoy boot block in the external ROM. The code contained within the secret boot block is transferred to the CPU in the clear over a set of high-speed busses where it can be extracted using simple custom hardware. The paper concludes with recommendations for improving the Xbox security system. One lesson of this study is that the use of a high-performance bus alone is not a sufficient security measure, given the advent of inexpensive, fast rapid prototyping services and high-performance FPGAs.

AI

Tamper-resistant hardware

Microsoft Xbox

Cryptography

Privacy

Public Key Algos

Smart plombering och märkning / Smart seals and labels for tamper evidence applications

Lindén, Patricia

January 2006

The background for this degree thesis is a need to replace the existing seal used to protect equipment containing secret or sensitive equipment used by Swedish Defence. The target design should satisfy both the need for tamper evidence and reduce Life Cycle Cost. In developing a new design for a seal, additional benefits such as improved logistics support and indication of attack methods such as heat and solvents have been considered. The lack of guiding principles for end users of seals became evident during the interviews. Major concerns for the future are education of users, information about actions if a seal is broken and user liability. The design work was divided into several phases. A feasibility study was performed including investigation of theory of labels, materials and possible technologies. The feasibility study also includes a requirement analysis based on interviews. This analysis was later used as a tool for evaluating different concepts. Using the list of construction criteria and the morphologic matrix 27 different concepts where created. All of these concepts did not go further in the concept development but are described in the thesis as part of the result. Evaluation of methods for validation and verification was done to get a deeper understanding of material properties and facilitate the requirement process in future work. The final result of the design process is two concepts. The first concept is based on 2D-barcode, thermocromic material and a double foil label in which the material at the bottom is brittle. The second concept contains active RFID protected by a brittle material and with clear guiding principles. Both concepts are suitable solutions. The reason for presenting two concepts is some remaining uncertainties with RFID technology used in the second concept. / Bakgrunden till examensarbetet är att plomberingen som försvaret använder idag för att skydda sina utrustningar mot intrång inte uppfyller försvarets krav. Den nuvarande konstruktionen är bl.a. tidskrävande och har en hög kostnad ur ett livscykelperspektiv. Vid undersökning av problemet framkom även brister i de riktlinjer som finns runt plomberingen. Detta gäller framförallt utbildning och användarskyldigheter. Genom att utveckla en ny plombering för utrustningar i försvaret kommer eventuell hemlig information skyddas bättre. För att systematiskt få fram bra koncept gjordes en omfattande förstudie. Förstudien innehåller utvärderingar av olika tekniker och material samt en teoridel om etiketter. I förstudien inkluderas även en behovsanalys som är baserad på intervjuer. Analysen användes sedan som hjälpmedel i de olika utvärderingarna i examensarbetet. För att underlätta framtagningen av en kravställning vid upphandling har olika metoder för verifiering och validering utvärderats. Genom konstruktionskriterielistan och den morfologiska matrisen skapades 27 koncept. Även om alla dessa koncept inte gick vidare till konceptutveckling bör de betraktas som en del av resultatet. Resultatet av arbetet redovisas i två koncept. Det första konceptet bygger på 2D-streckkod, termokromfärg och dubbelt etikettmaterial varav det understa materialet är sprött. Det andra konceptet bygger på aktiv RFID med tydliga användarriktlinjer som är skyddat med sprött material. Anledningen till att två koncept valdes som resultat beror på att båda visades vara lämpliga lösningar på problemet men även för att förberedda sig på eventuella osäkerheter runt RFID.

Seal

label

tamper evident

RFID

Plombering

märkning

etikett

manipulation

RFID

Construction engineering

Konstruktionsteknik

A user centric security model for tamper-resistant devices

Akram, Raja

January 2012

In this thesis, we propose a ubiquitous and interoperable device based on the smart card architecture to meet the challenges of privacy, trust, and security for traditional and emerging technologies like personal computers, smart phones and tablets. Such a device is referred as User Centric Tamper-Resistant Device (UCTD). To support the smart card architecture for the UCTD initiative, we propose the delegation of smart card ownership from a stringent centralised authority (i.e. the card issuer) to users. This delegation mandated the review of existing smart card mechanisms and their adequate modifications/improvements. Since the inception of smart card technology, the most prevalent ownership model in the smart card industry has been the Issuer Centric Smart Card Ownership Model (ICOM). The ICOM has no doubt played a pivotal role in the proliferation of the technology into various segments of modern life. However, it has been a barrier to the convergence of different services on a smart card. In addition, it might be considered as a hurdle to the adaption of smart card technology into a general-purpose security device. To avoid these issues, we propose citizen ownership of smart cards, referred as the User Centric Smart Card Ownership Model (UCOM). Contrary to the ICOM, it gives the power of decision to install or delete an application on a smart card to its user. The ownership of corresponding applications remains with their respective application providers along with the choice to lease their application to a card or not. In addition, based on the UCOM framework, we also proposed the Coopetitive Architecture for Smart Cards (CASC) that merges the centralised control of card issuers with the provision of application choice to the card user. In the core of the thesis, we analyse the suitability of the existing smart card architectures for the UCOM. This leads to the proposal of three major contributions spanning the smart card architecture, the application management framework, and the execution environment. Furthermore, we propose protocols for the application installation mechanism and the application sharing mechanism (i.e. smart card firewall). In addition to this, we propose a framework for backing-up, migrating, and restoring the smart card contents. Finally, we provide the test implementation results of the proposed protocols along with their performance measures. The protocols are then compared in terms of features and performance with existing smart cards and internet protocols. In order to provide a more detailed analysis of proposed protocols and for the sake of completeness, we performed mechanical formal analysis using the CasperFDR.

006.246

Anti-Counterfeit and Anti-Tamper Hardware Implementation using Hardware Obfuscation

Desai, Avinash R.

06 September 2013

Tampering and Reverse Engineering of a chip to extract the hardware Intellectual Property (IP) core or to inject malicious alterations is a major concern. First, offshore chip manufacturing allows the design secrets of the IP cores to be transparent to the foundry and other entities along the production chain. Second, small malicious modifications to the design may not be detectable after fabrication without anti-tamper mechanisms. Counterfeit Integrated Circuits (ICs) also have become an important security issue in recent years, in which counterfeit ICs that perform incorrectly or sub-par to the expected can lead to catastrophic consequences in safety and/or mission-critical applications, in addition to the tremendous economic toll they incur to the semiconductor industry. Some techniques have been developed in the past to improve the defense against such attacks but they tend to fall prey to the increasing power of the attacker. We present a new way to protect against tampering by a clever obfuscation of the design, which can be unlocked with a specific, dynamic path traversal. Hence, the functional mode of the controller is hidden with the help of obfuscated states, and the functional mode is made operational only on the formation of a specific interlocked Code-Word during state transition. A novel time-stamp is proposed that can provide the date at which the IC was manufactured for counterfeit detection. Furthermore, we propose a second layer of tamper resistance to the time-stamp circuit to make it even more difficult to modify. Results show that methods proposed offer higher levels of security with small area overhead. A side benefit is that any small alteration will be magnified via the obfuscated design proposed in these methods. / Master of Science

Anti-Counterfeit

Anti-Tamper

Trojan Detection Integrated Circuits

Seal

Time-Stamp

Numerical Modeling of Dynamic Compaction in Cohesive Soils

Mostafa, Khaled F.

26 October 2010

No description available.

Civil Engineering

Void Ratio

Crater Depth

tamping

SOILS

tamper

crater

PPV