Filters








21 Hits in 5.3 sec

A Design Methodology for Stealthy Parametric Trojans and Its Application to Bug Attacks [chapter]

Samaneh Ghandali, Georg T. Becker, Daniel Holcomb, Christof Paar
2016 Lecture Notes in Computer Science  
Our method is a general approach to path delay faults. It is a versatile tool for designing stealthy Trojans for a given circuit and is not restricted to multipliers and the bug attack.  ...  In addition to the bug attacks proposed previously, we extend this concept for the specific fault model of the path delay Trojan multiplier and show how it can be used to attack ECDH key agreement protocols  ...  Note that while they exploited a software bug as opposed to a hardware bug and a modular reduction as opposed to a multiplication, the attack idea itself is the same as in the original bug attack paper  ... 
doi:10.1007/978-3-662-53140-2_30 fatcat:xk2b3ldaz5crzn6zrhywzes7ge

Temperature-Based Hardware Trojan For Ring-Oscillator-Based TRNGs [article]

Samaneh Ghandali, Daniel Holcomb, Christof Paar
2019 arXiv   pre-print
In this work, we present a mechanism to design a stealthy parametric hardware Trojan for a ring oscillator based TRNG architecture proposed by Yang et al. at ISSCC 2014.  ...  We show how an attack can be performed with the Trojan-infected TRNG design in which the attacker uses a stochastic Markov Chain model to predict its reduced-entropy outputs.  ...  In [9] a design methodology for building stealthy parametric hardware Trojans and its application to Bug Attacks [4] has been proposed.  ... 
arXiv:1910.00735v1 fatcat:cgrivjblrjev7gdq4orbb45yjq

Side-Channel Hardware Trojan for Provably-Secure SCA-Protected Implementations [article]

Samaneh Ghandali, Thorben Moos, Amir Moradi, Christof Paar
2019 arXiv   pre-print
Once the Trojan is triggered, the malicious design exhibits exploitable side-channel leakage, leading to successful key recovery attacks.  ...  Trojans specifically designed to avoid detection.  ...  ACKNOWLEDGMENTS The work described in this paper has been supported in part by the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) under Germany's Excellence Strategy -EXC 2092 CASA -390781972 and  ... 
arXiv:1910.00737v1 fatcat:hzlhjnztzzg7pmzqoefrs26jxu

Ten years of hardware Trojans: a survey from the attacker's perspective

Mingfu Xue, Chongyan Gu, Weiqiang Liu, Shichao Yu, Máire O'Neill
2020 IET Computers & Digital Techniques  
In this paper, we attempt to make a review of the hardware Trojan design and implementations in the last decade and also provide an outlook.  ...  and challenges when he designs and implements a hardware Trojan.  ...  A CAD tools attack is more powerful and stealthy than design attacks and fabrication attacks. A SoC designer has to design chips by relying on CAD vendors.  ... 
doi:10.1049/iet-cdt.2020.0041 fatcat:7ugjmpblfjdippalfhovzmgaky

Protection Against Hardware Trojan Attacks: Towards a Comprehensive Solution

Swarup Bhunia, Miron Abramovici, Dakshi Agrawal, Paul Bradley, Michael S. Hsiao, Jim Plusquellic, Mohammad Tehranipoor
2013 IEEE design & test  
Hardware Trojan attacks: The problem IEEE Design & Test 2168-2356/12 B 2012 IEEE Copublished by the IEEE CEDA, IEEE CASS, IEEE SSCS, and TTTC 6 Protection Against Hardware Trojan Attacks  ...  Figure 2 . 2 (a) Taxonomy of design and test techniques for protection against Trojan attacks.  ...  For a more detailed setup of the synthesized RSA circuits and experimental methodology used to produce these curves, refer to [8] .  ... 
doi:10.1109/mdt.2012.2196252 fatcat:tmpjqnu63bfyxn7qi3t2ov3suy

Hardware Trojan Attacks: Threat Analysis and Countermeasures

Swarup Bhunia, Michael S. Hsiao, Mainak Banga, Seetharam Narasimhan
2014 Proceedings of the IEEE  
This paper is a survey of the state-of-the-art Trojan attacks, modeling, and countermeasures.  ...  Design Approaches to Facilitate Trojan Detection Similar to testing for faults and functional bugs, Trojan detection can also benefit from specially crafted on-chip embedded structures.  ...  The first class of approaches is based on obscuring functional and structural properties of a design, thereby making it difficult for an attacker to incorporate Trojans [48] , [49] .  ... 
doi:10.1109/jproc.2014.2334493 fatcat:kxnyfwrk6jgqrmdpga33odvofq

A Security Perspective on Battery Systems of the Internet of Things

Anthony Bahadir Lopez, Korosh Vatanparvar, Atul Prasad Deb Nath, Shuo Yang, Swarup Bhunia, Mohammad Abdullah Al Faruque
2017 Journal of Hardware and Systems Security  
A security analysis is necessary for system manufacturers and users to understand what threats and solutions exist for battery system security.  ...  We divide the battery system into the Physical, Battery Management System, and Application layers and use mobile systems and cyber-physical systems as case studies for IoT applications.  ...  With access to the intra-network, it turns out that it is highly viable for an attacker to exploit and conduct a wide variety of attacks on the automotive system.  ... 
doi:10.1007/s41635-017-0007-0 dblp:journals/jhss/LopezVNYBF17 fatcat:5d3jv5eirndihhhlwihubqhzxe

Comprehensive Review of Artificial Intelligence and Statistical Approaches in Distributed Denial of Service Attack and Defense Methods

Bashar Ahmed Khalaf, Salama A. Mostafa, Aida Mustapha, Mazin Abed Mohammed, Wafaa Mustafa Abduallah
2019 IEEE Access  
Finally, this review provides a guideline and possible points of encampments for developing improved solution models of defense methods against DDoS attacks.  ...  Incidents of serious damage due to DDoS attacks have been increasing, thereby leading to an urgent need for new attack identification, mitigation, and prevention mechanisms.  ...  It is applicable to web applications, web servers, web services, cloud computing, and any device with an Internet connection.  ... 
doi:10.1109/access.2019.2908998 fatcat:wasnqcj4bnc23pk4wzsl7n7rze

Evaluation des systèmes de détection d'intrusions

-Anas -ABOU EL KALAM
2006 Revue de l Electricité et de l Electronique  
However, it uses different mechanisms to propagate the infection and to implant a Trojan {Ida07}, {Eeye08}.  ...  It assigns attack sessions to attacking agents and produces a schedule for attack execution.  ...  Countermeasures To avoid any confusion we prefer using the term "counter measure" for security mechanisms while keeping the term "measure" for its original use in metrology.  ... 
doi:10.3845/ree.2006.102 fatcat:erwecavq3zh33o3b5aemi5q5gm

An artificial immune system architecture for computer security applications

P.K. Harmer, P.D. Williams, G.H. Gunsch, G.B. Lamont
2002 IEEE Transactions on Evolutionary Computation  
A prototype interactive system is designed, implemented in Java, and tested.  ...  Organizations must protect their systems from intrusion and computer-virus attacks.  ...  attack on the system; f) if confirmation for quarantine is received, the repairer moves the infected file to a safe location and renders it unexecutable or routs network packets to a honey pot; g) the  ... 
doi:10.1109/tevc.2002.1011540 fatcat:fxjvxlze5jghpdsaffmvv7lq2m

Network Anomaly Detection: Methods, Systems and Tools

Monowar H. Bhuyan, D. K. Bhattacharyya, J. K. Kalita
2014 IEEE Communications Surveys and Tutorials  
Within this framework, we briefly describe and compare a large number of network anomaly detection methods and systems.  ...  We present attacks normally encountered by network intrusion detection systems.  ...  It is also partially supported by NSF (US) grants CNS-0851783 and CNS-1154342. The authors are thankful to the funding agencies.  ... 
doi:10.1109/surv.2013.052213.00046 fatcat:nevvj3lcovgllkbhrl5zasfu7m

Producing Trustworthy Hardware Using Untrusted Components, Personnel and Resources

Adam Waksman
2017
We propose, implement and analyze a series of methods for making the hardware supply chain resilient against a wide array of known and possible attacks.  ...  These methods allow for the design and fabrication of hardware using untrustworthy personnel, designs, tools and resources, while protecting the final product from large classes of attacks, some known  ...  This makes it easier for us to apply protections to the interfaces. As a case study and to demonstrate our methodology in full detail, we design and synthesize a new microcontroller called TµC1.  ... 
doi:10.7916/d8n014px fatcat:g7expt3llbg5fhchlwim7x4cb4

Έλεγχος Τρωσιμότητας Υπολογιστικών Συστημάτων

Αλέξης Κωνσταντίνου Βενιζέλος
2021
As a consequence, it is worth evaluating the usefulness of a each tool when opposed to those with similar features  ...  Amongst the most common methods to evaluating system security, penetration testing can be used as a simulation of activities conducted by hackers to penetrate into the IT system.  ...  Chapter 2 Background Vulnerabilities A vulnerability is a flaw in a program that may be an execution error or a design error that allows an attacker to cause damage to an application user and achieve  ... 
doi:10.26262/heal.auth.ir.329019 fatcat:mczgygp2jneanmedaaqrxha4nm

Intrusion detection via static analysis

D. Wagner, R. Dean
Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001  
This, of course, has been the dream of the formal methods community for 25 years, and is as yet unrealized. We believe it is likely to remain unrealized for some time to come. Although Ko et al.'  ...  We show how static analysis may be used to automatically derive a model of application behavior.  ...  Acknowledgements We thank Alex Aiken, Nikita Borisov, Eric Brewer, Jeff Foster, David Gay, Steve Gribble, Alan Hu, Adrian Perrig, and Dawn Song for useful discussions about this work.  ... 
doi:10.1109/secpri.2001.924296 dblp:conf/sp/WagnerD01 fatcat:esatk6vhtjbwjhsvnakx42fcra

Robust behavioral malware detection [article]

Mikhail Kazdagli
2018
In both scenarios, Shape-GD identifies malware early on (∼100 infected nodes in a ∼100K-node system for watering hole attacks, and ∼10 of ∼1,000 for phishing attacks) and robustly (with ∼100% vi global  ...  We evaluate Shape-GD by emulating a large community of Windows systems using the system call traces from a few thousand malicious and benign applications; we simulate both a phishing attack in a corporate  ...  Such algorithms are usually designed to achieve soundness -meaning they never miss any bugs.  ... 
doi:10.15781/t2bn9xn0t fatcat:mw4vzzmed5cujgyxiuhcxrwbna
« Previous Showing results 1 — 15 out of 21 results