Challenges and Methodologies of Hardware Security

Li, Kin Fun; Attarmoghaddam, Narges

doi:10.1109/aina.2018.00136

Cited by 7 publications

(3 citation statements)

References 64 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Audit logs are themselves a key target for an attacker who needs to erase any trace of their malicious activities; otherwise, they may get caught and then possibly prosecuted. The need for securing audit logging was raised already in different contexts, including hardware [3]; systems [4,5]; file systems [6]; databases [7]; secure logging protocols [8]; distributed systems [2,[10][11][12][13][14]; blockchain [1,[16][17][18][19][20]; and blockchain hardware [28], as well as many others. In this section, we describe some pieces of research in securing audit logging, with particular attention on distributed systems and cloud computing; we describe blockchain-based mechanisms later in the following subsection.…”

Section: Audit Based Systemsmentioning

confidence: 99%

“…Audit logs are used to keep track of important events about system activities and are a fundamental mechanism for digital forensics because they provide information about past and current events and hence, the path of states of a system [2]. The need for protecting logs from attackers was already stated by various researchers in different contexts, in the context of hardware [3]; systems [4,5]; file systems [6]; databases [7]; and secure logging protocols [8]. Companies are currently attracted to migrate to cloud computing services [9].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

RootLogChain: Registering Log-Events in a Blockchain for Audit Issues from the Creation of the Root

López-Pimentel

Morales-Rosales

Monroy

2021

Sensors

View full text Add to dashboard Cite

Logging system activities are required to provide credibility and confidence in the systems used by an organization. Logs in computer systems must be secured from the root user so that they are true and fair. This paper introduces RootLogChain, a blockchain-based audit mechanism that is built upon a security protocol to create both a root user in a blockchain network and the first log; from there, all root events are stored as logs within a standard blockchain mechanism. RootLogChain provides security constructs so as to be deployed in a distributed context over a hostile environment, such as the internet. We have developed a prototype based on a microservice architecture, validating it by executing different stress proofs in two scenarios: one with compliant agents and the other without. In such scenarios, several compliant and non-compliant agents try to become a root and register the events within the blockchain. Non-compliant agents simulate eavesdropper entities that do not follow the rules of the protocol. Our experiments show that the mechanism guarantees the creation of one and only one root user, integrity, and authenticity of the transactions; it also stores all events generated by the root within a blockchain. In addition, for audit issues, the traceability of the transaction logs can be consulted by the root.

show abstract

Section: Audit Based Systemsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

RootLogChain: Registering Log-Events in a Blockchain for Audit Issues from the Creation of the Root

López-Pimentel

Morales-Rosales

Monroy

2021

Sensors

View full text Add to dashboard Cite

show abstract

“…In the last years, the interest in security-oriented techniques to prevent possible attacks on such systems has been exponentially growing. These attacks aim to either change the behavior of the systems or extract private and/or precious information (Intellectual Property or IP) from them [1]. Some of these IP data items are stored into Non-Volatile Memories (NVMs) that are an attractive target for malicious users due to the persistence of the data [2].…”

Section: Introductionmentioning

confidence: 99%

Towards the Integration of Reliability and Security Mechanisms to Enhance the Fault Resilience of Neural Networks

Deligiannis¹,

Cantoro

Reorda

et al. 2021

IEEE Access

View full text Add to dashboard Cite

Nowadays, many electronic systems store valuable Intellectual Property (IP) information inside Non-Volatile Memories (NVMs). Designers widely use encryption mechanisms to enhance the integrity of such IPs and protect them from any unauthorized access or modification. At the same time, often such IPs are critical from a reliability standpoint. Thus, dedicated techniques are employed to detect possible reliability threats (e.g., transient faults affecting the NVM content). The weights of a neural network (NN) model (e.g., integrated into an object detection system for autonomous driving or robotics) are typical examples of precious IP items. Indeed, NN weights often constitute proprietary data, stemming from an extensive and costly training process; moreover, their correctness is key for the NN to work reliably. In this article, we explore the capability of encryption mechanisms to ensure protection from both reliability threats. In particular, we assess, via extensive fault injection campaigns, the capability of different memory encryption schemes -usually used only for security purposes -to detect faults and thus, enhance the reliability of the system. Experimental results show that by cleverly choosing the proper encryption scheme, it is possible to achieve very high fault detection rates (greater than 99%) with respect to Multiple Bit Upsets. The gathered results pave the way to the integration of reliability and security mechanisms to achieve better results with lower costs.

show abstract