HarTBleed: Using Hardware Trojans for Data Leakage Exploits

De, Asmit; Khan, Mohammad Nasim Imtiaz; Nagarajan, Karthikeyan; Ghosh, Swaroop

doi:10.1109/tvlsi.2019.2961358

Cited by 19 publications

(9 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [44], authors present HarTBleed, a Trojan design embedded in a CPU that has a capacitor-based triggering circuit accompanied by a novel payload circuit. The Trojan is triggered when a pre-defined address of the L1 cache is accessed 1800 times.…”

Section: E Cpumentioning

confidence: 99%

Design of Hardware Trojans and its Impact on CPS Systems: A Comprehensive Survey

Dhavlle

Hassan

Mittapalli

et al. 2021

2021 IEEE International Symposium on Circuits and Systems (ISCAS)

View full text Add to dashboard Cite

The ever-increasing demand for sophisticated cyberphysical systems (CPS), combined with the fabless model, led to vulnerability exploits in the IC supply chain, especially the insertion of hardware Trojans (HTs). The HTs are malicious modifications made to an authentic design to disrupt the functioning of the integrated circuits (ICs). In this work, we present a survey of the state-of-the-art HT designs focusing on the Trojan design, the risk level in the supply chain, and the targeted platform, followed by a discussion based on our observations. We categorize the HT designs based on the targeted platforms such as ML accelerators, IoT devices, FPGAs, ASICs, memory devices, CPU, and Cryptographic cores.

show abstract

Section: E Cpumentioning

confidence: 99%

Design of Hardware Trojans and its Impact on CPS Systems: A Comprehensive Survey

Dhavlle

Hassan

Mittapalli

et al. 2021

2021 IEEE International Symposium on Circuits and Systems (ISCAS)

View full text Add to dashboard Cite

show abstract

“…In addition, it also must be admitted that the hardware system protections are not particularly comprehensive due to malicious attacks that may arise from different-level sources, mainly including hardware-level attack and system-level attack. As the hardware-level attack, a malicious logic (well-known as hardware Trojan) hidden in internal logic might be premeditatedly designed to cause the program execution failures at key points or could create the backdoors for both confidential information leakages and subsequent system hijacking to attackers [ 5 ]. On the other hand, the external physical attacks can exploit the three invasive methods of bus monitoring, offline analysis, and data tampering to steal the sensitive information and/or activate the built-in hardware Trojan to disorganize the program execution through external access interfaces [ 6 , 7 ].…”

Section: Introductionmentioning

confidence: 99%

High-Efficiency Parallel Cryptographic Accelerator for Real-Time Guaranteeing Dynamic Data Security in Embedded Systems

et al. 2021

View full text Add to dashboard Cite

Dynamic data security in embedded systems is raising more and more concerns in numerous safety-critical applications. In particular, the data exchanges in embedded Systems-on-Chip (SoCs) using main memory are exposing many security vulnerabilities to external attacks, which will cause confidential information leakages and program execution failures for SoCs at key points. Therefore, this paper presents a security SoC architecture with integrating a four-parallel Advanced Encryption Standard-Galois/Counter Mode (AES-GCM) cryptographic accelerator for achieving high-efficiency data processing to guarantee data exchange security between the SoC and main memory against bus monitoring, off-line analysis, and data tampering attacks. The architecture design has been implemented and verified on a Xilinx Virtex-5 Field Programmable Gate Array (FPGA) platform. Based on evaluation of the cryptographic accelerator in terms of performance overhead, security capability, processing efficiency, and resource consumption, experimental results show that the parallel cryptographic accelerator does not incur significant performance overhead on providing confidentiality and integrity protections for exchanged data; its average performance overhead reduces to as low as 2.65% on typical 8-KB I/D-Caches, and its data processing efficiency is around 3 times that of the pipelined AES-GCM construction. The reinforced SoC under the data tampering attacks and benchmark tests confirms the effectiveness against external physical attacks and satisfies a good trade-off between high-efficiency and hardware overhead.

show abstract

“…In hardware-level attacks, hardware Trojan is a typical example which could be inserted into an internal logic and activated under a specific condition to cause the processor unintended behaviors or program execution failures. Especially, recent reports show that attackers are inserting the hardware Trojans into memories to leak and modify critical data [8,9], which further aggravates the security concerns of SoCs in security-critical applications. The softwarelevel attacks are mainly exploiting some vulnerabilities or bugs in programs to disturb instruction executions or perform other unintended actions, such as tampering program code or data and injecting malicious code.…”

Section: Introductionmentioning

confidence: 99%

Hardware-Assisted Security Monitoring Unit for Real-Time Ensuring Secure Instruction Execution and Data Processing in Embedded Systems

et al. 2021

View full text Add to dashboard Cite

The hardware security of embedded systems is raising more and more concerns in numerous safety-critical applications, such as in the automotive, aerospace, avionic, and railway systems. Embedded systems are gaining popularity in these safety-sensitive sectors with high performance, low power, and great reliability, which are ideal control platforms for executing instruction operation and data processing. However, modern embedded systems are still exposing many potential hardware vulnerabilities to malicious attacks, including software-level and hardware-level attacks; these can cause program execution failure and confidential data leakage. For this reason, this paper presents a novel embedded system by integrating a hardware-assisted security monitoring unit (SMU), for achieving a reinforced system-on-chip (SoC) on ensuring program execution and data processing security. This architecture design was implemented and evaluated on a Xilinx Virtex-5 FPGA development board. Based on the evaluation of the SMU hardware implementation in terms of performance overhead, security capability, and resource consumption, the experimental results indicate that the SMU does not lead to a significant speed degradation to processor while executing different benchmarks, and its average performance overhead reduces to 2.18% on typical 8-KB I/D-Caches. Security capability evaluation confirms the monitoring effectiveness of SMU against both instruction and data tampering attacks. Meanwhile, the SoC satisfies a good balance between high-security and resource overhead.

show abstract

HarTBleed: Using Hardware Trojans for Data Leakage Exploits

Cited by 19 publications

References 25 publications

Design of Hardware Trojans and its Impact on CPS Systems: A Comprehensive Survey

Design of Hardware Trojans and its Impact on CPS Systems: A Comprehensive Survey

High-Efficiency Parallel Cryptographic Accelerator for Real-Time Guaranteeing Dynamic Data Security in Embedded Systems

Hardware-Assisted Security Monitoring Unit for Real-Time Ensuring Secure Instruction Execution and Data Processing in Embedded Systems

Contact Info

Product

Resources

About