Biblio

In this work, we propose a novel framework to identify and mitigate a recently disclosed covert channel scheme exploiting unprotected broadcast messages in cellular MAC layer protocols. Examples of covert channel are used in data exfiltration, remote command-and-control (CnC) and espionage. Responsibly disclosed to GSMA (CVD-2021-0045), the SPAR-ROW covert channel scheme exploits the downlink power of LTE/5G base-stations that broadcast contention resolution identity (CRI) from any anonymous device according to the 3GPP standards. Thus, the SPARROW devices can covertly relay short messages across long-distance which can be potentially harmful to critical infrastructure. The SPARROW schemes can also complement the solutions for long-range M2M applications. This work investigates the security vs. performance trade-off in CRI-based contention resolution mechanisms. Then it offers a rig-orously designed method to randomly obfuscate CRI broadcast in future 5G/6G standards. Compared to CRI length reduction, the proposed method achieves considerable protection against SPARROW exploitation with less impact on the random-access performance as shown in the numerical results.

Physically Unclonable Functions (PUFs) are hardware-based security primitives that utilize manufacturing process variations to realize binary keys (Weak PUFs) or binary functions (Strong PUFs). This primitive is desirable for key generation and authentication in constrained devices, due to its low power and low area overhead. However, in recent years many research papers are focused on the vulnerability of PUFs to modeling attacks. This attack is possible because the PUFs challenge and response exchanges are usually transmitted over communication channel without encryption. Thus, an attacker can collect challenge-response pairs and use it as input into a learning algorithm, to create a model that can predict responses given new challenges. In this paper we introduce a serial and a parallel novel 64-bits memory-based controlled PUF (Mc-PUF) architecture for device authentication that has high uniqueness and randomness, reliable, and resilient against modeling attacks. These architectures generate a response by utilizing bits extracted from the fingerprint of a synchronous random-access memory (SRAM) PUF with a control logic. The synthesis of the serial architecture yielded an area of 1.136K GE, while the parallel architecture was 3.013K GE. The best prediction accuracy obtained from the modeling attack was 50%, which prevents an attacker from accurately predicting responses to future challenges. We also showcase the scalability of the design through XOR-ing several Mc-PUFs, further improving upon its security and performance. The remainder of the paper presents the proposed architectures, along with their hardware implementations, area and power consumption, and security resilience against modeling attacks. The 3-XOR Mc-PUF had the greatest overhead, but it produced the best randomness, uniqueness, and resilience against modeling attacks.

Neural Network is used in many applications and guarding its performance against faults is a research challenge. Self-healing neural network is a promising concept for achieving reliability, which is the ability to detect and fix a fault in the system automatically. Most of the current self-healing neural network are based on replication of hardware nodes which causes significant area overhead. The proposed self-healing approach results in a modest area overhead and it is suitable for complex neural network. The proposed method is based on a shared operation and a spare node in each layer which compensates for any faulty node in the layer. Each faulty node will be compensated by its neighbor node, and the neighbor node performs the faulty node as well as its own operations sequentially. In the case the neighbor is faulty, the spare node will compensate for it. The proposed method is implemented using VHDL and the simulation results are obtained using Altira 10 GX FPGA for a different number of nodes. The area overhead is very small for a complex network. The reliability of the proposed method is studied and compared with the traditional neural network.