Biblio

The rapid development of technology makes it possible for a physical machine to be converted into a virtual machine, which can operate multiple operating systems that are running simultaneously and connected to the internet. DoS/DDoS attacks are cyber-attacks that can threaten the telecommunications sector because these attacks cause services to be disrupted and be difficult to access. There are several software tools for monitoring abnormal activities on the network, such as IDS Snort and IDS Suricata. From previous studies, IDS Suricata is superior to IDS Snort version 2 because IDS Suricata already supports multi-threading, while IDS Snort version 2 still only supports single-threading. This paper aims to conduct tests on IDS Snort version 3.0 which already supports multi-threading and IDS Suricata. This research was carried out on a virtual machine with 1 core, 2 core, and 4 core processor settings for CPU, memory, and capture packet attacks on IDS Snort version 3.0 and IDS Suricata. The attack scenario is divided into 2 parts: DoS attack scenario using 1 physical computer, and DDoS attack scenario using 5 physical computers. Based on overall testing, the results are: In general, IDS Snort version 3.0 is better than IDS Suricata. This is based on the results when using a maximum of 4 core processor, in which IDS Snort version 3.0 CPU usage is stable at 55% - 58%, a maximum memory of 3,000 MB, can detect DoS attacks with 27,034,751 packets, and DDoS attacks with 36,919,395 packets. Meanwhile, different results were obtained by IDS Suricata, in which CPU usage is better compared to IDS Snort version 3.0 with only 10% - 40% usage, and a maximum memory of 1,800 MB. However, the capabilities of detecting DoS attacks are smaller with 3,671,305 packets, and DDoS attacks with a total of 7,619,317 packets on a TCP Flood attack test.

The impact of microarchitectural attacks in Personal Computers (PCs) can be further adapted to and observed in internetworked All Programmable System-on-Chip (AP SoC) platforms. This effort involves the access control or execution of Intellectual Property cores in the FPGA of an AP SoC Victim internetworked with an AP SoC Attacker via Internet Protocol (IP). Three conceptions of attacks were implemented: buffer overflow attack at the stack, return-oriented programming attack, and command-injection-based attack for dynamic reconfiguration in the FPGA. Indeed, a specific preventive countermeasure for each attack is proposed. The functionality of the countermeasures mainly comprises adapted words addition (stack protection) for the first and second attacks and multiple encryption for the third attack. In conclusion, the recommended countermeasures are realizable to counteract the implemented attacks.

Recent studies on attacks exploiting processor hardware vulnerabilities have raised significant concern for information security. Particularly, transient execution attacks such as Spectre augment microarchitectural side channels with speculative executions that lead to exfiltration of secretive data not intended to be accessed. Many prior works have demonstrated the manipulation of branch predictors for triggering speculative executions, and thereafter leaking sensitive information through processor microarchitectural components. In this paper, we present a new class of microarchitectural attack, called BranchSpec, that performs information leakage by exploiting state changes of branch predictors in speculative path. Our key observation is that, branch instruction executions in speculative path alter the states of branch pattern history, which are not restored even after the speculatively executed branches are eventually squashed. Unfortunately, this enables adversaries to harness branch predictors as the transmitting medium in transient execution attacks. More importantly, as compared to existing speculative attacks (e.g., Spectre), BranchSpec can take advantage of much simpler code patterns in victim's code base, making the impact of such exploitation potentially even more severe. To demonstrate this security vulnerability, we have implemented two variants of BranchSpec attacks: a side channel where a malicious spy process infers cross-boundary secrets via victim's speculatively executed nested branches, and a covert channel that communicates secrets through intentionally perturbing the branch pattern history structure via speculative branch executions. Our evaluation on Intel Skylake- and Coffee Lake-based processors reveals that these information leakage attacks are highly accurate and successful. To the best of our knowledge, this is the first work to reveal the information leakage threat due to speculative state update in branch predictor. Our studies further broaden the attack surface of processor microarchitecture, and highlight the needs for branch prediction mechanisms that are secure in transient executions.

This paper presents an analysis of Rabin-P encryption scheme on microprocessor platform in term of runtime and energy consumption. A microprocessor is one of the devices utilized in the Internet of Things (IoT) structure. Therefore, in this work, the microprocessor selected is the Raspberry Pi that is powered with a smaller version of the Linux operating system for embedded devices, the Raspbian OS. A comparative analysis is then conducted for Rabin-p and RSA-OAEP cryptosystem in the Raspberry Pi setup. A conclusion can be made that Rabin-p performs faster in comparison to the RSA-OAEP cryptosystem in the microprocessor platform. Rabin-p can improve decryption efficiency by using only one modular exponentiation while produces a unique message after the decryption process.

This paper presents a new micro-architectural vulnerability on the power management units of modern computers which creates an electromagnetic-based side-channel. The key observations that enable us to discover this sidechannel are: 1) in an effort to manage and minimize power consumption, modern microprocessors have a number of possible operating modes (power states) in which various sub-systems of the processor are powered down, 2) for some of the transitions between power states, the processor also changes the operating mode of the voltage regulator module (VRM) that supplies power to the affected sub-system, and 3) the electromagnetic (EM) emanations from the VRM are heavily dependent on its operating mode. As a result, these state-dependent EM emanations create a side-channel which can potentially reveal sensitive information about the current state of the processor and, more importantly, the programs currently being executed. To demonstrate the feasibility of exploiting this vulnerability, we create a covert channel by utilizing the changes in the processor's power states. We show how such a covert channel can be leveraged to exfiltrate sensitive information from a secured and completely isolated (air-gapped) laptop system by placing a compact, inexpensive receiver in proximity to that system. To further show the severity of this attack, we also demonstrate how such a covert channel can be established when the target and the receiver are several meters away from each other, including scenarios where the receiver and the target are separated by a wall. Compared to the state-of-the-art, the proposed covert channel has \textbackslashtextgreater3x higher bit-rate. Finally, to demonstrate that this new vulnerability is not limited to being used as a covert channel, we demonstrate how it can be used for attacks such as keystroke logging.

Video surveillance plays an important role in our times. It is a great help in reducing the crime rate, and it can also help to monitor the status of facilities. The performance of the video surveillance system is limited by human factors such as fatigue, time efficiency, and human resources. It would be beneficial for all if fully automatic video surveillance systems are employed to do the job. The automation of the video surveillance system is still not satisfying regarding many problems such as the accuracy of the detector, bandwidth consumption, storage usage, etc. This scientific paper mainly focuses on a video surveillance system using Convolutional Neural Networks (CNN), IoT and cloud. The system contains multi nods, each node consists of a microprocessor(Raspberry Pi) and a camera, the nodes communicate with each other using client and server architecture. The nodes can detect humans using a pretraining MobileNetv2-SSDLite model and Common Objects in Context(COCO) dataset, the captured video will stream to the main node(only one node will communicate with cloud) in order to stream the video to the cloud. Also, the main node will send an SMS notification to the security team to inform the detection of humans. The security team can check the videos captured using a mobile application or web application. Operating the Object detection model of Deep learning will be required a large amount of the computational power, for instance, the Raspberry Pi with a limited in performance for that reason we used the MobileNetv2-SSDLite model.

RISC-V is free and open standard instruction set architecture following reduced instruction set computer principle. Because of its openness and scalability, RISC-V has been adapted not only for embedded CPUs such as mobile and IoT market, but also for heavy-workload CPUs such as the data center or super computing field. On top of it, Robotics is also a good application of RISC-V because security and reliability become crucial issues of robotics system. These problems could be solved by enthusiastic open source community members as they have shown on open source operating system. However, running RISC-V on local FPGA becomes harder than before because now RISC-V foundation are focusing on cloud-based FPGA environment. We have experienced that recently released OS and toolchains for RISC-V are not working well on the previous CPU image for local FPGA. In this paper we design the local FPGA platform for RISC-V processor and run the robotics application on mainstream Robot Operating System on top of the RISC-V processor. This platform allow us to explore the architecture space of RISC-V CPU for robotics application, and get the insight of the RISC-V CPU architecture for optimal performance and the secure system.

The center-piece of this work is a software measurement physical unclonable function (PUF). It measures processor chip ALU silicon biometrics in a manner similar to all PUFs. Additionally, it composes the silicon measurement with the data-dependent delay of a particular program instruction in a way that is difficult to decompose through a mathematical model. This approach ensures that each software instruction is measured if computed. The SW-PUF measurements bind the execution of software to a specific processor with a corresponding certificate. This makes the SW-PUF a promising candidate for applications requiring Trusted Computing. For instance, it could measure the integrity of an execution path by generating a signature that is unique to the specific program execution path and the processor chip. We present an area and energy-efficient scheme based on the SW-PUF to provide a more robust root of trust for measurement than the existing trusted platform module (TPM). To explore the feasibility of the proposed design, the SW-PUF has been implemented in HSPICE using 45 nm technology and evaluated on the FPGA platform.

The design process of smart Consumer Electronics (CE) devices heavily relies on reusable Intellectual Property (IP) cores of Digital Signal Processor (DSP) and Multimedia Processor (MP). On the other hand, due to strict competition and rivalry between IP vendors, the problem of ownership conflict and IP piracy is surging. Therefore, to design a secured smart CE device, protection of DSP/MP IP core is essential. Embedding a robust IP owner's signature can protect an IP core from ownership abuse and forgery. This paper presents a covert signature embedding process for DSP/MP IP core at Register-transfer level (RTL). The secret marks of the signature are distributed over the entire design such that it provides higher robustness. For example for 8th order FIR filter, it incurs only between 6% and 3% area overhead for maximum and minimum size signature respectively compared to the non-signature FIR RTL design but with significantly enhanced security.

The separation of manufacturing and design processes in the integrated circuit industry to tackle the ever increasing circuit complexity and time to market issues has brought with it some major security challenges. Chief among them is IP piracy by untrusted parties. Hardware obfuscation which locks the functionality and modifies the structure of an IP core to protect it from malicious modifications or piracy has been proposed as a solution. In this paper, we develop an efficient hardware obfuscation method, called Mystic (Mystifying IP Cores), to protect IP cores from reverse engineering, IP overproduction, and IP piracy. The key idea behind Mystic is to add additional state transitions to the original/functional FSM (Finite State Machine) that are taken only when incorrect keys are applied to the circuit. Using the proposed Mystic obfuscation approach, the underlying functionality of the IP core is locked and normal FSM transitions are only available to authorized chip users. The synthesis results of ITC99 circuit benchmarks for ASIC 45nm technology reveal that the Mystic protection method imposes on average 5.14% area overhead, 5.21% delay overhead, and 8.06% power consumption overheads while it exponentially lowers the probability that an unauthorized user will gain access to or derive the chip functionality.

The globalization of supply chain makes semiconductor chips susceptible to various security threats. Design obfuscation techniques have been widely investigated to thwart intellectual property (IP) piracy attacks. Key distribution among IP providers, system integration team, and end users remains as a challenging problem. This work proposes an orthogonal obfuscation method, which utilizes an orthogonal matrix to authenticate obfuscation keys, rather than directly examining each activation key. The proposed method hides the keys by using an orthogonal obfuscation algorithm to increasing the key retrieval time, such that the primary keys for IP cores will not be leaked. The simulation results show that the proposed method reduces the key retrieval time by 36.3% over the baseline. The proposed obfuscation methods have been successfully applied to ISCAS'89 benchmark circuits. Experimental results indicate that the orthogonal obfuscation only increases the area by 3.4% and consumes 4.7% more power than the baseline1.

The IEEE Std. 1687 (IJTAG) was designed to provide on-chip access to the various embedded instruments (e.g. built-in self test, sensors, etc.) in complex system-on-chip designs. IJTAG facilitates access to on-chip instruments from third party intellectual property providers with hidden test-data registers. Although access to on-chip instruments provides valuable data specifically for debug and diagnosis, it can potentially expose the design to untrusted sources and instruments that can sniff and possibly manipulate the data that is being shifted through the IJTAG network. This paper provides a comprehensive protection scheme against data sniffing and data integrity attacks by selectively isolating the data flowing through the IJTAG network. The proposed scheme is modeled as a graph coloring problem to optimize the number of isolation signals required to protect the design. It is shown that combining the proposed approach with other existing schemes can also bolster the security against unauthorized user access as well. The proposed countermeasure is shown to add minimal overhead in terms of area and power consumption.

We introduce the strictly in-order core (SIC), a timing-predictable pipelined processor core. SIC is provably timing compositional and free of timing anomalies. This enables precise and efficient worst-case execution time (WCET) and multi-core timing analysis. SIC's key underlying property is the monotonicity of its transition relation w.r.t. a natural partial order on its microarchitectural states. This monotonicity is achieved by carefully eliminating some of the dependencies between consecutive instructions from a standard in-order pipeline design. SIC preserves most of the benefits of pipelining: it is only about 6-7% slower than a conventional pipelined processor. Its timing predictability enables orders-of-magnitude faster WCET and multi-core timing analysis than conventional designs.

The Joint Test Action Group (JTAG) standards define test and debug architectures that are ingrained within much of today's commercial silicon. In particular, the IEEE Std. 1149.1 (Standard Test Access Port and Boundary Scan Architecture) forms the foundation of on-chip embedded instrumentation that is used extensively for everything from prototype board bring-up to firmware triage to field and depot system repair. More recently, JTAG is being used in-system as a hardware/firmware mechanism for Built-In Test (BIT), addressing No Fault Found (NFF) and materiel availability issues. Its power and efficacy are a direct outcome of being a ubiquitously available, embedded on-die instrument that is inherent in most electronic devices. While JTAG is indispensable for all aspects of test and debug, it suffers from a lack of inherent security. Unprotected, it can represent a security weakness, exposing a back-door vulnerability through which hackers can reverse engineer, extract sensitive data from, or disrupt systems. More explicitly, JTAG can be used to: - Read and write from system memory - Pause execution of firmware (by setting breakpoints) - Patch instructions or data in memory - Inject instructions directly into the pipeline of a target chip (without modifying memory) - Extract firmware (for reverse engineering/vulnerability research) - Execute private instructions to activate other engines within the chip As a low-level means of access to a powerful set of capabilities, the JTAG interface must be safeguarded against unauthorized intrusions and attacks. One method used to protect platforms against such attacks is to physically fuse off the JTAG Test Access Ports, either at the integrated circuit or the board level. But, given JTAG's utility, alternative approaches that allow for both security and debug have become available, especially if there is a hardware root of trust on the platform. These options include chip lock and key registers, challenge-response mechanisms, secure key systems, TDI/TDO encryption, and other authentication/authorization techniques. This paper reviews the options for safe access to JTAG-based debug and test embedded instrumentation.

With the popularity of smart devices such as mobile phones and tablets, the security problem of the widely used ARMv8-A processor has received more and more attention. Flush+Reload and Flush+Flush cache attacks have become two of the most important security threats due to their low noise and high resolution. In order to resist Flush+Reload and Flush+Flush attacks, researchers proposed many defense methods. However, these existing methods have various shortcomings. The runtime defense methods using hardware performance counters cannot detect attacks fast enough, effectively detect Flush+Flush or avoid a high false positive rate. Static code analysis schemes are powerless for obfuscation techniques. The approaches of permanently reducing the resolution can only be utilized on browser products and cannot be applied in the system. In this paper, we design two more secure collaborative APIs-flush operation API and high resolution time API-which can resist Flush+Reload and Flush+Flush attacks. When the flush operation API is called, the high resolution time API temporarily reduces its resolution and automatically restores. Moreover, the flush operation API also has the ability to detect and handle suspected Flush+Reload and Flush+Flush attacks. The attack and performance comparison experiments prove that the two APIs we designed are safer and the performance losses are acceptable.

This paper presents a methodology for IP core protection of CE devices from both buyer's and seller's perspective. In the presented methodology, buyer fingerprint is embedded along seller watermark during architectural synthesis phase of IP core design. The buyer fingerprint is inserted during scheduling phase while seller watermark is implanted during register allocation phase of architectural synthesis process. The presented approach provides a robust mechanisms of IP core protection for both buyer and seller at zero area overhead, 1.1 % latency overhead and 0.95 % design cost overhead compared to a similar approach (that provides only protection to IP seller).

To be able to meet demanding application performance requirements within a tight power budget, runtime power management must track hardware activity at a very fine granularity in both space and time. This gives rise to sophisticated power management algorithms, which need the underlying system to be both highly observable (to be able to sense changes in instantaneous power demand timely) and controllable (to be able to react to changes in instantaneous power demand timely). The end goal is allocating the power budget, which itself represents a very critical shared resource, in a fair way among active tasks of execution. Fundamentally, if not carefully managed, any system-wide shared resource can give rise to covert communication. Power budget does not represent an exception, particularly as systems are becoming more and more observable and controllable. In this paper, we demonstrate how power management vulnerabilities can enable covert communication over a previously unexplored, novel class of covert channels which we will refer to as POWERT channels. We also provide a comprehensive characterization of the POWERT channel capacity under various sharing and activity scenarios. Our analysis based on experiments on representative commercial systems reveal a peak channel capacity of 121.6 bits per second (bps).

Since the performance of bus interconnects does not scale with the number of processors connected to the bus, chip multiprocessors make use of on-chip networks that implement packet switching and virtual channel flow control to efficiently transport data. In this paper, we consider the test and fault-tolerance aspects of such a network-on-chip (NoC). Past work in this area has addressed the communication efficiency and deadlock-free properties in NoC, but when routing externally received data, aspects of security must be addressed. A malicious denial-of-service attack or a power virus can be launched by a malicious external agent. We propose a two-tier solution to this problem, where a local self-test manager in each processing element runs test algorithms to detect faults in local processing element and its associated physical and virtual channels. At the global level, the health of the NoC is tested using a sorting-based algorithm proposed in this paper. Similarly, we propose to handle fault-tolerance and security concerns in routing at two levels. At the local level, each node is capable of fault-tolerant routing by deflecting packets to an alternate path; when doing so, since a chance of deadlock may be created, the local router must be capable of guestimating a deadlock situation, switch to packet-switching instead of flit-switching and attempt to reroute the packet. At the global level, a routing agent plays the role of gathering fault data and provide the fault-information to nodes that seek this information periodically. Similarly, the agent is capable of detecting malformed packets coming from an external source and prevent injecting such packets into the network, thereby conserving the network bandwidth. The agent also attempts to guess attempts at denial-of-service attacks and power viruses and will reject packets. Use of a two-tier approach helps in keeping the IP modular and reduces their complexity, thereby making them easier to verify.

Globalization of semiconductor design and manufacturing has led to several hardware security issues. The problem of Hardware Trojans (HT) is one such security issue discussed widely in industry and academia. Adversary design engineer can insert the HT to leak confidential data, cause a denial of service attack or any other intention specific to the design. HT in cryptographic modules and processors are widely discussed. HT in Multi-Processor System on Chips (MPSoC) are also catastrophic, as most of the military applications use MPSoCs. Network on Chips (NoC) are standard communication infrastructure in modern day MPSoC. In this paper, we present a novel hardware Trojan which is capable of inducing performance degradation and denial of service attacks in a NoC. The presence of the Hardware Trojan in a NoC can compromise the crucial details of packets communicated through NoC. The proposed Trojan is triggered by a particular complex bit pattern from input messages and tries to mislead the packets away from the destined addresses. A mitigation method based on bit shuffling mechanism inside the router with a key directly extracted from input message is proposed to limit the adverse effects of the Trojan. The performance of a 4×4 NoC is evaluated under uniform traffic with the proposed Trojan and mitigation method. Simulation results show that the proposed mitigation scheme is useful in limiting the malicious effect of hardware Trojan.

Multi-Processor Systems-on-Chips (MPSoCs) are a platform for a wide variety of applications and use-cases. The high on-chip connectivity, the programming flexibility, and the reuse of IPs, however, also introduce security concerns. Problems arise when applications with different trust and protection levels share resources of the MPSoC, such as processing units, cache memories and the Network-on-Chip (NoC) communication structure. If a program gets compromised, an adversary can observe the use of these resources and infer (potentially secret) information from other applications. In this work, we explore the cache-based attack by Bogdanov et al., which infers the cache activity of a target program through timing measurements and exploits collisions that occur when the same cache location is accessed for different program inputs. We implement this differential cache-collision attack on the MPSoC Glass and introduce an optimized variant of it, the Earthquake Attack, which leverages the NoC-based communication to increase attack efficiency. Our results show that Earthquake performs well under different cache line and MPSoC configurations, illustrating that cache-collision attacks are considerable threats on MPSoCs.

Real-time clock circuits are widely used in modern electronic systems to provide time information to the systems at the beginning of the system power-on. In this paper, we present two types of Hardware Trojan designs that employ the time information as the trigger conditions. One is a real-time based Trojan, which will attack a system at some specific realworld time. The other is a relative-time based Trojan, which will be triggered when a specific time period passes after the system is powered on. In either case when a Trojan is triggered its payload may corrupt the system or leakage internal information to the outside world. Experimental results show that the extra power consumption, area overhead and delay time are all quite small and thus the detection of the Trojans is difficult by using traditional side-channel detection methods.

In order to accelerate the image processing speed, in this paper, a multi-core heterogeneous computing technology based on the Xilinx Zynq platform is proposed. The proposed technique could accelerate the real-time video image processing system through hardware acceleration. In order to verify the proposed technique, an Otsu binarized hardware-accelerated IP is designed in FPGA and interacts with ARM through the AXI bus. Compared with the existing homogeneous architecture processor computing, the image processing speed of the proposed technique with multi-core heterogeneous acceleration processing is significantly accelerated.

On ARM processors with TrustZone security extension, asynchronous introspection mechanisms have been developed in the secure world to detect security policy violations in the normal world. These mechanisms provide security protection via passively checking the normal world snapshot. However, since previous secure world checking solutions require to suspend the entire rich OS, asynchronous introspection has not been widely adopted in the real world. Given a multi-core ARM system that can execute the two worlds simultaneously on different cores, secure world introspection can check the rich OS without suspension. However, we identify a new normal-world evasion attack that can defeat the asynchronous introspection by removing the attacking traces in parallel from one core when the security checking is performing on another core. We perform a systematic study on this attack and present its efficiency against existing asynchronous introspection mechanisms. As the countermeasure, we propose a secure and trustworthy asynchronous introspection mechanism called SATIN, which can efficiently detect the evasion attacks by increasing the attackers' evasion time cost and decreasing the defender's execution time under a safe limit. We implement a prototype on an ARM development board and the experimental results show that SATIN can effectively prevent evasion attacks on multi-core systems with a minor system overhead.

This paper studies and describes encrypted communication between IoT cloud and IoT embedded systems. It uses encrypted MQTTS protocol with SSL/TLS certificate. A JSON type data format is used between the cloud structure and the IoT device. The embedded system used in this experiment is Esp32 Wrover. The IoT embedded system measures temperature and humidity from a sensor DHT22. The architecture and software implementation of the experimental stage are also presented.

The Internet of Things (IoT) and RFID devices are essential parts of the new information technology generation. They are mostly characterized by their limited power and computing resources. In order to ensure their security under computing and power constraints, a number of lightweight cryptography algorithms has emerged. This paper outlines the performance analysis of six lightweight blocks crypto ciphers with different structures - LED, PRESENT, HIGHT, LBlock, PICCOLO and TWINE on a LEON3 open source processor. We have implemented these crypto ciphers on the FPGA board using the C language and the LEON3 processor. Analysis of these crypto ciphers is evaluated after considering various benchmark parameters like throughput, execution time, CPU performance, AHB bandwidth, Simulator performance, and speed. These metrics are tested with different key sizes provided by each crypto algorithm.