Hardware

group_project

Visible to the public TWC: Small: Collaborative: Practical Hardware-Assisted Always-On Malware Detection

Submitted by Nael Abu-Ghazaleh on Tue, 10/10/2017 - 10:23am

The project explores building support for malware detection in hardware. Malware detection is challenging and resource intensive, as the number and sophistication of malware increases. The resource requirements for malware detection limit its use in practice, leaving malware unchecked on many systems. We use a low level hardware detector to identify malware as a computational anomaly using low level features such as hardware events, instruction mixes and memory address patterns.

group_project

Visible to the public TWC: Medium: Collaborative: Black-Box Evaluation of Cryptographic Entropy at Scale

Submitted by Nadia Heninger on Tue, 10/10/2017 - 10:21am

The ability to generate random numbers -- to flip coins -- is crucial for many computing tasks, from Monte Carlo simulation to secure communications. The theory of building such subsystems to generate random numbers is well understood, but the gap between theory and practice is surprisingly wide. As built today, these subsystems are opaque and fragile. Flaws in these subsystems can compromise the security of millions of Internet hosts.

group_project

Visible to the public CAREER: Exo-Core: An Architecture to Detect Malware as Computational Anomalies

Submitted by tiwari on Mon, 10/09/2017 - 3:36pm

Applications that run on billions of mobile devices backed by enormous datacenters hold the promise of personal, always-on healthcare; of intelligent vehicles and homes; and thus of a healthier, more efficient society. It is imperative to make such applications secure by protecting their integrity and keeping their data confidential. However, malicious programs (``malware'') today can subvert the best software-level defenses by impersonating benign processes on mobile devices or by attacking victim processes through the hardware on shared datacenter servers.

group_project

Visible to the public TWC: Medium: Scaling proof-based verifiable computation

Submitted by Michael Walfish on Mon, 10/09/2017 - 12:15pm

This research addresses a fundamental problem in systems security: how can a machine specify a computation to another one and then, without executing the computation, check that the other machine carried it out correctly? Over the last several years, a new approach to this problem has emerged, based on refining cryptographic and theoretical tools, and incorporating them into built systems. However, despite exciting advances, the resulting systems are still not practical in the normal sense.

group_project

Visible to the public SaTC: STARSS: Hardware Authentication through High-Capacity PUF-Based Secret Key Generation and Lattice Coding

Submitted by Michael Orshansky on Mon, 10/09/2017 - 11:25am

Hardware authentication is one of the critical needs in the emerging discipline of design for assurance and design for security. It is concerned with establishing the authenticity and provenance of Integrated Circuits (ICs) reliably and inexpensively at any point in a chip's life-time. Physical unclonable functions (PUFs) have significant promise as basic primitives for authentication since they can serve as intrinsically-generated hardware roots-of-trust within specific authentication protocols.

group_project

Visible to the public STARSS: Small: Simulation-Based Verification of EM Side-Channel Attack Resilience of Embedded Cryptographic Systems

Submitted by Michael Orshansky on Mon, 10/09/2017 - 11:23am

The widely used encryption algorithms, based both on private- and public-key cryptography, provide provable security guarantees against attacks under an abstract model of computation. In reality, physical systems leak information and the adversarial access is not completely captured by the abstractions in the standard model. Attacks that exploit a physically observable signal, such as power, timing, or electromagnetic (EM) radiation, are known as side-channel attacks. They present a formidable challenge to ensuring the security of existing cryptographic applications.

group_project

Visible to the public CAREER: Re-thinking Electronic Design Automation Algorithms for Secure Outsourced Integrated Circuit Fabrication

Submitted by Siddharth Garg on Fri, 10/06/2017 - 1:56pm

Semiconductor chip fabrication is being increasingly outsourced to off-shore foundries. Outsourced fabrication reduces cost by leveraging economies-of-scale and ensures access to the most advanced manufacturing technology, but comes at the expense of trust. How can the chip designer trust that the off-shore (untrusted) foundry does not pirate its intellectual property (IP), or maliciously modify the integrated circuit (IC) by inserting a hardware Trojan in the chip? This project develops transformative new solutions for trustworthy chip fabrication at off-shore foundries.

group_project

Visible to the public CRII: SaTC: Camera-based mobile device end-user authentication

Submitted by Matthias Kirchner on Fri, 10/06/2017 - 1:42pm

Secure and useable end-user authentication is a major challenge in a modern society that allocates and relocates more and more resources online. As many users nowadays carry a mobile device (e.g., a smartphone), authentication approaches beyond the often-criticized traditional password leverage auxiliary information that can be received by, displayed on, computed by or sent from these omnipresent personal companions.

group_project

Visible to the public STARSS: Small: Side-Channel Analysis and Resiliency Targeting Accelerators

Submitted by David Kaeli on Thu, 08/17/2017 - 8:38pm

The design of social media interfaces greatly shapes how much, and when, people decide to reveal private information. For example, a designer can highlight a new system feature (e.g., your travel history displayed on a map) and show which friends are using this new addition. By making it seem as if sharing is the norm -- after all, your friends are doing it -- the designer signals to the end-user that he can and should participate and share information.