NOVEL SYSTEM FOR HARDWARE-BASED VULNERABILITIES RECOGNITION
Автор: Giorgi Iashvili
Организация: Caucasus University, Paata Saakadze st.1, 0102, Tbilisi, Georgia
Ключевые слова: hardware-based attacks, side-channel, hardware security, modern system, hardware vulnerabilities.
Аннотация. Hardware-based security mechanisms are becoming increasingly popular, but implementing these mechanisms correctly has proved difficult, thus undermining the root of security. This work introduces an effective way to formally verify important properties of such hardware security mechanisms and, consequently, determine the optimal mitigation strategies for each particular use case.The goal of the research that is reported in this paper was to understand the weaknesses of hardware-based devices and related software systems, in order to improve the necessary security mechanisms. The goal of the work is the creation of modern recognition system to identify hardware-based vulnerabilities and provide users with corresponding recommendations. This paper describes an integrated software system that analyzes the potential security threats that may affect a certain hardware-based system, and consequently suggests the optimal solutions. The result of our research is prototype of the system, which is able to collect information about modern hardware-based vulnerabilities and provide user with corresponding recommendations according to concrete scenario. Controlled test of the system was made in the frame of the research. Furthermore, in order to optimize the usability of the reports that the system generate, and the end users overall experience, the algorithmic core will be complemented with relevant machine learning elements. Thus, dedicated analysis routines will analyze the data that is stored in the database, also considering the newly entered data, will combine the available data and eventually add the required supplementary data to the database.
1.Taehyun K. Reinforcing Meltdown Attack by using a Return Stack Buffer / K.Taehyun, S. Youngjoo // IEEE Access - 2019 - P. 186065 – 186077. DOI: 10.1109/ACCESS.2019.2961158
2.ZombieLoad: Cross-Privilege-Boundary Data Sampling / [M. Schwarz, M. Lipp, D. Moghimi, et al.] // ACM SIGSAC Conference on Computer and Communications Security, London, 11-15 November 2019: proceedings. ACM CCS 2019 - P. 753–768.
3.Clavier C. Differential power analysis in the presence of hardware countermeasures / C. Clavier, J-S Coron, N Dabbous // CHES – 2000, Worcester 17-18 August, 2000 - P. 252–263.
4.Schaumont P. Masking and dual-rail logic don’t add up / P Schaumont, K Tiri // Cryptographic hardware and embedded systems, Vienna 10-13 September 2007: proceedings. CHES 2007 – P. 95–106.
5.Abomhara M. Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks / M. Abomhara, Geir M. Køien // Journal of Cyber Security and Mobility – 2015 – Vol. 4, Issue 1. - P. 65-68.
6.Ishai Y. Private Circuits: Securing Hardware against Probing Attacks / Y. Ishai, A.Sahai, D. Wagner. // Advances in Cryptology, Santa Barbara 17-21 August 2003: proceedings. CRYPTO 2003 - Vol. 2729 – P. 463-481.
7.Dan P. Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel / P. Dan // IACR Cryptology ePrint Archive. - 2002. – Vol. 169 – P. 170-184.
8.Samer M. Hardware attacks: an algebraic approach / M. Samer, G. Fayez, G. T. Aaron // Journal of Cryptographic Engineering. – 2006. – Vol. 6 – P. 325-337. DOI: 6. 10.1007/s13389-016-0117-6
9.Hardware attack risk assessment / [M. Samer, F. Gebali, T. Gulliver et al.] // ICES. – 2015. - Vol. 1109. DOI: 10.1109/ICCES.2015.7393073
10.Voyiatzis A. Active hardware attacks and proactive countermeasures / A.Voyiatzis , D. Serpanos // International Symposium on Computers and Communications, Taormina 1-4 July 2002 – Vol. 10 - P. 361 - 366. DOI: 10.1109/ISCC.2002.102170
11.Bouffard G. Combined Software and Hardware Attacks on the Java Card Control Flow / G . Bouffard, J .Iguchi-Cartigny, JL. Lanet // Prouff E. (eds) Smart Card Research and Advanced Applications. – 2011. - Vol. 10 – Issue 2. - P. 283-296. DOI: 10.1007/978-3-642-27257-8_18
12.Exploiting the analog properties of digital circuits for malicious hardware / [Y. Kaiyuan, H. Matthew, D. Qing et al.] // Communications of the ACM – 2017- Vol. 60 – P. 83-91. DOI: 10.1145/3068776
13.Hardware Trojan Attacks: Threat Analysis and Countermeasures / [S. Bhunia, M. S. Hsiao, M. Banga et al.] // International Conference on Communications (ICC), Sydney, 10-14 June 2014: proceedings. – IEEE ICC, 2014 - P. 1229-1247.
14.Lattice Based Merkle / [M. Iavich, G. Iashvili, A. Gagnidze et al.] // IVUS 2019, Kaunas 25 April 2019: proceedings. - CEUR-WS - 2019 – vol. 2470 – P.13-16.
15.Protection against Hardware Trojan Attacks: Towards a Comprehensive Solution / [S. Bhunia, M.Abramovici, D. Agrawal et al.] // IEEE Design & Test – 2013. - Vol. 30 - P. 6-17.
16.Gagnidze A. Novel Version of Merkle Cryptosystem / A. Gagnidze, M. Iavich, G. Iashvili // Bulletin of the Georgian National Academy of Sciences. – 2017. – Vol. 11, Issue 4. – P. 28 – 33.
17.Deogirikar J. Security attacks in IoT: A survey / J. Deogirikar, A. Vidhate // International conference IoT in Social, Mobile, Analytics and Cloud, Coimbatore 10-11 February 2017: proceedings. IEEE, 2017 – P. 32-37.
18.Ronen E. Extended Functionality Attacks on IoT Devices: The Case of Smart Lights / E. Ronen ,A. Shamir // European Symposium on Security and Privacy, Saarbrücken 21-24 March 2016: proceedings. IEEE, 2016 – P. 3-12.