Designing and Implementing Malicious Hardware Samuel T. King, - - PowerPoint PPT Presentation

designing and implementing malicious hardware
SMART_READER_LITE
LIVE PREVIEW

Designing and Implementing Malicious Hardware Samuel T. King, - - PowerPoint PPT Presentation

Dec 01, 2023 181 likes •452 views

Designing and Implementing Malicious Hardware Samuel T. King, Joseph Tucek, Anthony Cozzie, Chris Grier, Weihang Jiang, and Yuanyuan Zhou Presented by Lauren Biernacki and Shuang Qiu Background Design Fabrication Packaging Testing Assembly

slide-1
SLIDE 1

Designing and Implementing Malicious Hardware

Samuel T. King, Joseph Tucek, Anthony Cozzie, Chris Grier, Weihang Jiang, and Yuanyuan Zhou Presented by Lauren Biernacki and Shuang Qiu

slide-2
SLIDE 2

Background

Design

SoC Supplier

Fabrication

Foundry

Packaging

OSAT

Testing

System OEM

Assembly

EMS Vendor

Integrated Circuit (IC) Supply Chain

https://www.cs.csub.edu/~rabdolee/V LSILab/CadenceSoftware.jpeg http://www.colorcontrol.info/images//p ageImgs/chipNotes/siliconWafer02.pn g http://img.tomshardware.com/us/2000/ 11/20/intel/p4-pic1.jpg https://upload.wikimedia.org/wikipedia /commons/d/d7/PSX-SCPH-5001-Mot herboard.jpg http://www.globalspec.com/ImageRep

  • sitory/LearnMore/20123/pca_area_bi

g63345179e4954563af7c87b4af7d07 e2.png

slide-3
SLIDE 3
  • IBM has developed a trojan circuit that can leak encryption keys using 406

additional gates

  • These trojan circuits are hardcoded modifications to orchestrate simple,

specialized attacks on the underlying hardware

  • No research has been conducted on hardware modifications that can support

multiple types of software based attacks

Previous Work

Novel idea: Design and implement general purpose hardware to support the design of software based attacks.

slide-4
SLIDE 4

Memory Access Mechanism: allows us to bypass the memory management unit Shadow Mode: allows us to execute invisible malicious firmware

Motivation & Goals

  • Privilege Escalation Attack
  • Login Backdoor
  • Stealing Passwords
slide-5
SLIDE 5
  • Visibility: Whether or not evidence of the attack appears on the data or

address bus

  • Flexibility: The hardware design can support various software payloads
  • Timing Perturbations: Reduce the performance impact the modification has
  • n the processor

Motivation & Goals

slide-6
SLIDE 6

Microprocessor MMU TLB

Data Bus D-Cache I-Cache

Main Memory CPU MA Snoop MMU

Address Bus

Hardware Design: Memory Access Mechanism

slide-7
SLIDE 7

Microprocessor MMU TLB

Data Bus D-Cache I-Cache

Main Memory CPU MMU MA Snoop Magic Bytes

Address Bus

Protection Checking Disabled

Hardware Design: Memory Access Mechanism

slide-8
SLIDE 8
  • Visibility: It is visible! Memory accessed when protection checking is

disabled still appears on the bus

  • Flexibility: Gives us the ability to alter any memory, including that belonging

to the operating system

  • Timing Perturbations: These modifications do not influence performance

Hardware Design: Memory Access Mechanism

Requires attacker to already have software running on the system in order to trigger byte sequence

slide-9
SLIDE 9
  • Addresses visibility issue by reserving instruction and data cache lines

specifically for the malicious process

  • Uses software to initiate the attack, supported by hardware alterations

○ Bootstrap code is used to initialize the attack ○ Monitors for a predefined trigger, which initiates malicious firmware

  • Details of the bootstrap attack code depend on assumptions about the

machine

Hardware Design: Shadow Mode

slide-10
SLIDE 10

Microprocessor MMU TLB

Data Bus D-Cache I-Cache

Main Memory

Deubugging Logic

CPU Debugging Logic MMU Debugging Logic

Address Bus

Hardware Design: Shadow Mode

Boots..

slide-11
SLIDE 11

Microprocessor MMU TLB

Data Bus D-Cache I-Cache

Main Memory

Deubugging Logic

CPU Deubugging Logic MMU Debugging Logic

Address Bus Boots.. UDP Header Firmware Magic Bytes

Hardware Design: Shadow Mode

Boots.. UDP H Firmw Magic..

.. ..

slide-12
SLIDE 12

Microprocessor MMU TLB

Data Bus D-Cache I-Cache

Main Memory

Deubugging Logic

CPU Deubugging Logic MMU Debugging Logic

Address Bus Boots.. UDP H Firmw Magic Boots..

.. .. ..

Boots.. UDP H Firmw Magic..

.. ..

UDP H Firmw Magic..

.. ..

Boots Firmw

..

Hardware Design: Shadow Mode

.. .. .. ..

slide-13
SLIDE 13

Microprocessor Microprocessor MMU TLB

Data Bus D-Cache I-Cache

Main Memory

Deubugging Logic

CPU Debugging Logic

Address Bus Firmw..

.. .. ..

Boots..

Hardware Design: Shadow Mode

.. .. .. ..

Boots Firmw

.. ..

slide-14
SLIDE 14
  • Visibility: As long as malicious firmware does not access main memory, the

attack not visible outside the processor

  • Flexibility: Supports “nearly arbitrary” attacks
  • Timing Perturbations: Partitioning the cache does have performance

ramifications that depend on how long Shadow Mode runs

Hardware Design: Shadow Mode

slide-15
SLIDE 15
  • Memory access mechanism

○ Trojaned hardware turns off memory protection.

Attack: Privilege Escalation

Memory Malicious Program Trojaned Hardware

Effective user ID: euid1

slide-16
SLIDE 16
  • Memory access mechanism

○ The program changes its effective user ID to root. ○ The program now runs with full system privileges.

Attack: Privilege Escalation

Memory Malicious Program Trojaned Hardware Kernel memory euid1 → root

Effective user ID: euid1

slide-17
SLIDE 17

Attack: Login Backdoor

UDP Header Firmware Magic Bytes

UDP

Processer

D-Cache I-Cache Boots .. UDP H Firmw Magic Boots ..

.. .. ..

network Attacker Sends

  • Shadow mode mechanism - Transient

○ Attacker sends unsolicited UDP packet ○ Monitor notices the magic byte sequence ○ Target OS inspecting UDP packet triggers trojaned hardware

slide-18
SLIDE 18

Attack: Login Backdoor

Processer

D-Cache I-Cache Boots .. Boots .. Firm-w are Evil-d ata

  • Shadow mode mechanism - Transient

○ Firmware is copied to reserved cache area and activated ○ Attacker logs in as root. ○ Shadow firmware uninstalls automatically.

  • Monitor login application
  • Uname: root, pwd: letmein
  • Make pwd checking return True
slide-19
SLIDE 19

Attack: Stealing Passwords

  • Shadow mode mechanism - Persistent

○ Keep interposing on the write and read library call to steal password

Processer

D-Cache I-Cache Boots .. Boots ..

Malicious Service

  • Interpose on write call, searching

for “Password:” to identify process receiving passwords

  • Record potential passwords on the

following read call

12345

Sign In

Password:

slide-20
SLIDE 20

Attack: Stealing Passwords

  • Shadow mode mechanism - Persistent

○ Use two techniques to leak password out

Processer

D-Cache I-Cache Boots .. Boots ..

  • Directly use system network call
  • Overwrite existing network packet

Password:12345

Malicious Service

slide-21
SLIDE 21

Evaluation

  • Circuit-level perturbations

○ Implemented on FPGA development board with Leon3 processor ○ Modify the processor at the VHDL level ○ Memory access

■ Modify data caches & MMU ■ Memory permission checks are ignored for malicious software

○ Shadow mode

■ Modify instruction and data caches ■ Add new watchpoints and make minor changes to the existing watchpoints

Processor Logic gates Logic gates increment w.r.t. Baseline CPU Lines of VHDL codes VHDL code increment w.r.t. Baseline CPU Baseline CPU 1,787,958

  • 11,195
  • CPU + memory access

1,788,917 959 (0.05%) 11,263 68 CPU + shadow mode 1,789,299 1341 (0.08%) 11,312 117

Table is from the paper “Designing and implementing malicious hardware”

slide-22
SLIDE 22

Evaluation

  • Timing perturbations

○ Various benchmarks

■ Four CPU bound benchmarks: bzip2, gcc, parser, and twolf ■ One I/O bound benchmark: wget ○

Four experimental cases (Login backdoor attack)

■ Baseline: Unmodified hardware and without attacking ■ Known Root: Unmodified hardware. Log in with root password and steal the /etc/shadow file. ■ Transient: Hardware with shadow mode support. “Hit-and-run” style attack. ■ Persistent: Hardware with shadow mode support. Continuously active login backdoor.

Figure is from the paper “Designing and implementing malicious hardware”

slide-23
SLIDE 23

Defense Strategies

  • Detecting via analog perturbations

○ Power analysis

■ Countermeasure: constant power draw circuits

  • Detecting via digital perturbations

○ IC testing with various inputs and outputs

■ Countermeasure: wait for a specific sequence as a trigger

○ Reverse engineering

■ Time-consuming, expensive, destructive

○ Fault-tolerance techniques

■ Hardware redundancy (3m+1 ICs are needed to cope with m malicious ICs) [1]

  • Each single approach is completely ineffective.
  • Malicious hardware defense is a potential research direction.

[1] Lamport, Leslie, Robert Shostak, and Marshall Pease. "The Byzantine generals problem." ACM Transactions on Programming Languages and Systems, 1982

slide-24
SLIDE 24
  • This paper has laid the groundwork for constructing malicious processors.
  • Proposed Two mechanisms: memory access and shadow mode.
  • Implemented 3 attacks: privilege escalation, login backdoor, stealing password.
  • Few hardware modification with less possibility of detection.
  • Malicious hardware defense is a potential research direction.

Conclusions

slide-25
SLIDE 25

Discussion Points

  • Are these attacks truly “invisible”?
  • Should these malicious processors be used over standard Trojan circuits for

an attack?

  • It seems that all the possible defenses are not feasible. Are there any other

potential defense strategies?

  • Is this threat realistic?
Core Hubs:
All Converters PDF Hub Video Hub Audio Hub Image Hub File Compressor