toward threat estimation of system memory hardware trojans
play

Toward threat estimation of system memory Hardware Trojans John - PowerPoint PPT Presentation

Jul 10, 2023 •318 likes •411 views

UNCLASSIFIED Toward threat estimation of system memory Hardware Trojans John Shield, Brad Hopkins, Chris North Redefining R&D Needs for Australian Cyber Security UNSW ACCS at ADFA, November 16 th 2015 1 UNCLASSIFIED The Australian

  1. UNCLASSIFIED Toward threat estimation of system memory Hardware Trojans John Shield, Brad Hopkins, Chris North Redefining R&D Needs for Australian Cyber Security UNSW ACCS at ADFA, November 16 th 2015 1

  2. UNCLASSIFIED The Australian Perspective  Australia sources all integrated circuits from overseas  Lack of resources for: – designing – fabricating – testing chips  Majority of supply is from non-allied nations Gartner report "Market Share: Semiconductor Foundry, Worldwide, 2014." Vendor Foundry Location 2014 2014 Market Revenue Share (%) TSMC Taiwan 25,175 53.7 UMC Taiwan 4,621 9.9 Globalfoundries U.S. 4,400 9.4 Samsung 1 South Korea 2,412 5.1 SMIC China 1,970 4.2 2

  3. Hardware Trojans  Modifications to Circuit Boards or Integrated Circuits  We Focus on Integrated Circuits – Harder to verify post-production  Modifications Possible – Functional – Parametric  Outcomes – Leak or Modify Information – Reduce Effectiveness • Denial of service, degradation of service, integrity attacks, etc. 3

  4. Memory Protection  Memory Protection is Key to Software Security – Privilege Levels and Data Isolation DRAM MEMORY CPU HARDWARE Redirected Blocked Memory Hardware Trojan access to Access blocked region Software MMU Valid Memory Access Normal Access Memory DRAM Mapping Mapping 4

  5. Memory Trojan – Exemplar Hardware  Interposer Card  Redirects memory accesses 5

  6. Case Study: Cloud Computing  Breaking: Memory Isolation between Virtual Machines  Description: Data modification of corporate email in a corporate VM using an public VM 6

  7. Case Study: Guest Accounts  Breaking: Privileged (kernel) Mode and User Mode  Description: Overwriting a root executable by a guest user to gain root access 7

  8. System Memory Trojan Threat  Threat Level – High Threat: Software security hinges on memory protection  Securing Procurement – Not viable  Defence Mechanisms – None Commercially Available 8

  9. Threat Mitigation Strategy  DST Group – Trustworthy Systems Research – Research: Trustworthy circuit design using untrusted components – Provides Australian defence context and applications – Collaboration: Integrate external S&T and Industry  Academia – Research: Trustworthy software (eg seL4) – Research: Security primitives for hardware & processors  Industry - Partner early for – Technology insertion – Transition into capability 9

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Hardware Trojans: A Threat for CyberSecurity Julien Francq julien.francq@cassidian.com

Hardware Trojans: A Threat for CyberSecurity Julien Francq julien.francq@cassidian.com

Hardware Trojans: A Threat for CyberSecurity Julien Francq julien.francq@cassidian.com Cassidian CyberSecurity 2013, July the 8th Introduction to Hardware Trojans Hardware Trojan Taxonomy HT Detection Methods Design for Hardware Trust

1.57k views • 74 slides
HOST Hardware Trojans I ECE 525 Hardware Trojans (HT) What is a hardware Trojan? A deliberate

HOST Hardware Trojans I ECE 525 Hardware Trojans (HT) What is a hardware Trojan? A deliberate

HOST Hardware Trojans I ECE 525 Hardware Trojans (HT) What is a hardware Trojan? A deliberate and malicious change to an IC that adds or removes functionality or reduces reliability The modifications may be designed to leak sensitive

394 views • 23 slides
Detecting Hardware Trojans: A Tale of Two Techniques Sharad Malik sharad@princeton.edu FMCAD

Detecting Hardware Trojans: A Tale of Two Techniques Sharad Malik sharad@princeton.edu FMCAD

Detecting Hardware Trojans: A Tale of Two Techniques Sharad Malik sharad@princeton.edu FMCAD 2015 Hardware Security and Hardware Trojans User apps Each layer trusts all layers below it Kernel Hypervisor More privilege Widely

706 views • 49 slides
How to Attack the IoT with Hardware Trojans Janet Lackey under CC license hardwear.io Den Haag,

How to Attack the IoT with Hardware Trojans Janet Lackey under CC license hardwear.io Den Haag,

How to Attack the IoT with Hardware Trojans Janet Lackey under CC license hardwear.io Den Haag, September 22, 2017 Christof Paar Ruhr Universitt Bochum & University of Massachusetts Amherst Acknowledgement Georg Becker Pawel

616 views • 40 slides
Why We Should Be Worried about Hardware Trojans Janet Lackey under CC license The Summer Research

Why We Should Be Worried about Hardware Trojans Janet Lackey under CC license The Summer Research

Why We Should Be Worried about Hardware Trojans Janet Lackey under CC license The Summer Research Institute 2018 EPFL, June 18, 2018 Christof Paar Ruhr Universitt Bochum & University of Massachusetts Amherst Acknowledgement Georg Becker

449 views • 40 slides
How to Attack the IoT with Hardware Trojans Janet Lackey under CC license CROSSING Conference

How to Attack the IoT with Hardware Trojans Janet Lackey under CC license CROSSING Conference

16.05.2017 How to Attack the IoT with Hardware Trojans Janet Lackey under CC license CROSSING Conference Darmstadt, May 16, 2017 Christof Paar Ruhr Universitt Bochum Acknowledgement Georg Becker Pawel Swierczynski Marc Fyrbiak 1

593 views • 20 slides
Efficient Control-Flow Subgraph Matching for Detecting Hardware Trojans in RTL Models L.

Efficient Control-Flow Subgraph Matching for Detecting Hardware Trojans in RTL Models L.

ACM/IEEE CODES + ISSS 2017, Seoul, South Korea Efficient Control-Flow Subgraph Matching for Detecting Hardware Trojans in RTL Models L. Piccolboni 1,2 , A. Menon 2 , and G. Pravadelli 2 1 Columbia University, New York, NY, USA 2 University of

840 views • 60 slides
Unit 7: Virtual Memory TLBs and memory hierarchy issues

Unit 7: Virtual Memory TLBs and memory hierarchy issues

This Unit: Virtual Memory App App App The operating system (OS) System software A super-application Hardware support for an OS CIS 501: Computer Architecture Mem CPU I/O Virtual memory Page tables and address translation

554 views • 10 slides
HOST Hardware Trojans III ECE 525 Seminal Trojan Detection Method D. Agrawal, S. Baktir, D.

HOST Hardware Trojans III ECE 525 Seminal Trojan Detection Method D. Agrawal, S. Baktir, D.

HOST Hardware Trojans III ECE 525 Seminal Trojan Detection Method D. Agrawal, S. Baktir, D. Karakoyunlu, P. Rohatgi, B. Sunar, Trojan Detection using IC Fingerprinting, Symposium on Security and Privacy, 2007, pp. 296 - 310 They use noise

543 views • 37 slides
This Unit: Virtual Memory App App App The operating system (OS) System software A

This Unit: Virtual Memory App App App The operating system (OS) System software A

This Unit: Virtual Memory App App App The operating system (OS) System software A super-application CIS 371 Hardware support for an OS Mem CPU I/O Virtual memory Computer Organization and Design Page tables and address

239 views • 10 slides
Virtual Memory 11/8/16 (election day) Vote! Recall: the job of the OS The OS is an interface

Virtual Memory 11/8/16 (election day) Vote! Recall: the job of the OS The OS is an interface

Virtual Memory 11/8/16 (election day) Vote! Recall: the job of the OS The OS is an interface layer between a users programs and hardware. Program Operating System Computer Hardware It provides an abstract view of the hardware that

882 views • 50 slides
Process Abstraction Physical Hardware Instruction Memory I/O Devices Set Registers MMU

Process Abstraction Physical Hardware Instruction Memory I/O Devices Set Registers MMU

Process Abstraction Physical Hardware Instruction Memory I/O Devices Set Registers MMU Virtual Memory Operating System System Calls CS 140 Lecture Notes: Virtual Machines Slide 1 Process Abstraction Physical Hardware Instruction

60 views • 4 slides
The Memory Hierarchy 10/25/16 Transition First half of course: hardware focus How the

The Memory Hierarchy 10/25/16 Transition First half of course: hardware focus How the

The Memory Hierarchy 10/25/16 Transition First half of course: hardware focus How the hardware is constructed How the hardware works How to interact with hardware Second half: performance and software systems Memory

480 views • 35 slides
Outline Cache coherence the hardware view 1 2 Synchronization and memory consistency review 3

Outline Cache coherence the hardware view 1 2 Synchronization and memory consistency review 3

Outline Cache coherence the hardware view 1 2 Synchronization and memory consistency review 3 C11 Atomics 4 Avoiding locks 1 / 43 Important memory system properties Coherence concerns accesses to a single memory location - Must obey

858 views • 48 slides
High Performance Hardware, High Performance Hardware, Memory & CPU Memory & CPU Step

High Performance Hardware, High Performance Hardware, Memory & CPU Memory & CPU Step

High Performance Hardware, High Performance Hardware, Memory & CPU Memory & CPU Step Back, Look Inside, Many Dont Insight, not numbers! Face real world 6 GB/s CPU B K 2 3 cache 2 GB Rubin H. Landau Rubin H. Landau RAM 2

671 views • 13 slides
A Realistic Evaluation of Memory Hardware Errors and Software System Susceptibility Xin Li 1

A Realistic Evaluation of Memory Hardware Errors and Software System Susceptibility Xin Li 1

A Realistic Evaluation of Memory Hardware Errors and Software System Susceptibility Xin Li 1 Michael Huang 1 Kai Shen 2 Lingkun Chu 3 1 Department of Electrical and Computer Engineering University of Rochester 2 Department of Computer Science

504 views • 29 slides
Computer Security Summer Scholars 2018 Matt Vander Werf HPC System Administrator Security in

Computer Security Summer Scholars 2018 Matt Vander Werf HPC System Administrator Security in

Computer Security Summer Scholars 2018 Matt Vander Werf HPC System Administrator Security in HPC HPC is especially a target for hackers and malicious acts Why? Security in HPC Prestige Computing resources Financial Gain

446 views • 30 slides
A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter Reiher Manu Shantharam & David Hadka What is DoS? DoS A type of attack wherein access to computer resource / service is denied or

380 views • 18 slides
I S Is a Student Loan Crisis on the Horizon? d L C i i h H i ? Understanding Changes in

I S Is a Student Loan Crisis on the Horizon? d L C i i h H i ? Understanding Changes in

I S Is a Student Loan Crisis on the Horizon? d L C i i h H i ? Understanding Changes in the Distribution of Student Loan Debt over Time f St d t L D bt Ti Beth Akers, Matthew Chingos, and Alice Henriques Brown Center on Education

336 views • 31 slides
Annual Results Presentation For the year ended 30 June 2015 Highlights +22% +14% +15% Revenue

Annual Results Presentation For the year ended 30 June 2015 Highlights +22% +14% +15% Revenue

Annual Results Presentation For the year ended 30 June 2015 Highlights +22% +14% +15% Revenue Operating profit Normalised headline EPS FY 2015 8.4 FY 2015 1 219 FY 2015 36.1 FY 2014 29.5 FY 2014 7.4 FY 2014 1 064 R'billion

904 views • 68 slides
Msg*Log: Reliable Messaging for Cougaar Object Services and Consulting, Inc. Steve Ford, Craig

Msg*Log: Reliable Messaging for Cougaar Object Services and Consulting, Inc. Steve Ford, Craig

Msg*Log: Reliable Messaging for Cougaar Object Services and Consulting, Inc. Steve Ford, Craig Thompson, David Wells, Tom Bannon {ford, thompson, wells, bannon}@objs.com http://www.objs.com/ultralog Steve Ford, Craig Thompson, David Wells, Tom

387 views • 14 slides
Decentralized Cloud Storage Putting Data in the Cloud without Losing Control Introduction +

Decentralized Cloud Storage Putting Data in the Cloud without Losing Control Introduction +

Decentralized Cloud Storage Putting Data in the Cloud without Losing Control Introduction + David Vorick, CEO + Blockchain Expert + Bitcoin enthusiast since 2011 + Full time Blockchain Engineer since 2014 + Co-founded Sia in 2014 + Sia

453 views • 28 slides
NRIC VI FG4 Broadband Report for December 5th 2003 Network Reliability and Interoperability

NRIC VI FG4 Broadband Report for December 5th 2003 Network Reliability and Interoperability

NRIC VI FG4 Broadband Report for December 5th 2003 Network Reliability and Interoperability Council FG4 Participation Network Reliability and Interoperability Council b Mission Statement Network Reliability and Interoperability Council

824 views • 49 slides
Earnings Presentation July 29, 2016 Agenda Strategic Review Edward Tilly Chief Executive

Earnings Presentation July 29, 2016 Agenda Strategic Review Edward Tilly Chief Executive

Second Quarter 2016 Earnings Presentation July 29, 2016 Agenda Strategic Review Edward Tilly Chief Executive Officer Financial Review Alan Dean Executive Vice President, CFO and Treasurer Questions and Answers Edward Tilly Alan Dean

539 views • 41 slides

More recommend