A Survey of Hardware Trojan Taxonomy and Detection

Tehranipoor, Mohammad; Koushanfar, Farinaz

doi:10.1109/mdt.2010.7

Cited by 1,065 publications

(285 citation statements)

References 24 publications

Supporting

Mentioning

283

Contrasting

Unclassified

Order By: Relevance

“…A different perspective is to use these side-channel measurements to determine if malware has been inserted into a circuit, either in hardware or software. Numerous side-channel techniques have been proposed [31][32][33][34][35] to detect the presence of malicious hardware in commercial ICs. In [36], the authors demonstrated the ability to determine the class of instructions, based on hardware usage, from power supply side-channel measurements.…”

Section: Ic-level Detectionmentioning

confidence: 99%

Cross-Level Detection Framework for Attacks on Cyber-Physical Systems

et al. 2017

View full text Add to dashboard Cite

Anomaly detection is critical in thwarting malicious attacks on Cyber-Physical Systems. This work presents a novel inference engine that integrates two heterogeneous anomaly detectors, working at different levels of the system architecture, in order to produce a crosslevel detector more effective than either one separately. The macro-or process-level detector uses a bank of observers of the physical plant that estimate the state of the process suspected to be under attack, specifically for its sensor to be compromised, from data gathered by available networked sensors. The estimates are then combined using a Weapons and Systems Engineering Department, U.S. Naval Academy, Annapolis, MD, USA consensus algorithm to determine if the suspect sensor is reporting false readings. The micro-level detector uses timesampled side-channel power measurements of an integrated circuit on the suspect sensor. By comparing power measurements against those from a known good state, differences indicate the code running inside has been altered. The crosslevel detector performs a two-dimensional Neyman-Pearson hypothesis test that declares the presence of an attack on the sensor node. The cross-level detector is shown to be more accurate and less latent than its constituent parts. Detection was tested against a range of False Data Injection attacks on a hardware prototype and the detector performance was measured experimentally. The cross-level detector on average achieved a 93% rate of correct detection, compared with 72 and 85% for the macro-and micro-level detectors, respectively; and a 50% reduction in latency compared to the macro-level detector.

show abstract

Section: Ic-level Detectionmentioning

confidence: 99%

Cross-Level Detection Framework for Attacks on Cyber-Physical Systems

et al. 2017

View full text Add to dashboard Cite

show abstract

“…Numerous important aspects have been addressed, such as key management schemes in mobile ad hoc networks [12] and distributed sensor networks [16], secure routing protocols [7] and localization algorithms [26] to prevent wireless sensor attacks, and privacy protection in RFID systems [34]. However, none of these important contributions address the detection of hardware Trojans (HTs) [22] [40]. HTs are in a sense the most powerful way to complete compromise the security any wireless or other devices because they enable the attacker to bypass all application and system software defense mechanisms, to access any storage element, change access rights of any program, and abuse (e.g., induce high energy consumption) or destroy any piece of hardware.…”

Section: Motivationmentioning

confidence: 99%

Wireless security techniques for coordinated manufacturing and on-line hardware trojan detection

Wei

Potkonjak

2012

Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks

View full text Add to dashboard Cite

This paper addresses the hardware Trojan (HT) attacks that impose severe threats to the security and integrity of wireless networks and systems. We first develop HT attack models by embedding a single HT gate in the target design that triggers advanced malicious attacks. We place the one-gate HT trigger in such a way that it exhibits rare switching activities, consumes ultra-low leakage power, and hides from delay characterizations. Therefore, the HT attack models are capable of bypassing the widely used side channel-based HT detection schemes. Furthermore, based on the HT attack models, we investigate the potential on-line threat models during the system operation and develop an in-field trusted HT detection approach using physical unclonable functions (PUFs). We evaluate the effectiveness of the HT attack and defense models on a set of ISCAS'85, ISCAS'89, and ITC'99 benchmarks.

show abstract

“…With only a few lines of modification in Hardware Description Languages (HDLs), one can introduce malicious behavior that can undermine the correct operation of the entire system. Such design-time injections are also especially difficult to detect due to possible obfuscation [13] and small physical footprints [15]. Since they may be activated under very specific conditions, they are unlikely to be triggered and detected in simulation or functional tests.…”

Section: Introductionmentioning

confidence: 99%

WordRev: Finding word-level structures in a sea of bit-level gates

Gascón

Subramanyan

et al. 2013

2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)

View full text Add to dashboard Cite

Abstract-Systems are increasingly being constructed from offthe-shelf components acquired through a globally distributed and untrusted supply chain. Often only post-synthesis gate-level netlists or actual silicons are available for security inspection. This makes reasoning about hardware trojans particularly challenging given the enormous scale of the problem. Currently, there is no mature methodology that can provide visibility into a bitlevel design in terms of high-level components to allow more comprehensive analysis. In this paper, we present a systemic way of automatically deriving word-level structures from the gatelevel netlist of a digital circuit. Our framework also provides the possibility for a user to specify sequences of word-level operations and it can extract the collection of gates corresponding to those operations. We demonstrate the effectiveness of our approach on a system-on-a-chip (SoC) design consisting of approximately 400,000 IBM 12SOI cells and several open-source designs.

show abstract

A Survey of Hardware Trojan Taxonomy and Detection

Cited by 1,065 publications

References 24 publications

Cross-Level Detection Framework for Attacks on Cyber-Physical Systems

Cross-Level Detection Framework for Attacks on Cyber-Physical Systems

Wireless security techniques for coordinated manufacturing and on-line hardware trojan detection

WordRev: Finding word-level structures in a sea of bit-level gates

Contact Info

Product

Resources

About