{"title":"单方案木马防护是否足够?","authors":"Yier Jin, Y. Makris","doi":"10.1109/ICCD.2011.6081415","DOIUrl":null,"url":null,"abstract":"We discuss a new type of a structural hardware Trojan, which does not attack the target circuit itself but tries to mute the internal hardening scheme instead. By implementing this type of hardware Trojan, we argue that most of the currently proposed hardware Trojan prevention methods are far from adequate, assuming that attackers are patient, smart and have basic knowledge of the hardening structure. As demonstrated through our work for the CSAW Embedded System Challenge hosted by NYU-Poly in 2010, attackers can easily construct test patterns to “reverse-engineer” the hardening scheme from the Register Transfer Level (RTL) description. A simple look-up table can then invalidate the hardening scheme, even if it is as sophisticated as the Ring Oscillator (RO)-based Trojan prevention method used in this competition. Hence, our conjecture is that any single-scheme Trojan prevention method is insufficient to keep hardware Trojans out of the door and only a combination of several methods is a plausible solution.","PeriodicalId":354015,"journal":{"name":"2011 IEEE 29th International Conference on Computer Design (ICCD)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Is single-scheme Trojan prevention sufficient?\",\"authors\":\"Yier Jin, Y. Makris\",\"doi\":\"10.1109/ICCD.2011.6081415\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We discuss a new type of a structural hardware Trojan, which does not attack the target circuit itself but tries to mute the internal hardening scheme instead. By implementing this type of hardware Trojan, we argue that most of the currently proposed hardware Trojan prevention methods are far from adequate, assuming that attackers are patient, smart and have basic knowledge of the hardening structure. As demonstrated through our work for the CSAW Embedded System Challenge hosted by NYU-Poly in 2010, attackers can easily construct test patterns to “reverse-engineer” the hardening scheme from the Register Transfer Level (RTL) description. A simple look-up table can then invalidate the hardening scheme, even if it is as sophisticated as the Ring Oscillator (RO)-based Trojan prevention method used in this competition. Hence, our conjecture is that any single-scheme Trojan prevention method is insufficient to keep hardware Trojans out of the door and only a combination of several methods is a plausible solution.\",\"PeriodicalId\":354015,\"journal\":{\"name\":\"2011 IEEE 29th International Conference on Computer Design (ICCD)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 IEEE 29th International Conference on Computer Design (ICCD)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCD.2011.6081415\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE 29th International Conference on Computer Design (ICCD)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCD.2011.6081415","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
We discuss a new type of a structural hardware Trojan, which does not attack the target circuit itself but tries to mute the internal hardening scheme instead. By implementing this type of hardware Trojan, we argue that most of the currently proposed hardware Trojan prevention methods are far from adequate, assuming that attackers are patient, smart and have basic knowledge of the hardening structure. As demonstrated through our work for the CSAW Embedded System Challenge hosted by NYU-Poly in 2010, attackers can easily construct test patterns to “reverse-engineer” the hardening scheme from the Register Transfer Level (RTL) description. A simple look-up table can then invalidate the hardening scheme, even if it is as sophisticated as the Ring Oscillator (RO)-based Trojan prevention method used in this competition. Hence, our conjecture is that any single-scheme Trojan prevention method is insufficient to keep hardware Trojans out of the door and only a combination of several methods is a plausible solution.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
