Visible to the public Biblio

Filters: Author is Karri, Ramesh  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
Di Crescenzo, Giovanni, Rajendran, Jeyavijayan, Karri, Ramesh, Memon, Nasir.  2017.  Boolean Circuit Camouflage: Cryptographic Models, Limitations, Provable Results and a Random Oracle Realization. Proceedings of the 2017 Workshop on Attacks and Solutions in Hardware Security. :7–16.

Recent hardware advances, called gate camouflaging, have opened the possibility of protecting integrated circuits against reverse-engineering attacks. In this paper, we investigate the possibility of provably boosting the capability of physical camouflaging of a single Boolean gate into physical camouflaging of a larger Boolean circuit. We first propose rigorous definitions, borrowing approaches from modern cryptography and program obfuscation areas, for circuit camouflage. Informally speaking, gate camouflaging is defined as a transformation of a physical gate that appears to mask the gate to an attacker evaluating the circuit containing this gate. Under this assumption, we formally prove two results: a limitation and a construction. Our limitation result says that there are circuits for which, no matter how many gates we camouflaged, an adversary capable of evaluating the circuit will correctly guess all the camouflaged gates. Our construction result says that if pseudo-random functions exist (a common assumptions in cryptography), a small number of camouflaged gates suffices to: (a) leak no additional information about the camouflaged gates to an adversary evaluating the pseudo-random function circuit; and (b) turn these functions into random oracles. These latter results are the first results on circuit camouflaging provable in a cryptographic model (previously, construction were given under no formal model, and were eventually reverse-engineered, or were argued secure under specific classes of attacks). Our results imply a concrete and provable realization of random oracles, which, even if under a hardware-based assumption, is applicable in many scenarios, including public-key infrastructures. Finding special conditions under which provable realizations of random oracles has been an open problem for many years, since a software only provable implementation of random oracles was proved to be (almost certainly) impossible.

Shayan, Mohammed, Bhattacharjee, Sukanta, Song, Yong-Ak, Chakrabarty, Krishnendu, Karri, Ramesh.  2019.  Can Multi-Layer Microfluidic Design Methods Aid Bio-Intellectual Property Protection? 2019 IEEE 25th International Symposium on On-Line Testing and Robust System Design (IOLTS). :151—154.
Researchers develop bioassays by rigorously experimenting in the lab. This involves significant fiscal and skilled person-hour investment. A competitor can reverse engineer a bioassay implementation by imaging or taking a video of a biochip when in use. Thus, there is a need to protect the intellectual property (IP) rights of the bioassay developer. We introduce a novel 3D multilayer-based obfuscation to protect a biochip against reverse engineering.
Shayan, Mohammed, Bhattacharjee, Sukanta, Song, Yong-Ak, Chakrabarty, Krishnendu, Karri, Ramesh.  2019.  Deceive the Attacker: Thwarting IP Theft in Sieve-Valve-based Biochips. 2019 Design, Automation Test in Europe Conference Exhibition (DATE). :210—215.

Researchers develop bioassays following rigorous experimentation in the lab that involves considerable fiscal and highly-skilled-person-hour investment. Previous work shows that a bioassay implementation can be reverse engineered by using images or video and control signals of the biochip. Hence, techniques must be devised to protect the intellectual property (IP) rights of the bioassay developer. This study is the first step in this direction and it makes the following contributions: (1) it introduces use of a sieve-valve as a security primitive to obfuscate bioassay implementations; (2) it shows how sieve-valves can be used to obscure biochip building blocks such as multiplexers and mixers; (3) it presents design rules and security metrics to design and measure obfuscated biochips. We assess the cost-security trade-offs associated with this solution and demonstrate practical sieve-valve based obfuscation on real-life biochips.

Basu, Kanad, Elnaggar, Rana, Chakrabarty, Krishnendu, Karri, Ramesh.  2019.  PREEMPT: PReempting Malware by Examining Embedded Processor Traces. 2019 56th ACM/IEEE Design Automation Conference (DAC). :1—6.

Anti-virus software (AVS) tools are used to detect Malware in a system. However, software-based AVS are vulnerable to attacks. A malicious entity can exploit these vulnerabilities to subvert the AVS. Recently, hardware components such as Hardware Performance Counters (HPC) have been used for Malware detection. In this paper, we propose PREEMPT, a zero overhead, high-accuracy and low-latency technique to detect Malware by re-purposing the embedded trace buffer (ETB), a debug hardware component available in most modern processors. The ETB is used for post-silicon validation and debug and allows us to control and monitor the internal activities of a chip, beyond what is provided by the Input/Output pins. PREEMPT combines these hardware-level observations with machine learning-based classifiers to preempt Malware before it can cause damage. There are many benefits of re-using the ETB for Malware detection. It is difficult to hack into hardware compared to software, and hence, PREEMPT is more robust against attacks than AVS. PREEMPT does not incur performance penalties. Finally, PREEMPT has a high True Positive value of 94% and maintains a low False Positive value of 2%.

Liang, Tung-Che, Chakrabarty, Krishnendu, Karri, Ramesh.  2019.  Programmable Daisychaining of Microelectrodes for IP Protection in MEDA Biochips. 2019 IEEE International Test Conference (ITC). :1—10.

As digital microfluidic biochips (DMFBs) make the transition to the marketplace for commercial exploitation, security and intellectual property (IP) protection are emerging as important design considerations. Recent studies have shown that DMFBs are vulnerable to reverse engineering aimed at stealing biomolecular protocols (IP theft). The IP piracy of proprietary protocols may lead to significant losses for pharmaceutical and biotech companies. The micro-electrode-dot-array (MEDA) is a next-generation DMFB platform that supports real-time sensing of droplets and has the added advantage of important security protections. However, real-time sensing offers opportunities to an attacker to steal the biochemical IP. We show that the daisychaining of microelectrodes and the use of one-time-programmability in MEDA biochips provides effective bitstream scrambling of biochemical protocols. To examine the strength of this solution, we develop a SAT attack that can unscramble the bitstreams through repeated observations of bioassays executed on the MEDA platform. Based on insights gained from the SAT attack, we propose an advanced defense against IP theft. Simulation results using real-life biomolecular protocols confirm that while the SAT attack is effective for simple instances, our advanced defense can thwart it for realistic MEDA biochips and real-life protocols.

Karfa, Chandan, Chouksey, Ramanuj, Pilato, Christian, Garg, Siddharth, Karri, Ramesh.  2020.  Is Register Transfer Level Locking Secure? 2020 Design, Automation Test in Europe Conference Exhibition (DATE). :550–555.
Register Transfer Level (RTL) locking seeks to prevent intellectual property (IP) theft of a design by locking the RTL description that functions correctly on the application of a key. This paper evaluates the security of a state-of-the-art RTL locking scheme using a satisfiability modulo theories (SMT) based algorithm to retrieve the secret key. The attack first obtains the high-level behavior of the locked RTL, and then use an SMT based formulation to find so-called distinguishing input patterns (DIP)1 The attack methodology has two main advantages over the gate-level attacks. First, since the attack handles the design at the RTL, the method scales to large designs. Second, the attack does not apply separate unlocking strategies for the combinational and sequential parts of a design; it handles both styles via a unifying abstraction. We demonstrate the attack on locked RTL generated by TAO [1], a state-of-the-art RTL locking solution. Empirical results show that we can partially or completely break designs locked by TAO.
Ali, Sk Subidh, Ibrahim, Mohamed, Sinanoglu, Ozgur, Chakrabarty, Krishnendu, Karri, Ramesh.  2016.  Security Assessment of Cyberphysical Digital Microfluidic Biochips. IEEE/ACM Trans. Comput. Biol. Bioinformatics. 13:445–458.

A digital microfluidic biochip (DMFB) is an emerging technology that enables miniaturized analysis systems for point-of-care clinical diagnostics, DNA sequencing, and environmental monitoring. A DMFB reduces the rate of sample and reagent consumption, and automates the analysis of assays. In this paper, we provide the first assessment of the security vulnerabilities of DMFBs. We identify result-manipulation attacks on a DMFB that maliciously alter the assay outcomes. Two practical result-manipulation attacks are shown on a DMFB platform performing enzymatic glucose assay on serum. In the first attack, the attacker adjusts the concentration of the glucose sample and thereby modifies the final result. In the second attack, the attacker tampers with the calibration curve of the assay operation. We then identify denial-of-service attacks, where the attacker can disrupt the assay operation by tampering either with the droplet-routing algorithm or with the actuation sequence. We demonstrate these attacks using a digital microfluidic synthesis simulator. The results show that the attacks are easy to implement and hard to detect. Therefore, this work highlights the need for effective protections against malicious modifications in DMFBs.