Visible to the public Biblio

Found 531 results

Filters: Keyword is Hardware  [Clear All Filters]
2022-06-10
Kropp, Alexander, Schwalbe, Mario, Tsokalo, Ievgenii A., Süβkraut, Martin, Schmoll, Robert-Steve, Fitzek, Frank H.P..  2021.  Reliable Control for Robotics - Hardware Resilience Powered by Software. 2021 IEEE 18th Annual Consumer Communications Networking Conference (CCNC). :1–2.
Industry 4.0 is now much more than just a buzzword. However, with the advancement of automation through digitization and softwarization of dedicated hardware, applications are also becoming more susceptible to random hardware errors in the calculation. This cyber-physical demonstrator uses a robotic application to show the effects that even single bit flips can have in the real world due to hardware errors. Using the graphical user interface including the human machine interface, the audience can generate hardware errors in the form of bit flips and see their effects live on the robot. In this paper we will be showing a new technology, the SIListra Safety Transformer (SST), that makes it possible to detect those kind of random hardware errors, which can subsequently make safety-critical applications more reliable.
2022-06-09
Saputro, Elang Dwi, Purwanto, Yudha, Ruriawan, Muhammad Faris.  2021.  Medium Interaction Honeypot Infrastructure on The Internet of Things. 2020 IEEE International Conference on Internet of Things and Intelligence System (IoTaIS). :98–102.
New technologies from day to day are submitted with many vulnerabilities that can make data exploitation. Nowadays, IoT is a target for Cybercrime attacks as it is one of the popular platforms in the century. This research address the IoT security problem by carried a medium-interaction honeypot. Honeypot is one of the solutions that can be done because it is a system feed for the introduction of attacks and fraudulent devices. This research has created a medium interaction honeypot using Cowrie, which is used to maintain the Internet of Things device from malware attacks or even attack patterns and collect information about the attacker's machine. From the result analysis, the honeypot can record all trials and attack activities, with CPU loads averagely below 6,3%.
Duong-Ngoc, Phap, Tan, Tuy Nguyen, Lee, Hanho.  2021.  Configurable Butterfly Unit Architecture for NTT/INTT in Homomorphic Encryption. 2021 18th International SoC Design Conference (ISOCC). :345–346.
This paper proposes a configurable architecture of butterfly unit (BU) supporting number theoretic transform (NTT) and inverse NTT (INTT) accelerators in the ring learning with error based homomorphic encryption. The proposed architecture is fully pipelined and carefully optimized the critical path delay. To compare with related works, several BU designs of different bit-size specific primes are synthesized and successfully placed-and-routed on the Xilinx Zynq UltraScale+ ZCU102 FPGA platform. Implementation results show that the proposed BU designs achieve 3× acceleration with more efficient resource utilization compared with previous works. Thus, the proposed BU architecture is worthwhile to develop NTTINTT accelerators in advanced homomorphic encryption systems.
Aman, Muhammad Naveed, Sikdar, Biplab.  2021.  AI Based Algorithm-Hardware Separation for IoV Security. 2021 IEEE Globecom Workshops (GC Wkshps). :1–6.
The Internet of vehicles is emerging as an exciting application to improve safety and providing better services in the form of active road signs, pay-as-you-go insurance, electronic toll, and fleet management. Internet connected vehicles are exposed to new attack vectors in the form of cyber threats and with the increasing trend of cyber attacks, the success of autonomous vehicles depends on their security. Existing techniques for IoV security are based on the un-realistic assumption that all the vehicles are equipped with the same hardware (at least in terms of computational capabilities). However, the hardware platforms used by various vehicle manufacturers are highly heterogeneous. Therefore, a security protocol designed for IoVs should be able to detect the computational capabilities of the underlying platform and adjust the security primitives accordingly. To solve this issue, this paper presents a technique for algorithm-hardware separation for IoV security. The proposed technique uses an iterative routine and the corresponding execution time to detect the computational capabilities of a hardware platform using an artificial intelligence based inference engine. The results on three different commonly used micro-controllers show that the proposed technique can effectively detect the type of hardware platform with up to 100% accuracy.
2022-06-08
Aksoy, Levent, Nguyen, Quang-Linh, Almeida, Felipe, Raik, Jaan, Flottes, Marie-Lise, Dupuis, Sophie, Pagliarini, Samuel.  2021.  High-level Intellectual Property Obfuscation via Decoy Constants. 2021 IEEE 27th International Symposium on On-Line Testing and Robust System Design (IOLTS). :1–7.
This paper presents a high-level circuit obfuscation technique to prevent the theft of intellectual property (IP) of integrated circuits. In particular, our technique protects a class of circuits that relies on constant multiplications, such as neural networks and filters, where the constants themselves are the IP to be protected. By making use of decoy constants and a key-based scheme, a reverse engineer adversary at an untrusted foundry is rendered incapable of discerning true constants from decoys. The time-multiplexed constant multiplication (TMCM) block of such circuits, which realizes the multiplication of an input variable by a constant at a time, is considered as our case study for obfuscation. Furthermore, two TMCM design architectures are taken into account; an implementation using a multiplier and a multiplierless shift-adds implementation. Optimization methods are also applied to reduce the hardware complexity of these architectures. The well-known satisfiability (SAT) and automatic test pattern generation (ATPG) based attacks are used to determine the vulnerability of the obfuscated designs. It is observed that the proposed technique incurs small overheads in area, power, and delay that are comparable to the hardware complexity of prominent logic locking methods. Yet, the advantage of our approach is in the insight that constants - instead of arbitrary circuit nodes - become key-protected.
Yasaei, Rozhin, Yu, Shih-Yuan, Naeini, Emad Kasaeyan, Faruque, Mohammad Abdullah Al.  2021.  GNN4IP: Graph Neural Network for Hardware Intellectual Property Piracy Detection. 2021 58th ACM/IEEE Design Automation Conference (DAC). :217–222.
Aggressive time-to-market constraints and enormous hardware design and fabrication costs have pushed the semiconductor industry toward hardware Intellectual Properties (IP) core design. However, the globalization of the integrated circuits (IC) supply chain exposes IP providers to theft and illegal redistribution of IPs. Watermarking and fingerprinting are proposed to detect IP piracy. Nevertheless, they come with additional hardware overhead and cannot guarantee IP security as advanced attacks are reported to remove the watermark, forge, or bypass it. In this work, we propose a novel methodology, GNN4IP, to assess similarities between circuits and detect IP piracy. We model the hardware design as a graph and construct a graph neural network model to learn its behavior using the comprehensive dataset of register transfer level codes and gate-level netlists that we have gathered. GNN4IP detects IP piracy with 96% accuracy in our dataset and recognizes the original IP in its obfuscated version with 100% accuracy.
2022-06-06
Jobst, Matthias, Liu, Chen, Partzsch, Johannes, Yan, Yexin, Kappel, David, Gonzalez, Hector A., Ji, Yue, Vogginger, Bernhard, Mayr, Christian.  2020.  Event-based Neural Network for ECG Classification with Delta Encoding and Early Stopping. 2020 6th International Conference on Event-Based Control, Communication, and Signal Processing (EBCCSP). :1–4.
We present a scalable architecture based on a trained filter bank for input pre-processing and a recurrent neural network (RNN) for the detection of atrial fibrillation in electrocardiogram (ECG) signals, with the focus on enabling a very efficient hardware implementation as application-specific integrated circuit (ASIC). Our already very efficient base architecture is further improved by replacing the RNN with a delta-encoded gated recurrent unit (GRU) and adding a confidence measure (CM) for terminating the computation as early as possible. With these optimizations, we demonstrate a reduction of the processing load of 58 % on an internal dataset while still achieving near state-of-the-art classification results on the Physionet ECG dataset with only 1202 parameters.
Itodo, Cornelius, Varlioglu, Said, Elsayed, Nelly.  2021.  Digital Forensics and Incident Response (DFIR) Challenges in IoT Platforms. 2021 4th International Conference on Information and Computer Technologies (ICICT). :199–203.
The rapid progress experienced in the Internet of Things (IoT) space is one that has introduced new and unique challenges for cybersecurity and IoT-Forensics. One of these problems is how digital forensics and incident response (DFIR) are handled in IoT. Since enormous users use IoT platforms to accomplish their day to day task, massive amounts of data streams are transferred with limited hardware resources; conducting DFIR needs a new approach to mitigate digital evidence and incident response challenges owing to the facts that there are no unified standard or classified principles for IoT forensics. Today's IoT DFIR relies on self-defined best practices and experiences. Given these challenges, IoT-related incidents need a more structured approach in identifying problems of DFIR. In this paper, we examined the major DFIR challenges in IoT by exploring the different phases involved in a DFIR when responding to IoT-related incidents. This study aims to provide researchers and practitioners a road-map that will help improve the standards of IoT security and DFIR.
Lin, Kunli, Xia, Haojun, Zhang, Kun, Tu, Bibo.  2021.  AddrArmor: An Address-based Runtime Code-reuse Attack Mitigation for Shared Objects at the Binary-level. 2021 IEEE Intl Conf on Parallel Distributed Processing with Applications, Big Data Cloud Computing, Sustainable Computing Communications, Social Computing Networking (ISPA/BDCloud/SocialCom/SustainCom). :117–124.
The widespread adoption of DEP has made most modern attacks follow the same general steps: Attackers try to construct code-reuse attacks by using vulnerable indirect branch instructions in shared objects after successful exploits on memory vulnerabilities. In response to code-reuse attacks, researchers have proposed a large number of defenses. However, most of them require access to source code and/or specific hardware features. These limitations hinder the deployment of these defenses much.In this paper, we propose an address-based code-reuse attack mitigation for shared objects at the binary-level. We emphasize that the execution of indirect branch instruction must follow several principles we propose. More specifically, we first reconstruct function boundaries at the program’s dynamic-linking stage by combining shared object’s dynamic symbols with binary-level instruction analysis. We then leverage static instrumentation to hook vulnerable indirect branch instructions to a novel target address computation and validation routine. At runtime, AddrArmor will protect against code-reuse attacks based on the computed target address.Our experimental results show that AddrArmor provides a strong line of defense against code reuse attacks, and has an acceptable performance overhead of about 6.74% on average using SPEC CPU 2006.
2022-05-24
Fazea, Yousef, Mohammed, Fathey, Madi, Mohammed, Alkahtani, Ammar Ahmed.  2021.  Review on Network Function Virtualization in Information-Centric Networking. 2021 International Conference of Technology, Science and Administration (ICTSA). :1–6.
Network function virtualization (NFV / VNF) and information-centric networking (ICN) are two trending technologies that have attracted expert's attention. NFV is a technique in which network functions (NF) are decoupling from commodity hardware to run on to create virtual communication services. The virtualized class nodes can bring several advantages such as reduce Operating Expenses (OPEX) and Capital Expenses (CAPEX). On the other hand, ICN is a technique that breaks the host-centric paradigm and shifts the focus to “named information” or content-centric. ICN provides highly efficient content retrieval network architecture where popular contents are cached to minimize duplicate transmissions and allow mobile users to access popular contents from caches of network gateways. This paper investigates the implementation of NFV in ICN. Besides, reviewing and discussing the weaknesses and strengths of each architecture in a critical analysis manner of both network architectures. Eventually, highlighted the current issues and future challenges of both architectures.
Daughety, Nathan, Pendleton, Marcus, Xu, Shouhuai, Njilla, Laurent, Franco, John.  2021.  vCDS: A Virtualized Cross Domain Solution Architecture. MILCOM 2021 - 2021 IEEE Military Communications Conference (MILCOM). :61–68.
With the paradigm shift to cloud-based operations, reliable and secure access to and transfer of data between differing security domains has never been more essential. A Cross Domain Solution (CDS) is a guarded interface which serves to execute the secure access and/or transfer of data between isolated and/or differing security domains defined by an administrative security policy. Cross domain security requires trustworthiness at the confluence of the hardware and software components which implement a security policy. Security components must be relied upon to defend against widely encompassing threats – consider insider threats and nation state threat actors which can be both onsite and offsite threat actors – to information assurance. Current implementations of CDS systems use suboptimal Trusted Computing Bases (TCB) without any formal verification proofs, confirming the gap between blind trust and trustworthiness. Moreover, most CDSs are exclusively operated by Department of Defense agencies and are not readily available to the commercial sectors, nor are they available for independent security verification. Still, more CDSs are only usable in physically isolated environments such as Sensitive Compartmented Information Facilities and are inconsistent with the paradigm shift to cloud environments. Our purpose is to address the question of how trustworthiness can be implemented in a remotely deployable CDS that also supports availability and accessibility to all sectors. In this paper, we present a novel CDS system architecture which is the first to use a formally verified TCB. Additionally, our CDS model is the first of its kind to utilize a computation-isolation approach which allows our CDS to be remotely deployable for use in cloud-based solutions.
2022-05-19
Takemoto, Shu, Ikezaki, Yoshiya, Nozaki, Yusuke, Yoshikawa, Masaya.  2021.  Hardware Trojan for Lightweight Cryptoraphy Elephant. 2021 IEEE 10th Global Conference on Consumer Electronics (GCCE). :944–945.
While a huge number of IoT devices are connecting to the cyber physical systems, the demand for security of these devices are increasing. Due to the demand, world-wide competition for lightweight cryptography oriented towards small devices have been held. Although tamper resistance against illegal attacks were evaluated in the competition, there is no evaluation for embedded malicious circuits such as hardware Trojan.To achieve security evaluation for embedded malicious circuits, this study proposes an implementation method of hardware Trojan for Elephant which is one of the finalists in the competition. And also, the implementation overhead of hardware Trojans and the security risk of hardware Trojan are evaluated.
Kösemen, Cem, Dalkiliç, Gökhan.  2021.  Tamper Resistance Functions on Internet of Things Devices. 2021 Innovations in Intelligent Systems and Applications Conference (ASYU). :1–5.
As the number of Internet of things devices increases, there is a growing importance of securely managing and storing the secret and private keys in these devices. Public-key cryptosystems or symmetric encryption algorithms both use special keys that need to be kept secret from other peers in the network. Additionally, ensuring the integrity of the installed application firmware of these devices is another security problem. In this study, private key storage methods are explained in general. Also, ESP32-S2 device is used for experimental case study for its robust built-in trusted platform module. Secure boot and flash encryption functionalities of ESP32-S2 device, which offers a solution to these security problems, are explained and tested in detail.
Sankaran, Sriram, Mohan, Vamshi Sunku, Purushothaman., A.  2021.  Deep Learning Based Approach for Hardware Trojan Detection. 2021 IEEE International Symposium on Smart Electronic Systems (iSES). :177–182.
Hardware Trojans are modifications made by malicious insiders or third party providers during the design or fabrication phase of the IC (Integrated Circuits) design cycle in a covert manner. These cause catastrophic consequences ranging from manipulating the functionality of individual blocks to disabling the entire chip. Thus, a need for detecting trojans becomes necessary. In this work, we propose a deep learning based approach for detecting trojans in IC chips. In particular, we insert trojans at the circuit-level and generate data by measuring power during normal operation and under attack. Further, we develop deep learning models using Neural networks and Auto-encoders to analyze datasets for outlier detection by profiling the normal behavior and leveraging them to detect anomalies in power consumption. Our approach is generic and non-invasive in that it can be applied to any block without any modifications to the design. Evaluation of the proposed approach shows an accuracy ranging from 92.23% to 99.33% in detecting trojans.
Ali, Nora A., Shokry, Beatrice, Rumman, Mahmoud H., ElSayed, Hany M., Amer, Hassanein H., Elsoudani, Magdy S..  2021.  Low-overhead Solutions For Preventing Information Leakage Due To Hardware Trojan Horses. 2021 16th International Conference on Computer Engineering and Systems (ICCES). :1–5.
The utilization of Third-party modules is very common nowadays. Hence, combating Hardware Trojans affecting the applications' functionality and data security becomes inevitably essential. This paper focuses on the detection/masking of Hardware Trojans' undesirable effects concerned with spying and information leakage due to the growing care about applications' data confidentiality. It is assumed here that the Trojan-infected system consists mainly of a Microprocessor module (MP) followed by an encryption module and then a Medium Access Control (MAC) module. Also, the system can be application-specific integrated circuit (ASIC) based or Field Programmable Gate Arrays (FPGA) based. A general solution, including encryption, CRC encoder/decoder, and zero padding modules, is presented to handle such Trojans. Special cases are then discussed carefully to prove that Trojans will be detected/masked with a corresponding overhead that depends on the Trojan's location, and the system's need for encryption. An implementation of the CRC encoder along with the zero padding module is carried out on an Altera Cyclone IV E FPGA to illustrate the extra resource utilization required by such a system, given that it is already using encryption.
Su, Yu, Shen, Haihua, Lu, Renjie, Ye, Yunying.  2021.  A Stealthy Hardware Trojan Design and Corresponding Detection Method. 2021 IEEE International Symposium on Circuits and Systems (ISCAS). :1–6.
For the purpose of stealthiness, trigger-based Hardware Trojans(HTs) tend to have at least one trigger signal with an extremely low transition probability to evade the functional verification. In this paper, we discuss the correlation between poor testability and low transition probability, and then propose a kind of systematic Trojan trigger model with extremely low transition probability but reasonable testability, which can disable the Controllability and Observability for hardware Trojan Detection (COTD) technique, an efficient HT detection method based on circuits testability. Based on experiments and tests on circuits, we propose that the more imbalanced 0/1-controllability can indicate the lower transition probability. And a trigger signal identification method using the imbalanced 0/1-controllability is proposed. Experiments on ISCAS benchmarks show that the proposed method can obtain a 100% true positive rate and average 5.67% false positive rate for the trigger signal.
Wang, Yuze, Liu, Peng, Han, Xiaoxia, Jiang, Yingtao.  2021.  Hardware Trojan Detection Method for Inspecting Integrated Circuits Based on Machine Learning. 2021 22nd International Symposium on Quality Electronic Design (ISQED). :432–436.
Nowadays malicious vendors can easily insert hardware Trojans into integrated circuit chips as the entire integrated chip supply chain involves numerous design houses and manufacturers on a global scale. It is thereby becoming a necessity to expose any possible hardware Trojans, if they ever exist in a chip. A typical Trojan circuit is made of a trigger and a payload that are interconnected with a trigger net. As trigger net can be viewed as the signature of a hardware Trojan, in this paper, we propose a gate-level hardware Trojan detection method and model that can be applied to screen the entire chip for trigger nets. In specific, we extract the trigger-net features for each net from known netlists and use the machine learning method to train multiple detection models according to the trigger modes. The detection models are used to identify suspicious trigger nets from the netlist of the integrated circuit under detection, and score each net in terms of suspiciousness value. By flagging the top 2% suspicious nets with the highest suspiciousness values, we shall be able to detect majority hardware Trojans, with an average accuracy rate of 96%.
Sai Sruthi, Ch, Lohitha, M, Sriniketh, S.K, Manassa, D, Srilakshmi, K, Priyatharishini, M.  2021.  Genetic Algorithm based Hardware Trojan Detection. 2021 7th International Conference on Advanced Computing and Communication Systems (ICACCS). 1:1431–1436.
There is an increasing concern about possible hostile modification done to ICs, which are used in various critical applications. Such malicious modifications are referred to as Hardware Trojan. A novel procedure to detect these malicious Trojans using Genetic algorithm along with the logical masking technique which masks the Trojan module when embedded is presented in this paper. The circuit features such as transition probability and SCOAP are used as suitable parameters to identify the rare nodes which are more susceptible for Trojan insertion. A set of test patterns called optimal test patterns are generated using Genetic algorithm to claim that these test vectors are more feasible to detect the presence of Trojan in the circuit under test. The proposed methodologies are validated in accordance with ISCAS '85 and ISCAS '89 benchmark circuits. The experimental results proven that it achieves maximum Trigger coverage, Trojan coverage and is also able to successfully mask the inserted Trojan when it is triggered by the optimal test patterns.
S, Deepthi, R, Ramesh S., M, Nirmala Devi.  2021.  Hardware Trojan Detection using Ring Oscillator. 2021 6th International Conference on Communication and Electronics Systems (ICCES). :362–368.
Hardware Trojans are malicious modules causing vulnerabilities in designs. Secured hardware designs are desirable in almost all applications. So, it is important to make a trustworthy design that actually exposes malfunctions when a Trojan is present in it. Recently, ring oscillator based detection methods are gaining prominence as they help in detecting Trojans accurately. In this work, a non-destructive method of Trojan detection by modifying the circuit paths into oscillators is proposed. The change in frequencies of ring oscillators upon taking the process corners into account, indicate the presence of Trojans. Since Transient Effect Ring Oscillators (TERO) are also emerging as a good alternative to classical ring oscillators in Trojan detection, an effort is made to analyze the detection capability. Evaluation is done using ISCAS'85 benchmark circuits. Comparison is done in terms of frequency and findings indicate that TERO based Trojan detection is precise. Evaluation is carried out using Xilinx Vivado and ModelSim platforms.
Basu, Subhashree, Kule, Malay, Rahaman, Hafizur.  2021.  Detection of Hardware Trojan in Presence of Sneak Path in Memristive Nanocrossbar Circuits. 2021 International Symposium on Devices, Circuits and Systems (ISDCS). :1–4.
Memristive nano crossbar array has paved the way for high density memories but in a very low power environment. But such high density circuits face multiple problems at the time of implementation. The sneak path problem in crossbar array is one such problem which causes difficulty in distinguishing the logical states of the memristors. On the other hand, hardware Trojan causes malfunctioning of the circuit or performance degradation. If any of these are present in the nano crossbar, it is difficult to identify whether the performance degradation is due to the sneak path problem or due to that of Hardware Trojan.This paper makes a comparative study of the sneak path problem and the hardware Trojan to understand the performance difference between both. It is observed that some parameters are affected by sneak path problem but remains unaffected in presence of Hardware Trojan and vice versa. Analyzing these parameters, we can classify whether the performance degradation is due to sneak path or due to Hardware Trojan. The experimental results well establish the proposed methods of detection of hardware Trojan in presence of sneak path in memristive nano crossbar circuits.
Kurihara, Tatsuki, Togawa, Nozomu.  2021.  Hardware-Trojan Classification based on the Structure of Trigger Circuits Utilizing Random Forests. 2021 IEEE 27th International Symposium on On-Line Testing and Robust System Design (IOLTS). :1–4.
Recently, with the spread of Internet of Things (IoT) devices, embedded hardware devices have been used in a variety of everyday electrical items. Due to the increased demand for embedded hardware devices, some of the IC design and manufacturing steps have been outsourced to third-party vendors. Since malicious third-party vendors may insert malicious circuits, called hardware Trojans, into their products, developing an effective hardware Trojan detection method is strongly required. In this paper, we propose 25 hardware-Trojan features based on the structure of trigger circuits for machine-learning-based hardware Trojan detection. Combining the proposed features into 11 existing hardware-Trojan features, we totally utilize 36 hardware-Trojan features for classification. Then we classify the nets in an unknown netlist into a set of normal nets and Trojan nets based on the random-forest classifier. The experimental results demonstrate that the average true positive rate (TPR) becomes 63.6% and the average true negative rate (TNR) becomes 100.0%. They improve the average TPR by 14.7 points while keeping the average TNR compared to existing state-of-the-art methods. In particular, the proposed method successfully finds out Trojan nets in several benchmark circuits, which are not found by the existing method.
2022-05-12
Ma, Lele.  2021.  One Layer for All: Efficient System Security Monitoring for Edge Servers. 2021 IEEE International Performance, Computing, and Communications Conference (IPCCC). :1–8.
Edge computing promises higher bandwidth and lower latency to end-users. However, edge servers usually have limited computing resources and are geographically distributed over the edge. This imposes new challenges for efficient system monitoring and control of edge servers.In this paper, we propose EdgeVMI, a framework to monitor and control services running on edge servers with lightweight virtual machine introspection(VMI). The key of our technique is to run the monitor in a lightweight virtual machine which can leverage hardware events for monitoring memory read and writes. In addition, the small binary size and memory footprints of the monitor could reduce the start/stop time of service, the runtime overhead, as well as the deployment efforts.Inspired by unikernels, we build our monitor with only the necessary system modules, libraries, and functionalities of a specific monitor task. To reduce the security risk of the monitoring behavior, we separate the monitor into two isolated modules: one acts as a sensor to collect security information and another acts as an actuator to conduct control commands. Our evaluation shows the effectiveness and the efficiency of the monitoring system, with an average performance overhead of 2.7%.
Li, Shih-Wei, Li, Xupeng, Gu, Ronghui, Nieh, Jason, Zhuang Hui, John.  2021.  A Secure and Formally Verified Linux KVM Hypervisor. 2021 IEEE Symposium on Security and Privacy (SP). :1782–1799.
Commodity hypervisors are widely deployed to support virtual machines (VMs) on multiprocessor hardware. Their growing complexity poses a security risk. To enable formal verification over such a large codebase, we introduce microverification, a new approach that decomposes a commodity hypervisor into a small core and a set of untrusted services so that we can prove security properties of the entire hypervisor by verifying the core alone. To verify the multiprocessor hypervisor core, we introduce security-preserving layers to modularize the proof without hiding information leakage so we can prove each layer of the implementation refines its specification, and the top layer specification is refined by all layers of the core implementation. To verify commodity hypervisor features that require dynamically changing information flow, we introduce data oracles to mask intentional information flow. We can then prove noninterference at the top layer specification and guarantee the resulting security properties hold for the entire hypervisor implementation. Using microverification, we retrofitted the Linux KVM hypervisor with only modest modifications to its codebase. Using Coq, we proved that the hypervisor protects the confidentiality and integrity of VM data, while retaining KVM’s functionality and performance. Our work is the first machine-checked security proof for a commodity multiprocessor hypervisor.
2022-05-10
Hammad, Mohamed, Elmedany, Wael, Ismail, Yasser.  2021.  Design and Simulation of AES S-Box Towards Data Security in Video Surveillance Using IP Core Generator. 2021 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT). :469–476.
Broadcasting applications such as video surveillance systems are using High Definition (HD) videos. The use of high-resolution videos increases significantly the data volume of video coding standards such as High-Efficiency Video Coding (HEVC) and Advanced Video Coding (AVC), which increases the challenge for storing, processing, encrypting, and transmitting these data over different communication channels. Video compression standards use state-of-the-art techniques to compress raw video sequences more efficiently, such techniques require high computational complexity and memory utilization. With the emergent of using HEVC and video surveillance systems, many security risks arise such as man-in-the-middle attacks, and unauthorized disclosure. Such risks can be mitigated by encrypting the traffic of HEVC. The most widely used encryption algorithm is the Advanced Encryption Standard (AES). Most of the computational complexity in AES hardware-implemented is due to S-box or sub-byte operation and that because it needs many resources and it is a non-linear structure. The proposed AES S-box ROM design considers the latest HEVC used for homeland security video surveillance systems. This paper presents different designs for VHDL efficient ROM implementation of AES S-box using IP core generator, ROM components, and using Functions, which are all supported by Xilinx. IP core generator has Block Memory Generator (BMG) component in its library. S-box IP core ROM is implemented using Single port block memory. The S-box lookup table has been used to fill the ROM using the .coe file format provided during the initialization of the IP core ROM. The width is set to 8-bit to address the 256 values while the depth is set to 8-bit which represents the data filed in the ROM. The whole design is synthesized using Xilinx ISE Design Suite 14.7 software, while Modelism (version10.4a) is used for the simulation process. The proposed IP core ROM design has shown better memory utilization compared to non-IP core ROM design, which is more suitable for memory-intensive applications. The proposed design is suitable for implementation using the FPGA ROM design. Hardware complexity, frequency, memory utilization, and delay are presented in this paper.
Chen, Jian, Shu, Tao.  2021.  Spoofing Detection for Indoor Visible Light Systems with Redundant Orthogonal Encoding. ICC 2021 - IEEE International Conference on Communications. :1–6.
As more and more visible light communication (VLC) and visible light sensing (VLS) systems are mounted on today’s light fixtures, how to guarantee the authenticity of the visible light (VL) signal in these systems becomes an urgent problem. This is because almost all of today’s light fixtures are unprotected and can be openly accessed by almost anyone, and hence are subject to tampering and substitution attacks. In this paper, by exploiting the intrinsic linear superposition characteristics of visible light, we propose VL-Watchdog, a scalable and always-on signal-level spoofing detection framework that is applicable to both VLC and VLS systems. VL-Watchdog is based on redundant orthogonal encoding of the transmitted visible light, and can be implemented as a small hardware add-on to an existing VL system. The effectiveness of the proposed framework was validated through extensive numerical evaluations against a comprehensive set of factors.