Visible to the public Biblio

Found 239 results

Filters: Keyword is Hardware  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z   [Show ALL]
A
Bai, Xu, Jiang, Lei, Dai, Qiong, Yang, Jiajia, Tan, Jianlong.  2017.  Acceleration of RSA processes based on hybrid ARM-FPGA cluster. 2017 IEEE Symposium on Computers and Communications (ISCC). :682–688.

Cooperation of software and hardware with hybrid architectures, such as Xilinx Zynq SoC combining ARM CPU and FPGA fabric, is a high-performance and low-power platform for accelerating RSA Algorithm. This paper adopts the none-subtraction Montgomery algorithm and the Chinese Remainder Theorem (CRT) to implement high-speed RSA processors, and deploys a 48-node cluster infrastructure based on Zynq SoC to achieve extremely high scalability and throughput of RSA computing. In this design, we use the ARM to implement node-to-node communication with the Message Passing Interface (MPI) while use the FPGA to handle complex calculation. Finally, the experimental results show that the overall performance is linear with the number of nodes. And the cluster achieves 6× 9× speedup against a multi-core desktop (Intel i7-3770) and comparable performance to a many-core server (288-core). In addition, we gain up to 2.5× energy efficiency compared to these two traditional platforms.

Kakanakov, N., Shopov, M..  2017.  Adaptive models for security and data protection in IoT with Cloud technologies. 2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO). :1001–1004.

The paper presents an example Sensor-cloud architecture that integrates security as its native ingredient. It is based on the multi-layer client-server model with separation of physical and virtual instances of sensors, gateways, application servers and data storage. It proposes the application of virtualised sensor nodes as a prerequisite for increasing security, privacy, reliability and data protection. All main concerns in Sensor-Cloud security are addressed: from secure association, authentication and authorization to privacy and data integrity and protection. The main concept is that securing the virtual instances is easier to implement, manage and audit and the only bottleneck is the physical interaction between real sensor and its virtual reflection.

Mali, Y. K., Mohanpurkar, A..  2015.  Advanced pin entry method by resisting shoulder surfing attacks. 2015 International Conference on Information Processing (ICIP). :37–42.

The individual distinguishing proof number or (PIN) and Passwords are the remarkable well known verification strategy used in different gadgets, for example, Atms, cell phones, and electronic gateway locks. Unfortunately, the traditional PIN-entrance technique is helpless vulnerable against shoulder-surfing attacks. However, the security examinations used to support these proposed system are not focused around only quantitative investigation, but instead on the results of experiments and testing performed on proposed system. We propose a new theoretical and experimental technique for quantitative security investigation of PIN-entry method. In this paper we first introduce new security idea know as Grid Based Authentication System and rules for secure PIN-entry method by examining the current routines under the new structure. Thus by consider the existing systems guidelines; we try to develop a new PIN-entry method that definitely avoids human shoulder-surfing attacks by significantly increasing the amount of calculations complexity that required for an attacker to penetrate through the secure system.

Takalo, H., Ahmadi, A., Mirhassani, M., Ahmadi, M..  2016.  Analog cellular neural network for application in physical unclonable functions. 2016 IEEE International Symposium on Circuits and Systems (ISCAS). :2635–2638.
In this paper an analog cellular neural network is proposed with application in physical unclonable function design. Dynamical behavior of the circuit and its high sensitivity to the process variation can be exploited in a challenge-response security system. The proposed circuit can be used as unclonable core module in the secure systems for applications such as device identification/authentication and secret key generation. The proposed circuit is designed and simulated in 45-nm bulk CMOS technology. Monte Carlo simulation for this circuit, results in unpolarized Gaussian-shaped distribution for Hamming Distance between 4005 100-bit PUF instances.
Yadav, S., Howells, G..  2017.  Analysis of ICMetrics Features/Technology for Wearable Devices IOT Sensors. 2017 Seventh International Conference on Emerging Security Technologies (EST). :175–178.

This paper investigates the suitability of employing various measurable features derived from multiple wearable devices (Apple Watch), for the generation of unique authentication and encryption keys related to the user. This technique is termed as ICMetrics. The ICMetrics technology requires identifying the suitable features in an environment for key generation most useful for online services. This paper presents an evaluation of the feasibility of identifying a unique user based on desirable feature set and activity data collected over short and long term and explores how the number of samples being factored into the ICMetrics system affects uniqueness of the key.

Shropshire, J..  2014.  Analysis of Monolithic and Microkernel Architectures: Towards Secure Hypervisor Design. System Sciences (HICSS), 2014 47th Hawaii International Conference on. :5008-5017.

This research focuses on hyper visor security from holistic perspective. It centers on hyper visor architecture - the organization of the various subsystems which collectively compromise a virtualization platform. It holds that the path to a secure hyper visor begins with a big-picture focus on architecture. Unfortunately, little research has been conducted with this perspective. This study investigates the impact of monolithic and micro kernel hyper visor architectures on the size and scope of the attack surface. Six architectural features are compared: management API, monitoring interface, hyper calls, interrupts, networking, and I/O. These subsystems are core hyper visor components which could be used as attack vectors. Specific examples and three leading hyper visor platforms are referenced (ESXi for monolithic architecture; Xen and Hyper-V for micro architecture). The results describe the relative strengths and vulnerabilities of both types of architectures. It is concluded that neither design is more secure, since both incorporate security tradeoffs in core processes.

K, S. K., Sahoo, S., Mahapatra, A., Swain, A. K., Mahapatra, K. K..  2017.  Analysis of Side-Channel Attack AES Hardware Trojan Benchmarks against Countermeasures. 2017 IEEE Computer Society Annual Symposium on VLSI (ISVLSI). :574–579.

Hardware Trojan (HT) is one of the well known hardware security issue in research community in last one decade. HT research is mainly focused on HT detection, HT defense and designing novel HT's. HT's are inserted by an adversary for leaking secret data, denial of service attacks etc. Trojan benchmark circuits for processors, cryptography and communication protocols from Trust-hub are widely used in HT research. And power analysis based side channel attacks and designing countermeasures against side channel attacks is a well established research area. Trust-Hub provides a power based side-channel attack promoting Advanced Encryption Standard (AES) HT benchmarks for research. In this work, we analyze the strength of AES HT benchmarks in the presence well known side-channel attack countermeasures. Masking, Random delay insertion and tweaking the operating frequency of clock used in sensitive operations are applied on AES benchmarks. Simulation and power profiling studies confirm that side-channel promoting HT benchmarks are resilient against these selected countermeasures and even in the presence of these countermeasures; an adversary can get the sensitive data by triggering the HT.

Bakour, K., Ünver, H. M., Ghanem, R..  2018.  The Android Malware Static Analysis: Techniques, Limitations, and Open Challenges. 2018 3rd International Conference on Computer Science and Engineering (UBMK). :586-593.

This paper aims to explain static analysis techniques in detail, and to highlight the weaknesses and challenges which face it. To this end, more than 80 static analysis-based framework have been studied, and in their light, the process of detecting malicious applications has been divided into four phases that were explained in a schematic manner. Also, the features that is used in static analysis were discussed in detail by dividing it into four categories namely, Manifest-based features, code-based features, semantic features and app's metadata-based features. Also, the challenges facing methods based on static analysis were discussed in detail. Finally, a case study was conducted to test the strength of some known commercial antivirus and one of the stat-of-art academic static analysis frameworks against obfuscation techniques used by developers of malicious applications. The results showed a significant impact on the performance of the most tested antiviruses and frameworks, which is reflecting the urgent need for more accurately tools.

A. T. Erozan, A. S. Aydoğdu, B. Örs.  2015.  "Application specific processor design for DCT based applications". 2015 23nd Signal Processing and Communications Applications Conference (SIU). :2157-2160.

Discrete Cosine Transform (DCT) is used in JPEG compression, image encryption, image watermarking and channel estimation. In this paper, an Application Specific Processor (ASP) for DCT based applications is designed and implemented to Field Programmable Gate Array (FPGA). One dimensional DCT and IDCT hardwares which have fully parallel architecture have been implemented and connected to MicroBlaze softcore processer. To show a basic application of ASP, DCT based image watermarking example is studied in this system.

Rathmair, M., Schupfer, F., Krieg, C..  2014.  Applied formal methods for hardware Trojan detection. Circuits and Systems (ISCAS), 2014 IEEE International Symposium on. :169-172.

This paper addresses the potential danger using integrated circuits which contain malicious hardware modifications hidden in the silicon structure. A so called hardware Trojan may be added at several stages of the chip development process. This work concentrates on formal hardware Trojan detection during the design phase and highlights applied verification techniques. Selected methods are discussed and their combination used to increase an introduced “Trojan Assurance Level”.
 

Nozaki, Yusuke, Yoshikawa, Masaya.  2018.  Area Constraint Aware Physical Unclonable Function for Intelligence Module. 2018 3rd International Conference on Computational Intelligence and Applications (ICCIA). :205-209.

Artificial intelligence technology such as neural network (NN) is widely used in intelligence module for Internet of Things (IoT). On the other hand, the risk of illegal attacks for IoT devices is pointed out; therefore, security countermeasures such as an authentication are very important. In the field of hardware security, the physical unclonable functions (PUFs) have been attracted attention as authentication techniques to prevent the semiconductor counterfeits. However, implementation of the dedicated hardware for both of NN and PUF increases circuit area. Therefore, this study proposes a new area constraint aware PUF for intelligence module. The proposed PUF utilizes the propagation delay time from input layer to output layer of NN. To share component for operation, the proposed PUF reduces the circuit area. Experiments using a field programmable gate array evaluate circuit area and PUF performance. In the result of circuit area, the proposed PUF was smaller than the conventional PUFs was showed. Then, in the PUF performance evaluation, for steadiness, diffuseness, and uniqueness, favorable results were obtained.

Jiao, X., Luo, M., Lin, J. H., Gupta, R. K..  2017.  An assessment of vulnerability of hardware neural networks to dynamic voltage and temperature variations. 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD). :945–950.

As a problem solving method, neural networks have shown broad applicability from medical applications, speech recognition, and natural language processing. This success has even led to implementation of neural network algorithms into hardware. In this paper, we explore two questions: (a) to what extent microelectronic variations affects the quality of results by neural networks; and (b) if the answer to first question represents an opportunity to optimize the implementation of neural network algorithms. Regarding first question, variations are now increasingly common in aggressive process nodes and typically manifest as an increased frequency of timing errors. Combating variations - due to process and/or operating conditions - usually results in increased guardbands in circuit and architectural design, thus reducing the gains from process technology advances. Given the inherent resilience of neural networks due to adaptation of their learning parameters, one would expect the quality of results produced by neural networks to be relatively insensitive to the rising timing error rates caused by increased variations. On the contrary, using two frequently used neural networks (MLP and CNN), our results show that variations can significantly affect the inference accuracy. This paper outlines our assessment methodology and use of a cross-layer evaluation approach that extracts hardware-level errors from twenty different operating conditions and then inject such errors back to the software layer in an attempt to answer the second question posed above.

Fargo, F., Sury, S..  2018.  Autonomic Secure HPC Fabric Architecture. 2018 IEEE/ACS 15th International Conference on Computer Systems and Applications (AICCSA). :1-4.

Cloud computing is the major paradigm in today's IT world with the capabilities of security management, high performance, flexibility, scalability. Customers valuing these features can better benefit if they use a cloud environment built using HPC fabric architecture. However, security is still a major concern, not only on the software side but also on the hardware side. There are multiple studies showing that the malicious users can affect the regular customers through the hardware if they are co-located on the same physical system. Therefore, solving possible security concerns on the HPC fabric architecture will clearly make the fabric industries leader in this area. In this paper, we propose an autonomic HPC fabric architecture that leverages both resilient computing capabilities and adaptive anomaly analysis for further security.

B
Khalid, F., Hasan, S. R., Hasan, O., Awwadl, F..  2017.  Behavior Profiling of Power Distribution Networks for Runtime Hardware Trojan Detection. 2017 IEEE 60th International Midwest Symposium on Circuits and Systems (MWSCAS). :1316–1319.

Runtime hardware Trojan detection techniques are required in third party IP based SoCs as a last line of defense. Traditional techniques rely on golden data model or exotic signal processing techniques such as utilizing Choas theory or machine learning. Due to cumbersome implementation of such techniques, it is highly impractical to embed them on the hardware, which is a requirement in some mission critical applications. In this paper, we propose a methodology that generates a digital power profile during the manufacturing test phase of the circuit under test. A simple processing mechanism, which requires minimal computation of measured power signals, is proposed. For the proof of concept, we have applied the proposed methodology on a classical Advanced Encryption Standard circuit with 21 available Trojans. The experimental results show that the proposed methodology is able to detect 75% of the intrusions with the potential of implementing the detection mechanism on-chip with minimal overhead compared to the state-of-the-art techniques.

Butt, M.I.A..  2014.  BIOS integrity an advanced persistent threat. Information Assurance and Cyber Security (CIACS), 2014 Conference on. :47-50.

Basic Input Output System (BIOS) is the most important component of a computer system by virtue of its role i.e., it holds the code which is executed at the time of startup. It is considered as the trusted computing base, and its integrity is extremely important for smooth functioning of the system. On the contrary, BIOS of new computer systems (servers, laptops, desktops, network devices, and other embedded systems) can be easily upgraded using a flash or capsule mechanism which can add new vulnerabilities either through malicious code, or by accidental incidents, and deliberate attack. The recent attack on Iranian Nuclear Power Plant (Stuxnet) [1:2] is an example of advanced persistent attack. This attack vector adds a new dimension into the information security (IS) spectrum, which needs to be guarded by implementing a holistic approach employed at enterprise level. Malicious BIOS upgrades can also cause denial of service, stealing of information or addition of new backdoors which can be exploited by attackers for causing business loss, passive eaves dropping or total destruction of system without knowledge of user. To address this challenge a capability for verification of BIOS integrity needs to be developed and due diligence must be observed for proactive resolution of the issue. This paper explains the BIOS Integrity threats and presents a prevention strategy for effective and proactive resolution.

Parno, B., McCune, J.M., Perrig, A.  2010.  Bootstrapping Trust in Commodity Computers. Security and Privacy (SP), 2010 IEEE Symposium on. :414-429.

Trusting a computer for a security-sensitive task (such as checking email or banking online) requires the user to know something about the computer's state. We examine research on securely capturing a computer's state, and consider the utility of this information both for improving security on the local computer (e.g., to convince the user that her computer is not infected with malware) and for communicating a remote computer's state (e.g., to enable the user to check that a web server will adequately protect her data). Although the recent "Trusted Computing" initiative has drawn both positive and negative attention to this area, we consider the older and broader topic of bootstrapping trust in a computer. We cover issues ranging from the wide collection of secure hardware that can serve as a foundation for trust, to the usability issues that arise when trying to convey computer state information to humans. This approach unifies disparate research efforts and highlights opportunities for additional work that can guide real-world improvements in computer security.

Bian, R., Xue, M., Wang, J..  2018.  Building Trusted Golden Models-Free Hardware Trojan Detection Framework Against Untrustworthy Testing Parties Using a Novel Clustering Ensemble Technique. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :1458-1463.

As a result of the globalization of integrated circuits (ICs) design and fabrication process, ICs are becoming vulnerable to hardware Trojans. Most of the existing hardware Trojan detection works suppose that the testing stage is trustworthy. However, testing parties may conspire with malicious attackers to modify the results of hardware Trojan detection. In this paper, we propose a trusted and robust hardware Trojan detection framework against untrustworthy testing parties exploiting a novel clustering ensemble method. The proposed technique can expose the malicious modifications on Trojan detection results introduced by untrustworthy testing parties. Compared with the state-of-the-art detection methods, the proposed technique does not require fabricated golden chips or simulated golden models. The experiment results on ISCAS89 benchmark circuits show that the proposed technique can resist modifications robustly and detect hardware Trojans with decent accuracy (up to 91%).

C
Sepulveda, J., Zankl, A., Mischke, O..  2017.  Cache attacks and countermeasures for NTRUEncrypt on MPSoCs: Post-quantum resistance for the IoT. 2017 30th IEEE International System-on-Chip Conference (SOCC). :120–125.

Public-key cryptography (PKC), widely used to protect communication in the Internet of Things (IoT), is the basis for establishing secured communication channels between multiple parties. The foreseeable breakthrough of quantum computers represents a risk for many PKC ecosystems. Almost all approaches in use today rely on the hardness of factoring large integers or computing (elliptic-curve) discrete logarithms. It is known that cryptography based on these problems can be broken in polynomial time by Shors algorithm, once a large enough quantum computer is built. In order to prepare for such an event, the integration of quantum-resistant cryptography on devices operating in the IoT is mandatory to achieve long-term security. Due to their limited resources, tight performance requirements and long-term life-cycles, this is especially challenging for Multi-Processor System-on-Chips (MPSoCs) operating in this context. At the same time, it must be provided that well-known implementation attacks, such as those targeting a cipher's execution time or its use of the processor cache, are inhibited, as they've successfully been used to attack cryptosystems in the pre-quantum era. Hence, this work presents an analysis of the security-critical polynomial multiplication routine within the NTRU algorithm and its susceptibility to timing and cache attacks. We also propose two different countermeasures to harden systems with or without caches against said attacks, and include the evaluation of the respective overheads. We demonstrate that security against timing and cache attacks can be achieved with reasonable overheads depending on the chosen parameters of NTRU.

Nieto, A., Acien, A., Lopez, J..  2018.  Capture the RAT: Proximity-Based Attacks in 5G Using the Routine Activity Theory. 2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech). :520-527.

The fifth generation of cellular networks (5G) will enable different use cases where security will be more critical than ever before (e.g. autonomous vehicles and critical IoT devices). Unfortunately, the new networks are being built on the certainty that security problems cannot be solved in the short term. Far from reinventing the wheel, one of our goals is to allow security software developers to implement and test their reactive solutions for the capillary network of 5G devices. Therefore, in this paper a solution for analysing proximity-based attacks in 5G environments is modelled and tested using OMNET++. The solution, named CRAT, is able to decouple the security analysis from the hardware of the device with the aim to extend the analysis of proximity-based attacks to different use-cases in 5G. We follow a high-level approach, in which the devices can take the role of victim, offender and guardian following the principles of the routine activity theory.

Gregr, M., Veda, M..  2014.  Challenges with Transition and User Accounting in Next Generation Networks. Network Protocols (ICNP), 2014 IEEE 22nd International Conference on. :501-503.

Future networks may change the way how network administrators monitor and account their users. History shows that usually a completely new design (clean slate) is used to propose a new network architecture - e.g. Network Control Protocol to TCP/IP, IPv4 to IPv6 or IP to Recursive Inter Network Architecture. The incompatibility between these architectures changes the user accounting process as network administrators have to use different information to identify a user. The paper presents a methodology how it is possible to gather all necessary information needed for smooth transition between two incompatible architectures. The transition from IPv4 and IPv6 is used as a use case, but it should be able to use the same process with any new networking architecture.
 

Vizarreta, P., Heegaard, P., Helvik, B., Kellerer, W., Machuca, C. M..  2017.  Characterization of failure dynamics in SDN controllers. 2017 9th International Workshop on Resilient Networks Design and Modeling (RNDM). :1–7.

With Software Defined Networking (SDN) the control plane logic of forwarding devices, switches and routers, is extracted and moved to an entity called SDN controller, which acts as a broker between the network applications and physical network infrastructure. Failures of the SDN controller inhibit the network ability to respond to new application requests and react to events coming from the physical network. Despite of the huge impact that a controller has on the network performance as a whole, a comprehensive study on its failure dynamics is still missing in the state of the art literature. The goal of this paper is to analyse, model and evaluate the impact that different controller failure modes have on its availability. A model in the formalism of Stochastic Activity Networks (SAN) is proposed and applied to a case study of a hypothetical controller based on commercial controller implementations. In case study we show how the proposed model can be used to estimate the controller steady state availability, quantify the impact of different failure modes on controller outages, as well as the effects of software ageing, and impact of software reliability growth on the transient behaviour.

Bansal, Bhawana, Sharma, Monika.  2019.  Client-Side Verification Framework for Offline Architecture of IoT. 2019 3rd International conference on Electronics, Communication and Aerospace Technology (ICECA). :1044–1050.
Internet of things is a network formed between two or more devices through internet which helps in sharing data and resources. IoT is present everywhere and lot of applications in our day-to-day life such as smart homes, smart grid system which helps in reducing energy consumption, smart garbage collection to make cities clean, smart cities etc. It has some limitations too such as concerns of security of the network and the cost of installations of the devices. There have been many researches proposed various method in improving the IoT systems. In this paper, we have discussed about the scope and limitations of IoT in various fields and we have also proposed a technique to secure offline architecture of IoT.
Samanta, P., Kelly, E., Bashir, A., Debroy, S..  2018.  Collaborative Adversarial Modeling for Spectrum Aware IoT Communications. 2018 International Conference on Computing, Networking and Communications (ICNC). :447–451.
In order to cater the growing spectrum demands of large scale future 5G Internet of Things (IoT) applications, Dynamic Spectrum Access (DSA) based networks are being proposed as a high-throughput and cost-effective solution. However the lack of understanding of DSA paradigm's inherent security vulnerabilities on IoT networks might become a roadblock towards realizing such spectrum aware 5G vision. In this paper, we make an attempt to understand how such inherent DSA vulnerabilities in particular Spectrum Sensing Data Falsification (SSDF) attacks can be exploited by collaborative group of selfish adversaries and how that can impact the performance of spectrum aware IoT applications. We design a utility based selfish adversarial model mimicking collaborative SSDF attack in a cooperative spectrum sensing scenario where IoT networks use dedicated environmental sensing capability (ESC) for spectrum availability estimation. We model the interactions between the IoT system and collaborative selfish adversaries using a leader-follower game and investigate the existence of equilibrium. Using simulation results, we show the nature of adversarial and system utility components against system variables. We also explore Pareto-optimal adversarial strategy design that maximizes the attacker utility for varied system strategy spaces.
Cornell, N., Nepal, K..  2017.  Combinational Hardware Trojan Detection Using Logic Implications. 2017 IEEE 60th International Midwest Symposium on Circuits and Systems (MWSCAS). :571–574.

This paper provides a proof-of-concept demonstration of the potential benefit of using logical implications for detection of combinational hardware trojans. Using logic simulation, valid logic implications are selected and added to to the checker circuitry to detect payload delivery by a combinational hardware trojan. Using combinational circuits from the ISCAS benchmark suite, and a modest hardware budget for the checker, simulation results show that the probability of a trojan escaping detection using our approach was only 16%.

Yi, Su-Wen, Li, Wei, Dai, Zi-Bin, Liu, Jun-Wei.  2016.  A compact and efficient architecture for elliptic curve cryptographic processor. 2016 13th IEEE International Conference on Solid-State and Integrated Circuit Technology (ICSICT). :1276–1280.

In this paper, a dual-field elliptic curve cryptographic processor is proposed to support arbitrary curves within 576-bit in dual field. Besides, two heterogeneous function units are coupled with the processor for the parallel operations in finite field based on the analysis of the characteristics of elliptic curve cryptographic algorithms. To simplify the hardware complexity, the clustering technology is adopted in the processor. At last, a fast Montgomery modular division algorithm and its implementation is proposed based on the Kaliski's Montgomery modular inversion. Using UMC 90-nm CMOS 1P9M technology, the proposed processor occupied 0.86-mm2 can perform the scalar multiplication in 0.34ms in GF(p160) and 0.22ms in GF(2160), respectively. Compared to other elliptic curve cryptographic processors, our design is advantageous in hardware efficiency and speed moderation.