[talks] Annie Edmundson will present her General Exam on January 21st, 2015 at 2pm in 302

Nicki Gotsis ngotsis at CS.Princeton.EDU
Thu Jan 15 09:44:32 EST 2015

Annie Edmundson will present her General Exam on January 21st, 2015 at 2pm in 302.  The members of her committee are Ed Felten, Arvind Narayanan and Cynthia Sturton (UNC-Chapel Hill).

Everyone is invited to attend her talk, and those faculty wishing to remain for the oral exam following are welcome to do so.  Her abstract and reading list are attached.

Malicious hardware provides an attacker a greater advantage than software-based attacks because it gives an attacker control over the entire software stack while providing a smaller chance of detection and prevention. The supply chain process for devices is extremely hard to secure in order to provide trusted microelectronic components; current methods for malicious circuit detection at design time usually look for circuitry that is never or rarely used. These methods include dynamic analysis during verification testing and boolean function analysis on a gate-level netlist.

This work shows how to defeat the state-of-the-art algorithms in design time hardware trojan detection.  We have implemented a backdoor in the LEON3 processor, which implements the SPARC V8 ISA; the malicious backdoor will allow a user-level program to enter supervisor mode with a specific sequence of instructions.  We will also discuss fundamental problems of trojan detection, as well as possible areas for improvement. 

Reading List:
1. Anderson, Ross. Security engineering. John Wiley & Sons, 2008.
2. Harris, David Money, and Sarah L. Harris. Digital design and computer architecture. Elsevier, 2013. Chapters 1-5, 6.5, 6.6, 7.5, 7.6

1. Agrawal, Dakshi, Selcuk Baktir, Deniz Karakoyunlu, Pankaj Rohatgi, and Berk Sunar. "Trojan detection using IC fingerprinting." In Security and Privacy, 2007. SP'07. IEEE Symposium on, pp. 296-310. IEEE, 2007.
2. Bilzor, Michael, Ted Huffmire, Cynthia Irvine, and Tim Levin. "Security checkers: Detecting processor malicious inclusions at runtime." In Hardware-Oriented Security and Trust (HOST), 2011 IEEE International Symposium on, pp. 34-39. IEEE, 2011.
3. Hicks, Matthew, Murph Finnicum, Samuel T. King, Milo Martin, and Jonathan M. Smith. "Overcoming an untrusted computing base: Detecting and removing malicious hardware automatically." In Security and Privacy (SP), 2010 IEEE Symposium on, pp. 159-172. IEEE, 2010.
4. King, Samuel T., Joseph Tucek, Anthony Cozzie, Chris Grier, Weihang Jiang, and Yuanyuan Zhou. "Designing and Implementing Malicious Hardware." LEET 8 (2008): 1-8.
5. Sturton, Cynthia, Matthew Hicks, David Wagner, and Samuel T. King. "Defeating UCI: Building stealthy and malicious hardware." In Security and Privacy (SP), 2011 IEEE Symposium on, pp. 64-77. IEEE, 2011.
6. Waksman, Adam, and Simha Sethumadhavan. "Silencing hardware backdoors." In Security and Privacy (SP), 2011 IEEE Symposium on, pp. 49-63. IEEE, 2011.
7. Waksman, Adam, and Simha Sethumadhavan. "Tamper evident microprocessors." In Security and Privacy (SP), 2010 IEEE Symposium on, pp. 173-188. IEEE, 2010.
8. Waksman, Adam, Matthew Suozzo, and Simha Sethumadhavan. "FANCI: identification of stealthy malicious logic using boolean functional analysis." In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pp. 697-708. ACM, 2013.
9. Zhang, Jie, Feng Yuan, Lingxiao Wei, Zelong Sun, and Qiang Xu. "VeriTrust: verification for hardware trust." In Proceedings of the 50th Annual Design Automation Conference, p. 61. ACM, 2013.
10. Zhang, Jie, Feng Yuan, and Qiang Xu. "DeTrust: Defeating hardware trust verification with stealthy implicitly-triggered hardware Trojans." In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 153-166. ACM, 2014.

More information about the talks mailing list