Hardware Vulnerabilities Research Articles

Hardware-Based Cyber Threats: Attack Vectors and Defence Techniques

There are certain vulnerabilities associated with computing hardware that attackers can exploit to launch destructive attacks which often go undetected by the existing hardware and software countermeasures. Side channel attacks (SCAs) and Rowhammer attacks (RHAs), the consequences of hardware vulnerabilities, pose significant security and privacy threats to self-contained computing components and their end-users respectively. Such attacks compromise the security of computational environments, even those with advanced protection mechanisms such as virtualisation, sandboxes or robust encryptions. In light of these security threats against modern computing hardware, we perform an analysis overview of the modi operandi of SCAs and RHAs in hardware implementation and techniques that can be used to extract sensitive data such as secret keys. We then propose various countermeasures to safeguard against these attacks.

Hardware-based cyber threats: attack vectors and defence techniques

There are certain vulnerabilities associated with computing hardware that attackers can exploit to launch destructive attacks which often go undetected by the existing hardware and software countermeasures. Side channel attacks (SCAs) and Rowhammer attacks (RHAs), the consequences of hardware vulnerabilities, pose significant security and privacy threats to self-contained computing components and their end-users respectively. Such attacks compromise the security of computational environments, even those with advanced protection mechanisms such as virtualisation, sandboxes or robust encryptions. In light of these security threats against modern computing hardware, we perform an analysis overview of the modi operandi of SCAs and RHAs in hardware implementation and techniques that can be used to extract sensitive data such as secret keys. We then propose various countermeasures to safeguard against these attacks.

A lightweight and scalable attribute-based encryption system for smart cities

In the near future, a technological revolution will involve our cities, where a variety of smart services based on the Internet of Things will be developed to facilitate the needs of the citizens. Sensing devices are already being deployed in urban environments, and they will generate huge amounts of data. Such data is typically outsourced to some cloud service in order to lower capital and operating expenses and guarantee high availability. However, cloud services may suffer from data breaches due to software and hardware vulnerabilities, or they may have incentives to release stored data to unauthorized entities. In this work we present ABE-Cities, an encryption system for urban sensing which solves the above problems while ensuring fine-grained access control on data by means of Attribute-Based Encryption (ABE). ABE-Cities senses data from the city and stores it on the cloud in an encrypted form. Then, it provides users with keys able to decrypt only data sensed from authorized paths or zones of the city. In ABE-Cities, sensors perform only lightweight symmetric-key encryption, thus we can employ constrained sensor devices such as battery powered motes. ABE-Cities allows us to plan an expiration date for each key, as well as to revoke a given key in an unplanned fashion. We prove that ABE-Cities scales well with the number of users and the number of streets by simulating it with 30 000 users on the Beijing street network, which consists of more than 30 000 streets. In addition to the “vanilla” ABE-Cities scheme, we propose an “advanced” one that leverages the presence of IoT gateways to reduce the computational load otherwise weighing on a single Trusted Third Party. We validate this by testing the advanced scheme on the simulated Houston and Beijing street networks.

Организация процесса мониторинга уязвимостей программного обеспечения и оборудования АСУТП

Организация процесса мониторинга уязвимостей программного обеспечения и оборудования АСУТП

Privacy-Preserving Methods for Feature Engineering Using Blockchain: Review, Evaluation, and Proof of Concept.

BackgroundThe protection of private data is a key responsibility for research studies that collect identifiable information from study participants. Limiting the scope of data collection and preventing secondary use of the data are effective strategies for managing these risks. An ideal framework for data collection would incorporate feature engineering, a process where secondary features are derived from sensitive raw data in a secure environment without a trusted third party.ObjectiveThis study aimed to compare current approaches based on how they maintain data privacy and the practicality of their implementations. These approaches include traditional approaches that rely on trusted third parties, and cryptographic, secure hardware, and blockchain-based techniques.MethodsA set of properties were defined for evaluating each approach. A qualitative comparison was presented based on these properties. The evaluation of each approach was framed with a use case of sharing geolocation data for biomedical research.ResultsWe found that approaches that rely on a trusted third party for preserving participant privacy do not provide sufficiently strong guarantees that sensitive data will not be exposed in modern data ecosystems. Cryptographic techniques incorporate strong privacy-preserving paradigms but are appropriate only for select use cases or are currently limited because of computational complexity. Blockchain smart contracts alone are insufficient to provide data privacy because transactional data are public. Trusted execution environments (TEEs) may have hardware vulnerabilities and lack visibility into how data are processed. Hybrid approaches combining blockchain and cryptographic techniques or blockchain and TEEs provide promising frameworks for privacy preservation. For reference, we provide a software implementation where users can privately share features of their geolocation data using the hybrid approach combining blockchain with TEEs as a supplement.ConclusionsBlockchain technology and smart contracts enable the development of new privacy-preserving feature engineering methods by obviating dependence on trusted parties and providing immutable, auditable data processing workflows. The overlap between blockchain and cryptographic techniques or blockchain and secure hardware technologies are promising fields for addressing important data privacy needs. Hybrid blockchain and TEE frameworks currently provide practical tools for implementing experimental privacy-preserving applications.

IRISK METHOD FOR SECURITY ESTIMATION OF THE SIMULATION POLYGON FOR THE PROTECTION OF CRITICAL INFORMATION RESOURCES

In this article, the research of information system protection by ana­ ly­ zing the risks for identifying threats for information security is considered. Information risk analysis is periodically conducted to identify information security threats and test the information security system. Currently, various information risk analysis techni­ ques exist and are being used, the main difference being the quantitative or qualitative risk assessment scales. On the basis of the existing methods of testing and evaluation of the vulnerabilities for the automated system, their advantages and disadvantages, for the possibility of further comparison of the spent resources and the security of the information system, the conclusion was made regarding the deter­ mi­ nation of the optimal method of testing the information security system in the context of the simulated polygon for the protection of critical information resources. A simula­ tion ground for the protection of critical information resources based on GNS3 application software has been developed and implemented. Among the considered methods of testing and risk analysis of the automated system, the optimal iRisk methodology was identified for testing the information security system on the basis of the simulated. The quantitative method Risk for security estimation is considered. Generalized iRisk risk assessment is calculated taking into account the following parameters: Vulnerabili­ ty — vulnerability assessment, Threat — threat assessment, Control — assessment of security measures. The methodology includes a common CVSS vul­ nerability assessment system, which allows you to use constantly relevant coefficients for the calculation of vulnerabilities, as well as have a list of all major vulnerabilities that are associated with all modern software products that can be used in the automated system. The known software and hardware vulnerabilities of the ground are considered and the resistance of the built network to specific threats by the iRisk method is calculated.

Secure LSI Design: Solutions to Hardware Security and Hardware Vulnerability

Secure LSI Design: Solutions to Hardware Security and Hardware Vulnerability

Exploiting Hardware Vulnerabilities to Attack Embedded System Devices: a Survey of Potent Microarchitectural Attacks

Cyber-Physical system devices nowadays constitute a mixture of Information Technology (IT) and Operational Technology (OT) systems that are meant to operate harmonically under a security critical framework. As security IT countermeasures are gradually been installed in many embedded system nodes, thus securing them from many well-know cyber attacks there is a lurking danger that is still overlooked. Apart from the software vulnerabilities that typical malicious programs use, there are some very interesting hardware vulnerabilities that can be exploited in order to mount devastating software or hardware attacks (typically undetected by software countermeasures) capable of fully compromising any embedded system device. Real-time microarchitecture attacks such as the cache side-channel attacks are such case but also the newly discovered Rowhammer fault injection attack that can be mounted even remotely to gain full access to a device DRAM (Dynamic Random Access Memory). Under the light of the above dangers that are focused on the device hardware structure, in this paper, an overview of this attack field is provided including attacks, threat directives and countermeasures. The goal of this paper is not to exhaustively overview attacks and countermeasures but rather to survey the various, possible, existing attack directions and highlight the security risks that they can pose to security critical embedded systems as well as indicate their strength on compromising the Quality of Service (QoS) such systems are designed to provide.

Hardware Vulnerabilities and Their Effects on CE Devices: Design for Security Against Trojans [Hardware Matters

Hardware threats on consumer electronic (CE) devices are a serious concern for industry designers and researchers, and the impact of such threats (or tampering) is distressing from the commercial perspective of the CE industry. Thus, it is important to understand the impact of hardware-based vulnerabilities on a CE device from the perspective of functionality and performance.

Verification of a Practical Hardware Security Architecture Through Static Information Flow Analysis

Hardware-based mechanisms for software isolation are becoming increasingly popular, but implementing these mechanisms correctly has proved difficult, undermining the root of security. This work introduces an effective way to formally verify important properties of such hardware security mechanisms. In our approach, hardware is developed using a lightweight security-typed hardware description language (HDL) that performs static information flow analysis. We show the practicality of our approach by implementing and verifying a simplified but realistic multi-core prototype of the ARM TrustZone architecture. To make the security-typed HDL expressive enough to verify a realistic processor, we develop new type system features. Our experiments suggest that information flow analysis is efficient, and programmer effort is modest. We also show that information flow constraints are an effective way to detect hardware vulnerabilities, including several found in commercial processors.

Verification of a Practical Hardware Security Architecture Through Static Information Flow Analysis

Hardware-based mechanisms for software isolation are becoming increasingly popular, but implementing these mechanisms correctly has proved difficult, undermining the root of security. This work introduces an effective way to formally verify important properties of such hardware security mechanisms. In our approach, hardware is developed using a lightweight security-typed hardware description language (HDL) that performs static information flow analysis. We show the practicality of our approach by implementing and verifying a simplified but realistic multi-core prototype of the ARM TrustZone architecture. To make the security-typed HDL expressive enough to verify a realistic processor, we develop new type system features. Our experiments suggest that information flow analysis is efficient, and programmer effort is modest. We also show that information flow constraints are an effective way to detect hardware vulnerabilities, including several found in commercial processors.

Plataforma Experimental para el Estudio de la Vulnerabilidad Hardware en los Robots Móviles: el Bus I2C como Caso de Estudio

This paper presents an experimental platform for studying the effects of hardware vulnerabilities in mobile robots. The platform is designed so that the hardware, involved in the navigation process, can be monitored during the robot operation and, if desired, their behavior can be altered, allowing the simulation of a failure. The paper shows a particular case of study: the I2C Bus vulnerability when some anomalies appear in the clock signal. A set of experimental results confirm the interest of the studied vulnerabilities and the applicability of the developed platform.

A Review on Cloud Security Challenges and Issues

Background/Objectives: Cloud computing offers various services with minimum management effort while provisioning resources via internet. Cloud clients are allowed to store their personal data at data centers, it will minimize storage maintenance in local systems. Methods/Statistical Analysis: Cloud computing environment facing huge issues with hardware and software vulnerabilities in maintenance and resources provisioning process. These vulnerabilities pose huge loss of data, confidentiality, privacy and availability. Findings: In this paper, we studied and concentrated on various attacks in Virtualization environment and the possible attack scenarios in each platform. Application/Improvements: In the final section, we studied and described all types of attacks.

Mass surveillance and technological policy options: Improving security of private communications

The 2013 Snowden revelations ignited a vehement debate on the legitimacy and breadth of intelligence operations that monitor the Internet and telecommunications worldwide. The ongoing invasion of the private sphere of individuals around the world by governments and companies is an issue that is handled inadequately using current technological and organizational measures.This article11This article is based on research carried out at the request of the Science and Technology Option Assessment Panel (STOA) and the Committee for Civil Liberties, Justice and Home Affairs (LIBE) of the European Parliament [11,9]. Its scope is therefore primarily European, however its implications are assumed to be generally applicable. argues that in order to retain a vital and vibrant Internet, its basic infrastructure needs to be strengthened considerably. We propose a number of technical and political options, which would contribute to improving the security of the Internet. It focuses on the debates around end-to-end encryption and anonymization, as well as on policies addressing software and hardware vulnerabilities and weaknesses of the Internet architecture.

The Next Generation of Scientific-Based Risk Metrics

One of the major challenges to an organization achieving a certain level of preparedness to “effectively” combat existing and future cyber threats and vulnerabilities is its ability to ensure the security and reliability of its networks. Most of the existing efforts are quantitative, by nature, and limited solely to the networks and systems of the organization. It would be unfair to not acknowledge that for sure some progress has been achieved in the way that organizations, as a whole, are now positioning themselves to address the threats (GAO 2012). Unfortunately, so have the skill sets and resource levels improved for attackers--they are increasingly getting better at achieving the unwanted access to organizations' information assets. In large part the authors believe that some of this is due to the failure by methods to assess the overall vulnerability of the networks. In addition, significant levels of threats and vulnerabilities beyond organizations' networks and systems are not being given the level of attention that is warranted. In this paper, the authors propose a more comprehensive approach that enables an organization to more realistically assess its “cyber maturity” level in hope of better positioning itself to address existing and new cyber threats. The authors also propose the need to better understand another missing critical piece to the puzzle--the reliability and security of networks in terms of scientific risk-based metrics (e.g., the severity of individual vulnerabilities and overall vulnerability of the network). Their risk-based metrics focus on the probability of compromise due to a given vulnerability; employee non-adherence to company cyber-based policies; insider threats. They are: (1) built on the CVSS Base Score which is modified by developing weights derived from the Analytic Hierarchy Process (AHP) to make the overall score more representative of the impact the vulnerability has on the global infrastructure, and (2) rooted in repeatable quantitative characteristics (i.e., vulnerabilities) such as the sum of the probabilities that devices will be compromised via client-side or server-side attacks stemming from software or hardware vulnerabilities. The authors will demonstrate the feasibility of their method by applying their approach to a case study and highlighting the benefits and impediments which result.

Shock environment design for space equipment testing

The main specification in the verification by testing of space hardware vulnerability to shock excitations is the shock response spectrum. Although it compiles the most relevant information needed to describe the overall shock environment characteristics, shock testing still poses various difficulties and uncertainties concerning the suitability and operation of the shock test system used, and the adequate definition of the underlying test parameters. The approach followed from the interpretation of typical shock testing specifications to the development, validation, and characterization of the developed shock test system, including the definition and design of the relevant parameters influencing the attained shock environment, is described in this paper. The shock testing method here presented consists of a pendular in-plane resonant mono-plate shock test apparatus where the structural response of the ringing plate depends upon well-defined controllable parameters (e.g. impact velocity, striker shape, mass, and contact stiffness), which are parametrically determined to achieve the target shock environment specification. The concept and analytical model of two impacting bodies are used in a preliminary analysis to perform a rigid body motion analysis and contact assessment. A detailed finite element model is developed for the definition of the ringing plate dimensions, analysis of the plate dynamics and virtual shock testing. The assembled experimental apparatus is described and a test campaign is undertaken in order to properly characterize and assess the design and test parameters of the system. The developed shock test apparatus and corresponding finite element model are experimentally verified and validated. As a result of this study, a reliable finite element modeling methodology available for future shock test simulation and prediction of the experimental results was created, being an important tool for the adjustment of the shock test input parameters for future works. The developed shock test system was well characterized and is readily available to be used for shock testing of space equipment with varying specifications.

사용자의 패스워드 인증 행위 분석 및 피싱 공격시 대응방안 - 사용자 경험 및 HCI의 관점에서

User authentication based on ID and PW has been widely used. As the Internet has become a growing part of people’ lives, input times of ID/PW have been increased for a variety of services. People have already learned enough to perform the authentication procedure and have entered ID/PW while ones are unconscious. This is referred to as the adaptive unconscious, a set of mental processes incoming information and producing judgements and behaviors without our conscious awareness and within a second. Most people have joined up for various websites with a small number of IDs/PWs, because they relied on their memory for managing IDs/PWs. Human memory decays with the passing of time and knowledges in human memory tend to interfere with each other. For that reason, there is the potential for people to enter an invalid ID/PW. Therefore, these characteristics above mentioned regarding of user authentication with ID/PW can lead to human vulnerabilities: people use a few PWs for various websites, manage IDs/PWs depending on their memory, and enter ID/PW unconsciously. Based on the vulnerability of human factors, a variety of information leakage attacks such as phishing and pharming attacks have been increasing exponentially. In the past, information leakage attacks exploited vulnerabilities of hardware, operating system, software 1 Graduate School of Information, Yonsei University, Seoul, 120-749, Korea. * Corresponding author (taekyoung@yonsei.ac.kr) [Received 31 January 2014, Reviewed 18 February 2014, Accepted 9 April 2014] ☆ 본 연구는 미래창조과학부 및 한국산업기술평가관리원의 산 업융합원천기술개발사업(정보통신)[10039180, 모바일 환경하 에서 모바일 인증과 보안 강화를 위해 직관적이며 사용하기 편하고 안전한 인간-컴퓨터 상호작용(HCI) 기반 Usable Security 원천기술 개발]과 2012년도 정부(교육부)의 재원으 로 한국연구재단의 지원을 받아 수행된 기초연구사업(No. NRF-2012R1A1B3000965)의 일환으로 수행하였음. ☆ 본 논문은 2014년도 인터넷정보학회 춘계학술발표대회 우수 논문 추천에 따라 확장 및 수정된 논문임. ISSN 1598-0170 (Print) ISSN 2287-1136 (Online) http://www.jksii.or.kr http://dx.doi.org/10.7472/jksii.2014.15.3.79 사용자의 패스워드 인증 행위 분석 및 피싱 공격시 대응방안 – 사용자 경험 및 HCI의 관점에서 8

Controlling output pulse and prepulse in a resonant microwave pulse compressor

A resonant microwave pulse compressor with a waveguide H-plane-tee-based energy extraction unit was studied in terms of its capability to produce output pulses that comprise a low-power long-duration (prepulse) and a high-power short-duration part. The application of such combined pulses with widely variable prepulse and high-power pulse power and energy ratios is of interest in the research area of electronic hardware vulnerability. The characteristics of output radiation pulses are controlled by the variation of the H-plane tee transition attenuation at the stage of microwave energy storage in the compressor cavity. Results of theoretical estimations of the parameters tuning range and experimental investigations of the prototype S-band compressor (1.5 MW, 12 ns output pulse; ∼13.2 dB gain) are presented. The achievable maximum in the prepulse power is found to be about half the power of the primary microwave source. It has been shown that the energy of the prepulse becomes comparable with that of the short-duration (nanosecond) pulse, while the power of the latter decreases insignificantly. The possible range of variation of the prepulse power and energy can be as wide as 40 dB. In the experiments, the prepulse level control within the range of ∼10 dB was demonstrated.

Using hardware vulnerability factors to enhance AVF analysis

Fault tolerance is now a primary design constraint for all major microprocessors. One step in determining a processor's compliance to its failure rate target is measuring the Architectural Vulnerability Factor (AVF) of each on-chip structure. The AVF of a hardware structure is the probability that a fault in the structure will affect the output of a program. While AVF generates meaningful insight into system behavior, it cannot quantify the vulnerability of an individual system component (hardware, user program, etc.), limiting the amount of insight that can be generated. To address this, prior work has introduced the Program Vulnerability Factor (PVF) to quantify the vulnerability of software. In this paper, we introduce and analyze the Hardware Vulnerability Factor (HVF) to quantify the vulnerability of hardware. HVF has three concrete benefits which we examine in this paper. First, HVF analysis can provide insight to hardware designers beyond that gained from AVF analysis alone. Second, separating AVF analysis into HVF and PVF steps can accelerate the AVF measurement process. Finally, HVF measurement enables runtime AVF estimation that combines compile-time PVF estimates with runtime HVF measurements. A key benefit of this technique is that it allows software developers to influence the runtime AVF estimates. We demonstrate that this technique can estimate AVF at runtime with an average absolute error of less than 3%.

경량화 프로세스 추적을 통한 중요 데이터 유출 방지

컴퓨터와 개인 휴대 단말장치 사용의 대중화와 함께 이들 장치들을 이용한 개인정보 혹은 사업상 중요 데이터를 처리하고 저장하는 행위도 따라 증가하게 되었다. 따라서 이들 장치로부터 사용자의 허락 없이 중요 데이터가 자신의 장치로부터 빠져나가는 행위가 일어나서는 안 된다. 본 논문에서는 중요 파일과 관련된 파일 오픈 시스템 콜을 호출하는 프로세스를 일정시간 추적하여 네트워킹 인터페이스를 통해 이들 중요 데이터가 빠져 나가는 것을 방지하는 간단한 방법을 제시하였다. 제안된 방법은 기존 인증 혹은 암호화를 이용한 방법과 비교해 해킹 기술 발전과 하드웨어 및 소프트웨어의 새로운 취약점 발견과 무관하게 안정적으로 동작하는 이점이 있다. 특히, 본 논문에서는 리눅스 환경의 사용자와 커널 영역에서 제안된 알고리즘을 직접 구현하여 타당성을 검증하였다. As the usage of computers and mobile handsets is popularized, the processing and storing of private and business data are increased. Hence we note that these sensitive data should never be transferred out of these personal devices without user's permission. In this paper, we propose a simple method to prevent transferring the sensitive data out of personal computing devices through their networking interfaces. The proposed method determines which processes invoke open system call related to the sensitive data, and then traces them within a specific duration. The proposed scheme has advantage over the existing ones using authentication or encryption because it could be still working well independent upon the new attack technologies or the latest vulnerabilities of hardware and software. In order to verify the proposed algorithm, we test it by implementing the necessary codes at the user and kernel spaces of Linux.