OS support for detecting Trojan circuit attacks

Author

Bloom, Gedare ; Narahari, Bhagirath ; Simha, Rahul

Author_Institution

Dept. of Comput. Sci., George Washington Univ., Washington, DC, USA

fYear

2009

fDate

27-27 July 2009

Firstpage

100

Lastpage

103

Abstract

Rapid advances in integrated circuit (IC) development predicted by Moore´s Law lead to increasingly complex, hard to verify IC designs. Design insiders or adversaries employed at untrusted locations can insert malicious Trojan circuits capable of launching attacks in hardware or supporting software-based attacks. In this paper, we provide a method for detecting Trojan circuit denial-of-service attacks using a simple, verifiable hardware guard external to the complex CPU. The operating system produces liveness checks, embedded in the software clock, to which the guard can respond. We also present a novel method for the OS to detect a hardware-software (HW/SW) Trojan privilege escalation attack by using OS-generated checks to test if the CPU hardware is enforcing memory protection (MP). Our implementation of fine-grained periodic checking of MP enforcement incurs only 2.2% overhead using SPECint 2006.

Keywords

integrated circuit design; invasive software; operating systems (computers); IC designs; Moore Law; Trojan circuit denial-of-service attack detection; hardware-software Trojan privilege escalation attack; integrated circuit development; malicious Trojan circuits; memory protection; operating system support; software clock; Central Processing Unit; Circuits; Clocks; Computer crime; Embedded software; Hardware; Moore´s Law; Operating systems; Protection; Testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Hardware-Oriented Security and Trust, 2009. HOST '09. IEEE International Workshop on

Conference_Location

Francisco, CA

Print_ISBN

978-1-4244-4805-0

Electronic_ISBN

978-1-4244-4804-3

Type

conf

DOI

10.1109/HST.2009.5224959

Filename

5224959