Title :
OS support for detecting Trojan circuit attacks
Author :
Bloom, Gedare ; Narahari, Bhagirath ; Simha, Rahul
Author_Institution :
Dept. of Comput. Sci., George Washington Univ., Washington, DC, USA
Abstract :
Rapid advances in integrated circuit (IC) development predicted by Moore´s Law lead to increasingly complex, hard to verify IC designs. Design insiders or adversaries employed at untrusted locations can insert malicious Trojan circuits capable of launching attacks in hardware or supporting software-based attacks. In this paper, we provide a method for detecting Trojan circuit denial-of-service attacks using a simple, verifiable hardware guard external to the complex CPU. The operating system produces liveness checks, embedded in the software clock, to which the guard can respond. We also present a novel method for the OS to detect a hardware-software (HW/SW) Trojan privilege escalation attack by using OS-generated checks to test if the CPU hardware is enforcing memory protection (MP). Our implementation of fine-grained periodic checking of MP enforcement incurs only 2.2% overhead using SPECint 2006.
Keywords :
integrated circuit design; invasive software; operating systems (computers); IC designs; Moore Law; Trojan circuit denial-of-service attack detection; hardware-software Trojan privilege escalation attack; integrated circuit development; malicious Trojan circuits; memory protection; operating system support; software clock; Central Processing Unit; Circuits; Clocks; Computer crime; Embedded software; Hardware; Moore´s Law; Operating systems; Protection; Testing;
Conference_Titel :
Hardware-Oriented Security and Trust, 2009. HOST '09. IEEE International Workshop on
Conference_Location :
Francisco, CA
Print_ISBN :
978-1-4244-4805-0
Electronic_ISBN :
978-1-4244-4804-3
DOI :
10.1109/HST.2009.5224959