DocumentCode :
65681
Title :
Fabrication Attacks: Zero-Overhead Malicious Modifications Enabling Modern Microprocessor Privilege Escalation
Author :
Tsoutsos, Nektarios Georgios ; Maniatakos, Michail
Author_Institution :
Polytech. Sch. of Eng., Dept. of Comput. Sci. & Eng., New York Univ., New York, NY, USA
Volume :
2
Issue :
1
fYear :
2014
fDate :
Mar-14
Firstpage :
81
Lastpage :
93
Abstract :
The wide deployment of general purpose and embedded microprocessors has emphasized the need for defenses against cyber-attacks. Due to the globalized supply chain, however, there are several stages where a processor can be maliciously modified. The most promising stage, and the hardest during which to inject the hardware trojan, is the fabrication stage. As modern microprocessor chips are characterized by very dense, billion-transistor designs, such attacks must be very carefully crafted. In this paper, we demonstrate zero overhead malicious modifications on both high-performance and embedded microprocessors. These hardware trojans enable privilege escalation through execution of an instruction stream that excites the necessary conditions to make the modification appear. The minimal footprint, however, comes at the cost of a small window of attack opportunities. Experimental results show that malicious users can gain escalated privileges within a few million clock cycles. In addition, no system crashes were reported during normal operation, rendering the modifications transparent to the end user.
Keywords :
invasive software; multiprocessing systems; cyber-attacks; embedded microprocessors; fabrication attacks; hardware trojans; high-performance microprocessors; modern microprocessor privilege escalation; zero-overhead malicious modifications; Computer architecture; Embedded systems; Fabrication; Hardware; Logic gates; Microprocessors; Trojan horses; Hardware trojans; fabrication attacks; malicious modification; microprocessors; privilege escalation; zero overhead;
fLanguage :
English
Journal_Title :
Emerging Topics in Computing, IEEE Transactions on
Publisher :
ieee
ISSN :
2168-6750
Type :
jour
DOI :
10.1109/TETC.2013.2287186
Filename :
6646239
Link To Document :
بازگشت