Showing papers on "Trojan published in 2013"
20 Aug 2013
TL;DR: An extremely stealthy approach for implementing hardware Trojans below the gate level is proposed, and their impact on the security of the target device is evaluated and their detectability and their effects on security are evaluated.
Abstract: In recent years, hardware Trojans have drawn the attention of governments and industry as well as the scientific community. One of the main concerns is that integrated circuits, e.g., for military or critical-infrastructure applications, could be maliciously manipulated during the manufacturing process, which often takes place abroad. However, since there have been no reported hardware Trojans in practice yet, little is known about how such a Trojan would look like, and how difficult it would be in practice to implement one.
In this paper we propose an extremely stealthy approach for implementing hardware Trojans below the gate level, and we evaluate their impact on the security of the target device. Instead of adding additional circuitry to the target design, we insert our hardware Trojans by changing the dopant polarity of existing transistors. Since the modified circuit appears legitimate on all wiring layers (including all metal and polysilicon), our family of Trojans is resistant to most detection techniques, including fine-grain optical inspection and checking against "golden chips". We demonstrate the effectiveness of our approach by inserting Trojans into two designs -- a digital post-processing derived from Intel's cryptographically secure RNG design used in the Ivy Bridge processors and a side-channel resistant SBox implementation -- and by exploring their detectability and their effects on security.
276 citations
07 Nov 2013
TL;DR: A vulnerability analysis flow is developed that determines hard-to-detect areas in a circuit that would most probably be used for Trojan implementation to ensure a Trojan goes undetected during production test and extensive functional test analysis.
Abstract: The areas of hardware security and trust have experienced major growth over the past several years. However, research in Trojan detection and prevention lacks standard benchmarks and measurements, resulting in inconsistent research outcomes, and ambiguity in analyzing strengths and weaknesses in the techniques developed by different research teams and their advancements to the state-of-the-art. We have developed innovative methodologies that, for the first time, more effectively address the problem. We have developed a vulnerability analysis flow. The flow determines hard-to-detect areas in a circuit that would most probably be used for Trojan implementation to ensure a Trojan goes undetected during production test and extensive functional test analysis. Furthermore, we introduce the Trojan detectability metric to quantify Trojan activation and effect. This metric offers a fair comparison for analyzing weaknesses and strengths of Trojan detection techniques. Using these methodologies, we have developed a large number of trust benchmarks that are available for use by the public, as well as researchers and practitioners in the field.
219 citations
TL;DR: A novel noninvasive, multiple-parameter side-channel analysisbased Trojan detection approach that uses the intrinsic relationship between dynamic current and maximum operating frequency of a circuit to isolate the effect of a Trojan circuit from process noise.
Abstract: Hardware Trojan attack in the form of malicious modification of a design has emerged as a major security threat. Sidechannel analysis has been investigated as an alternative to conventional logic testing to detect the presence of hardware Trojans. However, these techniques suffer from decreased sensitivity toward small Trojans, especially because of the large process variations present in modern nanometer technologies. In this paper, we propose a novel noninvasive, multiple-parameter side-channel analysisbased Trojan detection approach. We use the intrinsic relationship between dynamic current and maximum operating frequency of a circuit to isolate the effect of a Trojan circuit from process noise. We propose a vector generation approach and several design/test techniques to improve the detection sensitivity. Simulation results with two large circuits, a 32-bit integer execution unit (IEU) and a 128-bit advanced encryption standard (AES) cipher, show a detection resolution of 1.12 percent amidst ±20 percent parameter variations. The approach is also validated with experimental results. Finally, the use of a combined side-channel analysis and logic testing approach is shown to provide high overall detection coverage for hardware Trojan circuits of varying types and sizes.
207 citations
TL;DR: This work has demonstrated the feasibility of hardware Trojan insertion in circuits mapped on FPGAs by direct modification of the FPGA configuration bitstream by a software program to insert a hardware Trojan in the design.
Abstract: In this work, we have demonstrated the feasibility of hardware Trojan insertion in circuits mapped on FPGAs by direct modification of the FPGA configuration bitstream. The main challenge of this attack proved to be the lack of sufficient information in the public domain about the bitstream format and the internal architecture and configurability of the FPGA. Nevertheless, we were able to show that under certain constraints on the functionality, size and placement of the Trojan on the FPGA, it is possible to modify the configuration bitstream by a software program to insert a hardware Trojan in the design. The main strength of the attack lies in the fact that since the modification is at the configuration bitstream level, it bypasses all predeployment design validation mechanisms. We also propose some techniques to prevent the demonstrated attack. We hope that this work will raise awareness among FPGA users about the potency of the threat posed by this relatively simple attack and its improved variants. .
142 citations
TL;DR: An overview of hardware Trojans and countermeasures is provided that act as spies or terrorists in the microelectronic industry.
Abstract: With the increasing disintegration of the design and manufacturing chain of our microelectronic products, we should not only worry about including unintentional, unwanted hardware features (“bugs”), but also about including intentional malicious hardware features: “Trojan Horses,”which act as spies or terrorists. This article provides an overview of hardware Trojans and countermeasures.
120 citations
02 Jun 2013
TL;DR: A novel technique, called built-in self-authentication (BISA), that can fill unused spaces in a circuit layout by functional filler cells instead of non-functional filler cells, which can be used to prevent Trojan insertion or make Trojan insertion extremely difficult.
Abstract: Hardware Trojans have become a significant threat to government agencies and enterprises that require security and trustworthiness in systems with critical applications. Detecting hardware Trojans is very challenging because of the diversity of Trojans and unpredictable process variations during fabrication. In this paper, we propose a novel technique, called built-in self-authentication (BISA), that can fill unused spaces in a circuit layout by functional filler cells instead of non-functional filler cells. All functional filler cells will be tested by BISA itself and a digital signature would be generated. Any modification on BISA will result in a different signature. Thus, BISA can be used to prevent Trojan insertion or make Trojan insertion extremely difficult. BISA can be applied to any single-module or bottom-up hierarchical design, and we evaluate it on different circuits to demonstrate the effective of this technique.
119 citations
20 Aug 2013
TL;DR: In this article, the authors study hardware trojan horses insertion and detection in cryptographic IP blocks, based on the comparison between optical microscopic pictures of the silicon product and the original view from a GDSII layout database reader.
Abstract: Detecting hardware trojans is a difficult task in general. In this article we study hardware trojan horses insertion and detection in cryptographic intellectual property (IP) blocks. The context is that of a fabless design house that sells IP blocks as GDSII hard macros, and wants to check that final products have not been infected by trojans during the foundry stage. First, we show the efficiency of a medium cost hardware trojans detection method if the placement or the routing have been redone by the foundry. It consists in the comparison between optical microscopic pictures of the silicon product and the original view from a GDSII layout database reader. Second, we analyze the ability of an attacker to introduce a hardware trojan horse without changing neither the placement nor the routing of the cryptographic IP logic. On the example of an AES engine, we show that if the placement density is beyond 80%, the insertion is basically impossible. Therefore, this settles a simple design guidance to avoid trojan horses insertion in cryptographic IP blocks: have the design be compact enough, so that any functionally discreet trojan necessarily requires a complete replace and re-route, which is detected by mere optical imaging (and not complete chip reverse-engineering).
109 citations
18 Nov 2013
TL;DR: This paper proposes innovative low-overhead approaches for run-time Trojan detection which exploit the thermal sensors already available in many modern systems to detect deviations in power/thermal profiles caused by Trojan activation.
Abstract: The hardware Trojan threat has motivated development of Trojan detection schemes at all stages of the integrated circuit (IC) lifecycle. While the majority of existing schemes focus on ICs at test-time, there are many unique advantages offered by post-deployment/run-time Trojan detection. However, run-time approaches have been underutilized with prior work highlighting the challenges of implementing them with limited hardware resources. In this paper, we propose innovative low-overhead approaches for run-time Trojan detection which exploit the thermal sensors already available in many modern systems to detect deviations in power/thermal profiles caused by Trojan activation. Simulation results using state-of-the-art tools on publicly available Trojan benchmarks verify that our approaches can detect active Trojans quickly and with few false positives.
103 citations
01 Oct 2013
TL;DR: A novel vulnerability analysis determines a circuit's susceptibility to Trojan insertion based on statement hardness analysis as well as observability of circuit signals and the Trojan detectability metric is introduced to quantitatively compare the detectability of behavioral Trojans inserted into different circuits.
Abstract: Considerable attention has been paid to hardware Trojan detection and prevention. However, there is no existing systematic approach to investigate circuit vulnerability to hardware Trojan insertion during development. We present such an approach to investigate circuit vulnerability to Trojan insertion at the behavioral level. This novel vulnerability analysis determines a circuit's susceptibility to Trojan insertion based on statement hardness analysis as well as observability of circuit signals. Further, the Trojan detectability metric is introduced to quantitatively compare the detectability of behavioral Trojans inserted into different circuits. This creates a fair comparison for analyzing the strengths and weaknesses of Trojan detection techniques as well as helping verify trustworthiness of a third party Intellectual Property (IP).
80 citations
18 Mar 2013
TL;DR: The results reveal that the new methodology can detect Trojans with 3–4 orders of magnitude smaller power consumptions than the total power usage of the chip, while it scales very well because of the spatial view to the ICs internals by the thermal mapping.
Abstract: Vulnerability of modern integrated circuits (ICs) to hardware Trojans has been increasing considerably due to the globalization of semiconductor design and fabrication processes. The large number of parts and decreased controllability and observability to complex ICs internals make it difficult to efficiently perform Trojan detection using typical structural tests like path latency and leakage power. In this paper, we present new accurate methods for Trojan detection that are based upon post-silicon multimodal thermal and power characterization techniques. Our approach first estimates the detailed post-silicon spatial power consumption using thermal maps of the IC, then applies 2DPCA to extract features of the spatial power consumption, and finally uses statistical tests against the features of authentic ICs to detect the Trojan. To characterize real-world ICs accurately, we perform our experiments in presence of 20% - 40% CMOS process variation. Our results reveal that our new methodology can detect Trojans with 3-4 orders of magnitude smaller power consumptions than the total power usage of the chip, while it scales very well because of the spatial view to the ICs internals by the thermal mapping.
73 citations
18 Mar 2013
TL;DR: This paper proposes a method that maximizes the resolution of each path delay measurement, in terms of its ability to detect the targeted Trojan, and demonstrates the significant improvements in effectiveness and cost provided by this approach under high levels of process variations.
Abstract: One of the growing issues in IC design is how to establish trustworthiness of chips fabricated by untrusted vendors. Such process, often called Trojan detection, is challenging since the specifics of hardware Trojans inserted by intelligent adversaries are difficult to predict and most Trojans do not affect the logic behavior of the circuit unless they are activated. Also, Trojan detection via parametric measurements becomes increasingly difficult with increasing levels of process variations. In this paper we propose a method that maximizes the resolution of each path delay measurement, in terms of its ability to detect the targeted Trojan. In particular, for each Trojan, our approach accentuates the Trojan's impact by generating a vector that sensitizes the shortest path passing via the Trojan's site. We estimate the minimum number of chips to which each vector must be applied to detect the Trojan with sufficient confidence for a given level of process variations. Finally, we demonstrate the significant improvements in effectiveness and cost provided by our approach under high levels of process variations. Experimental results on several benchmark circuits show that we can achieve dramatic reduction in test cost using our approach compared to classical path delay testing.
TL;DR: The detection of a Uranian Trojan is reported and a Centaur model is constructed, supplied from the transneptunian region, to estimate temporary co-orbital capture frequency and duration, finding that at any time 0.4 and 2.8% of the population will be Uranian and Neptunian co-orbitals, respectively.
Abstract: Trojan objects share a planet’s orbit, never straying far from the triangular Lagrangian points, 60° ahead of (L4) or behind (L5) the planet. We report the detection of a Uranian Trojan; in our numerical integrations, 2011 QF 99 oscillates around the Uranian L4 Lagrange point for >70,000 years and remains co-orbital for ∼1 million years before becoming a Centaur. We constructed a Centaur model, supplied from the transneptunian region, to estimate temporary co-orbital capture frequency and duration (to a factor of 2 accuracy), finding that at any time 0.4 and 2.8% of the population will be Uranian and Neptunian co-orbitals, respectively. The co-orbital fraction (∼2.4%) among Centaurs in the International Astronomical Union Minor Planet Centre database is thus as expected under transneptunian supply.
23 Jun 2013
TL;DR: To the best of the knowledge, this is the first hardware Trojan manufactured as an ASIC and has successfully been analyzed using side channels and identified and classify all infected ASICs from non-infected ones.
Abstract: We infiltrate the ASIC development chain by inserting a small denial-of-service (DoS) hardware Trojan at the fabrication design phase into an existing VLSI circuit, thereby simulating an adversary at a semiconductor foundry. Both the genuine and the altered ASICs have been fabricated using a 180 nm CMOS process. The Trojan circuit adds an overhead of only 0.5% to the original design. In order to detect the hardware Trojan, we perform side-channel analyses and apply IC-fingerprinting techniques using templates, principal component analysis (PCA), and support vector machines (SVMs). As a result, we were able to successfully identify and classify all infected ASICs from non-infected ones. To the best of our knowledge, this is the first hardware Trojan manufactured as an ASIC and has successfully been analyzed using side channels.
TL;DR: In this paper, the authors investigated families of non-symmetric periodic orbits of the restricted four-body problem where the three primary bodies are set in the stable Lagrangian equilateral triangle configuration.
TL;DR: A framework which is based on adding a set of detection sensors to a design which are integrated in the free spaces on the layout and fabricated on the same die to show its effectiveness in realizing a self-authentication process which is independent of a GIC.
Abstract: Detecting hardware Trojan attacks often rely on availability of pre-verified golden chips. In this article, authors propose an efficient Trojan detection approach using sequence of path delay traces that eliminate such a need.
Book•
27 Nov 2013
TL;DR: This book describes techniques to verify the authenticity of integrated circuits (ICs) and describes existing Trojan detection methods, their effectiveness in disclosing various types of Trojans, and demonstrate several architecture-level solutions.
Abstract: This book describes techniques to verify the authenticity of integrated circuits (ICs). It focuses on hardware Trojan detection and prevention and counterfeit detection and prevention. The authors discuss a variety of detection schemes and design methodologies for improving Trojan detection techniques, as well as various attempts at developing hardware Trojans in IP cores and ICs. While describing existing Trojan detection methods, the authors also analyze their effectiveness in disclosing various types of Trojans, and demonstrate several architecture-level solutions.
TL;DR: In this paper, a modified radiative transfer model was used to fit the Trojan spectra simultaneously both in the near and the thermal infrared regions, and it was shown that the Trojan spectral properties can be consistently explained by fine grained silicates (1 − 5 ¼ ) and highly absorbing material (e.g. carbon or iron, 2 − 10 ¼ ).
TL;DR: In this paper, the authors explore the long-term stability of Earth Trojans by using a chaos indicator, the Frequency Map Analysis, and find that there is an extended stability region at low eccentricity and for inclinations lower than about $50^{\circ }$$.
Abstract: We explore the long-term stability of Earth Trojans by using a chaos indicator, the Frequency Map Analysis. We find that there is an extended stability region at low eccentricity and for inclinations lower than about $$50^{\circ }$$
even if the most stable orbits are found at $$i \le 40^{\circ }$$
. This region is not limited in libration amplitude, contrary to what found for Trojan orbits around outer planets. We also investigate how the stability properties are affected by the tidal force of the Earth–Moon system and by the Yarkovsky force. The tidal field of the Earth–Moon system reduces the stability of the Earth Trojans at high inclinations while the Yarkovsky force, at least for bodies larger than 10 m in diameter, does not seem to strongly influence the long-term stability. Earth Trojan orbits with the lowest diffusion rate survive on timescales of the order of $$10^9$$
years but their evolution is chaotic. Their behaviour is similar to that of Mars Trojans even if Earth Trojans appear to have shorter lifetimes.
Harvard University1, Southwest Research Institute2, Carnegie Learning3, National Research Council4, Carnegie Institution for Science5, Massachusetts Institute of Technology6, Northern Arizona University7, University of Franche-Comté8, University of Hawaii9, University of Florida10, Lowell Observatory11
TL;DR: A long-term stable L5 (trailing) Neptune Trojan was discovered in data acquired to search for candidate trans-Neptunian objects for the New Horizons spacecraft to fly by during an extended post-Pluto mission as mentioned in this paper.
Abstract: We present the discovery of a long-term stable L5 (trailing) Neptune Trojan in data acquired to search for candidate trans-Neptunian objects for the New Horizons spacecraft to fly by during an extended post-Pluto mission. This Neptune Trojan, 2011 HM102, has the highest inclination (29.°4) of any known member of this population. It is intrinsically brighter than any single L5 Jupiter Trojan at HV ~ 8.18. We have determined its gri colors (a first for any L5 Neptune Trojan), which we find to be similar to the moderately red colors of the L4 Neptune Trojans, suggesting similar surface properties for members of both Trojan clouds. We also present colors derived from archival data for two L4 Neptune Trojans (2006 RJ103 and 2007 VL305), better refining the overall color distribution of the population. In this document we describe the discovery circumstances, our physical characterization of 2011 HM102, and this object's implications for the Neptune Trojan population overall. Finally, we discuss the prospects for detecting 2011 HM102 from the New Horizons spacecraft during its close approach in mid- to late-2013.
TL;DR: Fecundity holds the most influence over how effectively TSC theory can be used to control fish populations, however, a recent meta-analysis demonstrates that the fecundity of sex-reversed fish is compromised.
Abstract: Invasive fish species are a primary threat to aquatic ecosystems. Owing to the high fecundity of some fish, conventional control methods (e.g. specific removal) can be ineffective and the use of poisons is not desirable due to their non-specificity. Trojan sex chromosomes (TSC) are a theoretical method of invasive species control, where sex-reversed fish that are only able to produce male offspring are released into the target population. These Trojan individuals subsequently breed, causing a male skewed population sex ratio and eventually population collapse. Previous publications have explored TSC as an invasive species control, but assume that wild-type and Trojan fish have equal fitness, an assumption that may not be valid. What is more, models from closely related fields suggest that differential fitness between Trojans and wild-type fish maybe influential in the efficacy of TSC as a bio-control. Here we use agent based modeling to test how effectively TSC can be used to control two common invasive species of mosquitofish (Gambusia affinis and G. holbrooki) when Trojans have compromised fitness. We manipulated the fecundity, probability of mating and offspring survival of Trojan fish. Overall, our models found that fecundity holds the most influence over how effectively TSC theory can be used to control fish populations. However, a recent meta-analysis demonstrates that the fecundity of sex-reversed fish is compromised. It may be possible to compensate for reduced fecundity by increasing the rate of Trojan introductions. Surprisingly, our models also found that Trojans are a more effective bio-control when consistently introduced into the same place, rather than being randomly distributed at introduction.
TL;DR: A novel methodology combining on-chip structure with external current measurements is proposed to verify whether or not an IC is Trojan free, which considers Trojans' impact on neighboring cells and on the entire IC's power consumption, and effectively localizes the measurement of dynamic power.
Abstract: Verifying the trustworthiness of Integrated Circuits (ICs) is of utmost importance, as hardware Trojans may destroy ICs bound for critical applications. A novel methodology combining on-chip structure with external current measurements is proposed to verify whether or not an IC is Trojan free. This method considers Trojans' impact on neighboring cells and on the entire IC's power consumption, and effectively localizes the measurement of dynamic power. To achieve this, we develop a new on-chip ring oscillator network structure distributed across the entire chip and place each ring oscillator's components in different rows of a standard-cell design. By developing novel statistical data analysis, the effect of process variations on the ICs' transient power will be separated from the effect of Trojans. Simulation results using 90nm technology and experimental results on Xilinx Spartan-6 FPGAs demonstrate the efficiency of our proposed method.
TL;DR: In this article, the authors revisited the long-term dynamical evolution of the previously known Mars Trojans and showed that 2011 SC191, 2011 SL25 and 2011 UN63 are also trailing (L4 and L5).
Abstract: Mars was second to Jupiter in being recognized as the host of a population of Trojan minor bodies. Since 1990, five asteroids - 5261 Eureka, (101429) 1998 VF31, (121514) 1999 UJ7, 2001 DH47 and (311999) 2007 NS2 - have been identified as Mars Trojans, one L4 and four L5. Dynamical and spectroscopic evidence suggests that some Mars Trojans may be remnants of the original planetesimal population that formed in the terrestrial planets region. Here we revisit the long-term dynamical evolution of the previously known Mars Trojans and show that 2011 SC191, 2011 SL25 and 2011 UN63 are also trailing (L5) Mars Trojans. They appear to be as stable as Eureka and may have been Trojans over the age of the Solar system. The fact that five Trojans move in similar orbits and one of them is a binary may point to the disruption of a larger body early in the history of the Solar system. Such a catastrophic event may also explain the apparently strong asymmetry in terms of number of objects (one versus seven) between the L4 and L5 regions. Future spectroscopic observations should be able to reject or confirm a putative common chemical signature that may lend further support to collisional scenario.
TL;DR: In this paper, a systematic search for extrasolar trojan companions to 2244 known Kepler Objects of Interest (KOIs), with epicyclic orbital characteristics similar to those of the Jovian trojan families, was conducted, and no convincing trojan candidates are found, despite a typical sensitivity down to Earth-size objects.
Abstract: Trojans are circumstellar bodies that reside in characteristic 1:1 orbital resonances with planets. While all the trojans in our solar system are small (100 km), stable planet-size trojans may exist in extrasolar planetary systems, and the Kepler telescope constitutes a formidable tool to search for them. Here we report on a systematic search for extrasolar trojan companions to 2244 known Kepler Objects of Interest (KOIs), with epicyclic orbital characteristics similar to those of the Jovian trojan families. No convincing trojan candidates are found, despite a typical sensitivity down to Earth-size objects. This fact, however, cannot be used to stringently exclude the existence of trojans in this size range, since stable trojans need not necessarily share the same orbital plane as the planet, and thus may not transit. Following this reasoning, we note that if Earth-sized trojans exist at all, they are almost certainly both present and in principle detectable in the full set of Kepler data, although a very substantial computational effort would be required to detect them. Additionally, we also note that some of the existing KOIs could in principle be trojans themselves, with a primary planet orbiting outside of the transiting plane. A few examples are given for which this is a readily testable scenario.
TL;DR: Scholl et al. as mentioned in this paper reported the discovery of new martian Trojans within the Minor Planet Center list of asteroids, which formed a cluster within the region where the most stable trojans should reside, based on a combinatorial analysis and a comparison with the jovian Trojan population.
TL;DR: In this paper, the authors carried out an extensive study of the possibility of the detection of Earth-mass and super-Earth Trojan planets using transit timing variation method with the Kepler space telescope.
Abstract: We have carried out an extensive study of the possibility of the detection of Earth-mass and super-Earth Trojan planets using transit timing variation method with the Kepler space telescope. We have considered a system consisting of a transiting Jovian-type planet in a short period orbit, and determined the induced variations in its transit timing due to an Earth-mass/super-Earth Trojan planet. We mapped a large section of the phase space around the 1:1 mean-motion resonance and identified regions corresponding to several other mean-motion resonances where the orbit of the planet would be stable. We calculated transit timing variations (TTVs) for different values of the mass and orbital elements of the transiting and perturbing bodies as well as the mass of central star, and identified orbital configurations of these objects (ranges of their orbital elements and masses) for which the resulted TTVs would be within the range of the variations of the transit timing of Kepler’s planetary candidates. Results of our study indicate that in general, the amplitudes of the TTVs fall within the detectable range of timing precision obtained from the Kepler’s long-cadence data, and depending on the parameters of the system, their magnitudes may become as large as a few hours. The probability of detection is higher for super-Earth Trojans with slightly eccentric orbits around short-period Jovian-type planets with masses slightly smaller than Jupiter. We present the details of our study and discuss the implications of its results.
19 May 2013
TL;DR: Several methods that can be used to verify effectiveness of startup circuits in eliminating known stable Trojan operating states will be discussed and it will be shown that some widely used approaches do not guarantee Trojan states have been removed.
Abstract: Several methods that can be used to verify effectiveness of startup circuits in eliminating known stable Trojan operating states will be discussed. It will be shown that some widely used approaches do not guarantee Trojan states have been removed. Some of the methods introduced appear to be more practical to work with than others. These methods can also be used to identify the presence of unknown stable Trojan states in many useful circuits.
TL;DR: The paper presents a background on which this attack is based and provides the assumptions that make the attack possible and two embodiments of the attack are presented consisting of a basic backpropagation network and a Neural Network Trojan with Sequence Processing Connections NNTSPC.
Abstract: This paper presents a proof of concept of a neural network Trojan. The neural network Trojan consists of a neural network that has been trained with a compromised dataset and modified code. The Trojan implementation is carried out by insertion of a malicious payload encoded into the weights alongside with the data of the intended application. The neural Trojan is specifically designed so that when a specific entry is fed into the trained neural network, it triggers the interpretation of the data as payload. The paper presents a background on which this attack is based and provides the assumptions that make the attack possible. Two embodiments of the attack are presented consisting of a basic backpropagation network and a Neural Network Trojan with Sequence Processing Connections NNTSPC. The two alternatives are used depending on the underlying circumstances on which the compromise is launched. Experimental results are carried out with synthetic as well as a chosen existing binary payload. Practical issues of the attack are also discussed, as well as a discussion on detection techniques.
TL;DR: In this article, a systematic search for extrasolar trojan companions to 2244 known Kepler Objects of Interest (KOIs), with epicyclic orbital characteristics similar to those of the Jovian trojan families, was conducted, and no convincing trojan candidates are found, despite a typical sensitivity down to Earth-size objects.
Abstract: Trojans are circumstellar bodies that reside in characteristic 1:1 orbital resonances with planets. While all the trojans in our Solar System are small (< ~100 km), stable planet-size trojans may exist in extrasolar planetary systems, and the Kepler telescope constitutes a formidable tool to search for them. Here we report on a systematic search for extrasolar trojan companions to 2244 known Kepler Objects of Interest (KOIs), with epicyclic orbital characteristics similar to those of the Jovian trojan families. No convincing trojan candidates are found, despite a typical sensitivity down to Earth-size objects. This fact can however not be used to stringently exclude the existence of trojans in this size range, since stable trojans need not necessarily share the same orbital plane as the planet, and thus may not transit. Following this reasoning, we note that if Earth-sized trojans exist at all, they are almost certainly both present and in principle detectable in the full set of Kepler data, although a very substantial computational effort would be required to detect them. On the same token, we also note that some of the existing KOIs could in principle be trojans themselves, with a primary planet orbiting outside of the transiting plane. A few examples are given for which this is a readily testable scenario.
19 May 2013
TL;DR: A current sensing circuit is presented that converts the current activity on local power grid to a timing pulse to detect if an IC is Trojan-infected and this new approach increases the Trojan detection sensitivity.
Abstract: With the globalization of integrated circuit (IC) design and fabrication, there is a growing concern on the devastating impact of subverted chip supply. This paper presents a current sensing circuit that converts the current activity on local power grid to a timing pulse to detect if an IC is Trojan-infected. This new approach increases the Trojan detection sensitivity by combining the switching activity and path sensitization abnormalities into a single side-channel signal that can be easily monitored by existing scan test structure. One main advantage of the proposed regional Trojan detector is that the current comparator threshold can be calibrated against the quiescent current noise floor to reduce the impacts of process variations. Experiments are performed on a Trojan-infected benchmark circuit to demonstrate the feasibility of the proposed technique.
29 Sep 2013
TL;DR: A new detection method exploiting statistical properties of the probability distribution functions built from side-channel measurements is introduced and it is shown that it is more robust to measurement noise than previously presented methods.
Abstract: Hardware Trojan design and detection have been extensively studied during the last years. In this work we investigate non-invasive detection methods utilizing so-called side-channel analysis. In the past, almost all proposed detection techniques have been evaluated based on simulations only and thus, the question remains how well they perform in practice. Therefore, we perform a practical evaluation of two previously published Trojan detection methods based on principal component analysis. We evaluate those methods on various designs of a complete functional lightweight hardware Trojan embedded in a PRESENT block cipher circuit. More precisely, we investigate how well the simulations match our practical results and reveal some shortcomings. Subsequently, we introduce a new detection method exploiting statistical properties of the probability distribution functions built from side-channel measurements and show that it is more robust to measurement noise than previously presented methods.