Showing papers on "Trojan published in 2018"

An inside job: Remote power analysis attacks on FPGAs

Abstract: Hardware Trojans have gained increasing interest during the past few years. Undeniably, the detection of such malicious designs needs a deep understanding of how they can practically be built and developed. In this work we present a design methodology dedicated to FPGAs which allows measuring a fraction of the dynamic power consumption. More precisely, we develop internal sensors which are based on FPGA primitives, and transfer the internally-measured side-channel leakages outside. These are distributed and calibrated delay sensors which can indirectly measure voltage fluctuations due to power consumption. By means of a cryptographic core as a case study, we present different settings and parameters for our employed sensors. Using their side-channel measurements, we further exhibit practical key-recovery attacks confirming the applicability of the underlying measurement methodology. This opens a new door to integrate hardware Trojans in a) applications where the FPGA is remotely accessible and b) FPGA-based multi-user platforms where the reconfigurable resources are shared among different users. This type of Trojan is highly difficult to detect since there is no signal connection between targeted (cryptographic) core and the internally-deployed sensors.

Scalable Test Generation for Trojan Detection Using Side Channel Analysis

Abstract: Hardware Trojan detection has emerged as a critical challenge to ensure security and trustworthiness of integrated circuits. A vast majority of research efforts in this area has utilized side-channel analysis for Trojan detection. Functional test generation for logic testing is a promising alternative but it may not be helpful if a Trojan cannot be fully activated or the Trojan effect cannot be propagated to the observable outputs. Side-channel analysis, on the other hand, can achieve significantly higher detection coverage for Trojans of all types/sizes, since it does not require activation/propagation of an unknown Trojan. However, they have often limited effectiveness due to poor detection sensitivity under large process variations and small Trojan footprint in side-channel signature. In this paper, we address this critical problem through a novel side-channel-aware test generation approach, based on a concept of multiple excitation of rare switching (MERS), that can significantly increase Trojan detection sensitivity. This paper makes several important contributions: 1) it presents in detail a scalable statistical test generation method, which can generate high-quality test set for creating high relative activity in arbitrary Trojan instances; 2) it analyzes the effectiveness of generated test set in terms of Trojan coverage; and 3) it describes two judicious reordering methods that can further tune the test set and greatly improve the side channel sensitivity. Simulation results demonstrate that the tests generated by MERS can significantly increase the Trojans sensitivity, thereby making Trojan detection effective using side-channel analysis.

An automated configurable Trojan insertion framework for dynamic trust benchmarks

Abstract: Malicious hardware modification, also known as hardware Trojan attack, has emerged as a serious security concern for electronic systems. Such attacks compromise the basic premise of hardware root of trust. Over the past decade, significant research efforts have been directed to carefully analyze the trust issues arising from hardware Trojans and to protect against them. This vast body of work often needs to rely on well-defined set of trust benchmarks that can reliably evaluate the effectiveness of the protection methods. In recent past, efforts have been made to develop a benchmark suite to analyze the effectiveness of pre-silicon Trojan detection and prevention methodologies. However, there are only a limited number of Trojan inserted benchmarks available. Moreover, there is an inherent bias as the researcher is aware of Trojan properties such as location and trigger condition since the current benchmarks are static. In order to create an unbiased and robust benchmark suite to evaluate the effectiveness of any protection technique, we have developed a comprehensive framework of automatic hardware Trojan insertion. Given a netlist, the framework will automatically generate a design with single or multiple Trojan instances based user-specified Trojan properties. It allows a wide variety of configurations, such as the type of Trojan, Trojan activation probability, number of triggers, and choice of payload. The tool ensures that the inserted Trojan is a valid one and allow for provisions to optimize the Trojan footprint (area and switching). Experiments demonstrate that a state-of-the-art Trojan detection technique provides poor efficacy when using benchmarks generated by our tool. This tool is available for download from http://www.trust-hub.org/.

Hardware Trojan Detection Using ATPG and Model Checking

Abstract: The threat of hardware Trojans' existence in inte-gratedcircuits has become a major concern in System-on-Chip (SoC) design industry as well as in military/defense organizations. There is an increased emphasis on finding effective ways to detect and activate hardware Trojans in current research efforts. However, state-of-the-art approaches suffer from the lack of completeness and scalability. Moreover, most of the existing methods cannot generate efficient tests to activate the potential hidden Trojan. In this paper, we propose an effective test generation approach which is capable of activating malicious functionality hidden in large sequential designs. Automatic test pattern generation (ATPG) works well on full-scan designs, whereas model checking is suitable for logic blocks without scan chain. Due to overhead considerations, partial-scan chain insertion is the standard practice today. Unfortunately, neither ATPG nor model checking is suitable for partial-scan designs. Our proposed hardware Trojan detection technique utilizes the combination of ATPG and model checking approaches. We use model checking on a subset of non-scan elements and ATPG on scan elements to avoid common pitfalls of running the original design using any one of these techniques. Experimental results demonstrate the effectiveness of tests generated by our proposed approach to detect Trojans on Trust-hub benchmarks.

Trojan Scanner: Detecting Hardware Trojans with Rapid SEM Imaging Combined with Image Processing and Machine Learning

Abstract: Hardware Trojans are malicious changes to the design of integrated circuits (ICs) at different stages of the design and fabrication processes. Different approaches have been developed to detect Trojans namely non-destructive (electrical tests like run-time monitoring, functional and structural tests) and destructive (full chip reverse engineering). However, these methods cannot detect all types of Trojans and they suffer from a number of disadvantages such as slow speed of detection and lack of confidence in detecting all types of Trojans. Majority of hardware Trojans implemented in an IC will leave a footprint at the doping (active) layer. In this paper, we introduce a new version of our previously developed “Trojan Scanner” [1] framework for the untrusted foundry threat model, where a trusted GDSII layout (golden layout) is available. Advanced computer vision algorithms in combination with the supervised machine-learning model are used to classify different features of the golden layout and SEM images from an IC under authentication, as a unique descriptor for each type of gates. These descriptors are compared with each other to detect any subtle changes on the active region, which can raise the flag for the existence of a potential hardware Trojan. The descriptors can differentiate variation due to fabrication process, defects, and common SEM image distortions to rule out the possibility of false detection. Our results demonstrate that Trojan Scanner is more reliable than electrical testing and faster than full chip reverse engineering. Trojan Scanner does not rely on the functionality of the circuit rather focuses on the real physical structure to detect malicious changes inserted by the untrusted foundry.

SIN 2 : Stealth infection on neural network — A low-cost agile neural Trojan attack methodology

Abstract: Deep Neural Network (DNN) has recently become the “de facto” technique to drive the artificial intelligence (AI) industry. However, there also emerges many security issues as the DNN based intelligent systems are being increasingly prevalent. Existing DNN security studies, such as adversarial attacks and poisoning attacks, are usually narrowly conducted at the software algorithm level, with the misclassification as their primary goal. The more realistic system-level attacks introduced by the emerging intelligent service supply chain, e.g. the third-party cloud based machine learning as a service (MLaaS) along with the portable DNN computing engine, have never been discussed. In this work, we propose a low-cost modular methodology-Stealth Infection on Neural Network, namely “SIN2”, to demonstrate the novel and practical intelligent supply chain triggered neural Trojan attacks. Our “SIN2” well leverages the attacking opportunities built upon the static neural network model and the underlying dynamic runtime system of neural computing framework through a bunch of neural Trojaning techniques. We implement a variety of neural Trojan attacks in Linux sandbox by following proposed “SIN2”. Experimental results show that our modular design can rapidly produce and trigger various Trojan attacks that can easily evade the existing defenses.

Scalable Hardware Trojan Activation by Interleaving Concrete Simulation and Symbolic Execution

Abstract: Intellectual Property (IP) based System-on-Chip (SoC) design is a widely used practice today. The IPs gathered from third-party vendors may not be trustworthy since they may contain malicious implants (hardware Trojans). To avoid the detection of the Trojan, adversaries usually hide it under rare branches or rare assignments triggered under extremely rare input sequences. Due to exponential input space complexity, state-of-the-art constrained-random test generation methods are not suitable for activating these rare scenarios. While existing model checking based directed test generation approaches are promising, they are not capable of generating tests for large RTL designs due to the capacity restrictions of formal methods. In this paper, we propose an automated and scalable test generation approach for activation of hardware Trojans in RTL designs. This paper makes three important contributions. First, it provides a scalable test generation framework by effective utilization of symbolic execution and concrete simulation. Next, it is a fully automated approach for generating directed tests for activating rare branches and rare assignments. Finally, our experimental results demonstrate that the generated tests are able to activate hard-to-cover Trojans in large and complex RTL benchmarks.

The Hardware Trojan War Attacks, Myths, and Defenses

Abstract: Part I. Hardware Trojan Preliminaries -- Chapter 1.Introduction -- Chapter 2.Introduction to Hardware Trojans -- Part II. Hardware Trojan attacks: Threat Analysis -- Chapter 3.Hardware Trojan Attacks in SoC and NoC -- Chapter 4. Hardware IP Trust -- Chapter 5. Hardware Trojans in Analog, Mixed-Signal and RF ICs -- Chapter 6. Hardware Trojans and Piracy of PCBs -- Part III. Detection-Logic Testing -- Chapter 7. Logic Testing for Hardware Trojan Detection -- Chapter 8. Formal Approaches to Hardware Trust Verification -- Chapter 9. Golden-free Trojan Detection -- Part IV-Detection-Side Channel analysis -- Chapter 10. Detecting Hardware Trojans using Delay Analysis -- Chapter 11. Reverse-Engineering Based Hardware Trojan Detection -- Part VI. Emerging Trent, Inductrial Practices, New Attacks -- Chapter 15. Hardware Trust in Industrial SoC Designs: Practice and Challenges -- Chapter 16.Conclusion and Future Work.

Hardware IP Trust Validation: Learn (the Untrustworthy), and Verify

Abstract: Increasing reliance on hardware Intellectual Property (IP) cores in modern system-on-chip (SoC) design flow, often obtained from untrusted vendors distributed across the globe, can significantly compromise the security of SoCs. While the design could be verified for a specified functionality using existing tools, it is extremely hard to verify its trustworthiness to guarantee that no hidden, and possibly malicious function exists in the form of a hardware Trojan. Conventional verification process and tools fail to verify the trust of a third-party IP, primarily due to the lack of trusted reference design or golden models. In this paper, for the first time to our knowledge, we introduce a systematic framework to apply machine learning based classification for hardware IP trust verification. A supervised classifier could be trained for identifying Trojan nets within a suspect IP, but the detection coverage and accuracy are extremely sensitive to the quality of training set available. Furthermore, reliance on a static training database limits the classifier’s ability in detecting new Trojans and facilitates adversarial learning. The proposed framework includes a Trojan insertion tool that dynamically generates a large number of diverse implementations of Trojan classes for creating a robust training set. It is significantly more difficult for an adversary to evade our classifier using known Trojan classes since the tool dynamically samples the entire Trojan population. To further improve the efficiency of the system, we combined three machine learning models into an average probability Voting Ensemble. Our results for two broad classes of Trojan show excellent classification accuracy of 99.69% and 99.88% with F-score of 86.69% and 88.37% for sequential and combinational Trojans, respectively.

Prefetch-guard: Leveraging hardware prefetches to defend against cache timing channels

Abstract: Cache timing channels are a form of information leakage that operate through modulating cache access latencies and ultimately exfiltrate sensitive user information to adversaries. Among the many forms of timing channels, covert channels are particularly dangerous as they involve two insider processes (trojan and spy) colluding with each other to send out sensitive information, and are often difficult to detect or prevent. In this paper, we propose Prefetch-guard, an efficient and low-cost mitigation mechanism against cache-based timing channels. Prefetch-guard leverages hardware prefetchers to obfuscate the effect of timing modulation intentionally created by the trojan and spy. Our detection mechanism identifies the target cache sets that are being exploited for information leakage, and cache blocks are prefetched to fuzz the pattern of cache misses and hits created to construct timing channel between the trojan and the spy. With prefetch-guard, we observe that the cache timing channels suffer a 53% bit error rate which makes it very hard or impossible for the spy to decipher any useful information.

The Trojan Color Conundrum

Abstract: The Trojan asteroids of Jupiter and Neptune are likely to have been captured from original heliocentric orbits in the dynamically excited ("hot") population of the Kuiper belt. However, it has long been known that the optical color distributions of the Jovian Trojans and the hot population are not alike. This difference has been reconciled with the capture hypothesis by assuming that the Trojans were resurfaced (for example, by sublimation of near-surface volatiles) upon inward migration from the Kuiper belt (where blackbody temperatures are $\sim$40 K) to Jupiter's orbit ($\sim$125 K). Here, we examine the optical color distribution of the \textit{Neptunian} Trojans using a combination of new optical photometry and published data. We find a color distribution that is statistically indistinguishable from that of the Jovian Trojans but unlike any sub-population in the Kuiper belt. This result is puzzling, because the Neptunian Trojans are very cold (blackbody temperature $\sim$50 K) and a thermal process acting to modify the surface colors at Neptune's distance would also affect the Kuiper belt objects beyond, where the temperatures are nearly identical. The distinctive color distributions of the Jovian and Neptunian Trojans thus present us with a conundrum: they are very similar to each other, suggesting either capture from a common source or surface modification by a common process. However, the color distributions differ from any plausible common source population, and there is no known modifying process that could operate equally at both Jupiter and Neptune.

Detecting Hardware Trojans Inserted by Untrusted Foundry Using Physical Inspection and Advanced Image Processing

Abstract: Hardware Trojans are malicious changes to the design of integrated circuits (ICs) at different stages of the design and fabrication process. Different approaches have been developed to detect Trojans namely non-destructive and destructive testing. However, none of the previously developed methods can be used to detect all types of Trojans as they suffer from a number of disadvantages such as low speed of detection, low accuracy, low confidence level, and poor coverage of Trojan types. Majority of the hardware Trojans implemented in an IC will leave a footprint at the active layer. In this paper, we propose a new technique based on rapid backside SEM imaging and advanced computer vision algorithms to detect any subtle changes at the active region of transistors that can show the existence of a hardware Trojan. Here, we are only concerned with untrusted foundry problem, where it is assumed the attacker has access to a golden layout/image of the IC. This is a common threat model for those organizations that fully design their IC but need access to untrusted foundry for fabrication. SEM image from a backside thinned golden IC is compared with a low-quality SEM image of an IC under authentication (IUA). We perform image processing to both golden IC and IUA images to remove noise. We have developed a computer vision-based framework to detect hardware Trojans based on their structural similarity. The results demonstrate that our technique is quite effective at detecting Trojans and significantly faster than full chip reverse engineering. One of the major advantages of our technique is that it does not rely on the functionality of the circuit, rather the real physical structure to detect malicious changes performed by the untrusted foundry.

The TROY project: Searching for co-orbital bodies to known planets: I. Project goals and first results from archival radial velocity

Abstract: Context. The detection of Earth-like planets, exocomets or Kuiper belts show that the different components found in the solar system should also be present in other planetary systems. Trojans are one of these components and can be considered fossils of the first stages in the life of planetary systems. Their detection in extrasolar systems would open a new scientific window to investigate formation and migration processes. Aims. In this context, the main goal of the TROY project is to detect exotrojans for the first time and to measure their occurrence rate ( η -Trojan). In this first paper, we describe the goals and methodology of the project. Additionally, we used archival radial velocity data of 46 planetary systems to place upper limits on the mass of possible trojans and investigate the presence of co-orbital planets down to several tens of Earth masses. Methods. We used archival radial velocity data of 46 close-in ( P Results. We identify nine systems for which the archival data provide >1 σ evidence for a mass imbalance between L 4 and L 5 . Two of these systems provide >2 σ detection, but no significant detection is found among our sample. We also report upper limits to the masses at L 4 / L 5 in all studied systems and discuss the results in the context of previous findings.

Hardware Trojan attacks in embedded memory

Abstract: Embedded memory, typically implemented with Static Random Access Memory (SRAM) technology, is an integral part of modern processors and System-on-Chips (SoCs). The reliability and integrity of embedded SRAM arrays are essential to ensure dependable and trustworthy computing. In the past, significant research has been conducted to develop automated test algorithms aimed at comprehensively detecting SRAM faults. While such tests have advanced our ability to detect manufacturing imperfection induced faults, they cannot ensure detection of deliberately implemented design modifications, also known as hardware Trojans, in an SRAM array by untrusted entities in the design and fabrication flow. Indeed, these attacks constitute an emerging concern, since they can affect the integrity of fabricated ICs and cause severe consequences in the field. While a growing body of research addresses Trojan attacks in logic circuits, little to no research has explored these attacks in embedded memory arrays. In this paper, for the first time to our knowledge, we propose a new class of hardware Trojans targeting embedded SRAM arrays. The Trojans are designed to evade industry standard post-manufacturing memory tests (e.g. March test) while enabling targeted data tampering after deployment. We demonstrate various forms of Trojan circuits in SRAM that cause diverse malicious effects and have diverse activation conditions while incurring minimal overhead in power, performance, and stability. Further, the proposed layouts preserve the SRAM cell footprint and incur negligible silicon area overhead.

KIC 8462852: Will the Trojans return in 2021?

Abstract: KIC 8462852 stood out among more than 100,000 stars in the Kepler catalogue because of the strange features of its light curve: a wide, asymmetric dimming taking up to 15 per cent of the light at D793 and a period of multiple, narrow dimmings happening approximately 700 days later. Several models have been proposed to account for this abnormal behaviour, most of which require either unlikely causes or a finely-tuned timing. We aim at offering a relatively natural solution, invoking only phenomena that have been previously observed, although perhaps in larger or more massive versions. We model the system using a large, ringed body whose transit produces the first dimming and a swarm of Trojan objects sharing its orbit that causes the second period of multiple dimmings. The resulting orbital period is $T\approx12$ years, with a semi-major axis $a\approx6$ au. Our model allows us to make two straightforward predictions: we expect the passage of a new swarm of Trojans in front of the star starting during the early months of 2021, and a new transit of the main object during the first half of 2023.

Creation and detection of hardware trojans using non-invasive off-the-shelf technologies

Abstract: As a result of the globalisation of the semiconductor design and fabrication processes, integrated circuits are becoming increasingly vulnerable to malicious attacks. The most concerning threats are hardware trojans. A hardware trojan is a malicious inclusion or alteration to the existing design of an integrated circuit, with the possible effects ranging from leakage of sensitive information to the complete destruction of the integrated circuit itself. While the majority of existing detection schemes focus on test-time, they all require expensive methodologies to detect hardware trojans. Off-the-shelf approaches have often been overlooked due to limited hardware resources and detection accuracy. With the advances in technologies and the democratisation of open-source hardware, however, these tools enable the detection of hardware trojans at reduced costs during or after production. In this manuscript, a hardware trojan is created and emulated on a consumer FPGA board. The experiments to detect the trojan in a dormant and active state are made using off-the-shelf technologies taking advantage of different techniques such as Power Analysis Reports, Side Channel Analysis and Thermal Measurements. Furthermore, multiple attempts to detect the trojan are demonstrated and benchmarked. Our simulations result in a state-of-the-art methodology to accurately detect the trojan in both dormant and active states using off-the-shelf hardware.

R2D2: Runtime reassurance and detection of A2 Trojan

Abstract: With the globalization of semiconductor industry, hardware security issues have been gaining increasing attention. Among all hardware security threats, the insertion of hardware Trojans is one of the main concerns. Meanwhile, many current Trojan detection solutions follow the assumption that the hardware Trojan itself should be composed of digital logic. This assumption is invalidated by recently proposed analog Trojans which are extremely small and can detect rare events. This paper proposes a runtime hardware Trojan detection method which is geared towards detecting such advanced Trojans. The principle of this method is to guard a set of concerned signals, and initiate a hardware interrupt request when abnormal toggling events occur in these guarded signals. To prove the effectiveness of this method, we design a processor based on ARMv7-A&R ISA, and insert an analog Trojan into the processor. We fabricated the design in the SMIC 130 nm process and demonstrate the effectiveness of the proposed methodology.

EETD: An Energy Efficient Design for Runtime Hardware Trojan Detection in Untrusted Network-on-Chip

Abstract: Network-on-chip (NoC) is a communication intellectual property (IP) core, popularly used in the system-on-a-chip (SoC) designs. The NoC IP core often comes from an untrusted 3rd-party vendor and may have hardware Trojans. The Trojan in the NoC can eavesdrop packets, modify data and divert packet to the wrong location, hence, endangering system's confidentiality, integrity, and availability. However, if the activation probability of the Trojan is very low or the Trojan is never activated, a significant amount of energy is wasted due to authentication. The unnecessary authentication in such cases also greatly affects the system performance and availability. In this paper, we propose an energy efficient Trojan detection design (EETD) where the authentication gets activated only when the hardware Trojan has been triggered in the system. Our experimental results show that EETD improves the energy overhead and performance overhead by 38% and 40% as compared to the state-of-the-art technique on an 8×8 2D-mesh NoC. Our experiments, also show that EETD takes almost 10μs to localize 95% of the Trojan infected nodes.

Trojan Malware Image Pattern Classification

Abstract: The malicious data’s are grouped into various types of viruses such as Trojan, Trojan downloader and so on. The cyber security issues are increasing day to day. It is a challenging task for the network security and antivirus designers. Trojan malware family has been used to detect the newly arrived malicious data to a known group. It is a well popular research problem to detect and classify the Trojan viruses. This research issue is solved using image processing techniques. To identify the texture patterns of malware images is tedious task, because of the similarities present in the various malware families. In this proposed algorithm Gabor wavelet is used for key of feature extraction method. The dataset Malimng consists of the 25 malware variant families for each class max 300–1000 samples are there. The experimental results are analyzed compared with two classifications such as KNN and SVM. The texture patter classification accuracy is improved and false positive rate is decreased. The KNN gives accuracy 89.11% and SVM gives 75.11%.

Hardware Trojan Detection through Information Flow Security Verification

Abstract: Semiconductor design houses are increasingly becoming dependent on third party vendors to procure intellectual property (IP) and meet time-to-market constraints. However, these third party IPs cannot be trusted as hardware Trojans can be maliciously inserted into them by untrusted vendors. While different approaches have been proposed to detect Trojans in third party IPs, their limitations have not been extensively studied. In this paper, we analyze the limitations of the state-of-the-art Trojan detection techniques and demonstrate with experimental results how to defeat these detection mechanisms. We then propose a Trojan detection framework based on information flow security (IFS) verification. Our framework detects violation of IFS policies caused by Trojans without the need of white-box knowledge of the IP. We experimentally validate the efficacy of our proposed technique by accurately identifying Trojans in the trust-hub benchmarks. We also demonstrate that our technique does not share the limitations of the previously proposed Trojan detection techniques.

Modeling and test generation for combinational hardware Trojans

Abstract: Due to globalization of semiconductor manufacturing, appearance of malicious circuitry known as hardware Trojan is now a recognized security threat. A Trojan may be added to the verified netlist without the knowledge of the designer or user causing unexpected malfunction or data theft when the device is in use. In this research we devise tests that would detect a Trojan in a manufactured chip. We recognize that a Trojan must escape manufacturing tests provided with the netlist by the designer. Based on the two parts of a Trojan, namely, a trigger derived as a Boolean function of any set of signals and a payload (typically, an XOR gate) inserted on a signal line, we develop a test generation model. A single-line trigger combined with a single payload line gives a set of 2K × (K − 1) Trojans in this model for a circuit with K signal lines. Tests for these are shown to be vectors that detect “conditional stuck-at” faults, for which we give a test generation algorithm using standard ATPG tools. The model allows us to define and measure a Trojan coverage metric for tests. Results show scalability of these tests, besides being more effective in detecting real Trojans than N-detect stuck-at test vectors or random vectors.

Run Time Mitigation of Performance Degradation Hardware Trojan Attacks in Network on Chip

Abstract: Globalization of semiconductor design and manufacturing has led to several hardware security issues. The problem of Hardware Trojans (HT) is one such security issue discussed widely in industry and academia. Adversary design engineer can insert the HT to leak confidential data, cause a denial of service attack or any other intention specific to the design. HT in cryptographic modules and processors are widely discussed. HT in Multi-Processor System on Chips (MPSoC) are also catastrophic, as most of the military applications use MPSoCs. Network on Chips (NoC) are standard communication infrastructure in modern day MPSoC. In this paper, we present a novel hardware Trojan which is capable of inducing performance degradation and denial of service attacks in a NoC. The presence of the Hardware Trojan in a NoC can compromise the crucial details of packets communicated through NoC. The proposed Trojan is triggered by a particular complex bit pattern from input messages and tries to mislead the packets away from the destined addresses. A mitigation method based on bit shuffling mechanism inside the router with a key directly extracted from input message is proposed to limit the adverse effects of the Trojan. The performance of a 4x4 NoC is evaluated under uniform traffic with the proposed Trojan and mitigation method. Simulation results show that the proposed mitigation scheme is useful in limiting the malicious effect of hardware Trojan.

The TROY project - II. Multi-technique constraints on exotrojans in nine planetary systems

Abstract: Context. Co-orbital bodies are the byproduct of planet formation and evolution, as we know from the solar system. Although planet-size co-orbitals do not exists in our planetary system, dynamical studies show that they can remain stable for long periods of time in the gravitational well of massive planets. Should they exist, their detection is feasible with the current instrumentation. Aims: In this paper, we present new ground-based observations searching for these bodies co-orbiting with nine close-in (P < 5 days) planets, using various observing techniques. The combination of all of these techniques allows us to restrict the parameter space of any possible trojan in the system. Methods: We used multi-technique observations, comprised of radial velocity, precision photometry, and transit timing variations, both newly acquired in the context of the TROY project and publicly available, to constrain the presence of planet-size trojans in the Lagrangian points of nine known exoplanets. Results: We find no clear evidence of trojans in these nine systems through any of the techniques used down to the precision of the observations. However, this allows us to constrain the presence of any potential trojan in the system, especially in the trojan mass or radius vs. libration amplitude plane. In particular, we can set upper mass limits in the super-Earth mass regime for six of the studied systems. Based on observations collected at the Centro Astronomico Hispano Aleman (CAHA) at Calar Alto, operated jointly by the Max-Planck Institut fur Astronomie and the Instituto de Astrofisica de Andalucia (CSIC).Partly based on data obtained with the STELLA robotic telescopes in Tenerife, an AIP facility jointly operated by AIP and IAC.Based on observations collected at the European Organisation for Astronomical Research in the Southern Hemisphere under ESO programs 297.C-5051, 098.C-0440(A), and 298.C-5009

The Trojan Color Conundrum

Abstract: The Trojan asteroids of Jupiter and Neptune are likely to have been captured from original heliocentric orbits in the dynamically excited ("hot") population of the Kuiper belt. However, it has long been known that the optical color distributions of the Jovian Trojans and the hot population are not alike. This difference has been reconciled with the capture hypothesis by assuming that the Trojans were resurfaced (for example, by sublimation of near-surface volatiles) upon inward migration from the Kuiper belt (where blackbody temperatures are $\sim$40 K) to Jupiter's orbit ($\sim$125 K). Here, we examine the optical color distribution of the \textit{Neptunian} Trojans using a combination of new optical photometry and published data. We find a color distribution that is statistically indistinguishable from that of the Jovian Trojans but unlike any sub-population in the Kuiper belt. This result is puzzling, because the Neptunian Trojans are very cold (blackbody temperature $\sim$50 K) and a thermal process acting to modify the surface colors at Neptune's distance would also affect the Kuiper belt objects beyond, where the temperatures are nearly identical. The distinctive color distributions of the Jovian and Neptunian Trojans thus present us with a conundrum: they are very similar to each other, suggesting either capture from a common source or surface modification by a common process. However, the color distributions differ from any plausible common source population, and there is no known modifying process that could operate equally at both Jupiter and Neptune.

Variation-Aware Hardware Trojan Detection through Power Side-channel

Abstract: A hardware Trojan (HT) denotes the malicious addition or modification of circuit elements. The purpose of this work is to improve the HT detection sensitivity in ICs using power side-channel analysis. This paper presents three detection techniques in power based side-channel analysis by increasing Trojan-to-circuit power consumption and reducing the variation effect in the detection threshold. Incorporating the three proposed methods has demonstrated that a realistic fine-grain circuit partitioning and an improved pattern set to increase HT activation chances can magnify Trojan detectability.

If I Had a Million Cryptos: Cryptowallet Application Analysis and a Trojan Proof-of-Concept

Abstract: Cryptocurrencies have gained wide adoption by enthusiasts and investors. In this work, we examine seven different Android cryptowallet applications for forensic artifacts, but we also assess their security against tampering and reverse engineering. Some of the biggest benefits of cryptocurrency is its security and relative anonymity. For this reason it is vital that wallet applications share the same properties. Our work, however, indicates that this is not the case. Five of the seven applications we tested do not implement basic security measures against reverse engineering. Three of the applications stored sensitive information, like wallet private keys, insecurely and one was able to be decrypted with some effort. One of the applications did not require root access to retrieve the data. We were also able to implement a proof-of-concept trojan which exemplifies how a malicious actor may exploit the lack of security in these applications and exfiltrate user data and cryptocurrency.

The TROY project: II. Multi-technique constraints on exotrojans in nine planetary systems.

Abstract: Co-orbital bodies are the byproduct of planet formation and evolution, as we know from the Solar System. Although planet-size co-orbitals do not exists in our planetary system, dynamical studies show that they can remain stable for long periods of time in the gravitational well of massive planets. Should they exist, their detection is feasible with the current instrumentation. In this paper, we present new ground-based observations searching for these bodies co-orbiting with nine close-in (P<5 days) planets, using different observing techniques. The combination of all of them allows us to restrict the parameter space of any possible trojan in the system. We use multi-technique observations (radial velocity, precision photometry and transit timing variations), both newly acquired in the context of the TROY project and publicly available, to constrain the presence of planet-size trojans in the Lagrangian points of nine known exoplanets. We find no clear evidence of trojans in these nine systems through any of the techniques used down to the precision of the observations. However, this allows us to constrain the presence of any potential trojan in the system, specially in the trojan mass/radius versus libration amplitude plane. In particular, we can set upper mass limits in the super-Earth mass regime for six of the studied systems.

Suspicious domain name detection method and device

Abstract: A suspicious domain name detection method and a device relate to the network safety field; the embodiment of the application can utilize a zombie Trojan system detection log and a DNS log to detect the IP address of a suspicious domain name; the method comprises the following steps: obtaining the IP address of an active zombie Trojan control end according to the zombie Trojan system detection log;obtaining a corresponding relation between the IP address and the domain name in a detection period according to the DNS log; obtaining an IP address with a corresponding domain name number bigger than a second threshold; extracting a key domain name string of each domain name corresponding to the IP address, calculating the appearance frequency of the character in a preset scope, wherein the preset scope comprises key domain name strings of all domain names corresponding to the IP address; using a cluster algorithm to cluster the IP addresses; determining a suspicious point cluster accordingto the number of active zombie Trojan points contained by each point cluster; determining the IP address included by the suspicious point cluster as the IP address corresponding to the suspicious domain name. The method and device are used for detecting suspicious domain names.