The goal of a hardware attack is to physically access a digital system to obtain secret information or
modify the system behavior. These attacks can be classified as covert or overt based on the awareness of
the attack. Each hardware attack has capabilities as well as objectives. Some employ hardware trojans,
which are inserted during, manufacture, while others monitor system emissions. Once a hardware attack
has been identified, mitigation techniques should be employed to protect the system. There are now a wide
variety of techniques, which can be used against hardware attacks. In this paper, a comprehensive survey
of hardware attack mitigation techniques is presented. These techniques are matched to the hardware
attacks and attack criteria they can counter, which helps security personnel choose appropriate mitigation
techniques to protect their systems against hardware attacks. An example is presented to illustrate the
choice of appropriate countermeasures.
Detecting and Preventing Attacks Using Network Intrusion Detection SystemsCSCJournals
Intrusion detection is an important technology in business sector as well as an active area of research. It is an important tool for information security. A Network Intrusion Detection System is used to monitor networks for attacks or intrusions and report these intrusions to the administrator in order to take evasive action. Today computers are part of networked; distributed systems that may span multiple buildings sometimes located thousands of miles apart. The network of such a system is a pathway for communication between the computers in the distributed system. The network is also a pathway for intrusion. This system is designed to detect and combat some common attacks on network systems. It follows the signature based IDs methodology for ascertaining attacks. A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats. It has been implemented in VC++. In this system the attack log displays the list of attacks to the administrator for evasive action. This system works as an alert device in the event of attacks directed towards an entire network.
A Novel Key Generation Technique Used In Tablets and Smart PhonesIJERA Editor
Mobile devices like smart phones and tablets are whirling into an automobile for prolific and gainful loom to
way in, come across and contribute to information or data. However, lack of the well-organized and apposite
safekeeping procedures has cemented manner for the cyber-attackers to get this information and mishandling it
for their own intention. Data seepage ensuing from device trouncing or thievery is foremost sanctuary risk allied
with the smart phones and other mobile devices. One way to shield the data is to employ encryption/decryption
performance. Though there is many encryption/decryption technique vacant but the largest part of them are
predisposed to diverse attacks. Another problem is there is no apposite encryption/decryption process for end
point to end point asylum (between two or additional phones).We proposed novel key generation techniques to
be worn in encryption/decryption course of action. The same procedure can also be used for end point to end
point sheltered communication. These techniques have been veteran against diverse attacks on real android
devices and it has been bring into being that it withstands all types of attacks. The time of key descent for
various smart phones has been pragmatic and it shows that it doesn’t slow down the devices.
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
Enhanced method for intrusion detection over kdd cup 99 datasetijctet
This document discusses an enhanced method for intrusion detection using the KDD Cup 99 dataset. It aims to improve the accuracy of the dataset by analyzing the contribution of different attack classes to metrics like true positive rate and precision. The study examines these evaluation metrics for an intrusion detection system to identify which attack classes most impact recall and precision. The goal is to help improve the quality of the KDD Cup 99 dataset to achieve higher accuracy with lower false positives.
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...IJNSA Journal
In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs. However, security is one of the significant challenges for sensor network because of their deployment in open and unprotected environment. As cryptographic mechanism is not enough to protect sensor network from external attacks, intrusion detection system needs to be introduced. Though intrusion prevention mechanism is one of the major and efficient methods against attacks, but there might be some attacks for which prevention method is not known. Besides preventing the system from some known attacks, intrusion detection system gather necessary information related to attack technique and help in the development of intrusion prevention system. In addition to reviewing the present attacks available in wireless sensor network this paper examines the current efforts to intrusion detection
system against wireless sensor network. In this paper we propose a hierarchical architectural design based intrusion detection system that fits the current demands and restrictions of wireless ad hoc sensor network. In this proposed intrusion detection system architecture we followed clustering mechanism to build a four level hierarchical network which enhances network scalability to large geographical area and use both anomaly and misuse detection techniques for intrusion detection. We introduce policy based detection mechanism as well as intrusion response together with GSM cell concept for intrusion detection architecture.
This document discusses network intrusion detection systems (NIDS) and their ability to handle high-speed traffic. It introduces NIDS and their role in monitoring network traffic. The document presents an experiment that tests the open-source NIDS Snort under high-volume traffic. The experiment shows that Snort drops more packets as traffic speed and volume increases, demonstrating a weakness of NIDS in high-speed environments. It suggests using a parallel NIDS technique to help NIDS better handle high-speed network traffic and reduce packet dropping.
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
This document reviews security challenges and potential solutions for implantable medical devices (IMDs). IMDs contain wireless capabilities that enable remote monitoring but also expose them to security attacks. The document discusses IMD architecture and security requirements, including the need to balance security with accessibility during emergencies. It then reviews several security solutions for supporting emergency access, regular check-ups, and addressing IMD resource constraints. Proposed approaches include using external proxies, biometrics, proximity, key distribution schemes, lightweight algorithms, and energy harvesting. The document concludes by discussing future work areas like safety prioritizing security and decoupling IMD design.
Detecting and Preventing Attacks Using Network Intrusion Detection SystemsCSCJournals
Intrusion detection is an important technology in business sector as well as an active area of research. It is an important tool for information security. A Network Intrusion Detection System is used to monitor networks for attacks or intrusions and report these intrusions to the administrator in order to take evasive action. Today computers are part of networked; distributed systems that may span multiple buildings sometimes located thousands of miles apart. The network of such a system is a pathway for communication between the computers in the distributed system. The network is also a pathway for intrusion. This system is designed to detect and combat some common attacks on network systems. It follows the signature based IDs methodology for ascertaining attacks. A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats. It has been implemented in VC++. In this system the attack log displays the list of attacks to the administrator for evasive action. This system works as an alert device in the event of attacks directed towards an entire network.
A Novel Key Generation Technique Used In Tablets and Smart PhonesIJERA Editor
Mobile devices like smart phones and tablets are whirling into an automobile for prolific and gainful loom to
way in, come across and contribute to information or data. However, lack of the well-organized and apposite
safekeeping procedures has cemented manner for the cyber-attackers to get this information and mishandling it
for their own intention. Data seepage ensuing from device trouncing or thievery is foremost sanctuary risk allied
with the smart phones and other mobile devices. One way to shield the data is to employ encryption/decryption
performance. Though there is many encryption/decryption technique vacant but the largest part of them are
predisposed to diverse attacks. Another problem is there is no apposite encryption/decryption process for end
point to end point asylum (between two or additional phones).We proposed novel key generation techniques to
be worn in encryption/decryption course of action. The same procedure can also be used for end point to end
point sheltered communication. These techniques have been veteran against diverse attacks on real android
devices and it has been bring into being that it withstands all types of attacks. The time of key descent for
various smart phones has been pragmatic and it shows that it doesn’t slow down the devices.
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
Enhanced method for intrusion detection over kdd cup 99 datasetijctet
This document discusses an enhanced method for intrusion detection using the KDD Cup 99 dataset. It aims to improve the accuracy of the dataset by analyzing the contribution of different attack classes to metrics like true positive rate and precision. The study examines these evaluation metrics for an intrusion detection system to identify which attack classes most impact recall and precision. The goal is to help improve the quality of the KDD Cup 99 dataset to achieve higher accuracy with lower false positives.
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...IJNSA Journal
In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs. However, security is one of the significant challenges for sensor network because of their deployment in open and unprotected environment. As cryptographic mechanism is not enough to protect sensor network from external attacks, intrusion detection system needs to be introduced. Though intrusion prevention mechanism is one of the major and efficient methods against attacks, but there might be some attacks for which prevention method is not known. Besides preventing the system from some known attacks, intrusion detection system gather necessary information related to attack technique and help in the development of intrusion prevention system. In addition to reviewing the present attacks available in wireless sensor network this paper examines the current efforts to intrusion detection
system against wireless sensor network. In this paper we propose a hierarchical architectural design based intrusion detection system that fits the current demands and restrictions of wireless ad hoc sensor network. In this proposed intrusion detection system architecture we followed clustering mechanism to build a four level hierarchical network which enhances network scalability to large geographical area and use both anomaly and misuse detection techniques for intrusion detection. We introduce policy based detection mechanism as well as intrusion response together with GSM cell concept for intrusion detection architecture.
This document discusses network intrusion detection systems (NIDS) and their ability to handle high-speed traffic. It introduces NIDS and their role in monitoring network traffic. The document presents an experiment that tests the open-source NIDS Snort under high-volume traffic. The experiment shows that Snort drops more packets as traffic speed and volume increases, demonstrating a weakness of NIDS in high-speed environments. It suggests using a parallel NIDS technique to help NIDS better handle high-speed network traffic and reduce packet dropping.
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
This document reviews security challenges and potential solutions for implantable medical devices (IMDs). IMDs contain wireless capabilities that enable remote monitoring but also expose them to security attacks. The document discusses IMD architecture and security requirements, including the need to balance security with accessibility during emergencies. It then reviews several security solutions for supporting emergency access, regular check-ups, and addressing IMD resource constraints. Proposed approaches include using external proxies, biometrics, proximity, key distribution schemes, lightweight algorithms, and energy harvesting. The document concludes by discussing future work areas like safety prioritizing security and decoupling IMD design.
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATAijp2p
The objective of the proposed system is to integrate the high volume of data along with the important
considerations like monitoring a wide array of heterogeneous security. When a real time cyber attack
occurred, the Intrusion Detection System automatically store the log in distributed environment and
monitor the log with existing intrusion dictionary. At the same time the system will check and categorize the
severity of the log to high, medium, and low respectively. After the categorization, the system will
automatically take necessary action against the user-unit with respect to the severity of the log. The
advantage of the system is that it utilize anomaly detection, evaluates data and issue alert message or
reports based on abnormal behaviour.
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...IJNSA Journal
Intrusion Detection and/or Prevention Systems (IDPS) represent an important line of defence against a variety of attacks that can compromise the security and proper functioning of an enterprise information system. Along with the widespread evolution of new emerging services, the quantity and impact of attacks have continuously increased, attackers continuously find vulnerabilities at various levels, from the network itself to operating system and applications, exploit them to crack system and services. Network defence and network monitoring has become an essential component of computer security to predict and prevent attacks. Unlike traditional Intrusion Detection System (IDS), Intrusion Detection and Prevention System (IDPS) have additional features to secure computer networks.
In this paper, we present a detailed study of how deployment of an IDPS plays a key role in its performance and the ability to detect and prevent known as well as unknown attacks. We categorize IDPS based on deployment as Network-based, host-based, and Perimeter-based and Hybrid. A detailed comparison is shown in this paper and finally we justify our proposed solution, which deploys agents at host-level to give better performance in terms of reduced rate of false positives and accurate detection and prevention.
As the Supervisory Control and Data Acquisition (SCADA) system are deployed in infrastructures which are critical to the survival of a nation, they have emerged as a potential terrain for cyber-war, thus attracting the considered attention of ‘nation-states’. The analysis of worms like ‘stuxnet’ ‘flame’ and ‘duqu’ reveals the hand of a ‘nation-state’ in their design and deployment. Hence, the necessity to understand various issues in the defence of SCADA systems arises. The forensics of the SCADA system provide deep insight into the design and deployment of the worm (the malware) once the system is attacked. This is precisely the scope of this essay.
A technical review and comparative analysis of machine learning techniques fo...IJECEIAES
Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyber attacks at the network-level and the host-level in a timely and automatic manner. However, Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Generally Mobile Ad Hoc Networks have given the low physical security for mobile devices, because of the properties such as node mobility, lack of centralized management and limited bandwidth. To tackle these security issues, traditional cryptography schemes can-not completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying Deep learning methods techniques in IDS are capable of adapting the dynamic environments of MANETs and enables the system to make decisions on intrusion while continuing to learn about their mobile environment. An IDS in MANET is a sensoring mechanism that monitors nodes and network activities in order to detect malicious actions and malicious attempt performed by Intruders. Recently, multiple deep learning approaches have been proposed to enhance the performance of intrusion detection system. In this paper, we made a systematic comparison of three models, Inceprtion architecture convolutional neural network (Inception-CNN), Bidirectional long short-term memory (BLSTM) and deep belief network (DBN) on the deep learning-based intrusion detection systems, using the NSL-KDD dataset containing information about intrusion and regular network connections, the goal is to provide basic guidance on the choice of deep learning models in MANET.
Critical infrastructure Protection and Cyber Attack ModelingBlaz Ivanc
The document discusses cyber attacks on critical infrastructure and industrial control systems. It describes common attack types like response injection, command injection, and denial of service attacks. Specific vulnerabilities of communication protocols and lack of authentication are discussed. The document also examines the Stuxnet attack scenario and how it compromised Iranian uranium enrichment facilities by targeting programmable logic controllers. Recommendations are made to improve cyber defense of critical infrastructure.
Novel Advances in Measuring and Preventing Software Security Weakness: Contin...theijes
Software weaknesses in design, architecture, code and deployment have led to software vulnerability exploited by the perpetrators. Although counter measure tools have been developed such as patch management systems, firewalls and antivirus, but the perpetrators have advance sophisticated tools such malware with crypto-lock and crypto-wall technologies. The current counter measures technologies are based on detection and respond model or risk management framework, which are no match to the attacker’s technologies based on speed technologies such as machine generated malwares and precision or stealth technologies such as command-andcontrol node malwares. Although lots of ink has been poured on advances in measuring and preventing software weakness on the detection and respond concept,this study is motivated to explore the state-of-art advances specifically on the novel concept of Continuous Trust Restoration (CTR). The Continuous Trust Restoration is a process of breaking down attacker’s activities kill chain and restoring the system trust. The CTR concept deploys speed, precision and stealth technologies on random route mutation, random host mutation, hypervisors, trust boot, software identities and software define infrastructure. Moreover, to deploy these technologies the study further explores a common security architectural framework with software metrics such as CVE (Common Vulnerability and Exposure), CWE (Common Weakness Enumeration), CVSS (Common Vulnerability Scoring System), CWSS (Common Weakness Scoring System), and CAPEC (Common Attack Pattern Enumeration and Classification). Finally, the study recommends a software security counter measures research paradigm shift from the current detection and respond models to Continuous Trust Restoration concept and from risk management frameworks to a Common Security Architectural Framework.
Implementing a Robust Network-Based Intrusion Detection Systemtheijes
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
The papers for publication in The International Journal of Engineering& Science are selected through rigorous peer reviews to ensure originality, timeliness, relevance, and readability.
Network Forensics is scientifically proven technique to accumulate, perceive, identify, examine, associate, analyse and document digital evidence from multiple systems for the purpose of uncovering the fact of attacks and other problem incident as well as performing the action to recover from the attack. Many systems are proposed for designing the network forensic systems. In this paper we have prepared comparative analysis of various models based on different techniques.
This document provides an overview of trusted computing concepts including:
- Defining security and how it can be violated through hardware and software flaws
- Explaining key terms like trust, trustworthy, and trusted computing
- Describing major trusted computing components like the endorsement key, sealed storage, remote attestation, and direct anonymous attestation
- Discussing issues around privacy, anonymity, and digital rights management in trusted computing systems
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...IJNSA Journal
With the ever increasing number and diverse type of attacks, including new and previously unseen attacks, the effectiveness of an Intrusion Detection System is very important. Hence there is high demand to reduce the threat level in networks to ensure the data and services offered by them to be more secure. In this paper we developed an effective test suite for improving the efficiency and accuracy of an intrusion detection system using the layered CRFs. We set up different types of checks at multiple levels in each layer. Our framework examines various attributes at every layer in order to effectively identify any breach of security. Once the attack is detected, it is intimated through mobile phone to the system administrator for safeguarding the server system. We established experimentally that the layered CRFs can thus be more effective in detecting intrusions when compared with the other previously known techniques.
Cybersecurity involves protecting individuals, businesses, and governments from cyber threats on computers and the internet. It is a broad field that includes threat analysis, security technologies, policies and laws. Cybersecurity problems stem from technical issues as well as human and organizational factors. It aims to prevent malicious cyber attacks and accidental damage. Attacks can come from inside or outside an organization and include fraud, spying, stalking, assault, and warfare between nations. The scale of the problem is large but difficult to measure fully. Cybersecurity issues have arisen because the internet was not designed with security in mind and prioritizes convenience, while widespread connectivity has increased risks.
Network Threat Characterization in Multiple Intrusion Perspectives using Data...IJNSA Journal
For effective security incidence response on the network, a reputable approach must be in place at both protected and unprotected region of the network. This is because compromise in the demilitarized zone could be precursor to threat inside the network. The improved complexity of attacks in present times and vulnerability of system are motivations for this work. Past and present approaches to intrusion detection and prevention have neglected victim and attacker properties despite the fact that for intrusion to occur, an overt act by an attacker and a manifestation, observable by the intended victim, which results from that act are required. Therefore, this paper presents a threat characterization model for attacks from the victim and the attacker perspective of intrusion using data mining technique. The data mining technique combines Frequent Temporal Sequence Association Mining and Fuzzy Logic. Apriori Association Mining algorithm was used to mine temporal rule patterns from alert sequences while Fuzzy Control System was used to rate exploits. The results of the experiment show that accurate threat characterization in multiple intrusion perspectives could be actualized using Fuzzy Association Mining. Also, the results proved that sequence of exploits could be used to rate threat and are motivated by victim properties and attacker objectives.
- Wireless sensor networks are vulnerable to security attacks due to their distributed nature, multi-hop communication, and lack of resources. Intrusion detection systems play an important role in detecting attacks.
- There are three main types of intrusion detection systems: signature-based, anomaly-based, and specification-based (a hybrid of the two). Signature-based systems detect known attacks but miss new ones, while anomaly-based systems can detect new attacks but have high false positives.
- The paper compares these intrusion detection systems for wireless sensor networks and finds that anomaly-based systems have the lowest resource usage but may miss known attacks, while signature-based systems detect known attacks but use more resources. The best approach
Current Studies On Intrusion Detection System, Genetic Algorithm And Fuzzy Logicijdpsjournal
This document summarizes a research paper on current studies of intrusion detection systems using genetic algorithms and fuzzy logic. The paper presents an overview of intrusion detection systems, including different techniques like misuse detection and anomaly detection. It discusses using genetic algorithms to generate fuzzy rules to characterize normal and abnormal network behavior in order to reduce false alarms. The paper also outlines the dataset, genetic algorithm approach, and use of fuzzy logic that are proposed for the intrusion detection system.
DESIGN AND EFFICIENT DEPLOYMENT OF HONEYPOT AND DYNAMIC RULE BASED LIVE NETWO...IJNSA Journal
The continuously emerging, operationally and managerially independent, geographically distributed computer networks deployable in an evolutionarily manner have created greater challenges in securing them. Several research works and experiments have convinced the security expert that Network Intrusion Detection Systems (NIDS) or Network Intrusion Prevention Systems (NIPS) alone are not capable of securing the Computer Networks from internal and external threats completely. In this paper we present the design of Intrusion Collaborative System which is a combination of NIDS,NIPS, Honeypots, software tools like nmap, iptables etc. Our Design is tested against existing attacks based on Snort Rules and several customized DDOS , remote and guest attacks. Dynamic rules are generated during every unusual behavior that helps Intrusion Collaborative System to continuously learn about new attacks. Also a formal approach to deploy Live Intrusion Collaboration Systems based on System of Systems Concept is Proposed.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
A NOVEL SECURITY PROTOCOL FOR WIRELESS SENSOR NETWORKS BASED ON ELLIPTIC CURV...IJCNCJournal
With the growing usage of wireless sensors in a variety of applications including Internet of Things, the security aspects of wireless sensor networks have been on priority for the researchers. Due to the constraints of resources in wireless sensor networks, it has been always a challenge to design efficient security protocols for wireless sensor networks. An novel elliptic curve signcryption based security protocol for wireless sensor networks has been presented in this paper, which provides anonymity, confidentiality, mutual authentication, forward security, secure key establishment, and key privacy at the same time providing resistance from replay attack, impersonation attack, insider attack, offline dictionary attack, and stolen-verifier attack. Results have revealed that the proposed elliptic curve signcryption based protocol consumes the least time in comparison to other protocols while providing the highest level of security.
Network infrastructures have played important part in most daily communications for business industries,
social networking, government sectors and etc. Despites the advantages that came from such
functionalities, security threats have become a daily struggle. One major security threat is hacking.
Consequently, security experts and researchers have suggested possible security solutions such as
Firewalls, Intrusion Detection Systems (IDS), Intrusion Detection and Prevention Systems (IDP) and
Honeynet. Yet, none of these solutions have proven their ability to completely address hacking. The reason
behind that, there is a few researches that examine the behavior of hackers. This paper formally and
practically examines in details the behavior of hackers and their targeted environments. Moreover, this
paper formally examines the properties of one essential pre-hacking step called scanning and highlights its
importance in developing hacking strategies. Also, it illustrates the properties of hacking that is common in
most hacking strategies to assist security experts and researchers towards minimizing the risk of hack.
DETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIESIJNSA Journal
Network infrastructures have played important part in most daily communications for business industries, social networking, government sectors and etc. Despites the advantages that came from such functionalities, security threats have become a daily struggle. One major security threat is hacking. Consequently, security experts and researchers have suggested possible security solutions such as Firewalls, Intrusion Detection Systems (IDS), Intrusion Detection and Prevention Systems (IDP) and Honeynet. Yet, none of these solutions have proven their ability to completely address hacking. The reason behind that, there is a few researches that examine the behavior of hackers. This paper formally and practically examines in details the behavior of hackers and their targeted environments. Moreover, this paper formally examines the properties of one essential pre-hacking step called scanning and highlights its importance in developing hacking strategies. Also, it illustrates the properties of hacking that is common in most hacking strategies to assist security experts and researchers towards minimizing the risk of hack.
Modification data attack inside computer systems: A critical reviewCSITiaesprime
This paper is a review of types of modification data attack based on computer systems and it explores the vulnerabilities and mitigations. Altering information is a kind of cyber-attack during which intruders interfere, catch, alter, take, or erase critical data on the personal computers (PCs) and applications through using network exploit or by running malicious executable codes on victim's system. One of the most difficult and trendy areas in information security is to protect the sensitive information and secure devices from any kind of threats. Latest advancements in information technology in the field of information security reveal huge amount of budget funded for and spent on developing and addressing security threats to mitigate them. This helps in a variety of settings such as military, business, science, and entertainment. Considering all concerns, the security issues almost always come at first as the most critical concerns in the modern time. As a matter of fact, there is no ultimate security solution; although recent developments in security analysis are finding daily vulnerabilities, there are many motivations to spend billions of dollars to ensure there are vulnerabilities waiting for any kind of breach or exploit to penetrate into the systems and networks and achieve particular interests. In terms of modifying data and information, from old-fashioned attacks to recent cyber ones, all of the attacks are using the same signature: either controlling data streams to easily breach system protections or using non-control-data attack approaches. Both methods can damage applications which work on decision-making data, user input data, configuration data, or user identity data to a large extent. In this review paper, we have tried to express trends of vulnerabilities in the network protocols’ applications.
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATAijp2p
The objective of the proposed system is to integrate the high volume of data along with the important
considerations like monitoring a wide array of heterogeneous security. When a real time cyber attack
occurred, the Intrusion Detection System automatically store the log in distributed environment and
monitor the log with existing intrusion dictionary. At the same time the system will check and categorize the
severity of the log to high, medium, and low respectively. After the categorization, the system will
automatically take necessary action against the user-unit with respect to the severity of the log. The
advantage of the system is that it utilize anomaly detection, evaluates data and issue alert message or
reports based on abnormal behaviour.
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...IJNSA Journal
Intrusion Detection and/or Prevention Systems (IDPS) represent an important line of defence against a variety of attacks that can compromise the security and proper functioning of an enterprise information system. Along with the widespread evolution of new emerging services, the quantity and impact of attacks have continuously increased, attackers continuously find vulnerabilities at various levels, from the network itself to operating system and applications, exploit them to crack system and services. Network defence and network monitoring has become an essential component of computer security to predict and prevent attacks. Unlike traditional Intrusion Detection System (IDS), Intrusion Detection and Prevention System (IDPS) have additional features to secure computer networks.
In this paper, we present a detailed study of how deployment of an IDPS plays a key role in its performance and the ability to detect and prevent known as well as unknown attacks. We categorize IDPS based on deployment as Network-based, host-based, and Perimeter-based and Hybrid. A detailed comparison is shown in this paper and finally we justify our proposed solution, which deploys agents at host-level to give better performance in terms of reduced rate of false positives and accurate detection and prevention.
As the Supervisory Control and Data Acquisition (SCADA) system are deployed in infrastructures which are critical to the survival of a nation, they have emerged as a potential terrain for cyber-war, thus attracting the considered attention of ‘nation-states’. The analysis of worms like ‘stuxnet’ ‘flame’ and ‘duqu’ reveals the hand of a ‘nation-state’ in their design and deployment. Hence, the necessity to understand various issues in the defence of SCADA systems arises. The forensics of the SCADA system provide deep insight into the design and deployment of the worm (the malware) once the system is attacked. This is precisely the scope of this essay.
A technical review and comparative analysis of machine learning techniques fo...IJECEIAES
Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyber attacks at the network-level and the host-level in a timely and automatic manner. However, Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Generally Mobile Ad Hoc Networks have given the low physical security for mobile devices, because of the properties such as node mobility, lack of centralized management and limited bandwidth. To tackle these security issues, traditional cryptography schemes can-not completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying Deep learning methods techniques in IDS are capable of adapting the dynamic environments of MANETs and enables the system to make decisions on intrusion while continuing to learn about their mobile environment. An IDS in MANET is a sensoring mechanism that monitors nodes and network activities in order to detect malicious actions and malicious attempt performed by Intruders. Recently, multiple deep learning approaches have been proposed to enhance the performance of intrusion detection system. In this paper, we made a systematic comparison of three models, Inceprtion architecture convolutional neural network (Inception-CNN), Bidirectional long short-term memory (BLSTM) and deep belief network (DBN) on the deep learning-based intrusion detection systems, using the NSL-KDD dataset containing information about intrusion and regular network connections, the goal is to provide basic guidance on the choice of deep learning models in MANET.
Critical infrastructure Protection and Cyber Attack ModelingBlaz Ivanc
The document discusses cyber attacks on critical infrastructure and industrial control systems. It describes common attack types like response injection, command injection, and denial of service attacks. Specific vulnerabilities of communication protocols and lack of authentication are discussed. The document also examines the Stuxnet attack scenario and how it compromised Iranian uranium enrichment facilities by targeting programmable logic controllers. Recommendations are made to improve cyber defense of critical infrastructure.
Novel Advances in Measuring and Preventing Software Security Weakness: Contin...theijes
Software weaknesses in design, architecture, code and deployment have led to software vulnerability exploited by the perpetrators. Although counter measure tools have been developed such as patch management systems, firewalls and antivirus, but the perpetrators have advance sophisticated tools such malware with crypto-lock and crypto-wall technologies. The current counter measures technologies are based on detection and respond model or risk management framework, which are no match to the attacker’s technologies based on speed technologies such as machine generated malwares and precision or stealth technologies such as command-andcontrol node malwares. Although lots of ink has been poured on advances in measuring and preventing software weakness on the detection and respond concept,this study is motivated to explore the state-of-art advances specifically on the novel concept of Continuous Trust Restoration (CTR). The Continuous Trust Restoration is a process of breaking down attacker’s activities kill chain and restoring the system trust. The CTR concept deploys speed, precision and stealth technologies on random route mutation, random host mutation, hypervisors, trust boot, software identities and software define infrastructure. Moreover, to deploy these technologies the study further explores a common security architectural framework with software metrics such as CVE (Common Vulnerability and Exposure), CWE (Common Weakness Enumeration), CVSS (Common Vulnerability Scoring System), CWSS (Common Weakness Scoring System), and CAPEC (Common Attack Pattern Enumeration and Classification). Finally, the study recommends a software security counter measures research paradigm shift from the current detection and respond models to Continuous Trust Restoration concept and from risk management frameworks to a Common Security Architectural Framework.
Implementing a Robust Network-Based Intrusion Detection Systemtheijes
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
The papers for publication in The International Journal of Engineering& Science are selected through rigorous peer reviews to ensure originality, timeliness, relevance, and readability.
Network Forensics is scientifically proven technique to accumulate, perceive, identify, examine, associate, analyse and document digital evidence from multiple systems for the purpose of uncovering the fact of attacks and other problem incident as well as performing the action to recover from the attack. Many systems are proposed for designing the network forensic systems. In this paper we have prepared comparative analysis of various models based on different techniques.
This document provides an overview of trusted computing concepts including:
- Defining security and how it can be violated through hardware and software flaws
- Explaining key terms like trust, trustworthy, and trusted computing
- Describing major trusted computing components like the endorsement key, sealed storage, remote attestation, and direct anonymous attestation
- Discussing issues around privacy, anonymity, and digital rights management in trusted computing systems
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...IJNSA Journal
With the ever increasing number and diverse type of attacks, including new and previously unseen attacks, the effectiveness of an Intrusion Detection System is very important. Hence there is high demand to reduce the threat level in networks to ensure the data and services offered by them to be more secure. In this paper we developed an effective test suite for improving the efficiency and accuracy of an intrusion detection system using the layered CRFs. We set up different types of checks at multiple levels in each layer. Our framework examines various attributes at every layer in order to effectively identify any breach of security. Once the attack is detected, it is intimated through mobile phone to the system administrator for safeguarding the server system. We established experimentally that the layered CRFs can thus be more effective in detecting intrusions when compared with the other previously known techniques.
Cybersecurity involves protecting individuals, businesses, and governments from cyber threats on computers and the internet. It is a broad field that includes threat analysis, security technologies, policies and laws. Cybersecurity problems stem from technical issues as well as human and organizational factors. It aims to prevent malicious cyber attacks and accidental damage. Attacks can come from inside or outside an organization and include fraud, spying, stalking, assault, and warfare between nations. The scale of the problem is large but difficult to measure fully. Cybersecurity issues have arisen because the internet was not designed with security in mind and prioritizes convenience, while widespread connectivity has increased risks.
Network Threat Characterization in Multiple Intrusion Perspectives using Data...IJNSA Journal
For effective security incidence response on the network, a reputable approach must be in place at both protected and unprotected region of the network. This is because compromise in the demilitarized zone could be precursor to threat inside the network. The improved complexity of attacks in present times and vulnerability of system are motivations for this work. Past and present approaches to intrusion detection and prevention have neglected victim and attacker properties despite the fact that for intrusion to occur, an overt act by an attacker and a manifestation, observable by the intended victim, which results from that act are required. Therefore, this paper presents a threat characterization model for attacks from the victim and the attacker perspective of intrusion using data mining technique. The data mining technique combines Frequent Temporal Sequence Association Mining and Fuzzy Logic. Apriori Association Mining algorithm was used to mine temporal rule patterns from alert sequences while Fuzzy Control System was used to rate exploits. The results of the experiment show that accurate threat characterization in multiple intrusion perspectives could be actualized using Fuzzy Association Mining. Also, the results proved that sequence of exploits could be used to rate threat and are motivated by victim properties and attacker objectives.
- Wireless sensor networks are vulnerable to security attacks due to their distributed nature, multi-hop communication, and lack of resources. Intrusion detection systems play an important role in detecting attacks.
- There are three main types of intrusion detection systems: signature-based, anomaly-based, and specification-based (a hybrid of the two). Signature-based systems detect known attacks but miss new ones, while anomaly-based systems can detect new attacks but have high false positives.
- The paper compares these intrusion detection systems for wireless sensor networks and finds that anomaly-based systems have the lowest resource usage but may miss known attacks, while signature-based systems detect known attacks but use more resources. The best approach
Current Studies On Intrusion Detection System, Genetic Algorithm And Fuzzy Logicijdpsjournal
This document summarizes a research paper on current studies of intrusion detection systems using genetic algorithms and fuzzy logic. The paper presents an overview of intrusion detection systems, including different techniques like misuse detection and anomaly detection. It discusses using genetic algorithms to generate fuzzy rules to characterize normal and abnormal network behavior in order to reduce false alarms. The paper also outlines the dataset, genetic algorithm approach, and use of fuzzy logic that are proposed for the intrusion detection system.
DESIGN AND EFFICIENT DEPLOYMENT OF HONEYPOT AND DYNAMIC RULE BASED LIVE NETWO...IJNSA Journal
The continuously emerging, operationally and managerially independent, geographically distributed computer networks deployable in an evolutionarily manner have created greater challenges in securing them. Several research works and experiments have convinced the security expert that Network Intrusion Detection Systems (NIDS) or Network Intrusion Prevention Systems (NIPS) alone are not capable of securing the Computer Networks from internal and external threats completely. In this paper we present the design of Intrusion Collaborative System which is a combination of NIDS,NIPS, Honeypots, software tools like nmap, iptables etc. Our Design is tested against existing attacks based on Snort Rules and several customized DDOS , remote and guest attacks. Dynamic rules are generated during every unusual behavior that helps Intrusion Collaborative System to continuously learn about new attacks. Also a formal approach to deploy Live Intrusion Collaboration Systems based on System of Systems Concept is Proposed.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
A NOVEL SECURITY PROTOCOL FOR WIRELESS SENSOR NETWORKS BASED ON ELLIPTIC CURV...IJCNCJournal
With the growing usage of wireless sensors in a variety of applications including Internet of Things, the security aspects of wireless sensor networks have been on priority for the researchers. Due to the constraints of resources in wireless sensor networks, it has been always a challenge to design efficient security protocols for wireless sensor networks. An novel elliptic curve signcryption based security protocol for wireless sensor networks has been presented in this paper, which provides anonymity, confidentiality, mutual authentication, forward security, secure key establishment, and key privacy at the same time providing resistance from replay attack, impersonation attack, insider attack, offline dictionary attack, and stolen-verifier attack. Results have revealed that the proposed elliptic curve signcryption based protocol consumes the least time in comparison to other protocols while providing the highest level of security.
Network infrastructures have played important part in most daily communications for business industries,
social networking, government sectors and etc. Despites the advantages that came from such
functionalities, security threats have become a daily struggle. One major security threat is hacking.
Consequently, security experts and researchers have suggested possible security solutions such as
Firewalls, Intrusion Detection Systems (IDS), Intrusion Detection and Prevention Systems (IDP) and
Honeynet. Yet, none of these solutions have proven their ability to completely address hacking. The reason
behind that, there is a few researches that examine the behavior of hackers. This paper formally and
practically examines in details the behavior of hackers and their targeted environments. Moreover, this
paper formally examines the properties of one essential pre-hacking step called scanning and highlights its
importance in developing hacking strategies. Also, it illustrates the properties of hacking that is common in
most hacking strategies to assist security experts and researchers towards minimizing the risk of hack.
DETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIESIJNSA Journal
Network infrastructures have played important part in most daily communications for business industries, social networking, government sectors and etc. Despites the advantages that came from such functionalities, security threats have become a daily struggle. One major security threat is hacking. Consequently, security experts and researchers have suggested possible security solutions such as Firewalls, Intrusion Detection Systems (IDS), Intrusion Detection and Prevention Systems (IDP) and Honeynet. Yet, none of these solutions have proven their ability to completely address hacking. The reason behind that, there is a few researches that examine the behavior of hackers. This paper formally and practically examines in details the behavior of hackers and their targeted environments. Moreover, this paper formally examines the properties of one essential pre-hacking step called scanning and highlights its importance in developing hacking strategies. Also, it illustrates the properties of hacking that is common in most hacking strategies to assist security experts and researchers towards minimizing the risk of hack.
Modification data attack inside computer systems: A critical reviewCSITiaesprime
This paper is a review of types of modification data attack based on computer systems and it explores the vulnerabilities and mitigations. Altering information is a kind of cyber-attack during which intruders interfere, catch, alter, take, or erase critical data on the personal computers (PCs) and applications through using network exploit or by running malicious executable codes on victim's system. One of the most difficult and trendy areas in information security is to protect the sensitive information and secure devices from any kind of threats. Latest advancements in information technology in the field of information security reveal huge amount of budget funded for and spent on developing and addressing security threats to mitigate them. This helps in a variety of settings such as military, business, science, and entertainment. Considering all concerns, the security issues almost always come at first as the most critical concerns in the modern time. As a matter of fact, there is no ultimate security solution; although recent developments in security analysis are finding daily vulnerabilities, there are many motivations to spend billions of dollars to ensure there are vulnerabilities waiting for any kind of breach or exploit to penetrate into the systems and networks and achieve particular interests. In terms of modifying data and information, from old-fashioned attacks to recent cyber ones, all of the attacks are using the same signature: either controlling data streams to easily breach system protections or using non-control-data attack approaches. Both methods can damage applications which work on decision-making data, user input data, configuration data, or user identity data to a large extent. In this review paper, we have tried to express trends of vulnerabilities in the network protocols’ applications.
This document summarizes an article that proposes integrating conditional random fields (CRFs) and a layered approach to improve intrusion detection systems. CRFs can effectively model relationships between different features to increase attack detection accuracy. A layered approach reduces computation time by eliminating communication overhead between layers and using a small set of features in each layer. The proposed system aims to achieve both high attack detection accuracy using CRFs and high efficiency using the layered approach. It presents integrating these two methods for intrusion detection to address issues with limited coverage, high false alarms, and inefficiency in existing systems.
Information Systems and Networks are subjected to electronic attacks. When
network attacks hit, organizations are thrown into crisis mode. From the IT department to
call centers, to the board room and beyond, all are fraught with danger until the situation is
under control. Traditional methods which are used to overcome these threats (e.g. firewall,
antivirus software, password protection etc.) do not provide complete security to the system.
This encourages the researchers to develop an Intrusion Detection System which is capable
of detecting and responding to such events. This review paper presents a comprehensive
study of Genetic Algorithm (GA) based Intrusion Detection System (IDS). It provides a
brief overview of rule-based IDS, elaborates the implementation issues of Genetic Algorithm
and also presents a comparative analysis of existing studies.
Survey on classification techniques for intrusion detectioncsandit
Intrusion detection is the most essential component
in network security. Traditional Intrusion
Detection methods are based on extensive knowledge
of signatures of known attacks. Signature-
based methods require manual encoding of attacks by
human experts. Data mining is one of the
techniques applied to Intrusion Detection that prov
ides higher automation capabilities than
signature-based methods. Data mining techniques suc
h as classification, clustering and
association rules are used in intrusion detection.
In this paper, we present an overview of
intrusion detection, KDD Cup 1999 dataset and detai
led analysis of different classification
techniques namely Support vector Machine, Decision
tree, Naïve Bayes and Neural Networks
used in intrusion detection.
This document summarizes a research paper on developing a honey pot intrusion detection system. The paper introduces cyber warfare as a growing threat and the need for effective network security. It then describes designing and implementing a honey pot IDS to detect potential threats on a host system by emulating network services and monitoring connections. The IDS would use event correlation, log analysis, alerting and policy enforcement. The document provides background on intrusions, IDS testing methodology, and reasons why only creating secure systems is not enough to prevent all intrusions.
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWAREVLSICS Design
The latest innovation technology in computing devices has given a rise of compact, speedy and economical products which also embeds cryptography hardware on-chip. This device generally holds secret key and confidential information, more attention has been given to attacks on hardware which guards such secure information. The attacker may leak secret information from symmetric crypto-hardware (AES, DES etc.) using side-channel analysis, fault injection or exploiting existing test infrastructure. This paper examines various DFT based attack implementation method applied to cryptographic hardware. The paper contains an extensive analysis of attacks based on various parameters. The countermeasures are classified and analyzed in details.
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWAREVLSICS Design
The latest innovation technology in computing devices has given a rise of compact, speedy and economical products which also embeds cryptography hardware on-chip. This device generally holds secret key and confidential information, more attention has been given to attacks on hardware which guards such secure information. The attacker may leak secret information from symmetric crypto-hardware (AES, DES etc.) using side-channel analysis, fault injection or exploiting existing test infrastructure. This paper examines various DFT based attack implementation method applied to cryptographic hardware. The paper contains an extensive analysis of attacks based on various parameters. The countermeasures are classified and analyzed in details.
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWAREVLSICS Design
The latest innovation technology in computing devices has given a rise of compact, speedy and economical
products which also embeds cryptography hardware on-chip. This device generally holds secret key and
confidential information, more attention has been given to attacks on hardware which guards such secure
information. The attacker may leak secret information from symmetric crypto-hardware (AES, DES etc.)
using side-channel analysis, fault injection or exploiting existing test infrastructure. This paper examines
various DFT based attack implementation method applied to cryptographic hardware. The paper contains
an extensive analysis of attacks based on various parameters. The countermeasures are classified and
analyzed in details
This document discusses securing healthcare networks against cyber attacks. It proposes using intrusion detection systems to continuously monitor networks, firewalls to ensure endpoint devices comply with security policies, and biometrics for identity-based network access control. This would help protect patient privacy by safeguarding electronic health records and enhancing the security of hospital networks. The growing adoption of electronic records and devices in healthcare has increased risks of attacks that could intercept patient data or take over entire hospital networks. Strong network security measures are needed to address these risks.
A Proposed Model for Datacenter in -Depth Defense to Enhance Continual SecurityHossam Al-Ansary
This document proposes a model for implementing defense in depth strategies to enhance security for datacenters. It discusses key elements of defense in depth including layered defenses at multiple points to resist different classes of attacks from a variety of potential threats. The document outlines people, technology, and operations aspects of achieving security assurance and maintaining security posture. It proposes designing security mechanisms that achieve integration of continual security improvement and risk localization to resist attacks and ensure business continuity for datacenters.
Cyber Warfare is the current single greatest emerging threat to National Security. Network security has become an essential component of any computer network. As computer networks and systems become ever more fundamental to modern society, concerns about security has become increasingly important. There are a multitude of different applications open source and proprietary available for the protection +-system administrator, to decide on the most suitable format for their purpose requires knowledge of the available safety measures, their features and how they affect the quality of service, as well as the kind of data they will be allowing through un flagged. A majority of methods currently used to ensure the quality of a networks service are signature based. From this information, and details on the specifics of popular applications and their implementation methods, we have carried through the ideas, incorporating our own opinions, to formulate suggestions on how this could be done on a general level. The main objective was to design and develop an Intrusion Detection System. While the minor objectives were to; Design a port scanner to determine potential threats and mitigation techniques to withstand these attacks. Implement the system on a host and Run and test the designed IDS. In this project we set out to develop a Honey Pot IDS System. It would make it easy to listen on a range of ports and emulate a network protocol to track and identify any individuals trying to connect to your system. This IDS will use the following design approaches: Event correlation, Log analysis, Alerting, and policy enforcement. Intrusion Detection Systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, we have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which we have adapted for the specific purpose of testing IDSs. In this paper, we identify a set of general IDS performance objectives which is the basis for the methodology. We present the details of the methodology, including strategies for test-case selection and specific testing procedures. We include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. We present an overview of the software platform that we have used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that we have developed, including mechanisms for concurrent scripts and a record-and-replay feature. We also provide background information on intrusions and IDSs to motivate our work.
AN IMPLEMENTATION OF INTRUSION DETECTION SYSTEM USING GENETIC ALGORITHMIJNSA Journal
Nowadays it is very important to maintain a high level security to ensure safe and trusted communication of information between various organizations. But secured data communication over internet and any other network is always under threat of intrusions and misuses. So Intrusion Detection Systems have
become a needful component in terms of computer and network security. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. So, the quest of betterment continues. In this progression, here we present an Intrusion
Detection System (IDS), by applying genetic algorithm (GA) to efficiently detect various types of network intrusions. Parameters and evolution processes for GA are discussed in details and implemented. This approach uses evolution theory to information evolution in order to filter the traffic data and thus reduce the complexity. To implement and measure the performance of our system we used the KDD99
benchmark dataset and obtained reasonable detection rate.
Internal security on an ids based on agentscsandit
The document describes a proposed hierarchical intrusion detection system (IDS) based on agents. Key points:
1. The IDS uses a multi-agent approach with different agent types (collectors, transceivers, monitors) to distribute monitoring tasks without affecting system performance.
2. Internal security techniques are implemented to verify the identity and integrity of agents, such as using a matrix of marks and hash functions to check agents.
3. The IDS was prototyped using the BESA multi-agent platform and can detect attacks through signature matching and event correlation across the agent network.
INTERNAL SECURITY ON AN IDS BASED ON AGENTScscpconf
The document describes a proposed hierarchical intrusion detection system (IDS) based on agents. Key points:
1. The IDS uses a multi-agent approach with different agent types (collectors, transceivers, monitors) to distribute monitoring tasks without affecting system performance.
2. Internal security techniques are implemented to verify the identity and integrity of agents, such as using a matrix of marks and hash functions to check agents.
3. The IDS was prototyped using the BESA multi-agent platform and tested for its ability to securely detect intrusions in an agent-based system.
This document summarizes a technique for network threat detection and alarming using system statistics and support vector machines. It begins by introducing the importance of network security and common authentication and security mechanisms. It then provides an overview of threat detection systems and their purpose of identifying security incidents and producing reports. The rest of the document details various threat detection techniques, including expert systems, signature analysis, state-transition analysis, statistical analysis, user intention identification, machine learning, and data mining. It focuses on using statistical analysis of system variables like packet types, delay, drop rate, and buffer overflow to identify threat types like blackholes, wormholes, and flooding.
Trust Metric-Based Anomaly Detection Via Deep Deterministic Policy Gradient R...IJCNCJournal
Addressing real-time network security issues is paramount due to the rapidly expanding IoT jargon. The erratic rise in usage of inadequately secured IoT- based sensory devices like wearables of mobile users, autonomous vehicles, smartphones and appliances by a larger user community is fuelling the need for a trustable, super-performant security framework. An efficient anomaly detection system would aim to address the anomaly detection problem by devising a competent attack detection model. This paper delves into the Deep Deterministic Policy Gradient (DDPG) approach, a promising Reinforcement Learning platform to combat noisy sensor samples which are instigated by alarming network attacks. The authors propose an enhanced DDPG approach based on trust metrics and belief networks, referred to as Deep Deterministic Policy Gradient Belief Network (DDPG-BN). This deep-learning-based approach is projected as an algorithm to provide “Deep-Defense” to the plethora of network attacks. Confidence interval is chosen as the trust metric to decide on the termination of sensor sample collection. Once an enlisted attack is detected, the collection of samples from the particular sensor will automatically cease. The evaluations and results of the experiments highlight a better detection accuracy of 98.37% compared to its counterpart conventional DDPG implementation of 97.46%. The paper also covers the work based on a contemporary Deep Reinforcement Learning (DRL) algorithm, the Actor Critic (AC). The proposed deep learning binary classification model is validated using the NSL-KDD dataset and the performance is compared to a few deep learning implementations as well.
Trust Metric-Based Anomaly Detection via Deep Deterministic Policy Gradient R...IJCNCJournal
Addressing real-time network security issues is paramount due to the rapidly expanding IoT jargon. The erratic rise in usage of inadequately secured IoT- based sensory devices like wearables of mobile users, autonomous vehicles, smartphones and appliances by a larger user community is fuelling the need for a trustable, super-performant security framework. An efficient anomaly detection system would aim to address the anomaly detection problem by devising a competent attack detection model. This paper delves into the Deep Deterministic Policy Gradient (DDPG) approach, a promising Reinforcement Learning platform to combat noisy sensor samples which are instigated by alarming network attacks. The authors propose an enhanced DDPG approach based on trust metrics and belief networks, referred to as Deep Deterministic Policy Gradient Belief Network (DDPG-BN). This deep-learning-based approach is projected as an algorithm to provide “Deep-Defense” to the plethora of network attacks. Confidence interval is chosen as the trust metric to decide on the termination of sensor sample collection. Once an enlisted attack is detected, the collection of samples from the particular sensor will automatically cease. The evaluations and results of the experiments highlight a better detection accuracy of 98.37% compared to its counterpart conventional DDPG implementation of 97.46%. The paper also covers the work based on a contemporary Deep Reinforcement Learning (DRL) algorithm, the Actor Critic (AC). The proposed deep learning binary classification model is validated using the NSL-KDD dataset and the performance is compared to a few deep learning implementations as well.
This document discusses computer security and cybersecurity. It defines computer security and outlines common vulnerabilities and attacks such as backdoors, direct access attacks, eavesdropping, phishing, and clickjacking. It discusses systems that are at risk and the impact of security breaches. It covers attacker motivations and outlines some common computer protection countermeasures like security by design, security architecture, and vulnerability management. It provides examples of some notable attacks and breaches and discusses legal issues and the growing job market for cybersecurity professionals.
Similar to Hardware Attack Mitigation Techniques AnalysisFull Text (20)
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
OpenID AuthZEN Interop Read Out - AuthorizationDavid Brossard
During Identiverse 2024 and EIC 2024, members of the OpenID AuthZEN WG got together and demoed their authorization endpoints conforming to the AuthZEN API
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Hardware Attack Mitigation Techniques AnalysisFull Text
1. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
DOI:10.5121/ijcis.2017.7102 9
HARDWARE ATTACK MITIGATION
TECHNIQUES ANALYSIS
Samer Moein1
, T. Aaron Gulliver1
, Fayez Gebali1
and Abdulrahman
Alkandari2
1
Electrical and Computer Engineering, University of Victoria, BC, Canada
2
Department of Computer, Public Authority for Applied Education and Training, Kuwait
City, Kuwait
ABSTRACT
The goal of a hardware attack is to physically access a digital system to obtain secret information or
modify the system behavior. These attacks can be classified as covert or overt based on the awareness of
the attack. Each hardware attack has capabilities as well as objectives. Some employ hardware trojans,
which are inserted during, manufacture, while others monitor system emissions. Once a hardware attack
has been identified, mitigation techniques should be employed to protect the system. There are now a wide
variety of techniques, which can be used against hardware attacks. In this paper, a comprehensive survey
of hardware attack mitigation techniques is presented. These techniques are matched to the hardware
attacks and attack criteria they can counter, which helps security personnel choose appropriate mitigation
techniques to protect their systems against hardware attacks. An example is presented to illustrate the
choice of appropriate countermeasures.
KEYWORDS
Hardware Attack, Hardware Attack Mitigation, Hardware Security, Covert Attack & Overt Attack
1. INTRODUCTION
The use of semiconductor devices in military, financial, economic, and other critical
infrastructure has raised significant concerns regarding hardware security. A victim is unaware of
the occurrence of a covert attack but may have knowledge of an overt attack. Overt hardware
attacks [1] such as deprocessing and reverse engineering are employed to reveal device
functionality in order to steal information and copy devices. Further, some overt attacks introduce
hardware trojans [2] by modifying Integrated Circuits (ICs) to create abnormal system behaviour,
while others monitor system emissions to obtain information. The increasing sophistication of
hardware attacks as well as the growing chip complexity makes hardware security a major
challenge for the semiconductor industry [3–6].
The design and manufacture of an IC involves multiple processes. These provide numerous
opportunities for attacks, and mitigation techniques must be developed to counter them. Figure. 1
shows the approaches to both attacking and defending a chip. Overt attacks, i.e. reverse
engineering, deprocessing, and microprobing, allow an attacker to examine the internal structure
of a chip. This information can be used to identify chip vulnerabilities for covert at-tacks, i.e.
2. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
10
power, timing, and electromagnetic, or to copy the chip. An attacker can also insert a hardware
trojan into a chip to allow an attack to be initiated.
A defender can use destructive techniques to check if malicious modifications have been made to
a chip. However, this approach is time consuming and requires significant resources, so it is not
practical to examine a large number of chips. In practice, defenders rely on non-destructive
techniques to determine if a chip is working probably [7–9]. These techniques can be employed
during testing and/or chip operation. Hardware attack mitigation techniques are used to protect a
chip during both chip design and operation. These techniques can be used to produce a secure
chip when it is being designed. Further, if unexpected behaviour is detected during chip
operation, they can be employed to counter any attacks.
The knowledge, skill and resources that modern attackers possess enable them to introduce
modifications into the design during the IC life cycle. Many of these modifications are not
detected during the testing and deployment phases [4, 10, 11]. Developing mitigation techniques
against these malicious attacks begins with their identification and classification. Hardware
attacks can be classified as covert or overt [1, 2]. They can also be classified based on the
accessibility, resources, and time required for implementation [50]. The classification can be used
to determine the system requirements to defend against attacks [12, 13].
Hardware attack mitigation techniques can be divided into two categories, those designed to
counter multiple attacks and those developed for single attacks. A number of approaches have
been used to counter multiple attacks. Hiding techniques are based on reducing the signal strength
or increasing the noise level [53]. Masking techniques make it difficult for an attacker to
determine the relationship between chip emissions and the corresponding data or operations [16–
19]. Random noise can be employed to decrease the Signal-to-Noise Ratio (SNR) of IC signals
[54], and make emissions more independent of the chip operations [53, 55]. Chip emissions can
also be masked using asynchronous logic gates [56, 57], or reduced by using low power design
techniques [53]. Further, emissions between chip regions can be lowered via design partitioning
[20, 21]. Restricting chip access using anti-tampering techniques can prevent an attacker from
collecting chip data [22, 23]. Moreover, emission filtering can be used to reduce data leakage
[67]. These techniques can be used to counter most covert attacks, as these attacks typically
monitor chip emotions. Sensors can also be deployed around a chip to detect anomalies and
counter overt attacks [35].
Numerous countermeasures have been proposed for specific hardware attacks. Algorithmic
resistance, restricting physical access, randomized computation time [33], and duplicate
encryption [26] have been used to counter fault attacks. Time/branch equalization, random delays,
and constant time hardware [27] have been used to counter timing attacks. Keyed hash functions,
message authentication codes, public key infrastructure, and stream ciphers have been employed
to increase the security of JTAG devices and encryption circuitry [29, 30].
Shielding has been used to counter acoustic attacks [15]. Cycling memory with random data can
be used to mitigate data remanence attacks [25]. Cache partitioning has been shown to pre-vent
information leakage [44], and sensitive cache lines can be placed in a secure partition [45] to
counter cache attacks. Further, a non-deterministic processor can be used to run instructions in
random order [47].
3. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
11
Figure 1: Hardware attack and defence strategies.
The contributions of this paper are as follows:
1. A comprehensive survey of hardware attack mitigation techniques is presented.
2. These techniques are matched to the hardware attacks and attack criteria they can counter.
These results can help security personnel choose appropriate mitigation techniques to
protect their systems against hardware attacks.
The remainder of this paper is organized as follows. Section 2 presents a review of hardware
attacks based on attack awareness. Mitigation techniques for covert hardware attacks are
presented in Section 3, while techniques for overt hardware attacks are given in Section 4. A
discussion of mitigation techniques and some security recommendations are presented in Section
5. Finally, some concluding remarks are given in Section 6.
2. HARDWARE ATTACKS
Hardware attacks aim at physically accessing a system to obtain stored information, determine
the internal structure of the hardware, or inject a fault. Several approaches have been pro-posed to
classify hardware attacks based on security levels [69–71], algebraic properties [68], accessibility
[66], and resources [1, 2].
In order to evaluate security, tamper protection levels were introduced by IBM [69]. Their
classification has six security levels from zero corresponding to a system without any security
protection to high for a virtually unbreakable system.
U.S. and Canadian federal government agencies are required to use cryptographic products that
have been validated using Federal Information Processing Standards (FIPS) [70] or Common
Criteria (CC) [71]. Most CC protection profiles rely on FIPS validation for cryptographic
security. FIPS 140-2 or 140-1 validations have four security levels from level 1 which indicates
basic security requirements for a cryptographic module to level 4, which indicates physical
4. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
12
security, i.e. an envelope of protection around the cryptographic module to detect device
penetration. This classification focuses on cryptographic applications and/or devices.
A flexible methodology was proposed in [68] to categorize hardware attacks based on their
properties. Weights can be assigned based on attack criteria so that detailed comparisons can be
made, and as technology changes these weights can be adjusted according to attack and/or de-
fence capabilities. A defender can use this methodology to determine the possible approaches an
attacker may use to launch an attack. Variations of the same attack can also be considered. For
example, two Deprocessing (DEP) attacks DEP-1 and DEP-2 were considered in [68] where
DEP-1 assumes that the attacker uses in-house resources, while DEP-2 assumes the attacker
employs outsourcing and so requires fewer resources. In general, the classification of a hardware
attack is based on the capabilities and techniques used by the attacker and de-fender. This
information can be used by security designers to identify system vulnerabilities and develop
countermeasures.
A classification based on attack accessibility was proposed in [66]. This classification divides
attacks into three groups: non-invasive, invasive, and semi-invasive. Non-invasive attacks do not
require any initial preparation or direct connection to the device. Invasive attacks require direct
access to the internal components of the device. Semi-invasive attacks introduced in [73] lie in
the gap between non-invasive and invasive attacks. These attacks require a moderate level of
accessibility to gain access to the chip surface, but do not require internal physical contact.
In [1, 2], a classification was proposed based on the resources and awareness needed for an attack
to succeed. Attacks were classified based on four criteria: Accessibility (A), Re-sources (R), Time
(T), and Awareness (W). The awareness criterion (W) divides hardware at-tacks based on the
evidence left of an attack on a system, so there are two categories, covert [2] and overt [1].
2.1. Covert Attacks
A covert attack is when the victim is not aware that it is taking place. This occurs when an
attacker is able to obtain information from a device when it is in operation. Figure. 2, illustrates
the signals that emanate from a system that can be used by an attacker to compromise a chip. The
use of these signals was first employed during World War II after Bell Labs employees noted that
whenever a system was activated, signals appeared on an oscilloscope in another part of the lab.
They determined that these signals could be used to recover plaintext data [20]. Covert attacks
typically require limited accessibility and resources and little time, so often there is no evidence
of the attack. Thus, they are simple and so many attackers have the necessary resources and
experience to conduct them [12, 13]. As a consequence, many covert hardware attacks exist.
Simple Electromagnetic Analysis (SEMA) attacks examine the electromagnetic emissions from
ICs to determine internal operations or obtain secret information. Differential Electro-magnetic
Analysis (DEMA) attacks use a statical analysis of these emissions to obtain system information
[21]. A Frequency Based Analysis (FBA) attack uses a differential Power Spectral Density (PSD)
analysis rather than a time domain analysis [64]. A Simple Power Analysis (SPA) attack
examines the power consumption during computations to determine device operations [52].
Differential Power Analysis (DPA) attacks use a statical model of the power consumption during
chip operations in conjunction with cryptanalysis techniques to gather secret information [63]. A
Timing Attack (TA) exploits the fact that chip operations can take different times to complete.
Measuring and analyzing this time can be used to obtain secret information [51]. An Acoustic
Attack (ACA) uses a microphone placed close to a chip to determine when encryption operations
are being executed, and when the keys change [62]. An Optically Enhanced Position-Locked
5. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
13
Power Analysis (OPLP) attack reveals the current in individual transistors [61]. An Optical
Emanation Attack (OEA) monitors the optical signals
Figure 2: Emanating signals from a system.
related to the information being processed [14]. A Covert JTAG port (C-JTAG) attack uses a
JTAG port to obtain secret data [30]. A Data Remanence Attack (DRA) aims to retrieve secret
information such as that stored in the SRAM of a security processor. At temperatures below a
threshold, SRAM contents can be preserved for a period of time even when the power is
removed. The attack is triggered when the temperature falls below or rises above certain
thresholds [60]. An Advanced Imaging Technique (AIT) attack uses imaging to locate failed
transistors or interconnects. This is based on the fact that silicon becomes transparent at Infrared
(IR) wavelengths greater than l = 1100 nm [66]. A Cache-based (Cache) attack exploits cache hit
and miss timing differences to reveal system information such as cryptographic keys [42].
2.2. Overt Attacks
An attack is overt when the victim is aware that it is taking place. In this case, the attacker has
one or more of the following goals:
1. Disrupting the system to prevent it from working as expected,
2. Preventing the system from working (denial of service),
3. Reverse engineering the system, to later copy it.
Most overt attacks require significant knowledge, high accessibility to the system, substantial
resources, and a long period of time to achieve success. Therefore, the victim will typically be
aware of these attacks. Modern chips are complex multilayer devices, so an attack that requires
decapsulating a chip to access its internal circuitry is very difficult. These attacks are usually
conducted by organizations such as research agencies, government laboratories and universities
[1]. A number of covert hardware attacks have been proposed in the literature.
A Fault Injection (FIT) attack inserts signals into a device to alter its operation, typically via the
power supply or clock [66]. An Overt JTAG port (O-JTAG) attack uses a JTAG port to obtain
test vectors and responses, modify system states, return false test responses, or control Test Mode
Select (TMS) and Test Clock (TCK) lines to deceive a tester about the true state of the chip. TMS
and TCK attacks require control of TMS and TCK lines to change the voltage on the
corresponding inputs [30]. A Fault Analysis (FAT) attack provides inputs to a device and then
analyzes the resulting outputs. The inputs can be accidental or intentional and are used to discover
secret information [27]. A Microprobing (Micro) attack uses a microprobe station to reveal the
internal signals of a chip [66]. Reverse Engineering (RE) attacks extract information about the
locations of transistors and interconnections in an IC to determine the functionality. To gain this
6. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
14
information, an attacker progressively removes the chip layers that were formed during
fabrication [66]. A Deprocessing (DEP) attack employs the same processes that were used during
chip fabrication. There are three types of deprocessing: wet chemical etching, dry chemical
etching, and mechanical polishing [65]. Counterfeiting refers to the reproduction or copying of an
IC [11].
4. COVERT HARDWARE ATTACK MITIGATION TECHNIQUES
Many mitigation techniques have been proposed to counter covert attacks. Most focus on making
chip emissions independent of the operations. Some of these techniques have been designed for a
specific attack while others can counter multiple attacks. The covert attack mitigation techniques
are described below.
3.1. Hiding
Hiding is a powerful technique that can be used against an attacker attempting to gain in-
formation from chip emissions [52, 53]. The following techniques can be used to hide chip
emissions.
3.1.1 Noise Generation
The Signal-to-Noise Ratio (SNR) can be reduced by either lowering the signal strength or
increasing the noise level. For example, noise generators decrease the SNR which reduces the
ability of an attacker to extract information from chip emissions [54]. This technique can be used
to mitigate the covert attacks: SPA, SEMA, DEMA, FBA, DPA, TA, ACA, and Cache.
3.1.2 Balanced Logic
Balanced logic is a technique used to make chip emissions independent of the data being pro-
cessed. For example, Dual-Rail Pre-charged (DRP) logic can be used to create two outputs
operating in different phases [53, 55]. This technique can be used to mitigate the covert at-tacks:
SPA, SEMA, DEMA, and DPA.
3.1.3 Asynchronous Logic Gates
Asynchronous logic gates can be used to lower Electromagnetic (EM) emission levels by
reducing or eliminating the need for clock synchronization [56, 57]. This technique can be used to
mitigate the covert attacks: SPA, SEMA, DEMA, and DPA.
3.1.4 Low Power Design
Low power design is a method used to lower the SNR and hide chip emissions to reduce the
ability of an attacker to obtain chip information [53]. This technique can be used to mitigate the
covert attacks: SPA, SEMA, DEMA, FBA, DPA, ACA, OPLP, OEA, and AIT.
3.2. Shielding
Shielding is an effective method to hide chip emissions. This can be achieved via physical
shielding or filtering of chip emissions. Metal layers on the outside of a chip can be used to shield
EM emissions. For FBA, a sensor mesh can monitor the chip operations for interruptions or short
circuits and raise an alarm if one of these events occurs. Glass shielding, opaque material or black
7. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
15
taping can be used to guard against optical attacks [14]. For ACA, acoustic shielding such as
foam can be employed [15]. This technique can be used to mitigate the covert attacks: SPA,
SEMA, DEMA, FBA, DPA, ACA, OPLP, OEA, AIT, and Cache.
3.3. Masking (Blinding)
Masking or blinding is a technique used to make it difficult for an attacker to determine the
relationship between chip data and emissions. This can be accomplished on a per-gate basis using
masking logic, or a per-block basis by randomizing the input data and reversing this operation to
obtain the results [16–19]. The input data can also be masked with random data before any
operations and the results obtained by removing the mask [27]. This technique can be used to
mitigate the covert attacks: SPA, SEMA, DEMA, FBA, DPA, TA, ACA, OPLP, OEA, and AIT.
3.4. Design Partitioning
Design partitioning prevents information leakage between chip regions. For example, regions that
operate on plaintext can be separated from those that operate on ciphertext [20, 21]. This
technique can be used to mitigate the covert attacks: SPA, SEMA, DEMA, FBA, DPA, TA,
ACA, OPLP, and OEA.
3.5. Anti-tampering (Physical Security)
Anti-tampering or physical security is used to limit access by creating a secure zone around a
chip. This also reduces the amount of emission data that can be collected [22, 23]. This technique
can be used to mitigate the covert attacks: SPA, SEMA, DEMA, DPA, TA, ACA, OPLP, OEA,
DRA, C-JTAG, FBA, AIT, and Cache. It can also be used to mitigate the overt attacks: O-JTAG,
FIT, and FAT.
3.6. Emission Filtering
Hardware and/or software emission filters can be used to reduce the amount of data that is leaked
[67]. This technique can be used to mitigate the covert attacks: SPA, SEMA, DEMA, FBA, DPA,
ACA, OPLP, and OEA.
3.7. Restricting Physical Access
Restricting access to a device is a simple countermeasure against fault attacks. Encapsulating a
device in a tamper-resistant case is an effective means of restricting access [33] , which has been
successfully implemented [31]. This technique can be used to mitigate the covert attacks: DRA,
C-JTAG, and AIT. It can also be used to mitigate the overt attacks: FIT, O-JTAG, and FAT.
3.8. Randomized Computation Time
Randomizing the computation time of chip operations provides protection against fault at-tacks
[33]. This technique can be used to mitigate the covert attack: TA, and the overt attacks: FIT and
FAT.
3.9. Deep Sub-micron Technology
Data can be protected using storage devices covered with a top metal layer or constructed with
deep sub-micron technology, which makes it difficult for an attacker to access the transistor level
or recover data that has been erased [25]. This technique can be used to mitigate the covert
attacks: DRA and AIT.
8. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
16
Table 1: Mitigation Techniques for Covert Hardware Attacks
3.10. Cycling Memory with Random Data
Memory, i.e. ROM or flash, cells should be cycled 10 to 1000 times with random data when
storing sensitive data. This eliminates any noticeable effects arising from the data. Further,
EEPROM and flash memory cells should be programmed before erasing them to eliminate any
Hardware Mitigation Techniques
Hiding
NoiseGeneration
BalancedLogic
AsynchronousGates
Logic
DesignPowerLow
Shielding
Masking(Blinding)
DesignPartitioning
Anti-tampering(PhysicalSecurity)
EmissionFiltering
Technology
CyclingMemorywithRandom
Time/Branch
Equalization
AddingRandomDelays
ConstanttimeHardware
SecureJTAGCommunication
Protocol
(PUF)
TestAccessPort(TAP)Design
Public/PrivateKeyPairs
Protocol
Prevention
CachePartitioning
CacheLineLocking
DirectMappedCache
Non-deterministic
Processor
RestrictingPhysical
Access
RandomizedComputationTime
CovertHardwareAttack
SEMA ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓
DEMA ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓
FBA ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓
SPA ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓
DPA ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓
TA ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓
ACA ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓
OPLP ✓ ✓ ✓ ✓ ✓ ✓ ✓
OEA ✓ ✓ ✓ ✓ ✓ ✓ ✓
DRA ✓ ✓ ✓ ✓
AIT ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓
JTAG ✓ ✓ ✓ ✓ ✓ ✓ ✓
Cache ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓
9. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
17
residual charge from the previous data [25]. This technique can be used to mitigate the covert
attack: DRA.
3.11. Time/Branch Equalization
The main countermeasure against timing attacks is to make all chip operations execute in the
same amount of time, known as time equalization. For example, multiplication and
exponentiation operations should have the same computation time. This prevents an attacker from
determining the number of times each operation is executed, or even when an operation is run
[26]. A variation of this technique is branch equalization, which makes the time for two branches
of a conditional statement the same [27]. Note that time and branch equalization can have a
negative impact on system performance. This technique can be used to mitigate the covert attack:
TA.
3.12. Adding Random Delays
Adding random delays is another technique used to disguise the computation time for an
operation. However, using fixed delays still enables an attacker to infer the system response
and/or power consumption for specific operations. Therefore it is better to add random delays
only to counter timing attacks [26]. Unfortunately, adding delays has a negative impact on system
performance. This technique can be used to mitigate the covert attack: TA.
3.13. Constant Time Hardware
Employing constant time hardware is an easier approach to attack mitigation than adding random
delays. In this case, each operation takes the same amount of time regardless of the input [27].
This technique can be used to mitigate the covert attack: TA.
3.14. Operation-Memory Access Prevention
This technique prevents memory access by using arithmetic and logic operations instead of look
up tables [42]. Data is preloaded into the cache before it is used so attempts to access the cache
always result in a hit, so no information is leaked [43]. This technique can be used to mitigate the
covert attack: Cache.
3.15. Cache Partitioning
Cache partitioning prevents information leakage by placing the data in secluded or locked mode.
A partitioned cache also separates the cache behaviour of one process from another, which
prevents inter-process attacks. Although the cache is still shared, one process cannot access the
partitions used by another [44]. This technique can be used to mitigate the covert attack: Cache.
3.16. Cache Line Locking
Cache line locking is an extension of cache partitioning. A partitioned cache is static and prevents
sharing of unused cache lines with other processes, which is inefficient. Cache line locking is
more flexible since only the sensitive cache lines are in a secluded and or locked partition, leaving
the remaining cache lines for general use [45]. This technique can be used to mitigate the covert
attack: Cache.
10. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
18
3.17. Direct Mapped Cache
Direct mapped cache maps a memory block to a cache line at run time. This can be achieved
using the addresses with a remapping table to obtain the cache line indexes. These indexes are
hashed into a dedicated partition. An efficient implementation is dynamic memory-to-cache
remapping [46]. This technique can be used to mitigate the covert attack: Cache.
3.18. Non-deterministic Processor
A non-deterministic processor can be used to run instructions in a random order while
maintaining data coherence and dependencies. The power profile in these processors makes it
very difficult for an attacker to obtain information [47]. This technique can be used to mitigate the
covert attack: SEMA, DEMA, FBA, SPA, DPA, TA, ACA, OPLP, OEA, AIT, and Cache.
3.19. Secure JTAG Communication Protocol
A secure JTAG communication protocol can be achieved using hash functions, message
authentication codes, and stream ciphers. These security primitives can be used to design secure
protocols between devices [30]. This technique can be used to mitigate the covert attack: C-
JTAG, and the overt attacks: O-JTAG, RE, DEP, and Counterfeit.
3.20. Physically Unclonable Function (PUF)
Existing solutions for network communications such as SSH and SSL are computationally ex-
pensive. A simpler approach is to employ a Physically Unclonable Function (PUF) to provide a
cryptographic key. The advantage of PUFs is that they are intrinsically unique and inherently
random [28]. This technique can be used to mitigate the covert attack: C-JTAG, and the overt
attacks: O-JTAG, RE, DEP, and Counterfeit.
3.21. Test Access Port (TAP) Design
JTAG Test Access Port (TAP) design employs hash functions and challenge/response proto-cols
to securely access JTAG infrastructure. It also allows for hierarchical security for JTAG access
[29]. This technique can be used to mitigate the covert attack: C-JTAG, and the overt attack: O-
JTAG.
3.22. Public/Private Key Pairs
Public/private key pairs can be used for authentication to protect against JTAG attacks. For
example, different keys can be employed for JTAG access groups to improve security [29]. This
technique can be used to mitigate the covert attack: C-JTAG, and the overt attack: O-JTAG.
3.23. Challenge/Response Protocols
Random number generators can be used to generate challenge messages for use in authentication
protocols [29]. This technique can be used to mitigate the covert attack: C-JTAG, and the overt
attack: O-JTAG.
Table 1 presents the mitigation techniques associated with covert hardware attacks. Many of these
techniques increase noise levels to hide the data signals, while others reduce chip emission levels.
The goal is to make it difficult for an attacker to extract the signals from a chip, so chip access
11. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
19
should be limited to only trusted personnel. Some techniques have been designed to protect
against multiple attacks, while others are only effective against single hardware attacks such as
JTAG, TA, and Cache.
4. OVERT HARDWARE ATTACK MITIGATION TECHNIQUES
Overt attack mitigation techniques are primarily used to prevent an attacker from analyzing the
inner structure of a chip. Often an attacker uses an overt attack to understand the chip structure
and then use this information in a covert attack. This information can also be used to copy a chip.
The overt attack mitigation techniques are described below.
4.1. Error Detection
Error detection codes are used to generate check bits for input data and operation results. If the
check bits at the output are incorrect, a fault is detected and the output data is discarded [33].
This technique can be used to mitigate the overt attacks: FIT and FAT.
4.2. Duplicate Operations
Chip operations can be executed multiple times and the outputs considered valid only when they
are identical [32]. If the results differ, an alarm is raised. This is not the best solution to defend
against fault-based attacks since a fault may still go undetected. It increases the system
complexity, but also the resources and time required by an attacker to obtain sufficient data [26],
so while implementation is simple, the overhead is high. This technique can be used to mitigate
the overt attacks: FIT and FAT.
4.3. Top Layer Sensor Meshes
Sensor meshes are mainly used to protect against microprobing attacks. They are placed above
the circuit to detect interruptions and short circuits. If procedures such as selective etching or
laser cutting are sensed, an alarm can be raised and countermeasures taken such as erasing non-
volatile memory [35]. These meshes can also protect against under-voltage or over-voltage
analysis attacks. This technique can be used to mitigate the overt attacks: FIT, Micro, RE, and
DEP.
4.4. Clock Frequency Sensor
Robust low frequency sensors are used to detect tampering which slows the clock frequency
[35]. If a sensor raises an alarm, countermeasures such as processor reset and bus line and
register grounding can be taken. This technique can be used to mitigate the overt attacks: FIT,
Micro, RE, and DEP.
4.5. Randomized Clock Signal
This technique can be used to prevent an attacker from predicting the execution time of specific
instructions. Most covert hardware attacks require the attacker to predict the time at which a
certain instruction is executed. Moreover, processors typically execute the same instructions
with a fixed number of clock cycles after each reset, which makes processor behavior
predictable. This behaviour simplifies the use of protocol reaction times as a covert channel.
Therefore, random time delays should be inserted between any observable action and critical
operations that might be subject to an attack. If serial ports are the only observable channels,
then random delay routine calls controlled by a hardware noise source can be employed. A
12. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
20
random bit-sequence generator in conjunction with an external clock signal can be used to
generate a random internal clock signal to make behavior prediction more difficult [34, 35]. This
technique can be used to mitigate the overt attack: Micro.
4.6. Randomized Multi-threading
The predictability of execution cycles in a processor can be decreased by implementing a multi-
threaded architecture, which randomly schedules execution on multiple threads [34].
Randomized combinational logic can be used to determine the progression of thread execution in
a processor [35]. This technique can be used to mitigate the overt attack: Micro.
4.7. Test Circuit Destruction
Chip testing is done after production, and leaves residual test circuits, which can be exploited by
attackers to gain access to buses and control lines. Therefore, the destruction of these circuits is
an important attack countermeasure. To achieve this, the test interface for a chip can be placed
within the area of another chip on the wafer. Then when the wafer is cut into dies, the connections
between the chip and test circuitry are destroyed [35]. This technique can be used to mitigate the
overt attack: Micro.
4.8. Restricted Program Counter
The program counter can be used as an address pattern generator to simplify reading the memory
contents via microprobing. To counter such attacks, watchdog counters can be used to reset the
processor if no jump, call, or return instruction is executed for a number of cycles, but this
requires additional circuitry. Another approach is to modify the program counter so that offset
counters are employed to cover the entire address space. Each call, jump, or return instruction
writes the address of the destination in a register and resets the program counter [35]. This
technique can be used to mitigate the overt attack: Micro.
4.9. Encrypted Buses
Encrypted buses can be used to make it intractable for an attacker to obtain chip data. The
encryption typically employs a Random Number Generator (RNG) which is initialized at the
sender and receiver using a private key [36]. This technique can be used to mitigate the overt
attack: Micro.
4.10. Light Sensor
Light sensors can be employed to prevent chip operation after it has been decapsulated [23]. This
technique can be used to mitigate the overt attacks: Micro, RE, and DEP.
4.11. Glue Logic
Glue logic can be used to transform standard building block structures, i.e. the ALU, I/O,
registers, and/or CPU circuits to Application Specific Integrated Circuits (ASICs) with a similar
logic design. This makes it very difficult for an attacker to find specific signals or circuitry within
the IC. Glue logic design can be achieved using special design tools [66]. This technique can be
used to mitigate the overt attacks: Micro, RE, and DEP.
13. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
21
4.12. Obfuscation
Obfuscation is a technique that transforms a circuit or design into one that is functionally
equivalent but is significantly more difficult to reverse engineer [37–39]. Thus, more resources
and time will be required for an attacker to determine chip functions. Obfuscation can also be
implemented using PUFs or programmable logic. In this case, the logic is configurable to
functionally equivalent designs to conceal the signal paths [40]. This technique can be used to
mitigate the overt attacks: Micro, RE, DEP, and Counterfeit.
4.13. Verification Difference
Verification difference is used to test chips by comparing measurements with signature values to
detect differences between genuine and altered chips. Altered chips will have a significant
difference and thus can be identified. This technique includes power and time delay analysis as
well as Scanning Acoustic Microscopy (SAM), IR thermography and X-Ray Fluoroscopy (XRF)
[58]. This technique can be used to mitigate the overt attacks: Micro, RE, DEP, and Counterfeit.
4.14. IP Watermarking
Intellectual Property (IP) watermarking is a technique similar to paper watermarking and is used
to protect against counterfeiting. This is achieved by inserting proprietary information into the IC
design. The result is a unique design that includes the watermark within the chip functions. The
watermark can be embedded in different abstraction levels of the design making it difficult to
detect and/or remove [41]. This technique can be used to mitigate the overt attacks: RE, DEP, and
Counterfeit.
4.15. IP Fingerprinting
IP fingerprinting assigns a unique and hidden ID into each instance of the IP [48]. It is typically
employed to detect IP overbuilding by a factory. This technique can be used to mitigate the overt
attacks: RE, DEP, and Counterfeit.
4.16. IC Metering
IC metering is a set of security protocols that enable designers to gain post-fabrication control of
IC properties and use, including remote runtime disabling [49]. A unique ID for each IC is
included in the Finite State Machine (FSM) of the design. This is achieved by adding new states
and transitions to the original IC FSM to create a Boosted Finite State Machine (BFSM). To bring
the BFSM into the initial (reset) state, knowledge of the transition table is required. Since only the
designer has this information, it will be difficult for an attacker to generate the input sequences
required to bring the BFSM into this state [49]. Another IC metering protocol is based on PUFs
[59]. It provides control over all hardware copies and allows counterfeit ICs to be disabled. This
technique can be used to mitigate the overt attacks: RE, DEP, and Counterfeit.
Table 2 presents the mitigation techniques associated with overt hardware attacks. RE and DEP
are closely related attacks and therefore can be mitigated using the same techniques. Several
mitigation techniques have been designed to counter only Micro attacks. Some sets of mitigation
techniques can be used to counter all overt attacks. A defender could use one of these sets (based
on the target system), to mitigate these attacks. For example, a technique used to detect chip
overbuilding can be combined with a technique to prevent an attacker from determining the inner
structure of a chip.
14. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
22
5. DISCUSSION
Algorithms that can be used to assess the security of a system against hardware attacks were
presented in [68]. These algorithms were developed based on the criteria, relationships, and/or
occurrences of hardware attacks. The criteria considered are Accessibility (A), Resources (R),
Time (T), and Awareness (W). Each criterion can be divided into sub-levels depending on the
application [12, 13] and target system [50]. For example, consider a defender that has discovered
a system is vulnerable to a Timing Attack (TA). There can be several variations of this attack, i.e.
TA-1 which requires {covert, limited access, limited
Table 2: Mitigation Techniques for Overt Hardware Attacks
Hardware Mitigation Technique
Anti-tampering(PhysicalSecurity)
RestrictingPhysicalAccess
RandomizedComputationTime
ErrorDetection
DuplicateOperations
PhysicallyUnclonableFunction(PUF)
RandomizedClockSignal
RandomizedMulti-threading
TestCircuitDestruction
RestrictedProgramCounter
TopLayerSensorMeshes
ClockFrequencySensor
EncryptedBus
LightSensor
GlueLogic
Obfuscation
VerificationDifference
IPWatermarking
IPFingerprinting
ICMetering
OvertHardwareAttack
FAT ✓ ✓ ✓ ✓ ✓
FIT ✓ ✓ ✓ ✓ ✓ ✓ ✓
Micro ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓
RE ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓
DEP ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓
Counterfeit ✓ ✓ ✓ ✓ ✓ ✓
resources, limited time}, TA-2 which requires {covert, limited access, limited resources, medium
time}, and TA-3 which requires {covert, partial access, limited resources, limited time}, to
succeed. These attacks are illustrated in Figure. 3. A defender has two approaches to protecting
the system against these attacks, choosing a technique, which can specifically defend against a
TA, or one that can defend against the criteria required by a TA to succeed.
To protect the system against a timing attack, a defender can employ Table 1 to deter-mine which
mitigation techniques can be used to protect the system. This indicates that any one of the
techniques noise generation, masking (blinding), design partitioning, anti-tampering (physical
security), time/branch equalization, adding random delays, constant time hardware, non-
15. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
23
deterministic processor, and random computation time, can be used to counter a timing attack.
Some of these techniques can be implemented during the design phase (i.e. design partitioning),
while other can be implemented during the operation phase (i.e. noise generation).
To protect a system against a set of criteria, a defender can employ Table 3 to determine
appropriate mitigation techniques. The defender can protect the system against a single criterion
Figure 3: Three timing attacks with different criteria.
(i.e. covert or limited resources), or against a combination of criteria (i.e. covert and limited
resources).
The advantage of defending against criteria rather than attacks is that this may protect the system
against additional attacks. For example, most of techniques described in Sections 3 and 4 can be
combined with anti-tampering (physical security) to protect against the situation where an
attacker breaches a security zone. Further, several of the techniques in Section 4 can be combined
with obfuscation to improve protection against overt attacks. This will help in the case of an
attacker defeating a mitigation technique. For example, a defender that employs a PUF to defend
against an attack, and an attacker that uses the technique in [72] to bypass the PUF. If the
defender becomes aware of this, they can implement an additional mitigation technique such as
clock frequency sensor or a technique that denies partial access so this attack will not succeed.
6. CONCLUSION
Determining the possible hardware attacks against a system is a critical step in developing a de-
fence strategy. Once an attack has been identified, an appropriate mitigation technique should be
employed to protect the system. Many hardware attacks are covert, in which case a de-fender will
not be aware of the attack. Therefore, it is critical to develop mitigation techniques to counter
these attacks. Several overt attacks have been developed to gain information about a system,
which can later be used in a covert attack, or to make a copy (counterfeit), which is a major
concern. Some mitigation techniques can counter multiple attacks, while others have been
developed to counter single attacks. Physical security creates a secure zone around a chip to limit
the data an attacker can collect from emissions, and is an effective technique against many covert
attacks.
17. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
25
REFERENCES
[1] S. Moein and F. Gebali. Quantifying overt hardware attacks: Using ART schema. In Computer
Science and its Application, Lecture Notes in Electrical Engineering, vol. 330, Springer, pp. 511–516,
2015.
[2] S. Moein, F. Gebali, and I. Traore. Analysis of covert hardware attacks. In J. Convergence, vol. 5, no.
3, pp. 26–30, 2014.
[3] M. Banga and M. Hsiao. A region based approach for the identification of hardware trojans. In Proc.
IEEE Int. Workshop on Hardware-Oriented Security and Trust, pp. 40–47, 2008.
[4] M. Tehranipoor and F. Koushanfar. A survey of hardware trojan taxonomy and detection. In IEEE
Design and Test of Computers, vol. 27, no. 1, pp. 10–25, 2010.
[5] M. Rostami, F. Koushanfar, and R. Karri. A primer on hardware security: models, methods, and
metrics. In Proceedings of the IEEE, Vol. 102, Issue. 8, pp. 1283–1295, 2014.
[6] S. Moein, S. Khan, T. A. Gulliver, F. Gebali, and M. W. El-Kharashi. An attribute based classification
of hardware trojans. in Proc. Int. Conf. on Computer Eng. and Sys., pp. 351–356, 2015.
[7] R. S. Chakraborty, F. Wolff, S. Paul, C. Papachristou, and S. Bhunia. MERO: A statistical approach
for hardware trojan detection. In Cryptographic Hardware and Embedded Systems, Lecture Notes in
Computer Science, vol. 5747, Springer-Verlag, pp. 396–410, 2009.
[8] S. Saha, R. S. Chakraborty, S. S. Nuthakki, Anshul, and D. Mukhopadhyay. Improved test pattern
generation for hardware trojan detection using genetic algorithm and boolean satisfiability. In
Cryptographic Hardware and Embedded Systems, Lecture Notes in Computer Science, vol. 9293,
Springer, pp. 577–596, 2015.
[9] S. Moein, J. Subramnian, T. A. Gulliver, and F. Gebali, and M. W. El-Kharashi, Classification of
hardware trojan detection techniques. In Proc. Int. Conf. on Computer Engineering and Sys., pp. 357–
362, 2015.
[10] S. Adee. The hunt for the kill switch. In IEEE Spectrum, vol. 45, no. 5, pp. 34–39, 2008.
[11] K. M. Goertzel and B. A. Hamilton. Integrated circuit security threats and hardware assurance
countermeasures. In Crosstalk - Real Time Inform. Assurance, pp. 33–38. 2013.
[12] S. Moein and F. Gebali. Quantifying covert hardware attacks: Using ART schema. In Proc. Adv. in
Inform. Science and Computer Eng., pp. 85–90, 2015.
[13] S. Moein and F. Gebali. A formal methodology for quantifying overt hardware attacks. In Proc. Adv.
in Inform. Science and Computer Eng., pp. 63–69, 2015.
[14] J. Loughry and D. Umphress. Information Leakage from Optical Emanations. In ACM Trans. Inform.
and Sys. Security, vol. 5, no. 3, pp. 262–289, 2002.
[15] D. Genkin, A. Shamir, and E. Tromer. RSA key extraction via low-bandwidth acoustic cryptanal-ysis.
In Advances in Cryptology, Lecture Notes in Computer Science, vol. 8616, Springer, pp. 444–461,
2014.
[16] S. Chari, C. S. Jutla, J. R. Rao and P. Rohatgi. Towards sound approaches to counteract power-
analysis attacks. In Advances in Cryptology, Lecture Notes in Computer Science, vol. 1666, Springer-
Verlag, pp. 398–412, 1999.
[17] L. Goubin and J. Patarin. DES and differential power analysis the “duplication” method. In
Cryptographic Hardware and Embedded Systems, Lecture Notes in Computer Science, vol. 1717,
Springer-Verlag, pp. 158–172, 1999.
[18] M.-L. Akkar and C. Giraud. An implementation of DES and AES, secure against some attacks. In
Cryptographic Hardware and Embedded Systems, Lecture Notes in Computer Science, vol. 2162,
Springer-Verlag, pp. 309–318, 2001.
[19] J. D. Golic´ and C. Tymen. Multiplicative masking and power analysis of AES. In Cryptographic
Hardware and Embedded Systems, Lecture Notes in Computer Science, vol. 2523, Springer-Verlag,
pp. 198–212, 2003.
[20] J. Friedman. Tempest: A signal problem. In NSA Cryptologic Spectrum. [Online]. Available:
https://www.nsa.gov/public_info/_files/cryptologic_spectrum/tempest.pdf
[21] J.-J. Quisquater and D. Samyde. Electromagnetic analysis (EMA): Measures and counter-measures
for smart cards. In Smart Card Programming and Security, Lecture Notes in Computer Science, vol.
2140, Springer-Verlag, pp. 200–210, 2001.
[22] R. Anderson and M. Kuhn. Tamper resistance - a cautionary note. In Proc. USENIX workshop on
Elec. Commerce, pp. 1–11, 1996.
[23] M. Tehranipoor and C. Wang. Introduction to Hardware Security and Trust (Eds.). Springer, 2012.
18. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
26
[24] W. Cilio, M. Linder, C. Porter, J. Di, S. Smith, and D. Thompson. Side-channel attack mitigation
using dual-spacer dual-rail delay-insensitive logic (D3L). In Proc. IEEE SoutheastCon, pp. 471– 474,
2010.
[25] S. Skorobogatov. Data remanence in flash memory devices. In Cryptographic Hardware and
Embedded Systems, Lecture Notes in Computer Science, vol. 3659, Springer-Verlag, pp. 339–353.
2005.
[26] H. Bar-El. Introduction to side channel attacks. White Paper, Discretix Tech. Ltd. [online]. Avail-
able: http://gauss.ececs.uc.edu/Courses/c653/lectures/SideC/intro.pdf
[27] Y. Zhou and D. Feng. Side-channel attacks: Ten years after its publication and the impacts on
cryptographic module security testing. IACR Cryptology ePrint Archive, 2005.
[28] G. E. Suh and S. Devadas. Physical unclonable functions for device authentication and secret key
generation. In Proc. of ACM Design Automation Conf., pp. 9–14, 2007.
[29] C. J. Clark. Anti-tamper JTAG TAP design enables DRM to JTAG registers and P1687 on-chip
instruments. In Proc. Int. Workshop on Hardware-Oriented Security and Trust, pp. 19–24, 2010.
[30] K. Rosenfeld and R. Karri. Attacks and defenses for JTAG. In IEEE Des. Test, vol. PP, no. 99, pp. 1–
18, 2013.
[31] IBM. (2008) CCA basic services reference and guide for the IBM 4758 PCI and IBM 4764 PCI-X
cryptographic coprocessors. [Online]. Available: http://www-03.ibm.com/security/
cryptocards/pdfs/bs330.pdf
[32] E. Biham and A. Shamir. Differential fault analysis of secret key cryptosystems. In Advances in
Cryptology, Lecture Notes in Computer Science, vol. 1294, Springer-Verlag, pp. 513–525, 1997.
[33] A. Barenghi, L. Breveglieri, I. Koren, and D. Naccache. Fault injection attacks on cryptographic
devices: Theory, practice, and countermeasures. Proc. IEEE, vol. 100, no. 11, pp. 3056–3076, 2012.
[34] S.W. Moore. Multithreaded Processor Design. Kluwer, 1996.
[35] O. Kommerling and M. G. Kuhn. Design principles for tamper-resistant smartcard processors. In
Proc. of the USENIX Workshop on Smartcard Tech., pp. 9–20, 1999.
[36] L. Changlong, Z. Yiqiang, S. Yafeng, and G. Xingbo. A system-on-chip bus architecture for hardware
trojan protection in security chips. In Int. Conf. of Electron Devices and Solid-State Circuits, pp. 1–2,
2011.
[37] E. Castillo, U. Meyer-Baese, A. Garcia, L. Parilla, and A. Lloris. IPP@HDL: Efficient intellectual
property protection scheme for IP cores. IEEE Trans. VLSI Systems, vol. 16, no. 5, pp. 578–591,
2007.
[38] R. S. Chakraborty and S. Bhunia. Security against hardware trojan through a novel application of
design obfuscation. In Proc. ACM Int. Conf. on Computer-Aided Design, pp. 113–116, 2009.
[39] R. S. Chakraborty and S. Bhunia. Hardware protection and authentication through netlist level
obfuscation. In Proc. IEEE/ACM Int. Conf. on Computer-Aided Design, pp. 674–677, 2008.
[40] J. B. Wendt and M. Potkonjak. Hardware obfuscation using PUF-based logic. In Proc. IEEE/ACM
Int. Conf. on Computer-Aided Design, pp. 270–277, 2014.
[41] M. Ni and Z. Gao. Watermarking system for IC design IP protection. In Proc. Int. Conf. on Commun.,
Circuits and Systems, pp. 1186–1190, 2004.
[42] D. A. Osvik, A. Shamir, and E. Tromer. Cache attacks and countermeasures: The case of AES. In
Topics in Cryptology, Lecture Notes in Computer Science, vol. 3860, Springer-Verlag, pp. 1–20,
2006.
[43] E. Brickell, G. Graunke, M. Neve, and J.-P. Seifert. Software mitigations to hedge AES against cache-
based software side channel vulnerabilities. In IACR Cryptology ePrint Archive, 2006.
[44] D. Page. Partitioned cache architecture as a side-channel defense mechanism. In IACR Cryptology
ePrint Archive, 2005.
[45] Z. Wang and R. B. Lee. New cache designs for thwarting software cache-based side channel attacks.
In Proc. Int. ACM Symp. on Computer Architecture, pp. 494–505, 2007.
[46] Z. Wang and R. B. Lee. A novel cache architecture with enhanced performance and security. In Proc.
Int. IEEE/ACM Symp. on Microarchitecture, pp. 83–93, 2008.
[47] D. Page. Defending against cache-based side-channel attacks. In Information Security Technical
Report, vol. 8, no. 1, pp. 30–44, 2003.
[48] A. E. Caldwell, H.-J. Choi, A. B. Kahng, S. Mantik, M. Potkonjak, G. Qu, and J. L. Wong. Effective
iterative techniques for fingerprinting design IP. In IEEE Trans. on Computer-Aided Design of
Integrated Circuits and Systems, vol. 23, no. 2, pp. 208–215, 2004.
[49] Y. Alkabani and F. Koushanfar. Active hardware metering for intellectual property protection and
security. In Proc. USENIX Security Symp., pp. 291–306, 2007.
19. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
27
[50] S. Moein, F. Gebali, T. A. Gulliver, and M. W. El-Kharashi. Hardware attack risk assessment. In
Proc. Int. Conf. on Computer Engineering and Sys., pp. 346–350, 2015.
[51] P. C. Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In
Advances in Cryptology, Lecture Notes in Computer Science, vol. 1109, Springer-Verlag, pp. 104–
113, 1996.
[52] P. C. Kocher, J. M. Jaffe, and B. C. Jun. Differential power analysis. In Advances in Cryptology,
Lecture Notes in Computer Science, vol. 1666, Springer-Verlag, pp. 388–397, 1999.
[53] P. C. Kocher, J. M. Jaffe, B. C. Jun, and P. Rohatgi. Introduction to differential power analysis. J.
Cryptographic Eng., vol. 1, no. 1, pp. 5–27, 2011.
[54] P. C. Kocher, J. M. Jaffe, and B. C. Jun. Using unpredictable information to minimize leakage from
smartcards and other cryptosystems. US Patent No. 6,327,661, 2001.
[55] J. M. Jaffe, P. C. Kocher, and B. C. Jun. Balanced cryptographic computational method and apparatus
for leak minimizational in smartcards and other cryptosystems. U.S. Patent No. 6,510,518, 2003.
[56] G. Taylor, S. Moore, R. Anderson, R. Mullins, and P. Cunningham Improving smart card security
using self-timed circuits. In Proc. IEEE Symp. on Asynchronous Circuits and Systems, pp. 211– 218,
2002.
[57] Z. C. Yu, S. B. Furber, and L. A. Plana. An investigation into the security of self-timed circuits. In
Proc. IEEE Symp. on Asynchronous Circuits and Systems, pp. 206–215, 2003.
[58] F. E. McFadden and R. D. Arnold. Supply chain risk mitigation for IT electronics. In Proc. IEEE Int.
Conf. on Tech. for Homeland Security, pp. 49–55, 2010.
[59] R. Maes, D. Schellekens, P. Tuyls, and I. Verbauwhede. Analysis and design of active IC metering
schemes. In Proc. Int. Workshop on Hardware-Oriented Security and Trust, pp. 74–81, 2009.
[60] S. Skorobogatov. Low temperature data remanence in static RAM. University of Cambridge
Computer Laboratory Technical Report 536, 2002.
[61] S. Skorobogatov. Optically enhanced position-locked power analysis. In Cryptographic Hardware and
Embedded Systems, Lecture Notes in Computer Science, vol. 4249, Springer-Verlag, pp. 61– 75,
2006.
[62] A. Shamir and E. Tromer.(2004) Acoustic cryptanalysis on nosy people and noisy machines. [online].
Available: http://www.tau.ac.il/~tromer/acoustic/ec04rump/
[63] J. Zhang, D. Gu, Z. Guo and L. Zhang. Differential power cryptanalysis attacks against PRESENT
implementation. In Proc. Int. Conf. on Advanced Computer Theory and Engineering, pp. V6-61– V6-
65, 2010.
[64] C. C. Tiu. A new frequency-based side channel attack for embedded systems. Ph.D. Dissertation,
University of Waterloo, Waterloo, ON, 2005.
[65] L. Wagner. Failure Analysis of Integrated Circuits: Tools and Techniques (Eds.). Springer, 2012.
[66] S. Skorobogatov. Physical attacks and tamper resistance. In Introduction to Hardware Security and
Trust , M. Tehranipoor and C. Wang (Eds.), Springer, New York, NY, pp. 143–174, 2012.
[67] T. S. Messerges, E. A. Dabbish and R. H. Sloan. Examining smart-card security under the threat of
power analysis attacks. In IEEE Trans. Computers, vol. 51, pp. 541–552, 2002.
[68] S. Moein, F. Gebali, and T. A. Gulliver. Hardware attacks: An algebraic approach. In J.
Cryptographic Engineering, pp. 1–13, 2016.
[69] D. G. Abraham, G. M. Dolan, G. P. Double, J. V. Stevens. Transaction Security System. In IBM
Systems Journal, vol. 30, no. 2, pp. 206–229, 1991.
[70] U.S. Department of Commerce. Security requirements for cryptographic modules. [online]. Avail-
able: http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf
[71] Common Criteria Evaluation and Validation Scheme. [online]. Available: http://www. niap-ccevs.org/
[72] Y. Oren, A.-R. Sadeghi, and C. Wachsmann. On the effectiveness of the remanence decay side-
channel to clone memory-based PUFs. In Cryptographic Hardware and Embedded Systems, Lecture
Notes in Computer Science, vol. 8086, Springer-Verlag, pp. 107–125, 2013.
[73] S. Skorobogatov. Semi-invasive attacks: A new approach to hardware security analysis. In Technical
Report UCAM-CL-TR-630, University of Cambridge, Computer Laboratory, 2005.
20. International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 1, March 2017
28
AUTHORS
Samer Moein received the B.Sc. degree and the M.Sc. degree from Kuwait University,
Kuwait, in 2004 and 2011, respectively, and the Ph.D. degree from the University of
Victoria, Victoria, BC, Canada, in 2015, all in computer engineering. He is currently a
Postdoctoral Fellow with the Department of Electrical and Computer Engineering,
University of Victoria. His research interests include computer security, cryptography, and
cryptoprocessors.
T. Aaron Gulliver received the Ph.D. degree in electrical engineering from the University
of Victoria, Victoria, BC, Canada, in 1989. From 1989 to 1991, he was a Defence
Scientist with the Defence Research Establishment Ottawa, Ottawa, ON, Canada. He has
held academic appointments with Carleton University, Ottawa, and the University of
Canterbury, Christchurch, New Zealand. He joined the University of Victoria in 1999,
where he is a Professor with the Department of Electrical and Computer Engineering. In 2002, he became a
fellow of the Engineering Institute of Canada. In 2012, he was elected as a fellow of the Canadian
Academy of Engineering. From 2000 to 2003, he was Secretary and a member of the Board of Governors
of the IEEE In-formation Theory Society. He is currently an Area Editor of the IEEE TRANSACTIONS
ON WIRELESS COMMUNICATIONS. His research interests include information theory and
communication theory, algebraic coding theory, multicarrier systems, smart grid, and security.
Fayez Gebali received the B.Sc. (Hons.) degree in electrical engineering from Cairo
University, the B.Sc. (Hons.) degree in mathematics from Ain Shams University, and the
Ph.D. degree in electrical engineering from the University of British Columbia. He is a
Professor with the Department of Electrical and Computer Engineering, University of
Victoria, where he is currently Department Chair. His research interests include parallel
algorithms, networks-on-chip, 3-D integrated circuits, digital communications, and computer arithmetic. He
held an NSERC Postgraduate Scholarship from the University of British Columbia.
Abdulrahman Alkandari received the B.Sc. and M.Sc. degrees in computer engineering
from Kuwait University, Kuwait, in 2004 and 2011, and the Ph.D. degree in computer
science from t he International Islamic University Malaysia in 2014. He is an Assistant
Professor with the Department of Computer Science, Public Authority for Applied
Education and Training (Basic Education College). His research interests include
intelligent systems, traffic engineering, algorithms, smart phone applications, IoT, smart cities, and wireless
sensor.