777 research outputs found
SANSCrypt: A Sporadic-Authentication-Based Sequential Logic Encryption Scheme
We propose SANSCrypt, a novel sequential logic encryption scheme to protect
integrated circuits against reverse engineering. Previous sequential encryption
methods focus on modifying the circuit state machine such that the correct
functionality can be accessed by applying the correct key sequence only once.
Considering the risk associated with one-time authentication, SANSCrypt adopts
a new temporal dimension to logic encryption, by requiring the user to
sporadically perform multiple authentications according to a protocol based on
pseudo-random number generation. Analysis and validation results on a set of
benchmark circuits show that SANSCrypt offers a substantial output
corruptibility if the key sequences are applied incorrectly. Moreover, it
exhibits an exponential resilience to existing attacks, including SAT-based
attacks, while maintaining a reasonably low overhead.Comment: This paper has been accepted at the 28th IFIP/IEEE International
Conference on Very Large Scale Integration (VLSI-SoC
Design, Implementation, and Automation of a Risk Management Approach for Man-at-the-End Software Protection
The last years have seen an increase in Man-at-the-End (MATE) attacks against
software applications, both in number and severity. However, software
protection, which aims at mitigating MATE attacks, is dominated by fuzzy
concepts and security-through-obscurity. This paper presents a rationale for
adopting and standardizing the protection of software as a risk management
process according to the NIST SP800-39 approach. We examine the relevant
constructs, models, and methods needed for formalizing and automating the
activities in this process in the context of MATE software protection. We
highlight the open issues that the research community still has to address. We
discuss the benefits that such an approach can bring to all stakeholders. In
addition, we present a Proof of Concept (PoC) decision support system that
instantiates many of the discussed construct, models, and methods and automates
many activities in the risk analysis methodology for the protection of
software. Despite being a prototype, the PoC's validation with industry experts
indicated that several aspects of the proposed risk management process can
already be formalized and automated with our existing toolbox and that it can
actually assist decision-making in industrially relevant settings.Comment: Preprint submitted to Computers & Security. arXiv admin note:
substantial text overlap with arXiv:2011.0726
Empirical assessment of the effort needed to attack programs protected with client/server code splitting
Context. Code hardening is meant to fight malicious tampering with sensitive code executed on client hosts. Code splitting is a hardening technique that moves selected chunks of code from client to server. Although widely adopted, the effective benefits of code splitting are not fully understood and thoroughly assessed.
Objective. The objective of this work is to compare non protected code vs. code splitting protected code, considering two levels of the chunk size parameter, in order to assess the effectiveness of the protection - in terms of both attack time and success rate - and to understand the attack strategy and process used to overcome the protection.
Method. We conducted an experiment with master students performing attack tasks on a small application hardened with different levels of protection. Students carried out their task working at the source code level.
Results. We observed a statistically significant effect of code splitting on the attack success rate that, on the average, was reduced from 89% with unprotected clear code to 52% with the most effective protection. The protection variant that moved some small-sized code chunks turned out to be more effective than the alternative moving fewer but larger chunks. Different strategies were identified yielding different success rates. Moreover, we discovered that successful attacks exhibited different process w.r.t. failed ones.Conclusions We found empirical evidence of the effect of code splitting, assessed the relative magnitude, and evaluated the influence of the chunk size parameter. Moreover, we extracted the process used to overcome such obfuscation technique
Design of secure and robust cognitive system for malware detection
Machine learning based malware detection techniques rely on grayscale images
of malware and tends to classify malware based on the distribution of textures
in graycale images. Albeit the advancement and promising results shown by
machine learning techniques, attackers can exploit the vulnerabilities by
generating adversarial samples. Adversarial samples are generated by
intelligently crafting and adding perturbations to the input samples. There
exists majority of the software based adversarial attacks and defenses. To
defend against the adversaries, the existing malware detection based on machine
learning and grayscale images needs a preprocessing for the adversarial data.
This can cause an additional overhead and can prolong the real-time malware
detection. So, as an alternative to this, we explore RRAM (Resistive Random
Access Memory) based defense against adversaries. Therefore, the aim of this
thesis is to address the above mentioned critical system security issues. The
above mentioned challenges are addressed by demonstrating proposed techniques
to design a secure and robust cognitive system. First, a novel technique to
detect stealthy malware is proposed. The technique uses malware binary images
and then extract different features from the same and then employ different
ML-classifiers on the dataset thus obtained. Results demonstrate that this
technique is successful in differentiating classes of malware based on the
features extracted. Secondly, I demonstrate the effects of adversarial attacks
on a reconfigurable RRAM-neuromorphic architecture with different learning
algorithms and device characteristics. I also propose an integrated solution
for mitigating the effects of the adversarial attack using the reconfigurable
RRAM architecture.Comment: arXiv admin note: substantial text overlap with arXiv:2104.0665
- …