A multi-layer approach to designing secure systems: from circuit to software

In the last few years, security has become one of the key challenges in computing systems. Failures in the secure operations of these systems have led to massive information leaks and cyber-attacks. Case in point, the identity leaks from Equifax in 2016, Spectre and Meltdown attacks to Intel and AMD processors in 2017, Cyber-attacks on Facebook in 2018. These recent attacks have shown that the intruders attack different layers of the systems, from low-level hardware to software as a service(SaaS). To protect the systems, the defense mechanisms should confront the attacks in the different layers of the systems. In this work, we propose four security mechanisms for computing systems: (i ) using backside imaging to detect Hardware Trojans (HTs) in Application Specific Integrated Circuits (ASICs) chips, (ii ) developing energy-efficient reconfigurable cryptographic engines, (iii) examining the feasibility of malware detection using Hardware Performance Counters (HPC). Most of the threat models assume that the root of trust is the hardware running beneath the software stack. However, attackers can insert malicious hardware blocks, i.e. HTs, into the Integrated Circuits (ICs) that provide back-doors to the attackers or leak confidential information. HTs inserted during fabrication are extremely hard to detect since their overheads in performance and power are below the variations in the performance and power caused by manufacturing. In our work, we have developed an optical method that identifies modified or replaced gates in the ICs. We use the near-infrared light to image the ICs because silicon is transparent to near-infrared light and metal reflects infrared light. We leverage the near-infrared imaging to identify the locations of each gate, based on the signatures of metal structures reflected by the lowest metal layer. By comparing the imaged results to the pre-fabrication design, we can identify any modifications, shifts or replacements in the circuits to detect HTs. With the trust of the silicon, the computing system must use secure communication channels for its applications. The low-energy cost devices, such as the Internet of Things (IoT), leverage strong cryptographic algorithms (e.g. AES, RSA, and SHA) during communications. The cryptographic operations cause the IoT devices a significant amount of power. As a result, the power budget limits their applications. To mitigate the high power consumption, modern processors embed these cryptographic operations into hardware primitives. This also improves system performance. The hardware unit embedded into the processor provides high energy-efficiency, low energy cost. However, hardware implementations limit flexibility. The longevity of theIoTs can exceed the lifetime of the cryptographic algorithms. The replacement of the IoT devices is costly and sometimes prohibitive, e.g., monitors in nuclear reactors.In order to reconfigure cryptographic algorithms into hardware, we have developed a system with a reconfigurable encryption engine on the Zedboard platform. The hardware implementation of the engine ensures fast, energy-efficient cryptographic operations. With reliable hardware and secure communication channels in place, the computing systems should detect any malicious behaviors in the processes. We have explored the use of the Hardware Performance Counters (HPCs) in malware detection. HPCs are hardware units that count micro-architectural events, such as cache hits/misses and floating point operations. Anti-virus software is commonly used to detect malware but it also introduces performance overhead. To reduce anti-virus performance overhead, many researchers propose to use HPCs with machine learning models in malware detection. However, it is counter-intuitive that the high-level program behaviors can manifest themselves in low-level statics. We perform experiments using 2 ∼ 3 × larger program counts than the previous works and perform a rigorous analysis to determine whether HPCs can be used to detect malware. Our results show that the False Discovery Rate of malware detection can reach 20%. If we deploy this detection system on a fresh installed Windows 7 systems, among 1,323 binaries, 198 binaries would be flagged as malware

Rapid mapping of digital integrated circuit logic gates via multi-spectral backside imaging

Modern semiconductor integrated circuits are increasingly fabricated at untrusted third party foundries. There now exist myriad security threats of malicious tampering at the hardware level and hence a clear and pressing need for new tools that enable rapid, robust and low-cost validation of circuit layouts. Optical backside imaging offers an attractive platform, but its limited resolution and throughput cannot cope with the nanoscale sizes of modern circuitry and the need to image over a large area. We propose and demonstrate a multi-spectral imaging approach to overcome these obstacles by identifying key circuit elements on the basis of their spectral response. This obviates the need to directly image the nanoscale components that define them, thereby relaxing resolution and spatial sampling requirements by 1 and 2 - 4 orders of magnitude respectively. Our results directly address critical security needs in the integrated circuit supply chain and highlight the potential of spectroscopic techniques to address fundamental resolution obstacles caused by the need to image ever shrinking feature sizes in semiconductor integrated circuits

Patriotic Fun: Toys and Mobilization in China from the Republican to the Communist Era

This chapter explores the use of leisure to mobilize children in China from the 1910s to the early 1950s, in times of both war and peace. Drawing on normative advice, and commenting on youngsters’ reactions, it describes how ostensibly different regimes similarly deployed toys and play in order to foster children’s engagement in struggles of a political, commercial or military nature. It outlines how a variety of items - from so-called “educational” war toys to figurines and lanterns - could serve to rally children for the nation and familiarize war. The chapter argues that, although mobilization was construed as defensive, patriotic activism and acquaintance with the metaphorical or real battlefield were significant components of Chinese children’s upbringing from the beginning of the twentieth century

Detecting Hardware Trojans Using Backside Optical Imaging of Embedded Watermarks

ABSTRACT Hardware Trojans are a critical security threat to integrated circuits. We propose an optical method to detect and localize Trojans inserted during the chip fabrication stage. We engineer the fill cells in a standard cell library to be highly reflective at near-IR wavelengths so that they can be readily observed in an optical image taken through the backside of the chip. The pattern produced by their locations produces an easily measured watermark of the circuit layout. Replacement, modification or re-arrangement of these cells to add a Trojan can therefore be detected through rapid postfabrication backside imaging. We evaluate our approach using various hardware blocks where the Trojan circuit area is less than 0.1% of the total area and it consumes less than 2% leakage power of the entire chip. In addition, we evaluate the tolerance of our methodology to background measurement noise and process variation

Plasmonic Cavity for Self-Powered Chemical Detection and Performance Boosted Surface-Enhanced Raman Scattering Detection

With the popularization of the Internet of Things, the application of chemical sensors has become more and more extensive. However, it is difficult for a single functional sensor to meet multiple needs at the same time. For the next generation of chemical sensors, in addition to rapid qualitative and quantitative detection, it is also necessary to solve the problem of a distributed sensor power supply. Triboelectric nanogenerator (TENG) and surface-enhanced Raman scattering (SERS) are two emerging technologies that can be used for chemical testing. The combination of TENG and SERS technology is proposed to be an attractive research strategy to implement qualitative and quantitative analysis, as well as self-powered detection in one device. Herein, the Ag nanoparticle (NP)@polydimethylsiloxane (PDMS) plasmonic cavity is demonstrated, which can be exploited not only as a SERS substrate for qualitative analysis of the target molecules but also as a TENG based self-powered chemical sensor for rapid quantitative analysis. More importantly, the as-designed plasmonic cavity enables prolonged triboelectric field generated by the phenomena of triboelectricity, which in turn enhances the “hot spot” intensities from Ag NPs in the cavity and boosts the SERS signals. In this way, the device can have good feasibility and versatility for chemical detection. Specifically, the measurement of the concentration of many analytes can be successfully realized, including ions and small molecules. The results verify that the proposed sensor system has the potential for self-powered chemical sensors for environmental monitoring and analytical chemistry