关于硬件木马电路检测技术分析及发展趋势探讨

本文结合HTH电路的复杂性等特征分析与实际应用现状,研究了HTH电路的具体检测技术方法并对当前热点技术进行对比分析,探讨了HTH电路检测方法的技术发展趋势。     

APT多维度分析和防御研究

“APT多维度分析及防御研究”需要遵循两大原则,即“广谱检测”和“精准定位”的策略。所谓“广谱检测”就是设计的检测方法不局限适用于某一特定的类型的僵尸网络、木马或者蠕虫。“精准定位”就是要求检测结果具有较高的准确性,不仅能确定有无,还要定位感染主机。为了满足上面两个原则,需要将多种检测方法整合到一起,多种检测方法在功能上互相补充,在结果上互相印证,才能获得较理想的结果。     

一种基于沙箱技术的网页挂马检测系统

随着互联网的迅猛发展,网页已经成为人们日常发布和获取信息的重要途径,给人们带来了极大的便利。然而,安全挑战也随之而来,层出不穷的网页入侵手段严重影响着互联网的长远应用和发展,尤其是网页挂马是一个十分泛滥的攻击方式,严重威胁着用户安全。针对此问题,本文提出了一种基于沙箱技术的检测系统,能够动态地检测和抵御网页木马攻击。在安全性上,所提系统通过高交互蜜罐中多个沙箱技术,动态地模拟网页木马攻击过程,进而能够分析和抵御应用层、系统层和内核层的恶意行为,实现了多层检测。在效率上,所提系统采用了轻量级的沙箱技术,在内核层涉及较少调用,着重在应用层HOOK相关API实现检测,提高了效率表现。实验评估分析表明,所提系统能够获得较好的性能。     

Hardware trojans in 3-D ICs due to NBTI effects and countermeasure

Going vertical as in 3-D IC design, reduces the distance between vertical active silicon dies, allowing more dies to be placed closer to each other. However, putting 2-D IC into three-dimensional structure leads to thermal accumulation due to closer proximity of active silicon layers. Also the top die experiences a longer heat dissipation path. All these contribute to higher and non-uniform temperature variations in 3-D IC; higher temperature exacerbates negative bias temperature instability (NBTI). NBTI degrades CMOS transistor parameters such as delay, drain current and threshold voltage. While the impact of transistor aging is well understood from the device point of view, very little is known about its impact on security. We demonstrated that a hardware intruder could leverage this phenomenon to trigger the payload, without requiring a separate triggering circuit. In this paper we provide a detailed analysis on how tiers of 3-D ICs can be subject to exacerbated NBTI. We proposed to embed threshold voltage extractor circuit in conjunction with a novel NBTI-mitigation scheme as a countermeasure against such anticipated Trojans. We validated through post-layout and Monty Carlo simulations using 45 nm technology that our proposed solution against NBTI effects can compensate the NBTI-effects in the 3-D ICs. With the area overhead of 7% implemented in Mod-3 counter, our proposed solution can completely tolerate NBTI-induced degraded threshold voltage shift of up to 60%.     

A survey of hardware Trojan threat and defense

Hardware Trojans (HTs) can be implanted in security-weak parts of a chip with various means to steal the internal sensitive data or modify original functionality, which may lead to huge economic losses and great harm to society. Therefore, it is very important to analyze the specific HT threats existing in the whole life cycle of integrated circuits (ICs), and perform protection against hardware Trojans. In this paper, we elaborate an IC market model to illustrate the potential HT threats faced by the parties involved in the model. Then we categorize the recent research advances in the countermeasures against HT attacks. Finally, the challenges and prospects for HT defense are illuminated.     

A study on the efficiency of hardware Trojan detection based on path-delay fingerprinting

Hardware Trojan horses (HTHs) are among the most challenging treats to the security of integrated circuits. Path-delay fingerprinting has shown to be a promising HTH detection approach. However, previous work in this area incurs a large hardware cost or requires expensive testing techniques. Moreover, the relation between technology mapping and the efficiency of delay-based HTH detection have not yet been studied. In this paper, we present a HTH detection method which uses an effective test-vector selection scheme and a path-delay measurement structure. Furthermore, we demonstrate the large impact of technology mapping on the effectiveness of delay-based HTH detection. We also show that delay-based detection methods are highly scalable. In case of choosing an area-driven design strategy, the average HTH detection probability of our approach is about 63%, 78% and 90% if false alarm rate is 0%, 2% and 16%, respectively. However, with modifications in the technology mapping, the results show improvements to 85%, 94% and 99%, at the cost of about 20% area overhead. In addition, the efficiency of our method would not decrease for large benchmarks with thousands of gates.     

计算机网络泄密的分析研究

信息化时代建设越来越发达,同时随着网络应用的深入网络安全问题也受到人们的重视,网络安全对于政府、军事、研究所等涉及保密工作的单位来说是很重要的,怎么样保证重要资料不被泄密是保密工作的核心重点。文章为大家详细地解析计算机网络泄密的一些方式策略。     

载波泄漏型硬件木马芯片设计

针对集成电路在初始设计和后续生产等环节中存在的安全隐患,设计一种泄密型硬件木马芯片,使芯片能够在进行加密的同时将密钥传送出来。研究芯片硬件木马实现的基本方法,在现有的商用FPGA平台上植入木马,通过载波的方式泄露密钥。结果表明:该设计能在使用者毫不知情的情况下,利用硬件攻击获取秘密信息。对于进一步认识芯片硬件木马攻击实现机理,警示集成电路芯片安全具有一定的作用。     

计算机病毒入侵的途径与防治研究

计算机病毒往往会利用计算机操作系统的弱点进行传播,提高系统的安全性是防病毒的一个重要方面。但完美的系统是不存在的,过于强调提高系统的安全性将使系统多数时间用于病毒检查,系统失去了可用性、实用性和易用性。另一方面,信息保密的要求让人们在泄密和抓住病毒之间无法选择。