Remote Dynamic Clock Reconfiguration Based Attacks on Internet of Things Applications

Anju Johnson, Sikhar Patranabis, Rajat Subhra Chakraborty, Debdeep Mukhopadhyay

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Many Internet of Things (IoT) applications can potentially benefit from the remote Dynamic Partial Reconfiguration (DPR) capabilities of modern Field Programmable Gate Arrays (FPGAs). Such capabilities enable changes in the circuit mapped on the FPGA, for modification or enhancement of functionality offered by the FPGA without taking it offline, via remote communications over a network. However, the use of remote DPR can result in security threats with catastrophic consequences. In this paper, we design two Hardware Trojan Horse attacks that exploit the remote DPR capability of the FPGA, on an encryption circuit and a true random number generator circuit, respectively. In particular, these attacks target the clock signal management circuitry on the FPGA to disrupt functionality. We substantiate the threat by demonstrating successful remote attacks via transfer of malicious bitstreams to a Virtex-5 FPGA, thereby embedding the HTH. Finally, we propose plausible countermeasures to prevent such attacks.
LanguageEnglish
Title of host publication2016 Euromicro Conference on Digital System Design (DSD)
EditorsParis Kitsos
PublisherIEEE
Pages431-438
Number of pages8
ISBN (Electronic)9781509028177
ISBN (Print)9781509028184
DOIs
Publication statusPublished - 27 Oct 2016
Externally publishedYes
EventEuromicro Conference on Digital System Design - St. Raphael Hotel, Limassol, Cyprus
Duration: 31 Aug 20162 Sep 2016
http://dsd-seaa2016.cs.ucy.ac.cy/index.php?p=DSD2016 (Link to Conference Website)

Conference

ConferenceEuromicro Conference on Digital System Design
Abbreviated titleDSD
CountryCyprus
CityLimassol
Period31/08/162/09/16
Internet address

Fingerprint

Field programmable gate arrays (FPGA)
Clocks
Networks (circuits)
Cryptography
Internet of things
Communication

Cite this

Johnson, A., Patranabis, S., Chakraborty, R. S., & Mukhopadhyay, D. (2016). Remote Dynamic Clock Reconfiguration Based Attacks on Internet of Things Applications. In P. Kitsos (Ed.), 2016 Euromicro Conference on Digital System Design (DSD) (pp. 431-438). IEEE. https://doi.org/10.1109/DSD.2016.16
Johnson, Anju ; Patranabis, Sikhar ; Chakraborty, Rajat Subhra ; Mukhopadhyay, Debdeep . / Remote Dynamic Clock Reconfiguration Based Attacks on Internet of Things Applications. 2016 Euromicro Conference on Digital System Design (DSD). editor / Paris Kitsos. IEEE, 2016. pp. 431-438
@inproceedings{575914982205459699f823fdc38cf294,
title = "Remote Dynamic Clock Reconfiguration Based Attacks on Internet of Things Applications",
abstract = "Many Internet of Things (IoT) applications can potentially benefit from the remote Dynamic Partial Reconfiguration (DPR) capabilities of modern Field Programmable Gate Arrays (FPGAs). Such capabilities enable changes in the circuit mapped on the FPGA, for modification or enhancement of functionality offered by the FPGA without taking it offline, via remote communications over a network. However, the use of remote DPR can result in security threats with catastrophic consequences. In this paper, we design two Hardware Trojan Horse attacks that exploit the remote DPR capability of the FPGA, on an encryption circuit and a true random number generator circuit, respectively. In particular, these attacks target the clock signal management circuitry on the FPGA to disrupt functionality. We substantiate the threat by demonstrating successful remote attacks via transfer of malicious bitstreams to a Virtex-5 FPGA, thereby embedding the HTH. Finally, we propose plausible countermeasures to prevent such attacks.",
author = "Anju Johnson and Sikhar Patranabis and Chakraborty, {Rajat Subhra} and Debdeep Mukhopadhyay",
year = "2016",
month = "10",
day = "27",
doi = "10.1109/DSD.2016.16",
language = "English",
isbn = "9781509028184",
pages = "431--438",
editor = "Paris Kitsos",
booktitle = "2016 Euromicro Conference on Digital System Design (DSD)",
publisher = "IEEE",

}

Johnson, A, Patranabis, S, Chakraborty, RS & Mukhopadhyay, D 2016, Remote Dynamic Clock Reconfiguration Based Attacks on Internet of Things Applications. in P Kitsos (ed.), 2016 Euromicro Conference on Digital System Design (DSD). IEEE, pp. 431-438, Euromicro Conference on Digital System Design, Limassol, Cyprus, 31/08/16. https://doi.org/10.1109/DSD.2016.16

Remote Dynamic Clock Reconfiguration Based Attacks on Internet of Things Applications. / Johnson, Anju; Patranabis, Sikhar; Chakraborty, Rajat Subhra; Mukhopadhyay, Debdeep .

2016 Euromicro Conference on Digital System Design (DSD). ed. / Paris Kitsos. IEEE, 2016. p. 431-438.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Remote Dynamic Clock Reconfiguration Based Attacks on Internet of Things Applications

AU - Johnson, Anju

AU - Patranabis, Sikhar

AU - Chakraborty, Rajat Subhra

AU - Mukhopadhyay, Debdeep

PY - 2016/10/27

Y1 - 2016/10/27

N2 - Many Internet of Things (IoT) applications can potentially benefit from the remote Dynamic Partial Reconfiguration (DPR) capabilities of modern Field Programmable Gate Arrays (FPGAs). Such capabilities enable changes in the circuit mapped on the FPGA, for modification or enhancement of functionality offered by the FPGA without taking it offline, via remote communications over a network. However, the use of remote DPR can result in security threats with catastrophic consequences. In this paper, we design two Hardware Trojan Horse attacks that exploit the remote DPR capability of the FPGA, on an encryption circuit and a true random number generator circuit, respectively. In particular, these attacks target the clock signal management circuitry on the FPGA to disrupt functionality. We substantiate the threat by demonstrating successful remote attacks via transfer of malicious bitstreams to a Virtex-5 FPGA, thereby embedding the HTH. Finally, we propose plausible countermeasures to prevent such attacks.

AB - Many Internet of Things (IoT) applications can potentially benefit from the remote Dynamic Partial Reconfiguration (DPR) capabilities of modern Field Programmable Gate Arrays (FPGAs). Such capabilities enable changes in the circuit mapped on the FPGA, for modification or enhancement of functionality offered by the FPGA without taking it offline, via remote communications over a network. However, the use of remote DPR can result in security threats with catastrophic consequences. In this paper, we design two Hardware Trojan Horse attacks that exploit the remote DPR capability of the FPGA, on an encryption circuit and a true random number generator circuit, respectively. In particular, these attacks target the clock signal management circuitry on the FPGA to disrupt functionality. We substantiate the threat by demonstrating successful remote attacks via transfer of malicious bitstreams to a Virtex-5 FPGA, thereby embedding the HTH. Finally, we propose plausible countermeasures to prevent such attacks.

U2 - 10.1109/DSD.2016.16

DO - 10.1109/DSD.2016.16

M3 - Conference contribution

SN - 9781509028184

SP - 431

EP - 438

BT - 2016 Euromicro Conference on Digital System Design (DSD)

A2 - Kitsos, Paris

PB - IEEE

ER -

Johnson A, Patranabis S, Chakraborty RS, Mukhopadhyay D. Remote Dynamic Clock Reconfiguration Based Attacks on Internet of Things Applications. In Kitsos P, editor, 2016 Euromicro Conference on Digital System Design (DSD). IEEE. 2016. p. 431-438 https://doi.org/10.1109/DSD.2016.16