Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security, Privacy, and Applied Cryptography Engineering

SPACE 2019: Security, Privacy, and Applied Cryptography Engineering pp 159–175Cite as

ProTro: A Probabilistic Counter Based Hardware Trojan Attack on FPGA Based MACSec Enabled Ethernet Switch

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 11947))

Abstract

Over the past decades, the exponentially high rate of growth in number of connected devices has been accompanied by the discovery of new security loopholes, vulnerabilities and attacks in the network infrastructure. The original ethernet protocol was not designed considering the security aspect of the network architecture. In order to improve the security of the ethernet, many solutions and standards have been proposed. The IEEE 802.1AE Media Access Control Security (MACSec) standard is one of the most recent link layer security protocols which provides encryption and authentication between two network interfaces for secure next-generation deployments. In this paper we present a network packet redirection attack on a MACSec enabled NetFPGA-SUME based ethernet switch, by means of a Hardware Trojan (HT). The HT design is based on a probabilistic counter update mechanism with multiple triggers which eventually affects the way in which a network packet flows through the switch. In particular, an activated HT redirects a packet to an incorrect port, and in turn to a malicious eavesdropper. The proposed HT evades most of the recent hardware trust verification schemes. We present the complete architecture of the proposed MACSec enabled ethernet switch, followed by the design and mode of operation of the HT with promising experimental results.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Bhunia, S., et al.: Protection against hardware Trojan attacks: towards a comprehensive solution. IEEE Des. Test 30(3), 6–17 (2013)

    Article  Google Scholar 

  2. Carnevale, B., Falaschi, F., Crocetti, L., Hunjan, H., Bisase, S., Fanucci, L.: An implementation of the 802.1AE MAC security standard for in-car networks. In: 2015 IEEE 2nd World Forum on Internet of Things (WF-IoT), pp. 24–28 (2015)

    Google Scholar 

  3. Chakraborty, R.S., Narasimhan, S., Bhunia, S.: Hardware Trojan: threats and emerging solutions. In: Proceedings of the IEEE International High Level Design Validation and Test Workshop (HLDVT 2009), pp. 166–171. IEEE (2009)

    Google Scholar 

  4. Chakraborty, R.S., Wolff, F., Paul, S., Papachristou, C., Bhunia, S.: MERO: a statistical approach for hardware Trojan detection. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 396–410. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04138-9_28

    Chapter  Google Scholar 

  5. Chen, H., Chen, Y., Summerville, D.H.: A survey on the application of FPGAs for network infrastructure security (2011)

    Article  Google Scholar 

  6. Chen, Z., Guo, X., Nagesh, R., Reddy, A., Gora, M., Maiti, A.: Hardware Trojan designs on BASYS FPGA board. In: Embedded System Challenge Contest in Cyber Security Awareness Week-CSAW (2008)

    Google Scholar 

  7. CISCO Ethernet Encryption for High Speed WAN deployments (2018). https://www.cisco.com/c/dam/en/us/td/docs/solutions/Enterprise/Security/MACsec/WP-High-Speed-WAN-Encrypt-MACsec.pdf

  8. Cruz, J., Farahmandi, F., Ahmed, A., Mishra, P.: Hardware Trojan detection using ATPG and model checking. In: 2018 31st International Conference on VLSI Design and 2018 17th International Conference on Embedded Systems (VLSID), pp. 91–96, January 2018. https://doi.org/10.1109/VLSID.2018.43

  9. Dice, D., Lev, Y., Moir, M.: Scalable statistics counters. In: Proceedings of the Twenty-Fifth Annual ACM Symposium on Parallelism in Algorithms and Architectures, SPAA 2013, pp. 43–52. ACM, New York (2013). https://doi.org/10.1145/2486159.2486182. http://doi.acm.org/10.1145/2486159.2486182

  10. Guo, X., Dutta, R.G., Jin, Y., Farahmandi, F., Mishra, P.: Pre-silicon security verification and validation: a formal perspective. In: 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC), pp. 1–6, June 2015. https://doi.org/10.1145/2744769.2747939

  11. Haider, S.K., Jin, C., Ahmad, M., Shila, D.M., Khan, O., van Dijk, M.: Advancing the State-of-the-Art in Hardware Trojans Detection. IEEE Trans. Dependable Secur. Comput. 16(1), 18–32 (2019). https://doi.org/10.1109/TDSC.2017.2654352

    Article  Google Scholar 

  12. Haider, S.K., Jin, C., van Dijk, M.: Advancing the state-of-the-art in hardware Trojans design. CoRR abs/1605.08413 (2016). http://arxiv.org/abs/1605.08413

  13. Hicks, M., Finnicum, M., King, S.T., Martin, M.M.K., Smith, J.M.: Overcoming an untrusted computing base: detecting and removing malicious hardware automatically. In: 2010 IEEE Symposium on Security and Privacy, pp. 159–172, May 2010. https://doi.org/10.1109/SP.2010.18

  14. IEEE Standard for Local and metropolitan area networks–Port-Based Network Access Control (2010)

    Google Scholar 

  15. IEEE Standard for Local and Metropolitan Area Networks: Media Access Control (MAC) Security (2006)

    Google Scholar 

  16. Indukuri, N.R.: Layer 2 security for smart grid networks. In: 2012 IEEE International Conference on Advanced Networks and Telecommunciations Systems (ANTS), pp. 99–104 (2012)

    Google Scholar 

  17. Johnson, A.P., Saha, S., Chakraborty, R.S., Mukhopadhyay, D., Gören, S.: Fault attack on AES via hardware Trojan insertion by dynamic partial reconfiguration of FPGA over ethernet. In: Proceedings of the 9th Workshop on Embedded Systems Security, WESS 2014, pp. 1:1–1:8 (2014)

    Google Scholar 

  18. Kiravuo, T., Sarela, M., Manner, J.: A survey of ethernet LAN security. IEEE Commun. Surv. Tutor. 15(3), 1477–1491 (2013)

    Article  Google Scholar 

  19. Koteshwara, S., Das, A., Parhi, K.K.: FPGA implementation and comparison of AES-GCM and Deoxys authenticated encryption schemes. In: 2017 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 1–4 (2017)

    Google Scholar 

  20. Krieg, C., Wolf, C., Jantsch, A.: Malicious LUT: a stealthy FPGA Trojan injected and triggered by the design flow. In: 2016 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), pp. 1–8, November 2016. https://doi.org/10.1145/2966986.2967054

  21. Lin, L., Burleson, W., Paar, C.: MOLES: malicious off-chip leakage enabled by side-channels. In: Proceedings of the 2009 International Conference on Computer-Aided Design, pp. 117–122. ACM (2009)

    Google Scholar 

  22. NetFPGA SUME’s Reference Switch Design (2018). https://github.com/NetFPGA/NetFPGA-SUME-public/wiki/NetFPGA-SUME-Reference-Learning-Switch

  23. Rajendran, J., Dhandayuthapany, A.M., Vedula, V., Karri, R.: Formal security verification of third party intellectual property cores for information leakage. In: 2016 29th International Conference on VLSI Design and 2016 15th International Conference on Embedded Systems (VLSID), pp. 547–552, January 2016. https://doi.org/10.1109/VLSID.2016.143

  24. Riley, N., Zilles, C.: Probabilistic counter updates for predictor hysteresis and bias. IEEE Comput. Archit. Lett. 5(1), 18–21 (2006)

    Article  Google Scholar 

  25. Rostami, M., Koushanfar, F., Karri, R.: A primer on hardware security: models, methods, and metrics. Proc. IEEE 102(8), 1283–1295 (2014)

    Article  Google Scholar 

  26. Sturton, C., Hicks, M., Wagner, D., King, S.T.: Defeating UCI: building stealthy and malicious hardware. In: 2011 IEEE Symposium on Security and Privacy, pp. 64–77, May 2011

    Google Scholar 

  27. Tehranipoor, M., Karri, R., Koushanfar, F., Potkonjak, M.: Trust-Hub (2019). http://trust-hub.org

  28. The NetFPGA Project (2018). https://netfpga.org/

  29. Waksman, A., Suozzo, S., Sethumadhavan, S.: FANCI: identification of stealthy malicious logic using Boolean functional analysis. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, pp. 697–708 (2013). https://doi.org/10.1145/2508859.2516654

  30. Xiao, K., Forte, D., Jin, Y., Karri, R., Bhunia, S., Tehranipoor, M.: Hardware Trojans: lessons learned after one decade of research. ACM Trans. Des. Autom. Electron. Syst. 22(1), 6:1–6:23 (2016)

    Article  Google Scholar 

  31. Xilinx AXI Protocol Reference Guide (2018). https://www.xilinx.com/support/documentation/ip_documentation/ug761_axi_reference_guide.pdf

  32. Xilinx AXI4-Stream Infrastructure IP Suite (2018). https://www.xilinx.com/support/documentation/ip_documentation/axis_infrastructure_ip_suite/v1_1/pg085-axi4stream-infrastructure.pdf

  33. Zhang, J., Xu, Q.: On hardware Trojan design and implementation at register-transfer level. In: 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 107–112, June 2013. https://doi.org/10.1109/HST.2013.6581574

  34. Zhang, J., Yuan, F., Xu, Q.: DeTrust: defeating hardware trust verification with stealthy implicitly-triggered hardware trojans. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS 2014, pp. 153–166. ACM (2014)

    Google Scholar 

  35. Zilberman, N., Audzevich, Y., Kalogeridou, G., Manihatty-Bojan, N., Zhang, J., Moore, A.: NetFPGA: rapid prototyping of networking devices in open source. SIGCOMM Comput. Commun. Rev. 45(4), 363–364 (2015)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Indian Institute of Technology Kharagpur, Kharagpur, West Bengal, India

    Vidya Govindan & Rajat Subhra Chakraborty

  2. Department of Electrical and Computer Engineering, University of Minnesota, Minneapolis, MN, 55455, USA

    Sandhya Koteshwara & Keshab K. Parhi

  3. Austin, TX, USA

    Amitabh Das

Authors
  1. Vidya Govindan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sandhya Koteshwara
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Amitabh Das
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Keshab K. Parhi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Rajat Subhra Chakraborty
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vidya Govindan .

Editor information

Editors and Affiliations

  1. Temasek Laboratories, Nanyang Technological University, Singapore, Singapore

    Shivam Bhasin

  2. Computer Science Department, Technion, Haifa, Israel

    Avi Mendelson

  3. Indian Statistical Institute, Kolkata, India

    Mridul Nandi

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Govindan, V., Koteshwara, S., Das, A., Parhi, K.K., Chakraborty, R.S. (2019). ProTro: A Probabilistic Counter Based Hardware Trojan Attack on FPGA Based MACSec Enabled Ethernet Switch. In: Bhasin, S., Mendelson, A., Nandi, M. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2019. Lecture Notes in Computer Science(), vol 11947. Springer, Cham. https://doi.org/10.1007/978-3-030-35869-3_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-35869-3_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-35868-6

  • Online ISBN: 978-3-030-35869-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation