전자통신동향분석 (Electronics and Telecommunications Trends)

한국전자통신연구원 (Electronics and Telecommunications Research Institute)
권호 표지
DOI QR코드

DOI QR Code

하드웨어 트로이목마 탐지기술 동향

Trends of Hardware-based Trojan Detection Technologies

  • 발행 : 2021.12.01
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Information technology (IT) has been applied to various fields, and currently, IT devices and systems are used in very important areas, such as aviation, industry, and national defense. Such devices and systems are subject to various types of malicious attacks, which can be software or hardware based. Compared to software-based attacks, hardware-based attacks are known to be much more difficult to detect. A hardware Trojan horse is a representative example of hardware-based attacks. A hardware Trojan horse attack inserts a circuit into an IC chip. The inserted circuit performs malicious actions, such as causing a system malfunction or leaking important information. This has increased the potential for attack in the current supply chain environment, which is jointly developed by various companies. In this paper, we discuss the future direction of research by introducing attack cases, the characteristics of hardware Trojan horses, and countermeasure trends.

키워드

과제정보

본 논문은 2021년도 정부(과학기술정보통신부)의 재원으로 정보통신기획평가원의 지원을 받아 수행된 연구임[No. 2020-0-00215, 시스템/디바이스의 하드웨어 공급망 위협 대응 핵심기술 개발].

참고문헌

  1. 김대원 외, "공급망 보안기술동향," 전자통신동향분석, 제35권 제4호, 2020, pp. 149-157. https://doi.org/10.22648/ETRI.2020.J.350413
  2. W. Hu et al., "Detecting hardware trojans with gate-level information-flow tracking," Computer, vol. 49, no. 8, 2016, pp. 44-52. https://doi.org/10.1109/MC.2016.225
  3. Bloomberg Businessweek, "The big hack: How china used a tiny chip to infiltrate us companies," Oct. 2018, https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
  4. 이응규, 김정덕, "ICT 공급망 공격 사례 연구," 정보화연구, 제16권 제4호, 2019, pp. 383-396. https://doi.org/10.22865/JITA.2019.16.4.383
  5. Mail Online, "Man pleads guilty in counterfeit sub parts case," June 3, 2014, http://www.dailymail.co.uk/wires/ap/article-2647551/Man-pleads-guilty-counterfeit-sub-parts-case.html
  6. Ars Technica, "Your USB cable, the spy: Inside the NSA's catalog of surveillance magic," Dec, 31, 2013, Available from: https://arstechnica.com/information-technology/2013/12/inside-the-nsas-leaked-catalog-of-surveillance-magic/ [Retrieved Jan. 22, 2017].
  7. CISA, "Supply chain risks for information and communication technology," Cybersecurity and Infrastructure Security Agency, Dec. 2018, https://www.cisa.gov/sites/default/files/publications/19_0424_cisa_nrmc_supply-chain-risks-forinformation-and-communication-technology.pdf
  8. ZDNet, "Researchers find backdoor on ZTE android phones," May 15, 2012, Available from: https://www.zdnet.com/article/researchers-find-backdoor-on-zte-android-phones/ [Retrieved Jan. 22, 2017].
  9. CNBC, "Hackers could access US weapons systems through chip," June 8, 2012, https://www.cnbc.com/id/47700647
  10. BBC, "Russia: Hidden chips 'launch spam attacks from irons'," Oct. 28, 2013, https://www.bbc.com/news/blogs-news-from-elsewhere-24707337
  11. Tom's Hardware, "Hacker finds hidden 'god mode' on Old x86 CPUs," Aug. 10, 2018, https://www.tomshardware.com/news/x86-hidden-god-mode,37582.html
  12. ITWorld, "사이버 보안 전망: 2019년과 그 이후," 2018. 12. 17, https://www.ciokorea.com/news/113286
  13. Trend Micro, "Trend micro security predictions for 2020," 2019. 11. 19, https://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/2020
  14. J.P. Dunning, "Building Trojan hardware at home," BlackHat Asia, 2014, https://www.blackhat.com/docs/asia-14/materials/Dunning/Asia-14-Dunning-Building-Trojan-Hardware-At-Home.pdf
  15. R. Karri et al., "Trustworthy hardware: Identifying and classifying hardware Trojans," Computer, vol. 43, no. 10, 2010, pp. 39-46. https://doi.org/10.1109/MC.2010.299
  16. A. Jain, Z. Zhou, and U. Guin, "Survey of recent developments for hardware Trojan detection," in Proc. IEEE Int. Symp. Circuits Sys. (ISCAS), (Daegu, Korea), May 2021, pp. 1-5.
  17. K. Yang et al., "A2: Analog malicious hardware," in Proc. Symp. Secur. Priv. (SP), (San Jose, CA, USA), May 2016, pp. 18-37.
  18. C. Kison et al., "Security implications of intentional capacitive crosstalk," IEEE Trans. Inf. Forensics Secur. vol. 14, no. 12, 2019, pp. 3246-3258. https://doi.org/10.1109/tifs.2019.2900914
  19. J.A. Roy, F. Koushanfar, and I.L. Markv, "Ending piracy of integrated circuits," Computer, vol. 43, 2010, pp. 30-38.
  20. K. Vaidyanathan, B.P. Das, and L. Pileggi, "Detecting reliability attacks during split fabrication using test-only BEOL stack," in Proc. Annu. Design Autom. Conf. June 2014, (San Francisco, CA, USA), pp. 1-6.
  21. R. Torrance and D. James, "The state-of-the-art in IC reverse engineering," in Cryptographic Hardware and Embedded Systems-CHES, Springer, Berlin, Heidelberg, Germany, 2009, pp. 363-381.
  22. S. Bhunia and M. Tehranipoor, Hardware Security: A Hands-on Learning Approach, Morgan Kaufmann Publishers, Burlington, MA, USA, 2021.
  23. Z. Zhou, U. Guin, and V.D. Agrawal, "Modeling and test generation for combinational hardware Trojans," in Proc. IEEE VLSI Test Symp. (San Francisco, CA, USA), Apr. 2018.
  24. J. Cruz et al., "An automated configurable Trojan insertion framework for dynamic trust benchmarks," in Proc. Des., Autom. Test Eur. Conf. Exhibition, (Dresden, Germany), Mar. 2018, pp. 1598-1603.
  25. H. Salmani, "COTD: Reference-free hardware trojan detection and recovery based on controllability and observability in gate-level netlist," IEEE Trans. Inf. Forensics Secur. vol. 12, no. 2, 2016, pp. 338-350. https://doi.org/10.1109/TIFS.2016.2613842
  26. M. Nourian, M. Fazeli, and D. Hely, "Hardware Trojan detection using an advised genetic algorithm based logic testing," J. Electron. Testing, vol. 34, 2018, pp. 461-470. https://doi.org/10.1007/s10836-018-5739-4
  27. X. Xie et al., "Hardware Trojans classification based on controllability and observability in gate-level netlist," IEICE Electron. Expr. vol. 14, no. 18, 2017, pp. 1-12.
  28. M. Bushnell and V. Agrawal, Essentials of Electronic Testing for Digital, Memory and Mixed-Signal VLSI Circuits, vol. 17, Springer, Boston, MA, USA, 2004.
  29. A. Stern et al., "SPARTA-COTS: A laser probing approach for sequential Trojan detection in COTS integrated circuits," in Proc. IEEE Int. Conf. on Phys. Assur. Inspection Electron. (PAINE), (Washington, DC, USA), Dec. 2020.
  30. F.S. Hossain et al., "Variation-aware hardware Trojan detection through power side-channel," in Proc. Int. Test Conf. (ITC), (Phoenix, AZ, USA), Nov. 2018, pp. 1-10.
  31. J. Zhong and J. Wang, "Thermal images based Hardware Trojan detection through differential temperature matrix," Optik, vol. 158, 2018, pp. 855-860. https://doi.org/10.1016/j.ijleo.2017.12.145
  32. X. Cui et al., "Hardware Trojan detection using the order of path delay," J. Emerg. Technol. Comput. Syst. (JETC), vol. 14, no. 3, 2018, pp. 1-23.
  33. J. He et al., "Hardware Trojan detection through chip-free electromagnetic side-channel statistical analysis," IEEE Trans. Very Large Scale Integr. (VLSI) Syst. vol. 25, no. 19, 2017, pp. 2939-2948. https://doi.org/10.1109/TVLSI.2017.2727985
  34. F.S. Hossain et al., "Detecting hardware Trojans without a Golden IC through clock-tree defined circuit partitions," in Proc. IEEE Eur. Test Symp. (ETS), (Limassol, Cyprus), May 2017, pp. 1-6.
  35. Y. Tang et al., "Golden-chip-free hardware trojan detection through quiescent thermal maps," IEEE Trans. Very Large Scale Integr. (VLSI) Syst. vol. 27, no. 12, 2019, pp. 2872-2883. https://doi.org/10.1109/tvlsi.2019.2933441
  36. Calma, GDS II Graphic Design System User's Operating Manual, 1st ed., 1978, Available from: http://www.bitsavers.org/pdf/calma/GDS_II_Users_Operating_Manual_Nov78.pdf [Retrieved Apr. 21, 2020].
  37. N. Vashistha et al., "Trojan scanner: Detecting hardware trojans with rapid SEM imaging combined with image processing and machine learning," in Proc. Int. Symp. Testing Failure Anal. (ISTFA), 2018, p. 256.