Fuzzing/Controlled Excitation and Multi-modal Sensor Monitoring/Fusion for Hardware Firmware Software Integrity Verification

Abstract

Untrusted parties in the commercial-off-the-shelf (COTS) printed circuit boards (PCB) supply chain may poison PCBs with hardware, firmware, and software implants. This project addressed the development of methodologies for Trojan detection in a complex PCB-based system without a golden model without assuming any knowledge of Trojans. The data-driven detection strategy fuses multimodal side channel measurement data, such as Hardware Performance Counters (HPCs), processor use, temperature, and power fluctuations. We develop an anomaly detector that uses design-time hardware and software information about the networked PCB system to implement a run-time evaluator of side channel signals. Our approach comprised of two complementary methodologies: 1) mapping a COTS PCB system to a COTS graph and applying graph-based mathematical construction on ``node" and ``edge" equivalences, clustering of identical nodes and paths, and validation of hypothesized statistical properties on collected side channel data, 2) a simulator-based proxy to generate training data for a one-class machine learning (ML) based classifier for anomaly detection in combination with a probabilistic behavior analyzer. Additionally, we perform hardware and software level fuzzing to amplify side channel information. We integrated a testbed of hierarchically networked PCBs and tested various Trojans.

Document Details

Document Type

Technical Report

Publication Date

Jul 09, 2021

Accession Number

AD1141031

Entities

Tags