skip to main content
10.1145/2663474.2663484acmconferencesArticle/Chapter ViewAbstractPublication PagesicseConference Proceedingsconference-collections
research-article

Software Security and Randomization through Program Partitioning and Circuit Variation

Published: 03 November 2014 Publication History

Abstract

The commodity status of Field Programmable Gate Arrays (FPGAs) has allowed computationally intensive algorithms, such as cryptographic protocols, to take advantage of faster hardware speed while simultaneously leveraging the reconfigurability and lower cost of software. Numerous security applications have been transitioned into FPGA implementations allowing security applications to operate at real-time speeds, such as firewall and packet scanning on high speed networks. However, the utilization of FPGAs to directly secure software vulnerabilities is seemingly non-existent.
Protecting program integrity and confidentiality is crucial as malicious attacks through injected code are becoming increasingly prevalent. This paper lays the foundation of continuing research in how to protect software by partitioning critical sections using reconfigurable hardware. This approach is similar to a traditional coprocessor approach to scheduling opcodes for execution on specialized hardware as opposed to running on the native processor. However, the partitioned program model enables the programmer the ability to split portions of an application to reconfigurable hardware at compile time. The fundamental underlying hypothesis is that synthesizing portions of programs onto hardware can mitigate potential software vulnerabilities. Further, this approach provides an avenue for randomization or diversity for software layout and circuit variation.

References

[1]
T. R. Andel, J. W. Barron, T. McDonald, and J. W. Humphries. RSA Power Analysis Obfuscation: A Dynamic Algorithmic Hardware Countermeasure. International Journal of Computing and Digital Systems, 3(2):69--78, May 2014.
[2]
T. R. Andel, A. Fritzke, J. W. Humphries, and J. T. McDonald. Design and Implementation of Hiding Techniques to Obfuscate Against Side-Channel Attacks on AES. International Journal of Computing & Network Technology, 2(2):65--72, May 2014.
[3]
D. Arora, S. Ravi, A. Raghunathan, and N. Jha. Secure embedded processing through hardware-assisted run-time monitoring. In Design, Automation and Test in Europe, 2005. Proceedings, pages 178--183 Vol. 1, March 2005.
[4]
J. Barron, T. R. Andel, and Y. Kim. Dynamic Architectural Countermeasure To Protect RSA Against Side Channel Power Analysis Attacks. In In Proceedings of 6th International Conference on Information Systems, Technology, and Management(ICISTM 2012), pages pp. 372--383, Grenoble, France, 28-30 March 2012.
[5]
B. A. Brown, T. R. Andel, and Y. Kim. An FPGA Noise Resistant Digital Temperature Sensor with Auto Calibration. In In Proceedings of 6th International Conference on Information Systems, Technology, and Management(ICISTM 2012), pages 325--335, Grenoble, France, 28-30 March 2012.
[6]
H. Chen, Y. Chen, and D. Summerville. A Survey on the Application of FPGAs for Network Infrastructure Security. Communications Surveys Tutorials, IEEE, 13(4):541--561, quarter 2011.
[7]
J. Franco, E. Boemo, E. Castillo, and L. Parrilla. Ring Oscillators as Thermal Sensors in FPGAs: Experiments in Low Voltage. In Programmable Logic Conference (SPL), 2010 VI Southern, pages 133--137, 2010.
[8]
J. Frigo, M. Gokhale, and D. Lavenier. Evaluation of the Streams-C C-to-FPGA Compiler: An Applications Perspective. In Proceedings of the 2001 ACM/SIGDA Ninth International Symposium on Field Programmable Gate Arrays, FPGA '01, pages 134--140, New York, NY, USA, 2001. ACM.
[9]
P. Garcia, K. Compton, M. Schulte, E. Blem, and W. Fu. An Overview of Reconfigurable Hardware in Embedded Systems. EURASIP J. Embedded Syst., 2006(1):1--19, Jan. 2006.
[10]
O. Gelbart, P. Ott, B. Narahari, R. Simha, A. Choudhary, and J. Zambreno. CODESSEAL: Compiler/FPGA Approach to Secure Applications. In Proceedings of the 2005 IEEE international conference on Intelligence and Security Informatics, ISI'05, pages 530--535, Berlin, Heidelberg, 2005. Springer-Verlag.
[11]
N. B. Guinde and R. B. Lohani. FPGA Based Approach for Signature Based Antivirus Applications. In Proceedings of the International Conference & Workshop on Emerging Trends in Technology, ICWET '11, pages 1262--1263, New York, NY, USA, 2011. ACM.
[12]
J. A. Halderman, S. D. Schoen, N. Heninger, W. Clarkson, W. Paul, J. A. Cal, A. J. Feldman, and E. W. Felten. Least We Remember: Cold Boot Attacks on Encryption Keys. In In USENIX Security Symposium, 2008.
[13]
P. C. Kocher, J. Jaffe, and B. Jun. Differential Power Analysis. In M. Wiener, editor, Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO '99, pages 388--397, London, UK, UK, 1999. Springer-Verlag.
[14]
S. Li, J. Torresen, and O. Soraasen. Exploiting Reconfigurable Hardware for Network Security. In Field-Programmable Custom Computing Machines, 2003. FCCM 2003. 11th Annual IEEE Symposium on, pages 292--293, April 2003.
[15]
J. W. Lockwood, J. Moscola, M. Kulig, D. Reddick, and T. Brooks. Internet Worm and Virus Protection in Dynamically Reconfigurable Hardware. In In Military and Aerospace Programmable Logic Device (MAPLD), page 10, 2003.
[16]
J. McDonald. Capturing the essence of practical obfuscation. In S. Dua, A. Gangopadhyay, P. Thulasiraman, U. Straccia, M. Shepherd, and B. Stein, editors, Information Systems, Technology and Management, volume 285 of Communications in Computer and Information Science, pages 451--456. Springer Berlin Heidelberg, 2012.
[17]
J. McDonald and Y. Kim. Examining Tradeoffs for Hardware-Based Intellectual Property Protection. In Proc. of the 7th International Conference on Information Warfare (ICIW-2012), Seattle, USA., March 22-23, 2012.
[18]
J. McDonald, Y. Kim, and D. Koranek. Deterministic Circuit Variation for Anti-Tamper Applications. In Proc. of the Cyber Security and Information Intelligence Research Workshop (CSIIRW 2011), Oak Ridge, TN, USA., October 12-14, 2011.
[19]
J. T. McDonald, Y. C. Kim, and M. R. Grimaila. Protecting Reprogrammable Hardware with Polymorphic Circuit Variation. In Proceedings of the 2nd Cyberspace Research Workshop, Shreveport, Louisiana, USA, June 2009.
[20]
H. Patel, J. Crouch, Y. Kim, and T. Kim. Creating a Unique Digital Fingerprint Using Existing Combinational Logic. In Circuits and Systems, 2009. ISCAS 2009. IEEE International Symposium on, pages 2693--2696, 2009.
[21]
D. Pellerin and S. Thibault. Practical FPGA Programming in C. Prentice Hall, 2005.
[22]
R. Sass and A. G. Schmidt. Embedded Systems Design with Platform FPGAs: Principles and Practices. Morgan Kaufmann, 2010.
[23]
A. Sohanghpurwala, P. Athanas, T. Frangieh, and A. Wood. OpenPR: An Open-Source Partial-Reconfiguration Toolkit for Xilinx FPGAs. In Parallel and Distributed Processing Workshops and Phd Forum (IPDPSW), 2011 IEEE International Symposium on, pages 228--235, May 2011.
[24]
G. Stitt and F. Vahid. Energy Advantages of Microprocessor Platforms with On-Chip Configurable Logic. Design Test of Computers, IEEE, 19(6):36--43, Nov/Dec 2002.
[25]
G. Suh and S. Devadas. Physical Unclonable Functions for Device Authentication and Secret Key Generation. In Design Automation Conference, 2007. DAC '07. 44th ACM/IEEE, pages 9--14, 2007.
[26]
D. L. C. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J. Mitchell, and M. Horowitz. Architectural support for copy and tamper resistant software. SIGOPS Oper. Syst. Rev., 34(5):168--177, Nov. 2000.
[27]
T. Todman, G. Constantinides, S. Wilton, O. Mencer, W. Luk, and P. Cheung. Reconfigurable Computing: Architectures and Design Methods. Computers and Digital Techniques, IEE Proceedings, 152(2):193--207, Mar 2005.

Cited By

View all
  • (2023)Enhancing Network Security Through Moving Target Defense Technology: An Analysis of the Impact on Attack Level2023 7th International Conference on Internet of Things and Applications (IoT)10.1109/IoT60973.2023.10365374(1-6)Online publication date: 25-Oct-2023
  • (2021)Research on Key Technology of Industrial Network Boundary Protection based on Endogenous Security2021 IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC)10.1109/IMCEC51613.2021.9482240(112-121)Online publication date: 18-Jun-2021
  • (2018)Mimic Encryption System for Network SecurityIEEE Access10.1109/ACCESS.2018.28691746(50468-50487)Online publication date: 2018
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
MTD '14: Proceedings of the First ACM Workshop on Moving Target Defense
November 2014
116 pages
ISBN:9781450331500
DOI:10.1145/2663474
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 November 2014

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. circuit variation
  2. program protection
  3. reconfigurable hardware
  4. secure software
  5. software partitioning

Qualifiers

  • Research-article

Funding Sources

Conference

CCS'14
Sponsor:

Acceptance Rates

MTD '14 Paper Acceptance Rate 9 of 16 submissions, 56%;
Overall Acceptance Rate 40 of 92 submissions, 43%

Upcoming Conference

ICSE 2025

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)7
  • Downloads (Last 6 weeks)1
Reflects downloads up to 20 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2023)Enhancing Network Security Through Moving Target Defense Technology: An Analysis of the Impact on Attack Level2023 7th International Conference on Internet of Things and Applications (IoT)10.1109/IoT60973.2023.10365374(1-6)Online publication date: 25-Oct-2023
  • (2021)Research on Key Technology of Industrial Network Boundary Protection based on Endogenous Security2021 IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC)10.1109/IMCEC51613.2021.9482240(112-121)Online publication date: 18-Jun-2021
  • (2018)Mimic Encryption System for Network SecurityIEEE Access10.1109/ACCESS.2018.28691746(50468-50487)Online publication date: 2018
  • (2017)Mixed-granular architectural diversity for device security in the Internet of Things2017 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)10.1109/AsianHOST.2017.8353998(73-78)Online publication date: Oct-2017
  • (2016)Moving target defense: state of the art and characteristicsFrontiers of Information Technology & Electronic Engineering10.1631/FITEE.160132117:11(1122-1153)Online publication date: 11-Nov-2016
  • (2016)The Application of Moving Target Defense to Field Programmable Gate ArraysProceedings of the 11th Annual Cyber and Information Security Research Conference10.1145/2897795.2897820(1-4)Online publication date: 5-Apr-2016
  • (2015)Investigating the applicability of a moving target defense for SCADA systemsProceedings of the 3rd International Symposium for ICS & SCADA Cyber Security Research10.14236/ewic/ICS2015.14(107-110)Online publication date: 17-Sep-2015

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media