当前位置:
X-MOL 学术
›
IEEE Trans. Inform. Forensics Secur.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Amplitude-Modulating Analog/RF Hardware Trojans in Wireless Networks: Risks and Remedies
IEEE Transactions on Information Forensics and Security ( IF 6.3 ) Pub Date : 2020-04-27 , DOI: 10.1109/tifs.2020.2990792 Kiruba Sankaran Subramani , Noha Helal , Angelos Antonopoulos , Aria Nosratinia , Yiorgos Makris
IEEE Transactions on Information Forensics and Security ( IF 6.3 ) Pub Date : 2020-04-27 , DOI: 10.1109/tifs.2020.2990792 Kiruba Sankaran Subramani , Noha Helal , Angelos Antonopoulos , Aria Nosratinia , Yiorgos Makris
We investigate the risk posed by amplitude-modulating analog/RF hardware Trojans in wireless networks and propose a defense mechanism to mitigate the threat. First, we introduce the operating principles of amplitude-modulating analog/RF hardware Trojan circuits and we theoretically analyze their performance characteristics. Subject to channel conditions and hardware Trojan design restrictions, this analysis seeks to determine the impact of these malicious circuits on the legitimate communication and to understand the capabilities of the covert channel that they establish in practical wireless networks, by characterizing its error probability. Next, we present the implementation of two hardware Trojan examples on a Wireless Open-Access Research Platform (WARP)-based experimental setup. These examples reside in the analog and the RF circuitry of an 802.11a/g transmitter, respectively, where they manipulate the transmitted signal characteristics to leak their payload bits. Using these examples, we demonstrate (i) attack robustness, i.e., ability of the rogue receiver to successfully retrieve the leaked data, and (ii) attack inconspicuousness, i.e., ability of the hardware Trojan circuits to evade detection by existing defense methods. Lastly, we propose a defense mechanism that is capable of detecting analog/RF hardware Trojans in WiFi transceivers. The proposed defense, termed Adaptive Channel Estimation (ACE), leverages channel estimation capabilities of Orthogonal Frequency Division Multiplexing (OFDM) systems to robustly expose the Trojan activity in the presence of channel fading and device noise. Effectiveness of the ACE defense has been verified through experiments conducted in actual channel conditions, namely over-the-air and in the presence of interference.
中文翻译:
无线网络中的调幅模拟/射频硬件木马:风险和补救措施
我们调查了无线网络中调幅模拟/射频硬件木马所带来的风险,并提出了一种防御机制来减轻威胁。首先介绍了调幅模拟/射频硬件木马电路的工作原理,并对其性能特点进行了理论分析。受信道条件和硬件木马设计限制的影响,该分析旨在确定这些恶意电路对合法通信的影响,并通过表征其错误概率来了解它们在实际无线网络中建立的隐蔽信道的功能。接下来,我们介绍两个硬件木马示例在基于无线开放访问研究平台 (WARP) 的实验设置上的实现。这些示例分别位于 802.11a/g 发射机的模拟和 RF 电路中,它们在其中操纵传输信号特性以泄漏其有效负载位。使用这些例子,我们证明了(i)攻击鲁棒性,即恶意接收者成功检索泄露数据的能力,以及(ii)攻击不显眼性,即硬件木马电路逃避现有防御方法检测的能力。最后,我们提出了一种防御机制,能够检测 WiFi 收发器中的模拟/RF 硬件木马。所提出的防御措施称为自适应信道估计 (ACE),利用正交频分复用 (OFDM) 系统的信道估计功能,在存在信道衰落和设备噪声的情况下稳健地暴露特洛伊木马活动。 ACE 防御的有效性已通过在实际信道条件(即空中和存在干扰的情况下)进行的实验得到验证。
更新日期:2020-04-27
中文翻译:
无线网络中的调幅模拟/射频硬件木马:风险和补救措施
我们调查了无线网络中调幅模拟/射频硬件木马所带来的风险,并提出了一种防御机制来减轻威胁。首先介绍了调幅模拟/射频硬件木马电路的工作原理,并对其性能特点进行了理论分析。受信道条件和硬件木马设计限制的影响,该分析旨在确定这些恶意电路对合法通信的影响,并通过表征其错误概率来了解它们在实际无线网络中建立的隐蔽信道的功能。接下来,我们介绍两个硬件木马示例在基于无线开放访问研究平台 (WARP) 的实验设置上的实现。这些示例分别位于 802.11a/g 发射机的模拟和 RF 电路中,它们在其中操纵传输信号特性以泄漏其有效负载位。使用这些例子,我们证明了(i)攻击鲁棒性,即恶意接收者成功检索泄露数据的能力,以及(ii)攻击不显眼性,即硬件木马电路逃避现有防御方法检测的能力。最后,我们提出了一种防御机制,能够检测 WiFi 收发器中的模拟/RF 硬件木马。所提出的防御措施称为自适应信道估计 (ACE),利用正交频分复用 (OFDM) 系统的信道估计功能,在存在信道衰落和设备噪声的情况下稳健地暴露特洛伊木马活动。 ACE 防御的有效性已通过在实际信道条件(即空中和存在干扰的情况下)进行的实验得到验证。
京公网安备 11010802027423号