当前位置:
X-MOL 学术
›
IEEE Trans. Inform. Forensics Secur.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Amplitude-Modulating Analog/RF Hardware Trojans in Wireless Networks: Risks and Remedies
IEEE Transactions on Information Forensics and Security ( IF 6.8 ) Pub Date : 2020-04-27 , DOI: 10.1109/tifs.2020.2990792 Kiruba Sankaran Subramani , Noha Helal , Angelos Antonopoulos , Aria Nosratinia , Yiorgos Makris
IEEE Transactions on Information Forensics and Security ( IF 6.8 ) Pub Date : 2020-04-27 , DOI: 10.1109/tifs.2020.2990792 Kiruba Sankaran Subramani , Noha Helal , Angelos Antonopoulos , Aria Nosratinia , Yiorgos Makris
We investigate the risk posed by amplitude-modulating analog/RF hardware Trojans in wireless networks and propose a defense mechanism to mitigate the threat. First, we introduce the operating principles of amplitude-modulating analog/RF hardware Trojan circuits and we theoretically analyze their performance characteristics. Subject to channel conditions and hardware Trojan design restrictions, this analysis seeks to determine the impact of these malicious circuits on the legitimate communication and to understand the capabilities of the covert channel that they establish in practical wireless networks, by characterizing its error probability. Next, we present the implementation of two hardware Trojan examples on a Wireless Open-Access Research Platform (WARP)-based experimental setup. These examples reside in the analog and the RF circuitry of an 802.11a/g transmitter, respectively, where they manipulate the transmitted signal characteristics to leak their payload bits. Using these examples, we demonstrate (i) attack robustness, i.e., ability of the rogue receiver to successfully retrieve the leaked data, and (ii) attack inconspicuousness, i.e., ability of the hardware Trojan circuits to evade detection by existing defense methods. Lastly, we propose a defense mechanism that is capable of detecting analog/RF hardware Trojans in WiFi transceivers. The proposed defense, termed Adaptive Channel Estimation (ACE), leverages channel estimation capabilities of Orthogonal Frequency Division Multiplexing (OFDM) systems to robustly expose the Trojan activity in the presence of channel fading and device noise. Effectiveness of the ACE defense has been verified through experiments conducted in actual channel conditions, namely over-the-air and in the presence of interference.
中文翻译:
无线网络中的调幅模拟/ RF硬件木马:风险和补救措施
我们调查了无线网络中调幅模拟/ RF硬件木马带来的风险,并提出了一种防御机制来减轻威胁。首先,我们介绍了调幅模拟/ RF硬件Trojan电路的工作原理,并从理论上分析了它们的性能特征。根据信道条件和硬件Trojan设计限制,此分析旨在确定这些恶意电路对合法通信的影响,并通过表征其错误概率来了解它们在实际无线网络中建立的隐蔽信道的功能。接下来,我们介绍基于无线开放访问研究平台(WARP)的实验设置上两个硬件Trojan示例的实现。这些示例分别位于802.11a / g发射机的模拟和RF电路中,它们在其中操纵所传输的信号特征以泄漏其有效载荷比特。使用这些示例,我们展示了(i)攻击的鲁棒性,即流氓接收器成功检索泄漏数据的能力,以及(ii)攻击的不显眼性,即硬件Trojan电路规避了现有防御方法的检测的能力。最后,我们提出了一种防御机制,该机制能够检测WiFi收发器中的模拟/ RF硬件木马。提出的防御措施称为自适应信道估计(ACE),它利用正交频分复用(OFDM)系统的信道估计功能在存在信道衰落和设备噪声的情况下稳健地暴露Trojan活动。
更新日期:2020-06-19
中文翻译:
无线网络中的调幅模拟/ RF硬件木马:风险和补救措施
我们调查了无线网络中调幅模拟/ RF硬件木马带来的风险,并提出了一种防御机制来减轻威胁。首先,我们介绍了调幅模拟/ RF硬件Trojan电路的工作原理,并从理论上分析了它们的性能特征。根据信道条件和硬件Trojan设计限制,此分析旨在确定这些恶意电路对合法通信的影响,并通过表征其错误概率来了解它们在实际无线网络中建立的隐蔽信道的功能。接下来,我们介绍基于无线开放访问研究平台(WARP)的实验设置上两个硬件Trojan示例的实现。这些示例分别位于802.11a / g发射机的模拟和RF电路中,它们在其中操纵所传输的信号特征以泄漏其有效载荷比特。使用这些示例,我们展示了(i)攻击的鲁棒性,即流氓接收器成功检索泄漏数据的能力,以及(ii)攻击的不显眼性,即硬件Trojan电路规避了现有防御方法的检测的能力。最后,我们提出了一种防御机制,该机制能够检测WiFi收发器中的模拟/ RF硬件木马。提出的防御措施称为自适应信道估计(ACE),它利用正交频分复用(OFDM)系统的信道估计功能在存在信道衰落和设备噪声的情况下稳健地暴露Trojan活动。
京公网安备 11010802027423号