-
Contrastive Graph Convolutional Networks for Hardware Trojan Detection in Third Party IP Cores
Authors:
Nikhil Muralidhar,
Abdullah Zubair,
Nathanael Weidler,
Ryan Gerdes,
Naren Ramakrishnan
Abstract:
The availability of wide-ranging third-party intellectual property (3PIP) cores enables integrated circuit (IC) designers to focus on designing high-level features in ASICs/SoCs. The massive proliferation of ICs brings with it an increased number of bad actors seeking to exploit those circuits for various nefarious reasons. This is not surprising as integrated circuits affect every aspect of socie…
▽ More
The availability of wide-ranging third-party intellectual property (3PIP) cores enables integrated circuit (IC) designers to focus on designing high-level features in ASICs/SoCs. The massive proliferation of ICs brings with it an increased number of bad actors seeking to exploit those circuits for various nefarious reasons. This is not surprising as integrated circuits affect every aspect of society. Thus, malicious logic (Hardware Trojans, HT) being surreptitiously injected by untrusted vendors into 3PIP cores used in IC design is an ever present threat. In this paper, we explore methods for identification of trigger-based HT in designs containing synthesizable IP cores without a golden model. Specifically, we develop methods to detect hardware trojans by detecting triggers embedded in ICs purely based on netlists acquired from the vendor. We propose GATE-Net, a deep learning model based on graph-convolutional networks (GCN) trained using supervised contrastive learning, for flagging designs containing randomly-inserted triggers using only the corresponding netlist. Our proposed architecture achieves significant improvements over state-of-the-art learning models yielding an average 46.99% improvement in detection performance for combinatorial triggers and 21.91% improvement for sequential triggers across a variety of circuit types. Through rigorous experimentation, qualitative and quantitative performance evaluations, we demonstrate effectiveness of GATE-Net and the supervised contrastive training of GATE-Net for HT detection.
△ Less
Submitted 3 March, 2022;
originally announced March 2022.
-
Securing your Airspace: Detection of Drones Trespassing Protected Areas
Authors:
Alireza Famili,
Angelos Stavrou,
Haining Wang,
Jung-Min,
Park,
Ryan Gerdes
Abstract:
There has been a rapid growth in the deployment of Unmanned Aerial Vehicles (UAVs) in various applications ranging from vital safety-of-life such as surveillance and reconnaissance at nuclear power plants to entertainment and hobby applications. While popular, drones can pose serious security threats that can be unintentional or intentional. Thus, there is an urgent need for real-time accurate det…
▽ More
There has been a rapid growth in the deployment of Unmanned Aerial Vehicles (UAVs) in various applications ranging from vital safety-of-life such as surveillance and reconnaissance at nuclear power plants to entertainment and hobby applications. While popular, drones can pose serious security threats that can be unintentional or intentional. Thus, there is an urgent need for real-time accurate detection and classification of drones. In this article, we perform a survey of drone detection approaches presenting their advantages and limitations. We analyze detection techniques that employ radars, acoustic and optical sensors, and emitted radio frequency (RF) signals. We compare their performance, accuracy, and cost, concluding that combining multiple sensing modalities might be the path forward.
△ Less
Submitted 5 November, 2021;
originally announced November 2021.
-
On the Feasibility of Exploiting Traffic Collision Avoidance System Vulnerabilities
Authors:
Paul M. Berges,
Basavesh Ammanaghatta Shivakumar,
Timothy Graziano,
Ryan Gerdes,
Z. Berkay Celik
Abstract:
Traffic Collision Avoidance Systems (TCAS) are safety-critical systems required on most commercial aircrafts in service today. However, TCAS was not designed to account for malicious actors. While in the past it may have been infeasible for an attacker to craft radio signals to mimic TCAS signals, attackers today have access to open-source digital signal processing software, like GNU Radio, and in…
▽ More
Traffic Collision Avoidance Systems (TCAS) are safety-critical systems required on most commercial aircrafts in service today. However, TCAS was not designed to account for malicious actors. While in the past it may have been infeasible for an attacker to craft radio signals to mimic TCAS signals, attackers today have access to open-source digital signal processing software, like GNU Radio, and inexpensive software defined radios (SDR) that enable the transmission of spurious TCAS messages. In this paper, methods, both qualitative and quantitative, for analyzing TCAS from an adversarial perspective are presented. To demonstrate the feasibility of inducing near mid-air collisions between current day TCAS-equipped aircraft, an experimental Phantom Aircraft generator is developed using GNU Radio and an SDR against a realistic threat model.
△ Less
Submitted 25 June, 2020;
originally announced June 2020.
-
Spotr: GPS Spoofing Detection via Device Fingerprinting
Authors:
Mahsa Foruhandeh,
Abdullah Z. Mohammed,
Gregor Kildow,
Paul Berges,
Ryan Gerdes
Abstract:
As the worlds predominant navigation system GPS is critical to modern life, finding applications in diverse areas like information security, healthcare, marketing, and power and water grid management. Unfortunately this diversification has only served to underscore the insecurity of GPS and the critical need to harden this system against manipulation and exploitation. A wide variety of attacks aga…
▽ More
As the worlds predominant navigation system GPS is critical to modern life, finding applications in diverse areas like information security, healthcare, marketing, and power and water grid management. Unfortunately this diversification has only served to underscore the insecurity of GPS and the critical need to harden this system against manipulation and exploitation. A wide variety of attacks against GPS have already been documented, both in academia and industry. Several defenses have been proposed to combat these attacks, but they are ultimately insufficient due to scope, expense, complexity, or robustness. With this in mind, we present our own solution: fingerprinting of GPS satellites. We assert that it is possible to create signatures, or fingerprints, of the satellites (more specifically their transmissions) that allow one to determine nearly instantly whether a received GPS transmission is authentic or not. Furthermore, in this paper we demonstrate that this solution detects all known spoofing attacks, that it does so while being fast, cheap, and simpler than previous solutions, and that it is highly robust with respect to environmental factors.
△ Less
Submitted 18 May, 2020;
originally announced May 2020.
-
Secure Traffic Lights: Replay Attack Detection for Model-based Smart Traffic Controllers
Authors:
Pratham Oza,
Mahsa Foruhandeh,
Ryan Gerdes,
Thidapat Chantem
Abstract:
Rapid urbanization calls for smart traffic management solutions that incorporate sensors, distributed traffic controllers and V2X communication technologies to provide fine-grained traffic control to mitigate congestion. As in many other cyber-physical systems, smart traffic management systems typically lack security measures. This allows numerous opportunities for adversarial entities to craft at…
▽ More
Rapid urbanization calls for smart traffic management solutions that incorporate sensors, distributed traffic controllers and V2X communication technologies to provide fine-grained traffic control to mitigate congestion. As in many other cyber-physical systems, smart traffic management systems typically lack security measures. This allows numerous opportunities for adversarial entities to craft attacks on the sensor networks, wireless data sharing and/or the distributed traffic controllers. We show that such vulnerabilities can be exploited to disrupt mobility in a large urban area and cause unsafe conditions for drivers and the pedestrians on the roads. Specifically, in this paper, we look into vulnerabilities in model-based traffic controllers and show that, even with state-of-the-art attack detectors in place, false-data injection can be used to hamper mobility. We demonstrate a replay attack by modeling an isolated intersection in VISSIM, a popular traffic simulator and also discuss countermeasures to thwart such attacks.
△ Less
Submitted 9 March, 2020;
originally announced March 2020.
-
GhostImage: Remote Perception Attacks against Camera-based Image Classification Systems
Authors:
Yanmao Man,
Ming Li,
Ryan Gerdes
Abstract:
In vision-based object classification systems imaging sensors perceive the environment and machine learning is then used to detect and classify objects for decision-making purposes; e.g., to maneuver an automated vehicle around an obstacle or to raise an alarm to indicate the presence of an intruder in surveillance settings. In this work we demonstrate how the perception domain can be remotely and…
▽ More
In vision-based object classification systems imaging sensors perceive the environment and machine learning is then used to detect and classify objects for decision-making purposes; e.g., to maneuver an automated vehicle around an obstacle or to raise an alarm to indicate the presence of an intruder in surveillance settings. In this work we demonstrate how the perception domain can be remotely and unobtrusively exploited to enable an attacker to create spurious objects or alter an existing object. An automated system relying on a detection/classification framework subject to our attack could be made to undertake actions with catastrophic results due to attacker-induced misperception.
We focus on camera-based systems and show that it is possible to remotely project adversarial patterns into camera systems by exploiting two common effects in optical imaging systems, viz., lens flare/ghost effects and auto-exposure control. To improve the robustness of the attack to channel effects, we generate optimal patterns by integrating adversarial machine learning techniques with a trained end-to-end channel model. We experimentally demonstrate our attacks using a low-cost projector, on three different image datasets, in indoor and outdoor environments, and with three different cameras. Experimental results show that, depending on the projector-camera distance, attack success rates can reach as high as 100% and under targeted conditions.
△ Less
Submitted 23 June, 2020; v1 submitted 21 January, 2020;
originally announced January 2020.
-
Vehicle Security: Risk Assessment in Transportation
Authors:
Kaveh Bakhsh Kelarestaghi,
Mahsa Foruhandeh,
Kevin Heaslip,
Ryan Gerdes
Abstract:
Intelligent Transportation Systems (ITS) are critical infrastructure that are not immune to both physical and cyber threats. Vehicles are cyber/physical systems which are a core component of ITS, can be either a target or a launching point for an attack on the ITS network. Unknown vehicle security vulnerabilities trigger a race among adversaries to exploit the weaknesses and security experts to mi…
▽ More
Intelligent Transportation Systems (ITS) are critical infrastructure that are not immune to both physical and cyber threats. Vehicles are cyber/physical systems which are a core component of ITS, can be either a target or a launching point for an attack on the ITS network. Unknown vehicle security vulnerabilities trigger a race among adversaries to exploit the weaknesses and security experts to mitigate the vulnerability. In this study, we identified opportunities for adversaries to take control of the in-vehicle network, which can compromise the safety, privacy, reliability, efficiency, and security of the transportation system. This study contributes in three ways to the literature of ITS security and resiliency. First, we aggregate individual risks that are associated with hacking the in-vehicle network to determine system-level risk. Second, we employ a risk-based model to conduct a qualitative vulnerability-oriented risk assessment. Third, we identify the consequences of hacking the in-vehicle network through a risk-based approach, using an impact-likelihood matrix. The qualitative assessment communicates risk outcomes for policy analysis. The outcome of this study would be of interest and usefulness to policymakers and engineers concerned with the potential vulnerabilities of the critical infrastructures.
△ Less
Submitted 7 August, 2018; v1 submitted 19 April, 2018;
originally announced April 2018.
-
Multi-vehicle Path Following using Modified Trajectory Sha** Guidance
Authors:
Ishmaal Erekson,
Rajnikant Sharma,
Ashwini Ratnoo,
Ryan Gerdes
Abstract:
In this paper, we formulate a virtual target-based path following guidance law aimed towards multi-vehicle path following problem. The guidance law is well suited to precisely follow circular paths while minting desired distance between two adjacent vehicles where path information is only available to the lead vehicle. We analytically show lateral and longitudnal stability and convergence on the p…
▽ More
In this paper, we formulate a virtual target-based path following guidance law aimed towards multi-vehicle path following problem. The guidance law is well suited to precisely follow circular paths while minting desired distance between two adjacent vehicles where path information is only available to the lead vehicle. We analytically show lateral and longitudnal stability and convergence on the path. This is also validated through simulation and experimental results.
△ Less
Submitted 18 November, 2017;
originally announced November 2017.
-
Low Cost, Open-Source Testbed to Enable Full-Sized Automated Vehicle Research
Authors:
Austin Costley,
Chase Kunz,
Ryan Gerdes,
Rajnikant Sharma
Abstract:
An open-source vehicle testbed to enable the exploration of automation technologies for road vehicles is presented. The platform hardware and software, based on the Robot Operating System (ROS), are detailed. Two methods are discussed for enabling the remote control of a vehicle (in this case, an electric 2013 Ford Focus). The first approach used digital filtering of Controller Area Network (CAN)…
▽ More
An open-source vehicle testbed to enable the exploration of automation technologies for road vehicles is presented. The platform hardware and software, based on the Robot Operating System (ROS), are detailed. Two methods are discussed for enabling the remote control of a vehicle (in this case, an electric 2013 Ford Focus). The first approach used digital filtering of Controller Area Network (CAN) messages. In the case of the test vehicle, this approach allowed for the control of acceleration from a tap-point on the CAN bus and the OBD-II port. The second approach, based on the emulation of the analog output(s) of a vehicle's accelerator pedal, brake pedal, and steering torque sensors, is more generally applicable and, in the test vehicle, allowed for the full control vehicle acceleration, braking, and steering. To demonstrate the utility of the testbed for vehicle automation research, system identification was performed on the test vehicle and speed and steering controllers were designed to allow the vehicle to follow a predetermined path. The resulting system was shown to be differentially flat, and a high level path following algorithm was developed using the differentially flat properties and state feedback. The path following algorithm is experimentally validated on the automation testbed developed in the paper.
△ Less
Submitted 25 August, 2017;
originally announced August 2017.