2024 RHEST Projects

In Summer 2024, RHEST will offer 7 REU projects.

• Project 1: Robust Deep-learning-based Side-Channel Attacks

• Project 2: Firmware Reverse Engineering for Trojan Detection on FPGAs

• Project 3: Detecting Vulnerabilities against Fault Injection Attacks

• Project 4: Synthetic and Natural Benchmarks for Hardware Security and Trust

• Project 5: Adversarial Examples in Machine-Learning Malware Detection

• Project 6: Detection of Accelerated Aging Attacks on Integrated Circuits Using On-Chip Neuromorphic Computing

• Project 7: Machine-Learning Functoin Boundary Detection over Stripped Binaries

The description of each project is listed below. Each project will require 1~2 students. Each applicant will need to indicate the top-3 research projects he/she is interested in the application.

Project Advisors: Drs. Boyang Wang and John M Emmert

Background. A side-channel attack can infer the secret key on a device (e.g., a microcontroller) by analyzing power consumption or electromagnetic emission when the device runs encryption algorithms, such as Advanced Standard Encryption. While countermeasures (e.g., random delays, hiding, and masking) have been proposed to defend against traditional side-channel attacks, including Differential Power Analysis and Correlation Power Analysis, recent deep-learning-based side-channel attacks can defeat these existing countermeasures. Despite the promising results reported in recent studies, deep-learning-based side-channel attacks are not robust as they are sensitive to discrepancy between training data and test data due to different attack setups in the real world. For instance, a deep neural network trained by power traces generated by one defense (e.g., random delays) does not derive high accuracy in recovering a secret key when test power traces are produced by a different defense (e.g., masking).

Project Goal. The goal of this project is to build a deep neural network that is robust (i.e., achieving high accuracy) when training data and test data are significantly different. The students will (1) examine multiple deep neural network models, e.g., Convolutional Neural Networks and Recursive Neural Networks, in side-channel attacks and experimentally compare which neural network is more robust over different datasets; (2) leverage data augmentation methods to produce additional synthetic training data to mitigate the discrepancy between training data and test data.

Project Advisors: Dr. John M Emmert

Background. The designs of commercial Field Programmable Gate Arrays (FPGAs) often include third-party intellectual properties (IPs). These third-party IPs can be in the form of hard coded and obfuscated modules that are inserted into primary product code or firmware. It is possible for untrusted agents/entities to compromise the integrity of third-party IPs without end users’ knowledge by adding Trojan circuits. The hidden Trojan circuits can be utilized to leak sensitive information, degrade the capability of the application running on an FPGA, or turn off the application running on an FPGA.

Project Goal The goal of this project is to further develop a generalizable, target-independent, and standardized framework to reverse engineer FPGA bitstreams to detect Trojan circuits in third-party IPs. The student will leverage bitstream download and read-back capabilities available on FPGAs (IEEE Joint Test Action Group 1149.x compliant) to develop a technology-independent framework to load and extract programming data to and from FPGA bitstream files. Specifically, the student will enhance a logic-to-bitstream mapping flow to create an interconnected sea of Look Up Tables, which is correlated with the FPGA programming bit file. To map FPGA logic to bitstreams, the students will utilize binary patterns to systematically match portions of FPGA programmable logic fabric to the programming bit file. The students will also optimize the binary patterns to minimize the number of bitstream downloads required to reverse engineer key portions of FPGA logic.

Project Advisors: Drs. Nan Niu and Boyang Wang

Background. A fault injection attack (also referred to as glitch attack) is a physical attack on data and behavior of an embedded device by changing the voltage, temperature or electromagnetic radiation. For example, it takes one fault to change a Boolean value from 0 to 1 (or 1 to 0) to bypass secure boot, extract a secret key, or extract firmware from an embedded device. To mitigate fault injection attacks, one effective way at the software layer is to write secure code that is more robust against the attacks. For instance, Boolean values in an if statement (e.g., if (flag == 0)) can be easily modified by fault injection attacks while using non-trivial numerical values (e.g., if (flag == 0x3CA5)) can make the attacks more difficult.

Project Goal. The goal of this project is to develop an automatic method to detect lines in C code and assembly code that are vulnerable under fault injection attacks. The students will (1) study secure code patterns; (2) leverage static program analysis (e.g., control flow graph) and/or machine learning to automatically identify vulnerabilities.

Project Advisor: Dr. Ranga Vemuri

Background. Hardware security research had its origins over a decade ago but has currently gained tremendous steam with numerous academic and industry teams attempting to produce disruptive commercial scale advances. However, benchmarks and metrics to uniformly compare these methods at scale are sorely lacking. Researchers continue to use outdated small scale benchmark suites, some produced over 25 years ago for other purposes, which have more than lived their useful purpose. It is critical to develop a set of benchmarks specifically for hardware security in order to provide the impetus for the current research and determine the relative merits especially in view of potential commercialization.

Benchmarks are of two types: (1) Natural benchmarks, and (2) Synthetic benchmarks. Natural benchmarks are developed from well-known applications functions from various domains which the designers understand. Examples are processors, crypto cores, communication peripherals etc. Synthetic benchmarks are not necessarily based on well-understood functions but provide a range of designs with incremental sampling of multiple design parameters covering both nominal and corner cases. All benchmarks should be well-characterized, documented and available via appropriate on-line database interfaces.

Project Goal. The problem addressed in this research is the construction, compilation, characterization, documentation, and release of suites of natural and synthetic benchmarks and benchmark generators for various hardware security and trust applications. Benchmarks will be useful for various applications including trojan detection, logic locking, camouflaging, split manufacturing, and side-channel analysis. Our specific objectives are to, (1) Develop synthetic, controllable benchmark generators for (a) gate-level netlists, (b) state machines, and (3) register-transfer level (RTL) designs. Benchmark generators will be highly parameterized. (2) Generate synthetic benchmarks using the benchmark generators for various hardware security applications. (3) Collect natural, realistic, commercial-strength benchmarks from existing sources. (4) Characterize all benchmarks using existing logic and layout synthesis tools. (5) Document all the benchmarks for function, parameterization and characteristic data. (6) Organize the benchmarks and data in an on-line searchable database. Specific skills include the use of Verilog, SystemsVerilog Assertions (SVA), a new benchmark generation language named ACTL, and commercial simulation and synthesis tools.

Project Advisors: Drs. Boyang Wang and Anca Ralescu

Background. End-to-end malware detection i.e., detecting malware by analyzing raw bytes of programs using deep neural networks, is considered as a new promising approach to simplify feature selection in static analysis while still provide accurate detection. However, recent research has shown that end-to-end malware detection is vulnerable under evasion attacks, where an adversary could modify raw bytes of a malware without affecting its functionality but force a neural network classifier predicting it as benign. A carefully modified malware that can bypass the malware detection is referred to as an adversarial example.

Project Goal. The goal of this project is to extend our existing research by (1) developing a new method that can detect these adversarial examples over PE (Portable Executable) files in end-to-end malware detection; (2) investigating new ways to generate practical adversarial examples over ELF (Executable and Linkable Format) files.

Project Advisor: Dr. Rashmi Jha

Background. Aging and reliability issues in microelectronics Integrated Circuits (ICs) based on advanced Complementary Metal Oxide Semiconductor (CMOS) technologies are becoming a topic of major concerns. The aging of ICs is dependent on the operating conditions which makes it very difficult to have a standard technique to predict. Additionally, the variabilities of ICs, temperature, and voltage make it difficult to predict the aging and remaining useful life of circuits accurately. Since aging introduces a major vulnerability, attackers can also exploit this vulnerability to cause accelerated aging. The existing techniques based on critical path delay monitoring, ring-oscillators, and Built-In Self-Test based monitoring introduce significant overheads. In addition, they are not able to distinguish differences between normal aging and accelerated aging introduced by Trojan insertions.

Project Goal. The goal of this project is to enable on-chip machine-learning-based analysis over data from aging sensors to distinguish normal aging (benign) from accelerated aging (malicious) introduced by Trojan insertions. Typically, the implementation of on-chip machine learning is a challenging task due to limited resources on chips. The students will address this challenge by implementing machine learning using Resistive Random Access Memory (RRAM) based neuromorphic hardware. Next, the students will integrate the hardware on pre-fabricated ICs leveraging heterogeneous integration techniques and utilize it to analyze remaining useful life of ICs based on data from aging sensors.

Project Advisors: Drs. William Hawkins and Boyang Wang

Background. For binaries that are stripped of all their metadata (i.e., information that a compiler/linker may include in a program to make it easier to debug, identify function boundaries, etc.), it is very difficult to determine where functions start and end. As a result, it is often difficult for automated disassemblers (IDA Pro, Ghidra) to lift machine code to higher-level languages, even in a very crude way.

Project Goal. The goal of this project is to (1) leverage machine learning, especially deep learning (e.g., Large Language Models), to identify function boundaries in stripped binaries; (2) investigate methods to maliciously modify stripped binnaries in order to defeat machine learning models (e.g., reducing the accuracy of function boundary detections).