Detecting Hardware Trojans in Microprocessors via Hardware Error Correction Code-based Modules

• URL: http://arxiv.org/abs/2506.15417v1
• Date: Wed, 18 Jun 2025 12:37:14 GMT
• Title: Detecting Hardware Trojans in Microprocessors via Hardware Error Correction Code-based Modules
• Authors: Alessandro Palumbo, Ruben Salvador,
• Abstract summary: Hardware Trojans (HTs) enable attackers to execute unauthorized software or gain illicit access to privileged operations.<n>This manuscript introduces a hardware-based methodology for detecting runtime HT activations using Error Correction Codes (ECCs) on a RISC-V microprocessor.
• Score: 49.1574468325115
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Software-exploitable Hardware Trojans (HTs) enable attackers to execute unauthorized software or gain illicit access to privileged operations. This manuscript introduces a hardware-based methodology for detecting runtime HT activations using Error Correction Codes (ECCs) on a RISC-V microprocessor. Specifically, it focuses on HTs that inject malicious instructions, disrupting the normal execution flow by triggering unauthorized programs. To counter this threat, the manuscript introduces a Hardware Security Checker (HSC) leveraging Hamming Single Error Correction (HSEC) architectures for effective HT detection. Experimental results demonstrate that the proposed solution achieves a 100% detection rate for potential HT activations, with no false positives or undetected attacks. The implementation incurs minimal overhead, requiring only 72 #LUTs, 24 #FFs, and 0.5 #BRAM while maintaining the microprocessor's original operating frequency and introducing no additional time delay.

Related papers

• Boosting Device Utilization in Control Flow Auditing [47.36491265793223]
  Control Flow (CFAud) is a mechanism wherein a remote verifier (Vrf) is guaranteed to received evidence about the control flow path taken on a prover (Prv) MCU, even when Prv software is compromised.<n>Current CFAud requires a busy-wait'' phase where root-of-anchored root-of-RoT in Prv retains execution to ensure delivery of flow evidence to Vrf.<n>CARAMEL is a hardware RoT co-design that enables Prv to resume while control flow evidence is transmitted to Vrf.
  arXiv  Detail & Related papers  (2026-03-02T18:26:17Z)
• LibIHT: A Hardware-Based Approach to Efficient and Evasion-Resistant Dynamic Binary Analysis [4.42052953892569]
  LibIHT is a hardware-assisted tracing framework that captures program control-flow with minimal performance impact.<n>We implement LibIHT as an OS kernel module and user-space library, and evaluate it on both benign benchmark programs and adversarial anti-instrumentation samples.
  arXiv  Detail & Related papers  (2025-10-17T22:42:33Z)
• Code Agent can be an End-to-end System Hacker: Benchmarking Real-world Threats of Computer-use Agent [64.08182031659047]
  We propose AdvCUA, the first benchmark aligned with real-world TTPs in MITRE ATT&CK Enterprise Matrix.<n>We evaluate the existing five mainstream CUAs, including ReAct, AutoGPT, Gemini CLI, and Cursor CLI.<n>Results demonstrate that current frontier CUAs do not adequately cover OS security-centric threats.
  arXiv  Detail & Related papers  (2025-10-08T03:35:23Z)
• CANTXSec: A Deterministic Intrusion Detection and Prevention System for CAN Bus Monitoring ECU Activations [53.036288487863786]
  We propose CANTXSec, the first deterministic Intrusion Detection and Prevention system based on physical ECU activations.<n>It detects and prevents classical attacks in the CAN bus, while detecting advanced attacks that have been less investigated in the literature.<n>We prove the effectiveness of our solution on a physical testbed, where we achieve 100% detection accuracy in both classes of attacks while preventing 100% of FIAs.
  arXiv  Detail & Related papers  (2025-05-14T13:37:07Z)
• Fooling the Decoder: An Adversarial Attack on Quantum Error Correction [49.48516314472825]
  In this work, we target a basic RL surface code decoder (DeepQ) to create the first adversarial attack on quantum error correction.<n>We demonstrate an attack that reduces the logical qubit lifetime in memory experiments by up to five orders of magnitude.<n>This attack highlights the susceptibility of machine learning-based QEC and underscores the importance of further research into robust QEC methods.
  arXiv  Detail & Related papers  (2025-04-28T10:10:05Z)
• CRAFT: Characterizing and Root-Causing Fault Injection Threats at Pre-Silicon [3.6158033114580674]
  Fault injection attacks pose significant security threats to embedded systems.<n>Early detection and understanding of how physical faults propagate to system-level behavior are essential to safeguarding cyberinfrastructure.<n>This work introduces CRAFT, a framework that combines pre-silicon analysis with post-silicon validation to systematically uncover and analyze fault injection vulnerabilities.
  arXiv  Detail & Related papers  (2025-03-05T20:17:46Z)
• Logical Maneuvers: Detecting and Mitigating Adversarial Hardware Faults in Space [3.766999700958066]
  Satellites are vulnerable to adversarial glitches or high-energy radiation in space, which could cause faults on the onboard computer.<n>This work introduces a detection- and response-based countermeasure to deal with partially damaged processor chips.<n>We incorporate digitally-compatible delay-based sensors on the target processor's chip to reliably detect the incoming radiation.
  arXiv  Detail & Related papers  (2025-01-23T18:12:43Z)
• Real-Time Multi-Modal Subcomponent-Level Measurements for Trustworthy System Monitoring and Malware Detection [20.93359969847573]
  Modern computers are complex systems with multiple interacting subcomponents.<n>We propose a "subcomponent-level" approach to collect side channel measurements.<n>By enabling real-time measurements from multiple subcomponents, the goal is to provide a deeper visibility into system operation.
  arXiv  Detail & Related papers  (2025-01-22T18:44:00Z)
• TRACES: TEE-based Runtime Auditing for Commodity Embedded Systems [9.32090482996659]
  Control Flow Auditing (CFA) offers a means to detect control flow hijacking attacks on remote devices. CFA generates a trace (CFLog) containing the destination of all branching instructions executed. TraCES guarantees reliable delivery of periodic runtime reports even when Prv is compromised.
  arXiv  Detail & Related papers  (2024-09-27T20:10:43Z)
• Towards Effective and Efficient Non-autoregressive Decoding Using Block-based Attention Mask [74.64216073678617]
  AMD performs parallel NAR inference within contiguous blocks of output labels concealed using attention masks. A beam search algorithm is designed to leverage a dynamic fusion of CTC, AR Decoder, and AMD probabilities. Experiments on the LibriSpeech-100hr corpus suggest the tripartite Decoder incorporating the AMD module produces a maximum decoding speed-up ratio of 1.73x.
  arXiv  Detail & Related papers  (2024-06-14T13:42:38Z)
• JITScanner: Just-in-Time Executable Page Check in the Linux Operating System [6.725792100548271]
  JITScanner is developed as a Linux-oriented package built upon a Loadable Kernel Module (LKM) It integrates a user-level component that communicates efficiently with the LKM using scalable multi-processor/core technology. JITScanner's effectiveness in detecting malware programs and its minimal intrusion in normal runtime scenarios have been extensively tested.
  arXiv  Detail & Related papers  (2024-04-25T17:00:08Z)
• Fight Hardware with Hardware: System-wide Detection and Mitigation of Side-Channel Attacks using Performance Counters [45.493130647468675]
  We present a kernel-level infrastructure that allows system-wide detection of malicious applications attempting to exploit cache-based side-channel attacks. This infrastructure relies on hardware performance counters to collect information at runtime from all applications running on the machine. High-level detection metrics are derived from these measurements to maximize the likelihood of promptly detecting a malicious application.
  arXiv  Detail & Related papers  (2024-02-18T15:45:38Z)
• A Golden-Free Formal Method for Trojan Detection in Non-Interfering Accelerators [5.1042748857552755]
  Hardware Trojans (HTs) in security-critical IPs like cryptographic accelerators pose severe security risks. We propose a novel formal verification method for HT detection in non-interfering accelerators at the Register Transfer Level (RTL) Our method guarantees the exhaustive detection of any sequential HT independently of its payload behavior, including physical side channels.
  arXiv  Detail & Related papers  (2023-12-11T16:44:19Z)
• A survey on hardware-based malware detection approaches [45.24207460381396]
  Hardware-based malware detection approaches leverage hardware performance counters and machine learning prowess. We meticulously analyze the approach, unraveling the most common methods, algorithms, tools, and datasets that shape its contours. The discussion extends to crafting mixed hardware and software approaches for collaborative efficacy, essential enhancements in hardware monitoring units, and a better understanding of the correlation between hardware events and malware applications.
  arXiv  Detail & Related papers  (2023-03-22T13:00:41Z)
• Mate! Are You Really Aware? An Explainability-Guided Testing Framework for Robustness of Malware Detectors [49.34155921877441]
  We propose an explainability-guided and model-agnostic testing framework for robustness of malware detectors. We then use this framework to test several state-of-the-art malware detectors' abilities to detect manipulated malware. Our findings shed light on the limitations of current malware detectors, as well as how they can be improved.
  arXiv  Detail & Related papers  (2021-11-19T08:02:38Z)
• Adversarial EXEmples: A Survey and Experimental Evaluation of Practical Attacks on Machine Learning for Windows Malware Detection [67.53296659361598]
  adversarial EXEmples can bypass machine learning-based detection by perturbing relatively few input bytes. We develop a unifying framework that does not only encompass and generalize previous attacks against machine-learning models, but also includes three novel attacks. These attacks, named Full DOS, Extend and Shift, inject the adversarial payload by respectively manipulating the DOS header, extending it, and shifting the content of the first section.
  arXiv  Detail & Related papers  (2020-08-17T07:16:57Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.