Versions Compared

Version Old Version 3 New Version 4
Changes made by

Sara Faour

Sara Faour

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

Title of the paper: Exploiting JTAG and Its Mitigation in IOT: A Survey

Available at: https://www.mdpi.com/1999-5903/10/12/121?type=check_update&version=2

...

  1. Exploitation of JTAG Using Physical Pin Modification

  2. Exploitation Using JTAGulator Tool

    1. Image RemovedImage Added

  3. Exploitation of Tiny OS and Mantis OS Using Open Source Software Available on Internet

    1. TinyOS (an event-based operating system) and Mantis OS (a multi-threaded operating system)

    2. Since these tiny OSs are used in many devices; such computing-feasible devices can be used as the bot to execute malicious code, or to scan to find other vulnerable devices. In comparison to this, recently, a self propagating botnet malware known as “Mirai” became very popular in industry and researchers community. The Mirai malware attacked website of “Krebbs; a software security consultant company”, with 620 Gbps of traffic in September 2016, which was one of the huge DDoS attacks (Distributed denial-of-service). This Mirai botnet code infects devices such as routers and IP cameras that are still using their factory default username and password.

  4. Exploitation Using Interrupt-Oriented Bugdoor Programming Method

  5. Exploitation of Modern Game Console

  6. Baseband Attacks: Remote Exploitation of Memory Corruptions in Cellular Protocol Stacks

  7. Attacks on Programmable Logic Controllers (PLC)

    1. the Supervisory control and data acquisition (SCADA) systems is dominantly used to monitor and control huge system infrastructure such as electric power transmission lines, water distribution systems, gas and oil pipelines, etc.

    2. The programmable logic controller (PLCs) gathers data and interacts with sensors and valves for streamlining huge industrial process.

  8. Attacks on Android OS

JTAG Security Solutions

  1. Based on Physical Unclonable Functions (PUF)

    1. The PUF is not only lightweight and unique but also ideal for extremely resource constraint platform such as RFID and IOT nodes.

    2. Another advantage of PUF is that it does not require any special manufacturing process or programming and testing steps.

    3. This experiment proposed challenge response-based solution also known as Ring Oscillator (RO) PUF to provide JTAG security. → maybe we can benefit from SCuM’s oscillators !

  2. Based on Public Key Cryptography

    1. an Elliptic Curve Cryptosystem (ECC) approach is used over other public PKC schemes (such as RSA) due to small key size, reduced storage requirement, and transmission requirement.

    2. man in middle attack is also prevented by a Elliptic Curve Digital Signature Algorithm (ECDSA)

  3. Based on Challenge Response

    1. using SHA256 secure hash and a true random number generator (TRNG)

    2. This method increases hardware complexities since challenge is generated at IC for which a random
      generator is required on chip.

  4. Security Level Based Approach

    1. the authors proposed a separate hardware protecting mechanism that guarantees reliable authorization

    2. They offered VHDL implementation of JTAG architecture with four levels of privilege access modes

  5. Credential Based Approach

    1. server issues credential and password to user through Internet connection for secure JTAG interface

    2. this method uses Hash and XOR calculation for interaction between host (computer) and JTAG device, which makes this solution less expensive.

  6. Exploitation Using Statistical Machine Learning

    1. The authors proposed statistical learning in chip (SLIC-J) scheme for JTAG protection.

    2. the same authors implemented another two-layered approach to secure JTAG attacks based on machine learning methods, results are compared with other previously published protection schemes such as encryption, signature detection, anomaly detection, and SLIC-J statistical learning and showed overall 94% accuracy.

    3. physical security is enhanced up to 94% with machine learning techniques, and improved by 50%
      on average compared to previous work.

  7. JoKER, Trusted Detection of Kernel Rootkits in Android Devices via JTAG Interface

    1. the JTAG hardware debugging standard is the most trusted debugging technique at hardware level in the industry

    2. Kernel level attacks can grant permissions to hide virus/malware from antivirus programs so that authors used well known JTAG hardware debugging techniques to get low level memory screenshots.

...