Detecting and Mapping Framework for Physical Devices Based on Rowhammer Physical Unclonable Function

LIU Di; XU Wenhan; WANG Wendong; LI Dawei; GUAN Zhenyu; LIU Jianwei

doi:10.11999/JEIT230388

Volume 45 Issue 9

Sep. 2023

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2023 > 45(9): 3200-3209

LIU Di, XU Wenhan, WANG Wendong, LI Dawei, GUAN Zhenyu, LIU Jianwei. Detecting and Mapping Framework for Physical Devices Based on Rowhammer Physical Unclonable Function[J]. Journal of Electronics & Information Technology, 2023, 45(9): 3200-3209. doi: 10.11999/JEIT230388

Citation:

LIU Di, XU Wenhan, WANG Wendong, LI Dawei, GUAN Zhenyu, LIU Jianwei. Detecting and Mapping Framework for Physical Devices Based on Rowhammer Physical Unclonable Function[J]. Journal of Electronics & Information Technology, 2023, 45(9): 3200-3209. doi: 10.11999/JEIT230388

Citation:

PDF( 1203 KB)

Detecting and Mapping Framework for Physical Devices Based on Rowhammer Physical Unclonable Function

doi: 10.11999/JEIT230388

School of Cyber Science and Technology, Beihang University, Beijing 100191, China

Funds: The National Key R&D Program of China (2021YFB2700200), The National Natural Science Foundation of China (62372022, 62002006, U2241213, U21B2021, 62172025, 61932011, 61932014, 61972018, 61972019, 61772538, 32071775, 91646203)

Received Date: 2023-05-08
Rev Recd Date: 2023-08-28

Available Online: 2023-08-31

Publish Date: 2023-09-27

Abstract

Abstract

The core problem of cyberspace mapping is to identify accurately and track dynamically devices. However, with the development of anonymization technology, devices can have multiple IP addresses and MAC addresses. This makes it increasingly difficult to map multiple virtual attributes to the same physical device through traditional mapping techniques. In this paper, a mapping framework based on Physical Unclonable Function (PUF) is proposed which can actively detect physical resources in cyberspace and track dynamically devices based on physical fingerprints to construct resource portraits. Furthermore, a new method is proposed to implement the Rowhammer-based Dynamic Random-Access Memory Physical Unclonable Function (DRAM PUF) on a regular Personal Computer (PC) equipped with Double Data Rate Fourth (DDR4) memory. Performance evaluation shows that the response extracted from the Rowhammer PUF on the PC using the proposed method is unique and reliable, and can be used as a unique physical fingerprint of the device. Experimental results show that even if the target device modifies its MAC address, IP address, or reinstalls operating system, the framework proposed in this paper can still accurately identify the target device by constructing a physical fingerprint database for device matching.
- Cyberspace mapping,
- Physical fingerprint,
- Physical Unclonable Function (PUF),
- Rowhammer PUF

FullText(HTML)

References(27)

References

[1]	郭莉, 曹亚男, 苏马婧, 等. 网络空间资源测绘: 概念与技术[J]. 信息安全学报, 2018, 3(4): 1–14. doi: 10.19363/J.cnki.cn10-1380/tn.2018.07.01 GUO Li, CAO Ya’nan, SU Majing, et al. Cyberspace resources surveying and mapping: The concepts and technologies[J]. Journal of Cyber Security, 2018, 3(4): 1–14. doi: 10.19363/J.cnki.cn10-1380/tn.2018.07.01
[2]	陈庆, 李晗, 杜跃进, 等. 网络空间测绘技术的实践与思考[J]. 信息通信技术与政策, 2021, 47(8): 30–38. doi: 10.12267/j.issn.2096-5931.2021.08.005 CHEN Qing, LI Han, DU Yuejin, et al. Practice and thinking of cyberspace surveying and mapping technology[J]. Information and Communications Technology and Policy, 2021, 47(8): 30–38. doi: 10.12267/j.issn.2096-5931.2021.08.005
[3]	HOU Yuanwei, CHEN Xiaoxiao, HAO Yongle, et al. Survey of cyberspace resources scanning and analyzing[C]. The 14th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS-2020), Lodz, Poland, 2021: 279–291.
[4]	NMAP. Nmap: The network mapper - free security scanner[EB/OL]. https://nmap.org/, 2023.
[5]	DURUMERIC Z, WUSTROW E, and HALDERMAN J A. ZMap: Fast internet-wide scanning and its security applications[C]. The 22th USENIX Security Symposium, Washington, USA, 2013: 605–620.
[6]	GRAHAM R D. MASSCAN: Mass IP port scanner[EB/OL]. https://github.com/robertdavidgraham/masscan, 2023.
[7]	Shodan. Search engine for the internet of everything[EB/OL]. https://www.shodan.io, 2023.
[8]	KIM Y, DALY R, KIM J, et al. Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors[J]. ACM SIGARCH Computer Architecture News, 2014, 42(3): 361–372. doi: 10.1145/2678373.2665726
[9]	COJOCAR L, KIM J, PATEL M, et al. Are we susceptible to rowhammer? An end-to-end methodology for cloud providers[C]. 2020 IEEE Symposium on Security and Privacy (SP), San Francisco, USA, 2020: 712–728.
[10]	GRUSS D, MAURICE C, and MANGARD S. Rowhammer. js: A remote software-induced fault attack in javascript[C]. 13th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, San Sebastián, Spain, 2016: 300–321.
[11]	DE RIDDER F, FRIGO P, VANNACCI E, et al. SMASH: Synchronized many-sided rowhammer attacks from JavaScript[C/OL]. 30th USENIX Security Symposium, 2021: 1001–1018.
[12]	QIAO Rui and SEABORN M. A new approach for rowhammer attacks[C]. 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), McLean, USA, 2016: 161–166.
[13]	KWONG A, GENKIN D, GRUSS D, et al. RAMBleed: Reading bits in memory without accessing them[C]. 2020 IEEE Symposium on Security and Privacy (SP), San Francisco, USA, 2020: 695–711.
[14]	ZHANG Zhi, CHENG Yueqiang, WANG Minghua, et al. SoftTRR: Protect page tables against rowhammer attacks using software-only target row refresh[C]. 2022 USENIX Annual Technical Conference, Carlsbad, USA, 2022: 399–414.
[15]	PESSL P, GRUSS D, MAURICE C, et al. DRAMA: Exploiting DRAM addressing for cross-CPU attacks[C]. The 25th USENIX Conference on Security Symposium, Austin, USA, 2016: 565–581.
[16]	WANG Minghua, ZHANG Zhi, CHENG Yueqiang, et al. DRAMDig: A knowledge-assisted tool to uncover DRAM address mapping[C]. 2020 57th ACM/IEEE Design Automation Conference (DAC), San Francisco, USA, 2020: 1–6.
[17]	GRUSS D, LIPP M, SCHWARZ M, et al. Another flip in the wall of rowhammer defenses[C]. 2018 IEEE Symposium on Security and Privacy (SP), San Francisco, USA, 2018: 245–261.
[18]	SAROIU S, WOLMAN A, and COJOCAR L. The price of secrecy: How hiding internal DRAM topologies hurts rowhammer defenses[C]. 2022 IEEE International Reliability Physics Symposium (IRPS), Dallas, USA, 2022: 2C. 3–1–2C. 3–6.
[19]	FRIGO P, VANNACC E, HASSAN H, et al. TRRespass: Exploiting the many sides of target row refresh[C]. 2020 IEEE Symposium on Security and Privacy (SP), San Francisco, USA, 2020: 747–762.
[20]	VAN DER VEEN V, FRATANTONIO Y, LINDORFER M, et al. Drammer: Deterministic rowhammer attacks on mobile platforms[C]. 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 2016: 1675–1689.
[21]	SHARIFFUDDIN S, SIVAMANGAI N M, NAPOLEAN A, et al. Review on arbiter physical unclonable function and its implementation in FPGA for IoT security applications[C]. 2022 6th International Conference on Devices, Circuits and Systems (ICDCS), Coimbatore, India, 2022: 369–374.
[22]	TEHRANIPOOR F, KARIMIAN N, YAN Wei, et al. DRAM-based intrinsic physically unclonable functions for system-level security and authentication[J]. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 2017, 25(3): 1085–1097. doi: 10.1109/tvlsi.2016.2606658
[23]	NAJAFI F, KAVEH M, MARTÍN D, et al. Deep PUF: A highly reliable DRAM PUF-based authentication for IoT networks using deep convolutional neural networks[J]. Sensors, 2021, 21(6): 2009. doi: 10.3390/s21062009
[24]	SCHALLER A, XIONG Wenjie, ANAGNOSTOPOULOS N A, et al. Intrinsic rowhammer PUFs: Leveraging the rowhammer effect for improved security[C]. 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), Mclean, USA, 2017: 1–7.
[25]	SCHALLER A, XIONG Wemjie, ANAGNOSTOPOULOS N A, et al. Decay-based DRAM PUFs in commodity devices[J]. IEEE Transactions on Dependable and Secure Computing, 2019, 16(3): 462–475. doi: 10.1109/TDSC.2018.2822298
[26]	SUTAR S, RAHA A, and RAGHUNATHAN V. D-PUF: An intrinsically reconfigurable DRAM PUF for device authentication in embedded systems[C]. The International Conference on Compliers, Architectures, and Sythesis of Embedded Systems, Pittsburgh, USA, 2016: 1–10.
[27]	TALUKDER B M S B, RAY B, FORTE D, et al. PreLatPUF: Exploiting DRAM latency variations for generating robust device signatures[J]. IEEE Access, 2019, 7: 81106–81120. doi: 10.1109/ACCESS.2019.2923174