On Denial of Service attacks and Hardware vulnerabilities

Denial of Service attacks are growning and getting the attention of the news: some of the latest incidents are krebonsecurity , OVH and Dyn. The economics behind these attacks are helping the attackers: today it costs little to mount a devastating DDoS attack able to block even a sizable part of Internet, thanks to all the botnets of unsafe machines, from PCs to routers and IoTs. Defence can be much more expensive than attack, and in some cases even than the ransom.

How did we get in this mess? This trend is not good at all, these attacks could threaten Internet itself, even if this would not be in the interest of the attackers (not considering State sponsored ones).

Fixing the current situation will be extremely expensive, many devices cannot be “fixed” but need just to be replaced. But before doing that, we need to build “secure” devices and design networks and protocols that support them and are somehow interoperable with the current ones. How? And When?

At the same time, a new trend is emerging: security vulnerabilities in Hardware.

The Rowhammer bug and its recent implementations in Virtual machines and Adroid phones (DRAMMER) or the ASLR vulnerability can open new scenarios. Hardware must provide the foundation of the security of all IT processing: data should be protected, accesses should be controlled etc. But we are discovering that the Hardware that we have been relying upon for the development of IT in the last 20 years, could have reached its limits. New security features are needed (see for example this) and vulnerabilities are discovered that must be managed, and not always it will be possible to fix them in software.

On Hardware Backdoors

Since at least the ’70s, the time of Multics (see eg. this old document on the vulnerability analysis of Multics security), the Orange Books, Military IT security etc., the role of hardware in IT security has been discussed, evaluated and implemented.

In the last years the discussion has risen again in particular about the possibility of hardware backdoors and malicious hardware. For example, since the publication of the Snowden documents there have been rumors about possible hardware backdoors in Intel, AMD and Cisco products.

A few days ago at the 2016 IEEE Symposium on Security and Privacy has been presented this paper (see eg. also here for a summary) describing how to implement a Hardware Backdoor called Analog Malicious Hardware which, as of today, seems practically impossible to detect.  The researchers were able to add a tiny circuit composed by a capacitor and a few transistors wrapped up in a single gate, out of the millions or billions in a modern chip, which acts as the hardware Trojan horse.

How difficult could it be to add a single, almost undetectable gate to the blue prints of a chip at the chip factory? How can be verified that similar gates are not present on a chip?

PS. 10 years ago I gave a couple of seminars in Italian about some aspects of history of IT security and I looked into some issues of how hardware must support the security features of Operating Systems; if interested some slides and a paper (in Italian) can be found here and here.