Skip to main content
main-content
Top

About this book

This book provides readers with a valuable reference on cyber weapons and, in particular, viruses, software and hardware Trojans. The authors discuss in detail the most dangerous computer viruses, software Trojans and spyware, models of computer Trojans affecting computers, methods of implementation and mechanisms of their interaction with an attacker — a hacker, an intruder or an intelligence agent. Coverage includes Trojans in electronic equipment such as telecommunication systems, computers, mobile communication systems, cars and even consumer electronics. The evolutionary path of development of hardware Trojans from "cabinets", "crates" and "boxes" to the microcircuits (IC) is also discussed. Readers will benefit from the detailed review of the major known types of hardware Trojans in chips, principles of their design, mechanisms of their functioning, methods of their introduction, means of camouflaging and detecting, as well as methods of protection and counteraction.

Table of Contents

Frontmatter

Chapter 1. Information Weapon: Concepts, Means, Methods, and Examples of Application

Abstract
This chapter is dedicated to the analysis of concepts, means, and methods of implementation of new dangerous and effective information technology weapons (cyberweapons). For a deeper understanding of all aspects related to the development and application features of cyberweapons, the following issues are consistently discussed in this chapter: principles of ensuring information security of a sovereign state, main methods of modern information warfare. Information technology impacts are defined and classified, the most common of them are discussed in detail along with various technical channels of information leakage. Additionally, there are a number of examples of the use of this type of weapon.
Anatoly Belous, Vitali Saladukha

Chapter 2. Computer Viruses, Malicious Logic, and Spyware

Abstract
Computer viruses, software Trojans, and spyware are discussed in this chapter. The main models of impact of software Trojans on computers, methods of introduction, and their interaction with the attacker are considered. Software keylogger, the basic principles of rootkit technologies, cookies spyware, and Regin spyware are studied in detail. Various examples are given to illustrate ways of Trojan software introduction in a standard PE file of the Microsoft Windows operating system. The peculiarities of the most well-known methods for sensitive information retrieval based on the analysis of acoustic and electromagnetic radiation, as well as the most effective methods to ensure information protection from exposure to viruses, spyware, and software Trojans are considered in detail.
Anatoly Belous, Vitali Saladukha

Chapter 3. Hardware Trojans in Electronic Devices

Abstract
This chapter is a review of well-known hardware Trojans designed in order to be implemented into various electronic devices. Hardware and software Trojans in telecommunication systems (network equipment, firewalls routers, work servers, wireless works, and even operator workstations) are considered. A separate section is dedicated to hardware Trojans in computers. A separate section is dedicated to Trojans in mobile communication systems, household electronic appliances (TV sets, microwave ovens), electronic appliances for wireless data interception, as well as various exotic spy devices, such as micro spyware in clothes and boots and methods data theft from screens of portable computers and computer coolers (in system units, hard drives, and keyboards). Detailed overview of the main software and hardware solutions for the protection of phone conversations from malicious actions and interception of information is provided. The chapter also includes the first-ever examination of actual and potential hazards of a new type—car viruses.
Anatoly Belous, Vitali Saladukha

Chapter 4. Hardware Trojans in Microcircuits

Abstract
This chapter is an overview dedicated to detailed analysis of structures and mechanisms of operation of hardware Trojans in modern microcircuits. The beginning of the chapter describes theoretical basis of designing safe electronic equipment for critical applications and the first documented facts of detection of hardware Trojans in critical microcircuits. The chapter contains detailed overview of the classification of hardware Trojans in microcircuits, methods for injecting them into microcircuits and all basic mechanisms of activation of embedded hardware Trojans. Detailed are the most effective methods of identification of hardware Trojans in critical microcircuit. Also examined are the examples of development and implementation of specific types of hardware Trojans. Using specific examples, the features of introduction of hardware Trojans into passive radio frequency tags and wireless cryptographic ICs are considered. The final part of the chapter contains a more detailed review of the basic methods of designing hardware Trojans, as well as overview of the most effective methods of identification of hardware Trojans in microcircuits.
Anatoly Belous, Vitali Saladukha

Chapter 5. Methods of Detecting Hardware Trojans in Microcircuits

Abstract
In previous section, we performed a detailed examination of classification of Trojans in microcircuits, their design principles, functioning mechanisms, and masking methods. This chapter is dedicated to identification of the most effective means to identify hardware Trojans in microcircuits.
Anatoly Belous, Vitali Saladukha

Chapter 6. Reverse Engineering of Microcircuits

Abstract
As demonstrated in the previous chapter, one of the most widely used methods of identification of hardware Trojans in microcircuits is Reverse Engineering. This section of the book is one of the largest in terms of information contents; this is due to the fact that the authors intended this section to be usable as a practical manual for RE application. The beginning of this section contains an overview of the reasons for the emergence and the history of development of this direction, terms, and definitions, and features of its use to ensure protection of intellectual property rights. After that, a consistent and detailed description of all basic stages of implementation of this method with multiple specific examples is given. At first, a brief overview of implementation of the RE method for an electronic device (exemplified by a mobile phone) is given, followed by the sequence of RE stages for microcircuits. The section examines the stages of recovering an electrical circuit from the topology, features of implementation of frame-by-frame alignment of photographed topology fragments, two adjacent frames, images of topology fragments, features of the process of aligning a group of image frames, and specific methods of improving the quality of the obtained images, as well as the method of automating the process of connection (tracing) of recovered connections between elements, and much more. Unlike most earlier publications dedicated to RE-related problems, this section is the first to contain multiple methods and practical recommendations for implementing stages of preparation of submicron mircocircuit samples for their further study using the methods of scanning electronic microscopy and with the help of electrophysical analysis methods. RE specialists are well aware of the fact that the quality of final analysis results largely depends on proper execution of such preparatory operations. The chapter concludes with two sections dedicated to an overview of the methods of countering reverse engineering of microcircuits that are most commonly found in literature. This overview contains classification of countering methods, examination of specific technological, circuitry-based and constructive countering methods, including the methods of implementing hidden (masked) interconnections, means of introducing additional conductive traces and interlayer connect, and introduction of false transistors. In order to ensure a deeper understanding of the methods for organizing protection from RE, the authors provide a number of original technological solutions developed by the authors themselves and implemented in serial microcircuits produced in the Belarusian semiconductor holding “Integral.”
Anatoly Belous, Vitali Saladukha

Chapter 7. Countermeasures Against Hardware Trojans

Abstract
This section is essentially a systematized review of the results of studies dedicated to methods of counteracting hardware Trojans in microcircuits. It should be said from the very beginning that there are no such countermeasures that would ensure absolute protection from such threats. As noted above, there are no methods that would allow 100% identification of defects in manufactured microcircuits.
Wide variety of hardware Trojans creates equally wide variety of associated security threats, which has lead to the necessity to develop concepts of ensuring secure operation of systems containing infected microcircuits.
One of the ways to solve this task is the prevention of the possibility of activation of introduced Trojans. Security can be improved with the help of multi-level protection, in which every level is independently aimed at certain mechanisms of Trojan activation with subsequent integration of all these measures into general strategy of system protection.
Today, hundreds of research teams all around the world are looking for effective ways to solve this task.
At first, we will present an overview of the most common methods of hardware and software protection—data protection, protected microcircuit architectures on the RTL level, reconfigurable microcircuit architectures, replication, and other protection methods.
After that, we will consider the architectural solutions of a Trojan-resistant system on chip, features of applying the IEEE 1500 standard, using mathematical instruments of the games theory, classic methods of information forensic and features of using a sandbox to protect SoC from Trojans. We will also separately consider the method of FPGA protection from unauthorized copying based on the Identification Friend or Foe method.
Anatoly Belous, Vitali Saladukha

Chapter 8. Modern Weapons: Possibilities and Limitations

Abstract
In this chapter, we demonstrate that one of the main reasons behind the phenomenon of viruses and Trojans as main components of cyberweapons are the significant limitations and disadvantages of the absolute majority of modern weapons, including both classical types (chemical, nuclear, biological and space weapons) as well as all the types of exotic weapons (atmospheric, seismic, non-lethal, microwave, etc.). In a popular science form, with a minimum of mathematical expressions and formulas, we will show here all the main limitations and disadvantages of these classic and promising exotic weapons, and the reader will be able to make sure that the presence of these disadvantages and limitations can ultimately reduce all their theoretically high combat effectiveness to zero. Mass use of nuclear and space weapons is equivalent to suicide of the initiating party. The military themselves are well aware of all these disadvantages and limitations, as well as the fact that the use of such relatively new weapons as Trojans in modern local conflicts and network-centric wars can basically provide the same results as classic weapons while requiring incomparably less material, financial, and human resources with the risk of receiving a retaliatory strike from the enemy. We will also show that the only theoretical competitors to cyberweapons in the near future are neural weapons, to which a separate section is dedicated. In future wars, these two types of super weapons will act in solidarity, helping and protecting each other. The first section here contains a brief history of development of weapons. Using the example of analyzing the process of historical evolution of a knife, the authors show how the development of this simplest weapon stimulated the development of new technologies, new materials, and design ideas—this is how metallurgy, material processing technologies, new professions, etc. appeared. The second section is dedicated to the analysis of possibilities and technical limitations of modern space weapons. In this section, the authors review technical capabilities and limitations of all possible means of destruction of ballistic missiles (laser, beam, kinetic and electromagnetic weapons), as wells as problematic issues of ensuring technical and operational reliability of function of the space layer of missile defense, which have not been discussed in open press earlier. The paradox of limitedness of the unlimited near-Earth space is also considered in detail for the first time in open press. The third section is dedicated to the analysis of possibilities and limitations of using ground microwave weapons (microwave units as well as regular and nuclear microwave ammunitions), including the main types of non-lethal weapons. The fourth section examines various types of microwave weapons for atmospheric and space applications (radio frequency, kinetic and energy, plasma, laser, beam, etc.); it also contains the results of the authors’ analysis of microwave complexes of countering modern high-frequency weapons, including technical complexes of jamming high-frequency weapons, which significantly reduce the effectiveness of these weapons in practice. The fifth section is dedicated to analysis of the problem of high-frequency active HAARP studies from the point of view of the possibility of using it as an atmospheric weapon, as well as comparison of suggested functions of the same systems created in the USA, Europe, and the USSR/Russia. The possibilities and limitations of using so-called chemoacoustic waves as a seismic weapon are considered separately. The sixth section contains an overview of possibilities and limitations of a new promising type of weapons—neural weapons. The section contains a detailed examination of such components as military neuroscience, military neuropharmacology, artificial brain stimulation, brain–computer interfaces, biochemical neural weapons, information-based (software-based) neuroweapons, as well as an analysis of potential threats of neuroweapons. The concluding section includes an overview of specifics and advantages of the USA, China, and Russia in the race of neural weapons. The seventh section is dedicated to final results of authors’ retrospective analysis of the information about software and hardware Trojans as a technological platform for cyberweapons. The eighth section considers the main provisions of the modern technology of security control in microelectronics, as well as the necessary regulatory and methodological base of ensuring security of supply channels of microcircuits for critical information system. The concluding ninth section is dedicated to the main principles of development of a state strategy for ensuring cybersecurity.
Anatoly Belous, Vitali Saladukha

Backmatter

Additional information