基于GSCPN的硬件木马攻击建模与安全性分析  

作　　者：梅波 郭威[1] 曹志鹏 李沛杰 张文博[1] MEI Bo;GUO Wei;CAO Zhipeng;LI Peijie;ZHANG Wenbo(Information Engineering University,Zhengzhou 450001,China)

机构地区：[1]信息工程大学,河南郑州450001

出　　处：《网络与信息安全学报》2024年第4期72-84,共13页Chinese Journal of Network and Information Security

基　　金：国家重点研发计划(2022YFB4401401)。

摘　　要：针对硬件木马(hardware trojan,HT)的研究主要集中在HT设计和防御的具体策略,缺乏面向HT攻击的系统安全性量化评估模型的问题,提出了基于广义随机着色petri网(generalized stochastic coloring petri net,GSCPN)的HT攻击和安全评估模型。基于单个基本单元的HT攻击行为和状态之间的时序关系,构建了单个基本单元的HT攻击GSCPN模型,根据系统工作状态下基本单元的通信依赖关系,给出了构建系统HT攻击GSCPN模型的通用方法。求解了与GSCPN模型同构的马尔可夫链的解析解,以及采用蒙特卡罗模拟方法的仿真解,二者的误差仅为0.00183,验证了所提方法建模的准确性。通过案例分析了不同场景下系统的安全性,实验结果表明,木马攻击强度、木马恢复时间和任务执行时间均对安全性有不同程度的影响。Addressing the issue that research on hardware Trojan(HT)has predominantly focused on specific strategies of HT design and defense,with a deficiency in quantitative evaluation models for system security in the context of HT attacks,a HT attack and security assessment model based on the generalized stochastic coloring Petri net(GSCPN)was proposed.The GSCPN model representing the HT attack of a single basic unit was constructed,founded on the temporal relationship between HT attack behaviors and the states of a single basic unit.A general method for constructing the GSCPN model of HT attack for the entire system was provided,based on the communication dependency relationships between the basic units during the system’s operational state.The analytical solution of the Markov chain isomorphous to the GSCPN model was derived,alongside the simulation solution achieved using the Monte Carlo simulation method.The discrepancy between the two methods was a mere 0.00183,which verified the precision of the modeling approach.The security of the system under various scenarios was analyzed through a straightforward case study.The experimental results indicate that the intensity of the HT attack,HT recovery time,and task execution time all exert varying degrees of influence on system security.

关 键 词：硬件木马 广义随机着色petri网 攻击建模 连续时间马尔可夫链 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]