Real-time Detection and Localization of DoS Attacks in NoC based SoCs

Network-on-Chip (NoC) is widely employed by multi-core System-on-Chip (SoC) architectures to cater to their communication requirements. The increased usage of NoC and its distributed nature across the chip has made it a focal point of potential security attacks. Denial-of-Service (DoS) is one such attack that is caused by a malicious intellectual property (IP) core flooding the network with unnecessary packets causing significant performance degradation through NoC congestion. In this paper, we propose a lightweight and real-time DoS attack detection mechanism. Once a potential attack has been flagged, our approach is also capable of localizing the malicious IP using latency data gathered by NoC components. Experimental results demonstrate the effectiveness of our approach with timely attack detection and localization while incurring minor area and power overhead (less than 6% and 4%, respectively).

[1]  Lothar Thiele,et al.  A general framework for analysing system properties in platform-based embedded system designs , 2003, 2003 Design, Automation and Test in Europe Conference and Exhibition.

[2]  Cristina Silvano,et al.  Security Aspects in Networks-on-Chips: Overview and Proposals for Secure Implementations , 2007 .

[3]  Xiaoyang Zeng,et al.  Robustness Analysis of Mesh-Based Network-on-Chip Architecture under Flooding-Based Denial of Service Attacks , 2013, 2013 IEEE Eighth International Conference on Networking, Architecture and Storage.

[4]  Swarup Bhunia,et al.  Scalable Test Generation for Trojan Detection Using Side Channel Analysis , 2018, IEEE Transactions on Information Forensics and Security.

[5]  Lothar Thiele,et al.  Analytic real-time analysis and timed automata: a hybrid method for analyzing embedded real-time systems , 2009, EMSOFT '09.

[6]  Ümit Y. Ogras,et al.  Exploration of Memory and Cluster Modes in Directory-Based Many-Core CMPs , 2018, 2018 Twelfth IEEE/ACM International Symposium on Networks-on-Chip (NOCS).

[7]  Martin Lukasiewycz,et al.  Automotive Electrical and Electronic Architecture Security via Distributed In-Vehicle Traffic Monitoring , 2017, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[8]  Alexander Sprintson,et al.  GCA: Global Congestion Awareness for Load Balance in Networks-on-Chip , 2016, IEEE Trans. Parallel Distributed Syst..

[9]  Maurizio Palesi,et al.  ProNoC: A low latency network-on-chip based many-core system-on-chip prototyping platform , 2017, Microprocess. Microsystems.

[10]  Sanghamitra Roy,et al.  Runtime Detection of a Bandwidth Denial Attack from a Rogue Network-on-Chip , 2015, NOCS.

[11]  Somayeh Sardashti,et al.  The gem5 simulator , 2011, CARN.

[12]  Avinash Karanth Kodi,et al.  Secure model checkers for Network-on-Chip (NoC) architectures , 2016, 2016 International Great Lakes Symposium on VLSI (GLSVLSI).

[13]  Jean-Yves Le Boudec,et al.  Network Calculus: A Theory of Deterministic Queuing Systems for the Internet , 2001 .

[14]  Gianluca Palermo,et al.  A security monitoring service for NoCs , 2008, CODES+ISSS '08.

[15]  Prabhat Mishra,et al.  Trojan localization using symbolic algebra , 2019, 2017 22nd Asia and South Pacific Design Automation Conference (ASP-DAC).

[16]  Lothar Thiele,et al.  A simple approximation method for reducing the complexity of Modular Performance Analysis , 2010 .