Naghmeh Karimi

Associate Professor
Department of Computer Science and Electrical Engineering
University of Maryland Baltimore County (UMBC)

Recent and Current Research Projects

Security and Device Aging: Friends or Foes?

The goal of this project is to understand the aging-related risks that jeopardize the security of cryptographic devices (particularly those protected against physical attacks), and develop solutions to ensure security when device aging comes into account. In particular, in this research (supported through an NSF CAREER award) we mainly focus on the impact of device aging on the success of the side-channel attacks and fault injection attacks launched on cryptographic chips to recover their secret keys. We also look into the impact of aging on the existing hardware Trojan detection schemes as well as hardware Trojan triggering mechanisms. More details can be found HERE.


PUFs and Their Resiliency Against Side-Channel Based Modeling Attacks

Thanks to their unique signature, Physically Unclonable Functions (PUFs) are broadly used for device authentication as well as key generation for cryptographic modules. Although deemed to be unclonable, the behavior of these secure primitives may be modeled via machine learning schmes by monitoring their power side-channel thus jeopardizing the security of the underlying circuits. To thwart such modeling attacks, a number of countermeasures have been proposed in recent years. In this project we target the unprotected as well as protected arbiter-PUF families investigate show their vulnerability against side-channel based modeling attacks. We move one step forward and demonstrate how a model built from one PUF sample using its power traces can be used to attack another PUF circuitry realized from the same GDSII file. More details can be found HERE.


Digital Sensors: Design, Configuration, and Leverage to Detect Faults and Failures

During the chip design phase, well-defined environmental conditions in which a chip can operate without experiencing any failure and/or compromising its security is drawn. These conditions, the so-called PVT, relate to the proper range of operating temperature, voltage, and manufacturing process altogether. Although designed to work under nominal PVT conditions, a chip may be placed under various unintentional and/or malicious stress violating its intended PVT. To detect such violations and attacks, in this project we focus on digital sensors and develop low cost sensors that can detect attacks and failures with a high accuracy even when the circuit has been aged. More details can be found HERE.


Hardware Based Authentication in IoT Frameworks

Physically Unclonable Functions (PUFs) are promising solutions for device authentication, especially for IoT frameworks with resource-constrained devices. However, PUFs are vulnerable to modeling attacks where a PUF model is built using a small subset of its Challenge-Response Pairs (CRPs). To thwart such an attack in this project we propose a number of low cost protocol level PUF-based authentication schemes that prevent the adversary from having access to the challenge response pairs. One solution can be deploying adversarial machine learning to perturb the model an adversary builds based on the intercepted CRPs. More details can be found HERE.


IP and IC Protection

High complexity and cost of manufacturing integrated circuits (ICs) has invoked the outsourcing of design and fabrication to different parties across the globe. Such globalization has jeopardized the security and trustworthiness of ICs and introduced new security vulnerabilities including but not limited to (1) tampering the circuit to insert hardware Trojans (2) reverse engineering of the IC or related design; (3) cloning and unallowed overproduction by the foundry; and (4) IC counterfeiting, mainly recycling ICs from outdated systems and utilizing them in the target systems. Due to the large size and complexity of the state-of-the-art circuits and versatility and the stealthy nature of hardware attacks, focusing on conventional security preserving algorithms to encounter hardware security threats is neither sufficient nor efficient. Accordingly, in this research we deploy machine learning schemes to counter such attacks. More details can be found HERE.












UMBC CSEE Logo