HIT: A Hidden Instruction Trojan Model for Processors
Jiaqi Zhang1,2,a, Ying Zhang1,b, Huawei Li2,c and Jianhui Jiang1,d
1School of Software Engineering, Tongji University, China
2SKLCA, Institute of Computing Technology, Chinese Academy of Sciences, China
azhangjiaqi121@126.com
byingzhang@tongji.edu.cn
clihuawei@ict.ac.cn
djhjiang@tongji.edu.cn
ABSTRACT
This paper explores an intrusion mechanism to microprocessors using illegal instructions, namely hidden instruction Trojan (HIT). It uses a low-probability sequence consisting of normal instructions as a boot sequence, followed by an illegal instruction to trigger the Trojan. The payload is a hidden interrupt to force the program counter to a specific address. Hence the program at the address has the super privileges. Meanwhile, we use integer programming to minimize the trigger probability of HIT within a given area overhead. The experimental results demonstrate that HIT has an extremely low trigger probability and can survive from the detection of the existing test methods.