Trojan bio-hacking of DNA-sequencing pipeline

M. S. Islam, S. Ivanov, K. Doolin, L. Coffey, T. M. Dooley-Cullinane, D. Berry, S. Balasubramaniam

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Citations (Scopus)

Abstract

The article focuses on the information security risks that arise from the use of dubious software as part of a DNA-sequencing pipeline. We show how the perpetrator can use a biologically engineered sample that contains the remote machine’s IP address and port number to trigger Trojan spyware previously dormant, and create a connection to the remote machine. The spyware is then used to either steal sensitive data processed by the pipeline (e.g. DNA-sample of crime suspect) or manipulate its control-flow (e.g. via opening a backdoor). To avoid detection the spyware can accept and expect required payload in fragments, which are also hidden inside the sample in a distributed manner. We show how the adversary can use cryptographic tools such as encryption and steganography to make such detection even harder while limiting the footprint that either identifies the attacker or makes the trigger-sample substantially different from its biological species. Therefore, we prove the viability of the attack and further stress the need to account for attacks being launched from the physical, rather than cyber-world. Furthermore, DNA sequencing error can hinder the successful delivery of a payload, hence the success of such attacks. We estimate the success rates for different sequencing error rates, where the calculated results are also verified with corresponding results from simulations.

Original languageEnglish
Title of host publicationProceedings of the 6th ACM International Conference on Nanoscale Computing and Communication, NANOCOM 2019
PublisherAssociation for Computing Machinery (ACM)
ISBN (Electronic)9781450368971
DOIs
Publication statusPublished - 25 Sep 2019
Event6th ACM International Conference on Nanoscale Computing and Communication, NANOCOM 2019 - Dublin, Ireland
Duration: 25 Sep 201927 Sep 2019

Publication series

NameProceedings of the 6th ACM International Conference on Nanoscale Computing and Communication, NANOCOM 2019

Conference

Conference6th ACM International Conference on Nanoscale Computing and Communication, NANOCOM 2019
Country/TerritoryIreland
CityDublin
Period25/09/201927/09/2019

Keywords

  • Bio-Hacking
  • DNA-Sequencing Pipeline
  • Encryption
  • Steganography

Fingerprint

Dive into the research topics of 'Trojan bio-hacking of DNA-sequencing pipeline'. Together they form a unique fingerprint.

Cite this