Rahul Vishwakarma,Amin Rezaei

2023-10-14

Abstract:As the semiconductor industry has shifted to a fabless paradigm, the risk of hardware Trojans being inserted at various stages of production has also increased. Recently, there has been a growing trend toward the use of machine learning solutions to detect hardware Trojans more effectively, with a focus on the accuracy of the model as an evaluation metric. However, in a high-risk and sensitive domain, we cannot accept even a small misclassification. Additionally, it is unrealistic to expect an ideal model, especially when Trojans evolve over time. Therefore, we need metrics to assess the trustworthiness of detected Trojans and a mechanism to simulate unseen ones. In this paper, we generate evolving hardware Trojans using our proposed novel conformalized generative adversarial networks and offer an efficient approach to detecting them based on a non-invasive algorithm-agnostic statistical inference framework that leverages the Mondrian conformal predictor. The method acts like a wrapper over any of the machine learning models and produces set predictions along with uncertainty quantification for each new detected Trojan for more robust decision-making. In the case of a NULL set, a novel method to reject the decision by providing a calibrated explainability is discussed. The proposed approach has been validated on both synthetic and real chip-level benchmarks and proven to pave the way for researchers looking to find informed machine learning solutions to hardware security problems.

Cryptography and Security

Sriram Sankaran,Vamshi Sunku Mohan,A Purushothaman.

DOI: https://doi.org/10.1109/ises52644.2021.00050

2021-12-01

Abstract:Hardware Trojans are modifications made by malicious insiders or third party providers during the design or fabrication phase of the IC (Integrated Circuits) design cycle in a covert manner. These cause catastrophic consequences ranging from manipulating the functionality of individual blocks to disabling the entire chip. Thus, a need for detecting trojans becomes necessary. In this work, we propose a deep learning based approach for detecting trojans in IC chips. In particular, we insert trojans at the circuit-level and generate data by measuring power during normal operation and under attack. Further, we develop deep learning models using Neural networks and Auto-encoders to analyze datasets for outlier detection by profiling the normal behavior and leveraging them to detect anomalies in power consumption. Our approach is generic and non-invasive in that it can be applied to any block without any modifications to the design. Evaluation of the proposed approach shows an accuracy ranging from 92.23% to 99.33% in detecting trojans.

Chen Dong,Yinan Yao,Yi Xu,Ximeng Liu,Yan Wang,Hao Zhang,Li Xu

DOI: https://doi.org/10.3390/s23125503

2023-06-11

Abstract:The Cyber-Physical System and even the Metaverse will become the second space in which human beings live. While bringing convenience to human beings, it also brings many security threats. These threats may come from software or hardware. There has been a lot of research on managing malware, and there are many mature commercial products, such as antivirus software, firewalls, etc. In stark contrast, the research community on governing malicious hardware is still in its infancy. Chips are the core component of hardware, and hardware Trojans are the primary and complex security issue faced by chips. Detection of hardware Trojans is the first step for dealing with malicious circuits. Due to the limitation of the golden chip and the computational consumption, the existing traditional detection methods are not applicable to very large-scale integration. The performances of traditional machine-learning-based methods depend on the accuracy of the multi-feature representation, and most of the methods may lead to instability because of the difficulty of extracting features manually. In this paper, employing deep learning, a multiscale detection model for automatic feature extraction is proposed. The model is called MHTtext and provides two strategies to balance the accuracy and computational consumption. After selecting a strategy according to the actual situations and requirements, the MHTtext generates the corresponding path sentences from the netlist and employs TextCNN for identification. Further, it can also obtain non-repeated hardware Trojan component information to improve its stability performance. Moreover, a new evaluation metric is established to intuitively measure the model's effectiveness and balance: the stabilization efficiency index (SEI). In the experimental results for the benchmark netlists, the average accuracy (ACC) in the TextCNN of the global strategy is as high as 99.26%, and one of its stabilization efficiency index values ranks first with a score of 71.21 in all comparison classifiers. The local strategy also achieved an excellent effect, according to the SEI. The results show that the proposed MHTtext model has high stability, flexibility, and accuracy, in general.

Fredin Jose,M. Priyatharishini,M. Nirmala Devi

DOI: https://doi.org/10.1007/978-981-16-5655-2_19

2022-01-01

Abstract:The exponential growth in technological development boosted the IC industry in production of IC chips in a span of 12–18 months. It has paved way for increased outsourcing which leads to malicious modification by inserting hardware trojans. It becomes necessary to detect these defects before IC fabrication in pre-silicon production stage to save the production cost. In this paper, we propose a method for HT detection using gate level netlist. Extracted features from the netlist of circuits are used for dataset creation. From the extracted features, designed deep learning neural network model figures out salient trojan features required for HT classification of nets into trojan-free and trojan infected nets. In addition to this, data imbalance problem occurs in dataset is taken care by preprocessing data using generative adversarial network. Deep learning-based hardware trojan classifier is evaluated with performance metrics like confusion matrix, F-measure, accuracy for ISCAS’85,’89 benchmark circuits and Trust-Hub circuits.

R. Vishnupriya,M. Nirmala Devi

DOI: https://doi.org/10.1007/978-981-15-7234-0_30

2020-10-18

Abstract:Due to the outsourcing of integrated circuit manufacturing to third party vendors. The chances of malicious hardware insertion also got increased. Untrusted foundries can always add Hardware Trojan circuits, which can alter the behavior or working of the integrated circuits. Since new hardware threats are emerging day by day, a generalized solution for threat detection should be defined. Machine learning based threat detection which is widely popular nowadays, it requires handcrafted features. On the contrary, the Deep Learning (DL) class of ML can choose the relevant features and learn, which has been proposed in this paper. Raw circuit features are extracted and fed to the DL model (Deep Stacked Auto Encoder), which could extract features that can aid in Trojan detection. 95% average TPR and 75% average TNR is obtained and which is higher than previously discussed works.

Maitreyi Ashok,Matthew J. Turner,Ronald L. Walsworth,Edlyn V. Levine,Anantha P. Chandrakasan

DOI: https://doi.org/10.1145/3531010

2022-04-30

Abstract:This paper presents a method for hardware trojan detection in integrated circuits. Unsupervised deep learning is used to classify wide field-of-view (4x4 mm$^2$), high spatial resolution magnetic field images taken using a Quantum Diamond Microscope (QDM). QDM magnetic imaging is enhanced using quantum control techniques and improved diamond material to increase magnetic field sensitivity by a factor of 4 and measurement speed by a factor of 16 over previous demonstrations. These upgrades facilitate the first demonstration of QDM magnetic field measurement for hardware trojan detection. Unsupervised convolutional neural networks and clustering are used to infer trojan presence from unlabeled data sets of 600x600 pixel magnetic field images without human bias. This analysis is shown to be more accurate than principal component analysis for distinguishing between field programmable gate arrays configured with trojan free and trojan inserted logic. This framework is tested on a set of scalable trojans that we developed and measured with the QDM. Scalable and TrustHub trojans are detectable down to a minimum trojan trigger size of 0.5% of the total logic. The trojan detection framework can be used for golden-chip free detection, since knowledge of the chips' identities is only used to evaluate detection accuracy

Computer Vision and Pattern Recognition,Image and Video Processing,Instrumentation and Detectors

Wenjing Tang,Jing Su,Jiaji He,Yuchan Gao

DOI: https://doi.org/10.3390/electronics11152400

IF: 2.9

2022-08-01

Electronics

Abstract:The chip manufacturing of integrated circuits requires the participation of multiple parties, which greatly increases the possibility of hardware Trojan insertion and poses a significant threat to the entire hardware device landing; however, traditional hardware Trojan detection methods require gold chips, so the detection cost is relatively high. The attention mechanism can extract data with more adequate features, which can enhance the expressiveness of the network. This paper combines an attention module with a multilayer perceptron and convolutional neural network for hardware Trojan detection based on side-channel information, and evaluates the detection results by implementing specific experiments. The results show that the proposed method significantly outperforms machine learning classification methods and network-related methods, such as SVM and KNN, in terms of accuracy, precision, recall, and F1 value. In addition, the proposed method is effective in detecting data containing one or multiple hardware Trojans, and shows high sensitivity to the size of datasets.

engineering, electrical & electronic,computer science, information systems,physics, applied

Zhixin Pan,Prabhat Mishra

DOI: https://doi.org/10.1109/tcad.2024.3354889

IF: 2.9

2024-01-01

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Abstract:Supply chain vulnerability provides the opportunity for the attackers to implant hardware Trojans in System-on-Chip (SoC) designs. While machine learning (ML) based Trojan detection is promising, it suffers from three practical limitations: (i) golden model may not be available, (ii) lack of human expertise for Trojan feature selection, and (iii) limited learning transferability can lead to unacceptable performance in new benchmarks with unseen Trojans. While recent approach based on transfer learning addresses some of these concerns, it still requires re-training for fine-tuning the model using domain-specific (e.g., hardware Trojan features) knowledge. In this paper, we propose a Trojan detection framework utilizing zero-shot learning to address the above challenges. The proposed framework adopts the idea of self-supervised learning, where a pre-trained graph convolutional network (GCN) is utilized to extract underlined common sense about hardware Trojans, and a metric learning task is used to measure the similarity between test inputs and malicious samples to make classification. Extensive experimental evaluation demonstrates that our approach has four major advantages compared to state-of-the-art techniques: (i) does not require any golden model during Trojan detection, (ii) can handle both unknown Trojans and unseen benchmarks without any changes to the network, (iii) drastic reduction in training time, and (iv) significant improvement in detection efficiency (10.5% on average).

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Harshit Kumar,Nikhil Chawla,Saibal Mukhopadhyay

DOI: https://doi.org/10.48550/arXiv.2103.11519

2021-03-22

Abstract:Hardware-based Malware Detectors (HMDs) using Machine Learning (ML) models have shown promise in detecting malicious workloads. However, the conventional black-box based machine learning (ML) approach used in these HMDs fail to address the uncertain predictions, including those made on zero-day malware. The ML models used in HMDs are agnostic to the uncertainty that determines whether the model "knows what it knows," severely undermining its trustworthiness. We propose an ensemble-based approach that quantifies uncertainty in predictions made by ML models of an HMD, when it encounters an unknown workload than the ones it was trained on. We test our approach on two different HMDs that have been proposed in the literature. We show that the proposed uncertainty estimator can detect >90% of unknown workloads for the Power-management based HMD, and conclude that the overlapping benign and malware classes undermine the trustworthiness of the Performance Counter-based HMD.

Cryptography and Security,Machine Learning

Joseph Clements,Yingjie Lao

DOI: https://doi.org/10.48550/arXiv.1806.05768

IF: 5.414

2018-06-14

Machine Learning

Abstract:With the rising popularity of machine learning and the ever increasing demand for computational power, there is a growing need for hardware optimized implementations of neural networks and other machine learning models. As the technology evolves, it is also plausible that machine learning or artificial intelligence will soon become consumer electronic products and military equipment, in the form of well-trained models. Unfortunately, the modern fabless business model of manufacturing hardware, while economic, leads to deficiencies in security through the supply chain. In this paper, we illuminate these security issues by introducing hardware Trojan attacks on neural networks, expanding the current taxonomy of neural network security to incorporate attacks of this nature. To aid in this, we develop a novel framework for inserting malicious hardware Trojans in the implementation of a neural network classifier. We evaluate the capabilities of the adversary in this setting by implementing the attack algorithm on convolutional neural networks while controlling a variety of parameters available to the adversary. Our experimental results show that the proposed algorithm could effectively classify a selected input trigger as a specified class on the MNIST dataset by injecting hardware Trojans into $0.03\%$, on average, of neurons in the 5th hidden layer of arbitrary 7-layer convolutional neural networks, while undetectable under the test data. Finally, we discuss the potential defenses to protect neural networks against hardware Trojan attacks.

Jinghui Chen,Chen Dong,Fan Zhang,Guorong He

DOI: https://doi.org/10.1109/CCET48361.2019.8988946

2019-01-01

Abstract:As the core component of the electronic devices, the integrated circuit (IC) must be taken seriously with its security. The pre-silicon detection methods do not require gold chips, are not affected by process noise and are suitable for the safe detection of a very large scale integration (VLSI). Therefore, more and more researchers are paying attention to the pre-silicon detection method. In this paper, we propose a machine-learning-based hardware-Trojans detection method in gate-level. First, by the analysis of the Trojan circuits, we put forward new Trojan-net features. After that, we use the scoring mechanism of the eXtreme Gradient Boosting (XGBoost) to set up a new effective feature set of 49 out of 56 features. Finally, the hardware-Trojan classifier was trained based on the effective feature set. The experimental results show that the proposed method can obtain the average Recall of 89.84%, the average F-measure of 87.75% and the average Accuracy of 99.83%. Furthermore, through the comparison experiments, it is proved that the features proposed in this paper can further improve the performance of detection.

Ameya Kulkarni,Chengying Xu

DOI: https://doi.org/10.3389/fmech.2021.709924

2021-07-27

Frontiers in Mechanical Engineering

Abstract:Deep learning methods have been extensively studied and have been proven to be very useful in multiple fields of technology. This paper presents a deep learning approach to optically detect hidden hardware trojans in the manufacturing and assembly phase of printed circuit boards to secure electronic supply chains. Trojans can serve as backdoors of accessing on chip data, can potentially alter functioning and in some cases may even deny intended service of the chip. Apart from consumer electronics, printed circuit boards are used in mission critical applications like military and space equipment. Security compromise or data theft can have severe impact and thus demand research attention. The advantage of the proposed method is that it can be implemented in a manufacturing environment with limited training data. It can also provide better coverage in detection of hardware trojans over traditional methods. Image recognition algorithms need to have deeper penetration inside the training layers for recognizing physical variations of image patches. However, traditional network architectures often face vanishing gradient problem when the network layers are added. This hampers the overall accuracy of the network. To solve this a Residual network with multiple layers is used in this article. The ResNet34 algorithm can identify manufacturing tolerances and can differentiate between a manufacturing defect and a hardware trojan. The ResNet operates on the fundamental principle of learning from the residual of the output of preceding layer. In the degradation issue, it is observed that, a shallower network performs better than deeper network. However, this is with the downside of lower accuracy. Thus, a skip connection is made to provide an alternative path for the gradient to skip forward the training of few layers and add in multiple repeating blocks to achieve higher accuracy and lower training times. Implementation of this method can bolster automated optical inspection setup used to detect manufacturing variances on a printed circuit board. The results show a 98.5% accuracy in optically detecting trojans by this method and can help cut down redundancy of physically testing each board. The research results also provide a new consideration of hardware trojan benchmarking and its effect on optical detection.

Pravin Gaikwad,Jonathan Cruz,Prabuddha Chakraborty,Swarup Bhunia,Tamzidul Hoque

DOI: https://doi.org/10.1145/3592795

IF: 2.013

2023-04-18

ACM Journal on Emerging Technologies in Computing Systems

Abstract:System-on-chip (SoC) developers increasingly rely on pre-verified hardware intellectual property (IP) blocks often acquired from untrusted third-party vendors. These IPs might contain hidden malicious functionalities or hardware Trojans that may compromise the security of the fabricated SoCs. Lack of golden or reference models and vast possible Trojan attack space form some of the major barriers in detecting hardware Trojans in these third-party IP (3PIP) blocks. Recently, supervised machine learning (ML) techniques have shown promising capability in identifying nets of potential Trojans in 3PIPs without the need of golden models. However, they bring several major challenges. First, they do not guide us to an optimal choice of features that reliably covers diverse classes of Trojans. Second, they require multiple Trojan-free/trusted designs to insert known Trojans and generate a trained model. Even if a set of trusted designs are available for training, the suspect IP can have inherently very different structure from the set of trusted designs, which may negatively impact the verification outcome. Third, these techniques only identify a set of suspect Trojan nets that require manual intervention to understand the potential threat. In this paper, we present VIPR, a systematic machine learning (ML) based trust verification solution for 3PIPs that eliminates the need for trusted designs for training. We present a comprehensive framework, associated algorithms, and a tool flow for obtaining an optimal set of features, training a targeted machine learning model, detecting suspect nets, and identifying Trojan circuitry from the suspect nets. We evaluate the framework on several Trust-Hub Trojan benchmarks and provide a comparative analysis of detection performance across different trained models, selection of features, and post-processing techniques. We demonstrate promising Trojan detection accuracy for VIPR with up to 92.85% reduction in false positives by the proposed post-processing algorithm.

engineering, electrical & electronic,computer science, hardware & architecture,nanoscience & nanotechnology

Priyatharishini Murugesan,Nirmala Manickam,,

DOI: https://doi.org/10.22266/ijies2020.1231.28

2020-12-31

International Journal of Intelligent Engineering and Systems

Abstract:In modern electronic design, hardware Trojan has emerged as a major threat in the hardware security. To detect the hardware Trojan is a major problem in testing process because of their inherent concealed nature. In this work, we propose a deep learning-based Trojan classification approach, which extracts the optimal feature to indicate the nets affected by the Trojan module. In this approach, a handcrafted algorithm along with the structural report is also analyzed for extracting further features of the gate level netlist, which stamp out the requirement of golden chip. This detection technique is also validated using game theoretical approach, which is modelled as zero-sum game between the attacker and the defender. The Simulation is employed on ISCAS’85, ISCAS’89 and Trust-HUB circuits and the deep learning algorithm performs the best in detection and classification of Trojan type with an average True positive rate of 96.69% and an accuracy of 96.25%.

Amin Sarihi,Peter Jamieson,Ahmad Patooghy,Abdel-Hameed A. Badawy

2023-04-26

Abstract:Hardware Trojans (HTs) are undesired design or manufacturing modifications that can severely alter the security and functionality of digital integrated circuits. HTs can be inserted according to various design criteria, e.g., nets switching activity, observability, controllability, etc. However, to our knowledge, most HT detection methods are only based on a single criterion, i.e., nets switching activity. This paper proposes a multi-criteria reinforcement learning (RL) HT detection tool that features a tunable reward function for different HT detection scenarios. The tool allows for exploring existing detection strategies and can adapt new detection scenarios with minimal effort. We also propose a generic methodology for comparing HT detection methods fairly. Our preliminary results show an average of 84.2% successful HT detection in ISCAS-85 benchmark

Hardware Architecture,Cryptography and Security,Machine Learning

Han Zhang,Yinhao Zhou,Ying Li

DOI: https://doi.org/10.1109/ats59501.2023.10317998

2023-01-01

Abstract:Among all hardware security threats, the malicious circuits surreptitiously inserted into third-Party Intellectual Property (3PIP) cores, known as Hardware Trojans (HTs), is one of the main concerns. The early discovery of HTs is crucial because any countermeasure after the fabrication process would be expensive or unavailable. Graph Neural Networks (GNN), with the intuitive graph representation of a hardware design, has emerged as a powerful technique to solve this problem. However, most of these networks have two limitations, including the loss of dynamic structural features and the portability issue of using trained models in other designs. To this end, we address such limitations by proposing a new edge-featured Data Flow Graph (DFG) generation method that combines circuit structures with simulation data to establish HTs detection based on Graph Attention Networks (GAT). The solution is utilizing GAT to extract the HTs features from DFG, then identifying the known and unknown HTs hidden in different circuits. We evaluate this methodology on our dataset by expanding Trusthub HTs benchmarks. The results show that our approach can realize the HTs detection with high recall and precision in a short time. Compared with the previous method, our method has more scalable capability and excellent prospects in HTs detection.

Taifeng Hu,Liji Wu,Xiangmin Zhang,Yanzhao Yin,Yijun Yang

DOI: https://doi.org/10.1109/icasid.2019.8924992

2019-01-01

Abstract:With the application of integrated circuits (ICs) appears in all aspects of life, whether an IC is security and reliable has caused increasing worry which is of significant necessity. An attacker can achieve the malicious purpose by adding or removing some modules, so called hardware Trojans (HTs). In this paper, we use side-channel analysis (SCA) and support vector machine (SVM) classifier to determine whether there is a Trojan in the circuit. We use SAKURA-G circuit board with Xilinx SPARTAN-6 to complete our experiment. Results show that the Trojan detection rate is up to 93% and the classification accuracy is up to 91.8475%.

Fan Zhang,Chen Dong,Wucheng Hu,Jinghui Chen,Guorong He

DOI: https://doi.org/10.1109/IAEAC47372.2019.8997863

2019-01-01

Abstract:EDA tools almost completely automate the current chip design. However, EDA tools are all provided by third-party companies, therefore the credibility of EDA tools and the trust issues brought by their process libraries have attracted people's attention. Given these problems, this paper proposes a self-training hardware Trojan confrontation framework based on machine learning embedded in EDA tools. The framework focuses on the gate-level netlist files generated during the integrated chip comprehensive optimization phase, thereby detects, locates and deletes hardware Trojans that may appear. The experimental results show that the framework can achieve more than 85% detection effect for unknown hardware Trojans. Moreover, for known hardware Trojans, this framework can achieve almost 100% detection. Accordingly, hardware Trojans can be located and deleted.

Hadis Ghanei,Farnoush Manavi,Ali Hamzeh

DOI: https://doi.org/10.1007/s11416-021-00386-y

2021-05-08

Journal of Computer Virology and Hacking Techniques

Abstract:With the increasing availability of internet access, the number of malware is growing dramatically. So, defence against malware is an important issue in the security of computers and networks. Hence, malware detection systems are important. The most common method for malware detection is a signature-based technique. Nowadays, malware attempt to deceive all kinds of anti-malware, using obfuscation mechanisms and polymorphic behaviours, thus this method is not able to detect such malware and is not very effective. One way to deal with these types of malware is through dynamic malware analysis that requires executing the malware and monitoring its behaviour. In this paper, a novel dynamic malware detection method is presented which utilizes hardware events during file execution such as hardware port status, CPU internal status, main memory status, etc., as features of the classification model. Then, two Deep Neural Network (DNN) based algorithms, Convolutional Neural Network (CNN) and Long Short-Term Memory (LSTM), are used to construct the machine learning model. Finally, the voting network is used between the outputs of CNNs and the LSTM network, and the label of the suspicious sample is determined. The results show that the combination of hardware events as feature inputs, with LSTM and voting network can be effective in detecting new malware.

Kevin Immanuel Gubbi,Banafsheh Saber Latibari,Anirudh Srikanth,Tyler Sheaves,Sayed Arash Beheshti-Shirazi,Sai Manoj PD,Satareh Rafatirad,Avesta Sasan,Houman Homayoun,Soheil Salehi

DOI: https://doi.org/10.1145/3579823

2023-04-21

ACM Transactions on Embedded Computing Systems

Abstract:With the growth and globalization of IC design and development, there is an increase in the number of Designers and Design houses. As setting up a fabrication facility may easily cost upwards of $20 billion, costs for advanced nodes may be even greater. IC design houses that cannot produce their chips in-house have no option but to use external foundries that are often in other countries. Establishing trust with these external foundries can be a challenge, and these foundries are assumed to be untrusted. The use of these untrusted foundries in the global semiconductor supply chain has raised concerns about the security of the fabricated ICs targeted for sensitive applications. One of these security threats is the adversarial infestation of fabricated ICs with a Hardware Trojan (HT) . An HT can be broadly described as a malicious modification to a circuit to control, modify, disable, or monitor its logic. Conventional VLSI manufacturing tests and verification methods fail to detect HT due to the different and un-modeled nature of these malicious modifications. Current state-of-the-art HT detection methods utilize statistical analysis of various side-channel information collected from ICs, such as power analysis, power supply transient analysis, regional supply current analysis, temperature analysis, wireless transmission power analysis, and delay analysis. To detect HTs, most methods require a Trojan-free reference golden IC. A signature from these golden ICs is extracted and used to detect ICs with HTs. However, access to a golden IC is not always feasible. Thus, a mechanism for HT detection is sought that does not require the golden IC. Machine Learning (ML) approaches have emerged to be extremely useful in helping eliminate the need for a golden IC. Recent works on utilizing ML for HT detection have been shown to be promising in achieving this goal. Thus, in this tutorial, we will explain utilizing ML as a solution to the challenge of HT detection. Additionally, we will describe the Electronic Design Automation (EDA) tool flow for automating ML-assisted HT detection. Moreover, to further discuss the benefits of ML-assisted HT detection solutions, we will demonstrate a Neural Network (NN) -assisted timing profiling method for HT detection. Finally, we will discuss the shortcomings and open challenges of ML-assisted HT detection methods.

computer science, software engineering, hardware & architecture