Wenjing Tang,Jing Su,Jiaji He,Yuchan Gao

DOI: https://doi.org/10.3390/electronics11152400

IF: 2.9

2022-08-01

Electronics

Abstract:The chip manufacturing of integrated circuits requires the participation of multiple parties, which greatly increases the possibility of hardware Trojan insertion and poses a significant threat to the entire hardware device landing; however, traditional hardware Trojan detection methods require gold chips, so the detection cost is relatively high. The attention mechanism can extract data with more adequate features, which can enhance the expressiveness of the network. This paper combines an attention module with a multilayer perceptron and convolutional neural network for hardware Trojan detection based on side-channel information, and evaluates the detection results by implementing specific experiments. The results show that the proposed method significantly outperforms machine learning classification methods and network-related methods, such as SVM and KNN, in terms of accuracy, precision, recall, and F1 value. In addition, the proposed method is effective in detecting data containing one or multiple hardware Trojans, and shows high sensitivity to the size of datasets.

engineering, electrical & electronic,computer science, information systems,physics, applied

Jinghui Chen,Chen Dong,Fan Zhang,Guorong He

DOI: https://doi.org/10.1109/CCET48361.2019.8988946

2019-01-01

Abstract:As the core component of the electronic devices, the integrated circuit (IC) must be taken seriously with its security. The pre-silicon detection methods do not require gold chips, are not affected by process noise and are suitable for the safe detection of a very large scale integration (VLSI). Therefore, more and more researchers are paying attention to the pre-silicon detection method. In this paper, we propose a machine-learning-based hardware-Trojans detection method in gate-level. First, by the analysis of the Trojan circuits, we put forward new Trojan-net features. After that, we use the scoring mechanism of the eXtreme Gradient Boosting (XGBoost) to set up a new effective feature set of 49 out of 56 features. Finally, the hardware-Trojan classifier was trained based on the effective feature set. The experimental results show that the proposed method can obtain the average Recall of 89.84%, the average F-measure of 87.75% and the average Accuracy of 99.83%. Furthermore, through the comparison experiments, it is proved that the features proposed in this paper can further improve the performance of detection.

Chen Dong,Yinan Yao,Yi Xu,Ximeng Liu,Yan Wang,Hao Zhang,Li Xu

DOI: https://doi.org/10.3390/s23125503

2023-06-11

Abstract:The Cyber-Physical System and even the Metaverse will become the second space in which human beings live. While bringing convenience to human beings, it also brings many security threats. These threats may come from software or hardware. There has been a lot of research on managing malware, and there are many mature commercial products, such as antivirus software, firewalls, etc. In stark contrast, the research community on governing malicious hardware is still in its infancy. Chips are the core component of hardware, and hardware Trojans are the primary and complex security issue faced by chips. Detection of hardware Trojans is the first step for dealing with malicious circuits. Due to the limitation of the golden chip and the computational consumption, the existing traditional detection methods are not applicable to very large-scale integration. The performances of traditional machine-learning-based methods depend on the accuracy of the multi-feature representation, and most of the methods may lead to instability because of the difficulty of extracting features manually. In this paper, employing deep learning, a multiscale detection model for automatic feature extraction is proposed. The model is called MHTtext and provides two strategies to balance the accuracy and computational consumption. After selecting a strategy according to the actual situations and requirements, the MHTtext generates the corresponding path sentences from the netlist and employs TextCNN for identification. Further, it can also obtain non-repeated hardware Trojan component information to improve its stability performance. Moreover, a new evaluation metric is established to intuitively measure the model's effectiveness and balance: the stabilization efficiency index (SEI). In the experimental results for the benchmark netlists, the average accuracy (ACC) in the TextCNN of the global strategy is as high as 99.26%, and one of its stabilization efficiency index values ranks first with a score of 71.21 in all comparison classifiers. The local strategy also achieved an excellent effect, according to the SEI. The results show that the proposed MHTtext model has high stability, flexibility, and accuracy, in general.

Taifeng Hu,Liji Wu,Xiangmin Zhang,Zhaopo Liao

DOI: https://doi.org/10.1109/bigdatase50710.2020.00021

2020-01-01

Abstract:Hardware security has recently become a research hotspot due to the separating trend of integrated circuit design and manufacturing in the global industry chain. Among all security threats, the hardware trojan (HT) inserted into the integrated circuit is one of the most concerns. As a flexible and non-destructive approach, the side-channel analysis techniques are widely used for HT detection. However, noise sensitivity and golden chip dependence make side-channel based approaches face greatly challenge in practice. In this paper, we propose a novel HT detection approach based on Isolation Forest, which provides high precision detection capability, while reducing the dependence of the golden chip. First, we perform special preprocessing, named Main Difference Accumulation (MDA), on the side-channel information to magnify the impacts of HT. Then, we train the isolation forest model using the processed information. During the test phase, the obtained model can score the test data. Finally, we complete the detection of HT based on the score and threshold. Moreover, we use the K-means clustering algorithm to achieve the automatic selection of the threshold in the isolation forest. To verify the feasibility of the proposed approach, we select the power signal as the side-channel information and insert four different kinds of HTs into the AES-128 crypto core. Results obtained using a Xilinx Spartan-6 FPGA board show that the accuracy of HT detection can reach 100%, with a 1.13% relative area ratio of the original circuit.

Shuo Yang,Tamzidul Hoque,Prabuddha Chakraborty,Swarup Bhunia

DOI: https://doi.org/10.1109/tvlsi.2022.3140250

2022-03-01

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Abstract:The globalization of the semiconductor supply chain has developed a new set of challenges for security researchers. Among them, malicious alterations of hardware designs at an untrusted facility, or Trojan insertion, are considered one of the most difficult challenges. While side-channel analysis-based hardware Trojan detection techniques have shown great potential, most solutions, proposed over the past decade, require the availability of golden (i.e., Trojan-free) chips and are susceptible to process variations. Few techniques that do not require a golden chip depend on simulation-based modeling of the side-channel signature, which may not be reliable for differentiating between process and Trojan induced variations. Furthermore, most of these techniques are evaluated either using very few Trojan inserted chips or simulation-based test setup. Spatial and temporal self-referencing-based detection mechanisms proposed earlier effectively eliminate the need for a golden chip and the impact of process variations. However, these techniques have not been adequately studied to achieve high detection sensitivity. In this article, we propose a golden-free multidimensional self-referencing technique that analyzes the side-channel signatures in both the time and frequency domains to significantly broaden the Trojan coverage and strengthen the detection confidence. We introduce a fully automated detection framework containing systematic methodologies for test generation, signature extraction, signal processing, threshold calculation, and metric-based decision-making that effectively enables the synergistic self-referencing approach. Finally, we evaluate the proposed technique through a comprehensive hardware measurement setup consisting of 96 Trojan-inserted test chips. Along with achieving a high detection coverage, we demonstrate that the analysis of spatial and temporal discrepancies in both frequency and time domains helps to reliably detect small hard-to-detect Trojans under process and measurement induced variations.

Yuchan Gao,Jing Su,Jia Li,Shenglong Wang,Chao Li

DOI: https://doi.org/10.4218/etrij.2023-0448

2024-04-10

ETRI Journal

Abstract:Researchers in the field of hardware security have been dedicated to the study of hardware Trojan detection. Among the various approaches, side‐channel detection methods are widely used because of their high detection accuracy and fewer constraints. However, most side‐channel detection methods cannot make full use of side‐channel information. In this paper, we propose a framework that utilizes the continuous wavelet transform to convert time‐series information and employs an improved ConvNeXt network to detect hardware Trojans. This detection framework first converts one‐dimensional time‐series information into a two‐dimensional time–frequency map using the continuous wavelet transform to leverage frequency information in electromagnetic side‐channel signals. Then, the two‐dimensional time–frequency map is fed into the improved ConvNeXt network, which increases the weight of the informative parts in the two‐dimensional time–frequency map and enhances detection efficiency. The results indicate that the method proposed in this paper significantly improves the accuracy of hardware Trojan detection.

telecommunications,engineering, electrical & electronic

Chen Dong,Yi Xu,Ximeng Liu,Fan Zhang,Guorong He,Yuzhong Chen

DOI: https://doi.org/10.3390/s20185165

IF: 3.9

2020-01-01

Sensors

Abstract:Diverse and wide-range applications of integrated circuits (ICs) and the development of Cyber Physical System (CPS), more and more third-party manufacturers are involved in the manufacturing of ICs. Unfortunately, like software, hardware can also be subjected to malicious attacks. Untrusted outsourced manufacturing tools and intellectual property (IP) cores may bring enormous risks from highly integrated. Attributed to this manufacturing model, the malicious circuits (known as Hardware Trojans, HTs) can be implanted during the most designing and manufacturing stages of the ICs, causing a change of functionality, leakage of information, even a denial of services (DoS), and so on. In this paper, a survey of HTs is presented, which shows the threatens of chips, and the state-of-the-art preventing and detecting techniques. Starting from the introduction of HT structures, the recent researches in the academic community about HTs is compiled and comprehensive classification of HTs is proposed. The state-of-the-art HT protection techniques with their advantages and disadvantages are further analyzed. Finally, the development trends in hardware security are highlighted.

Taifeng Hu,Liji Wu,Xiangmin Zhang,Yanzhao Yin,Yijun Yang

DOI: https://doi.org/10.1109/icasid.2019.8924992

2019-01-01

Abstract:With the application of integrated circuits (ICs) appears in all aspects of life, whether an IC is security and reliable has caused increasing worry which is of significant necessity. An attacker can achieve the malicious purpose by adding or removing some modules, so called hardware Trojans (HTs). In this paper, we use side-channel analysis (SCA) and support vector machine (SVM) classifier to determine whether there is a Trojan in the circuit. We use SAKURA-G circuit board with Xilinx SPARTAN-6 to complete our experiment. Results show that the Trojan detection rate is up to 93% and the classification accuracy is up to 91.8475%.

Zhixin Pan,Prabhat Mishra

DOI: https://doi.org/10.1109/tcad.2024.3354889

IF: 2.9

2024-01-01

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Abstract:Supply chain vulnerability provides the opportunity for the attackers to implant hardware Trojans in System-on-Chip (SoC) designs. While machine learning (ML) based Trojan detection is promising, it suffers from three practical limitations: (i) golden model may not be available, (ii) lack of human expertise for Trojan feature selection, and (iii) limited learning transferability can lead to unacceptable performance in new benchmarks with unseen Trojans. While recent approach based on transfer learning addresses some of these concerns, it still requires re-training for fine-tuning the model using domain-specific (e.g., hardware Trojan features) knowledge. In this paper, we propose a Trojan detection framework utilizing zero-shot learning to address the above challenges. The proposed framework adopts the idea of self-supervised learning, where a pre-trained graph convolutional network (GCN) is utilized to extract underlined common sense about hardware Trojans, and a metric learning task is used to measure the similarity between test inputs and malicious samples to make classification. Extensive experimental evaluation demonstrates that our approach has four major advantages compared to state-of-the-art techniques: (i) does not require any golden model during Trojan detection, (ii) can handle both unknown Trojans and unseen benchmarks without any changes to the network, (iii) drastic reduction in training time, and (iv) significant improvement in detection efficiency (10.5% on average).

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Abdurrahman Nasr,Khalil Mohamed,Ayman Elshenawy,Mohamed Zaki

DOI: https://doi.org/10.1038/s41598-024-62744-2

IF: 4.6

2024-06-08

Scientific Reports

Abstract:Hardware Trojans (HTs) are hidden threats embedded in the circuitry of integrated circuits (ICs), enabling unauthorized access, data theft, operational disruptions, or even physical harm. Detecting Hardware Trojans (HTD) is paramount for ensuring IC security. This paper introduces a novel Siamese neural network (SNN) framework for non-destructive HTD. The proposed framework can detect HTs by processing power side-channel signals without the need for a golden model of the IC. To obtain the best results, different neural network models such as Convolutional Neural Network (CNN), Gated Recurrent Unit (GRU), and Long Short-Term Memory (LSTM) are integrated individually with SNN. These models are trained on the extracted features from the Trojan Power & EM Side-Channel dataset. The results show that the Siamese LSTM model achieved the highest accuracy of 86.78%, followed by the Siamese GRU model with 83.59% accuracy and the Siamese CNN model with 73.54% accuracy. The comparison shows that of the proposed Siamese LSTM is a promising new approach for HTD and outperform the state-of-the-art methods.

multidisciplinary sciences

Fan Zhang,Chen Dong,Wucheng Hu,Jinghui Chen,Guorong He

DOI: https://doi.org/10.1109/IAEAC47372.2019.8997863

2019-01-01

Abstract:EDA tools almost completely automate the current chip design. However, EDA tools are all provided by third-party companies, therefore the credibility of EDA tools and the trust issues brought by their process libraries have attracted people's attention. Given these problems, this paper proposes a self-training hardware Trojan confrontation framework based on machine learning embedded in EDA tools. The framework focuses on the gate-level netlist files generated during the integrated chip comprehensive optimization phase, thereby detects, locates and deletes hardware Trojans that may appear. The experimental results show that the framework can achieve more than 85% detection effect for unknown hardware Trojans. Moreover, for known hardware Trojans, this framework can achieve almost 100% detection. Accordingly, hardware Trojans can be located and deleted.

Chen Dong,Fan Zhang,Ximeng Liu,Xing Huang,Wenzhong Guo,Yang

DOI: https://doi.org/10.1109/access.2019.2932478

IF: 3.9

2019-01-01

IEEE Access

Abstract:Recently, there are various methods for detecting the hardware trojans (HTs) in the integrated circuits (ICs). The circuit's logic representations of different types, structures, and functional characteristics should be different. Each type of circuit has its' own performance characteristics according to its' purpose. However, the traditional HTs detection methods adopt the same approach to deal with the multi-purpose hardware trojan. At the same time, as the scale of integrated circuits growing, the structures are more complex, and the functions are more refined. The current situation makes the traditional HTs detection methods weaker and even unfeasible. Therefore, we propose an HTs classified locating method based on machine learning, named ML-HTCL, which belongs to the static detection and locating method. In ML-HTCL, different purpose HTs were represented by different features. Due to the different features, the ML-HTCL employs the multi-layer BP neural network for the control signal type HTs and the one-class SVM for the information leakage HTs, respectively. To deal with the HTs completely, the boundary nets are considered for all data set, while those were ignored by the most existing methods due to the high detection error rate. After detection, the HTs' precise locations were achieved. To evaluate the ML-HTCL, 17 gate-level netlist benchmarks are used for training and testing by leave-one-out cross-validation. From the results, the ML-HTCL reaches 85.05% of TPR and 73.91% of TNR for all kinds of HTs, which performs better than the most existing methods.

Dong Cheng,Chen Dong,Wenwu He,Zhenyi Chen,Ximeng Liu,Hao Zhang

DOI: https://doi.org/10.1016/j.jksuci.2023.101822

IF: 9.006

2023-11-17

Journal of King Saud University - Computer and Information Sciences

Abstract:Due to technical barriers and economic costs, malicious circuits, known as hardware Trojans, are easily implanted in the complicated integrated circuit design and manufacturing process, which can lead to many disastrous consequences, such as denial of service, information leakage, performance degradation, etc. Research on how to detecting hardware Trojans has grown into a significantly open issue over the past decade. While, for very large scale integrated circuits, numerous new challenges deserve our full attention, including golden-free chip reference, automatic feature engineering, hardware Trojan localization, and scalable framework. In response to the above challenges, a fine-grained gate-level hardware Trojan detection approach is proposed in this paper, named GateDet, from improving earlier circuit graph modeling to developing a detection framework based on Bidirectional Graph Convolution Networks with a timely information fusion strategy. GateDet achieves automatic feature circuit extraction and further overcomes the original neighborhood limitation of Bidirectional Graph Convolution Network. Moreover, for large-scale training, it comprehensively considers the problems of sample imbalance and boundary network, and develops a circuit directed graph sampling method based on GraphSAINT, which improves the training performance of the directed graph framework. From experiments, GateDet shows high scalability on 24 benchmarks of TrustHub. It could be used to learn about adaptive structural feature extraction for different Trojans simultaneously. Compared to the existing gate-level detections, the fine-grained results of GateDet are more accurate and can be used to track suspicious structures, reducing manual review.

computer science, information systems

Han Zhang,Yinhao Zhou,Ying Li

DOI: https://doi.org/10.1109/ats59501.2023.10317998

2023-01-01

Abstract:Among all hardware security threats, the malicious circuits surreptitiously inserted into third-Party Intellectual Property (3PIP) cores, known as Hardware Trojans (HTs), is one of the main concerns. The early discovery of HTs is crucial because any countermeasure after the fabrication process would be expensive or unavailable. Graph Neural Networks (GNN), with the intuitive graph representation of a hardware design, has emerged as a powerful technique to solve this problem. However, most of these networks have two limitations, including the loss of dynamic structural features and the portability issue of using trained models in other designs. To this end, we address such limitations by proposing a new edge-featured Data Flow Graph (DFG) generation method that combines circuit structures with simulation data to establish HTs detection based on Graph Attention Networks (GAT). The solution is utilizing GAT to extract the HTs features from DFG, then identifying the known and unknown HTs hidden in different circuits. We evaluate this methodology on our dataset by expanding Trusthub HTs benchmarks. The results show that our approach can realize the HTs detection with high recall and precision in a short time. Compared with the previous method, our method has more scalable capability and excellent prospects in HTs detection.

Tong Xin,Li Ying,Chen Lan

DOI: https://doi.org/10.11999/jeit190532

2020-01-01

Abstract:Integrated Circuits (ICs) are suffering severer threats caused by Hardware Trojans (HTs), some of which hide in routine operations by coercing firmware or hardware. Along with conventional side-channel detection not always getting golden-chip, HTs become more difficult to detect. An improved Support Vector Machine (SVM) machine learning frameworks for this is proposed using system-level side-channel analysis. Cross validation experimental results on Field Programmable Gate Array (FPGA) show that in the condition of golden-chip, supervised SVM achieves 85.8% test accuracy in average. After grouping, outlier-removing and normalization, it rises by 4%. Even if golden-chip is out of hand, semi-supervised SVM has accuracy to judge HTs existence, averaging in 52.9%-79.5% under different test modes. Comparing with existing researches, this work verifies the efficiency of SVM for HT detection in instruction level, and points out the relationship between diversified learning conditions with detection performance.

Sriram Sankaran,Vamshi Sunku Mohan,A Purushothaman.

DOI: https://doi.org/10.1109/ises52644.2021.00050

2021-12-01

Abstract:Hardware Trojans are modifications made by malicious insiders or third party providers during the design or fabrication phase of the IC (Integrated Circuits) design cycle in a covert manner. These cause catastrophic consequences ranging from manipulating the functionality of individual blocks to disabling the entire chip. Thus, a need for detecting trojans becomes necessary. In this work, we propose a deep learning based approach for detecting trojans in IC chips. In particular, we insert trojans at the circuit-level and generate data by measuring power during normal operation and under attack. Further, we develop deep learning models using Neural networks and Auto-encoders to analyze datasets for outlier detection by profiling the normal behavior and leveraging them to detect anomalies in power consumption. Our approach is generic and non-invasive in that it can be applied to any block without any modifications to the design. Evaluation of the proposed approach shows an accuracy ranging from 92.23% to 99.33% in detecting trojans.

Meng Dong,Weitao Pan,Zhiliang Qiu,Yiming Gao,Xiaoxin Qi,Ling Zheng

DOI: https://doi.org/10.3390/electronics11132054

IF: 2.9

2022-06-30

Electronics

Abstract:The globalization of the integrated circuit (IC) industry has raised concerns about hardware Trojans (HT), and there is an urgent need for efficient HT-detection methods of gate-level netlists. Machine learning (ML) is a powerful tool for this purpose. A Trojan-detection framework is proposed in this paper to solve the data imbalance and low accuracy problems of existing ML-based HT-detection algorithms. To solve the problem of data imbalance, we propose the node-filtering algorithm, which extracts structure templates from HT circuits and removes most normal nodes based on them. To enhance the identification of unknown HT payload, we propose the load-expansion algorithm, which expands the identified HT nodes based on their fanout features. We evaluate the framework using different ML algorithms. The results show that the framework significantly improves the Trojan-detection rate of the original algorithms, and achieves a 10% improvement in true positive rate compared to the original algorithms.

engineering, electrical & electronic,computer science, information systems,physics, applied

Yijun Yang,Liji Wu,Xiangmin Zhang,Jianben He

DOI: https://doi.org/10.1109/icasid.2017.8285766

2017-01-01

Abstract:This paper introduces a hardware Trojan detection method using Chip ID which is generated by Relative Time-Delays (RTD) of sensor chains and the effectiveness of RTD is verified by post-layout simulations. The rank of time-delays of the sensor chains would be changed in Trojan-inserted chip. RTD is an accurate approach targeting to all kinds of Trojans, since it is based on the RELATIVE relationship between the time-delays rather than the absolute values, which are hard to be measured and will change with the fabricate process. RTD needs no golden chip, because the RELATIVE values would not change in most situations. Thus the genuine ID can be generated by simulator. The sensor chains can be inserted into a layout utilizing unused spaces, so RTD is a low-cost solution. A Trojan with 4x minimum NMOS is placed in different places of the chip. The behavior of the chip is obtained by using transient based post-layout simulation. All the Trojans are detected AND located, thus the effectiveness of RTD is verified.

Yongkang Tang,Shaoqing Li,Fan Zhang,Liang Fang

DOI: https://doi.org/10.1049/iet-ifs.2017.0354

2018-01-01

IET Information Security

Abstract:Hardware Trojan (HT) is increasingly becoming a serious problem in the information security field. Compared to other countermeasures, thermal maps based detection can mitigate process variation (PV) and have a higher accuracy. However, HT cannot be differentiated from the others directly from the original thermal maps. Therefore, in this study, the authors first propose a general HT detection framework based on difference temperature matrix, and introduce the PV mitigation mechanism. Then, they demonstrate how principal component analysis can implement spatial projection transformation and expose HT signal. Finally, they introduce their experimental setup and design, and then validate their countermeasure with Xilinx field programmable gate arrays which are configured with the pure AES circuit and the infected AES circuits. The power proportions (PPs) of HTs in the different infected AES circuits are various. The experimental results indicate that their proposed countermeasure can clearly detect HT with 0.14% small PP.

Xiaoming Chen,Qiaoyi Liu,Song Yao,Jia Wang,Qiang Xu,Yu Wang,Yongpan Liu,Huazhong Yang

DOI: https://doi.org/10.1109/tcad.2017.2748021

IF: 2.9

2017-01-01

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Abstract:In modern integrated circuit (IC) designs, intellectual property (IP) cores are often outsourced and designed by third-party vendors, resulting in the partial relinquishment of the control over the IC design flow. Thus, reliable verifications are required to mitigate the threat of hardware Trojans (HTs) which may be inserted into IP cores by malicious vendors. Existing trustiness verification methods cannot take the merit of high efficiency and accuracy at the same time. In this paper, we propose a multilevel fast trustiness verification framework based on feature analysis to detect HTs in third-party digital IP cores. The proposed framework combines flip-flop level and combinational logic level feature analysis to achieve both high efficiency and accuracy. Experimental results demonstrate that both explicitly and implicitly triggered HTs can be detected in very short time with a negligible false positive rate. More importantly, our framework has the unique advantage of being scalable to defend against future and stealthier HTs by adding new features into the framework.