Article directory
- 1. A HT Detection and Diagnosis Method for Gate-level Netlists based on Machine Learning
- 2. Hardware Trojan detection technology based on multi-dimensional structural features
- 3. A Hardware Trojan Detection and Diagnosis Method for Gate-Level Netlists Based on Different Machine Learning Algorithms
- 4. Hardware Trojan detection method based on node activity
- 5. Linear discriminant analysis algorithm for detecting hardware Trojan delay
1. A HT Detection and Diagnosis Method for Gate-level Netlists based on Machine Learning
Summary
Abstract-There is a risk of hardware Trojan (HT) attack in the design process of integrated circuit (IC) development, which has become a "hot spot" for hardware security. Although some solutions have been proposed in the literature, there are still limitations such as high time complexity, low HT detection accuracy, and inability to locate HT.
This paper proposes a novel machine learning (ML)-based HT detection and diagnosis method to identify HT-related gates/nets that are maliciously inserted into IC gate-level netlists during the design phase. We divide the circuit into n sectors and extract 5 HT-related features from the netlist of each sector to construct a five-dimensional vector of the sector. Then, support vector machine (SVM) is used to train these n five-dimensional feature vectors to obtain the learned model.
Introduction
This article mainly studies the HT implanted in the gate-level netlist during design. Based on the stage of effectiveness, these solutions can be broadly divided into two categories: test-time detection and design-time detection.
1) Test time detection: These methods utilize ML to train side channel parameters obtained from IC to indicate whether the IC is infected with HT [8], [9], [10], [11 ], [12]. However, this technology is only effective for large Trojans, and the performance of Trojan detection depends on the selection of features and ML algorithms, which is time-consuming. These methods may not detect HT inserted through malicious modification of electrical design files during the design phase.
2) Design-time detection: These methods apply ML to learn the structural or functional features of ICs to identify HT-related gates/nets, such as the number of fan_ins and fan_outs [13], [ 14], [15]. Although they work well for ICs that report HT infection and do not require test vectors, they cannot localize where the HT circuit is inserted. In addition, the accuracy of HT detection and extraction of HT-related features may not be perfect and need to be improved.
In this paper, we propose a new support vector machine (SVM)-based HT detection and diagnosis method to identify maliciously inserted HT-related gates/nets in gate-level netlists and report their possible locations , without using side channel parameters. We first divide the gate-level netlist of a given circuit into n sectors. Then, we extracted five HT-related features from the netlist of each sector and used them to construct the five-dimensional vector of the sector. Then, use the SVM classifier to train these n five-dimensional feature vectors to extract the trained patterns.
The contributions of this paper are summarized as follows:
1) We apply sector division technology to divide the gate-level netlist of a given circuit into n sectors.
2) Proposed 5 HT-related sector features, extracted these features from the netlist of each sector, and constructed a HT feature data set.
3) A method based on SVM is proposed to train and test the HT feature data set to detect and diagnose HT. To the best of our knowledge, this is the first approach to leverage ML to simultaneously detect and diagnose HT on a gate-level netlist.
4) Experiments on the ISCAS '85 benchmark circuit show that compared with existing methods, the proposed method can obtain higher accuracy, TPR, Precision and F-measurement, and according to the detection The results report the possible implantation locations of HTs.
2. Hardware Trojan detection technology based on multi-dimensional structural features
Summary
Hardware Trojans are the main security threat to third-party intellectual property (IP) cores. The features extracted by existing security analysis methods are too single, resulting in unbalanced feature distribution and a high misrecognition rate.
This paper proposes an abstract modeling algorithm for gate-level netlists based on directed graphs, establishes a directed graph model of gate-level netlists, and simplifies the circuit analysis process; analyzes the common characteristics of hardware Trojans, and establishes a directed graph model based on directed graphs. Covers multi-dimensional hardware Trojan structural characteristics such as the number of fan-in units, the number of fan-in flip-flops, the number of fan-out flip-flops, the depth of the input topology, the depth of the output topology, the number of multiplexers and inverters; a proposed method based on nearest neighbor imbalance is proposed Hardware Trojan Feature Expansion Algorithm for Data Classification (SMOTEENN) Algorithm, effectively solving the problem of a small sample feature set, using support vector machines to establish a hardware Trojan detection model and identify the characteristics of hardware Trojans.
Instruction
This paper constructs the hardware Trojan characteristics of the number of fan-in units, the number of fan-in flip-flops, the number of fan-out flip-flops, the input topology depth, the output topology depth, the number of selectors and the number of inverters. In addition, this paper establishes a circuit analysis model based on graph structure, maps the gate-level netlist into a directed graph model, and finally forms a simplified analysis process for the netlist. Finally, a breadth-first search algorithm is proposed to calculate the hardware Trojan feature value score of the netlist vertices, and the hardware Trojan feature expansion algorithm based on the nearest neighbor imbalance data classification algorithm (Synthetic Minority Oversampling Technique and Edited Nearest Neighbor, SMOTEENN) is used to solve the Trojan feature data To solve the problem of set imbalance, we use the Support Vector Machines (SVM) algorithm to establish a hardware Trojan detection model and detect hardware Trojans in the IP core.
3. A Hardware Trojan Detection and Diagnosis Method for Gate-Level Netlists Based on Different Machine Learning Algorithms
Summary
The design complexity and outsourcing trends of modern integrated circuits increase the opportunities for adversaries to plant hardware Trojans during the development process. To effectively defend against this hardware-based security threat, many solutions including dynamic and static techniques have been reported in the literature. However, there is still a lack of methods that can simultaneously detect and diagnose HT circuits with high accuracy and low time complexity. Therefore, to overcome these limitations,This paper proposes a gate-level netlist HT detection and diagnosis method based on different machine learning algorithms. Given a GLN, the proposed method first divides it into several circuit cones and extracts seven HT-related features from each cone. We then repeat this process for sampleGLN to build the dataset for the next step. Then, we use K-nearest neighbor (KNN), decision tree (DT), and naive Bayes (NB) to classify all circuit cones of the target GLN. Finally, we determine whether each circuit cone is implanted with HT through labels to complete HT detection and diagnosis of the target GLN.. We have applied our method to 11 GLNs from the ISCAS’85 and ISCAS’89 benchmark suites.
Introduction
Because the activity of HT circuits will have additional effects on the target IC (e.g., circuit functionality, side channel parameters), some researchers have attempted to exploit these additional effects to determine whether a given IC is infected with HT.
Such methods usually apply test vectors to simulate or run Trojan horse circuits to obtain several dynamic IC characteristics, so we call it dynamic detection.
Selected IC signature scans can be easily detected by implanted HTs, and this effect can also be easily detected. Therefore, dynamic methods can achieve very high HT detection accuracy.
In particular, logic test (LT) and side channel analysis (SCA) are two typical dynamic HT detection methods. However, existing methods have several limitations.
In this article, we focus on Trojans created by maliciously tampering with gate-level netlists (GLN). Research efforts investigating HT detection in this regard generally aim to identify unwanted circuits using structural and/or functional features (e.g., number of gates or wires) extracted from the GLN of a given IC. Since test carriers and golden ICs are not required, they are static defense strategies.
4. Hardware Trojan detection method based on node activity
Summary
This paper proposes a hardware Trojan detection method based on node activity. It generates test vectors for low-activity nodes in the circuit and combines it with a multi-parameter bypass detection method to detect hardware Trojans.
5. Linear discriminant analysis algorithm for detecting hardware Trojan delay
Summary
Aiming at the problems of long chip production chain, poor security, and low reliability, which make hardware Trojans difficult to detect, this article proposes a Trojan detection method based on bypass signal analysis. First, the delay signals of the circuit under different voltages are collected, and the delay difference is found through the linear discriminant analysis (LDA) classification algorithm. If the delay is the same as that of the clean circuit, it is determined to be a clean circuit, otherwise it is determined to have a Trojan. Then the joint polynomial regression algorithm is used to fit the Trojan delay characteristics, and a Trojan feature library is established based on the regression function, finally achieving accurate identification of hardware Trojans.
