Adversarial examples for hardware-trojan detection at gate-level netlists

Kohei Nozawa, Kento Hasegawa, Seira Hidano, Shinsaku Kiyomoto, Kazuo Hashimoto, Nozomu Togawa

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Recently, due to the increase of outsourcing in integrated circuit (IC) design and manufacturing, the threat of injecting a malicious circuit, called a hardware Trojan, by third party has been increasing. Machine learning has been known to produce a powerful model to detect hardware Trojans. But it is recently reported that such a machine learning based detection is weak against adversarial examples (AEs), which cause misclassification by adding perturbation in input data. Referring to the existing studies on adversarial examples, most of which are discussed in the field of image processing, this paper first proposes a framework generating adversarial examples for hardware-Trojan detection for gate-level netlists utilizing neural networks. The proposed framework replaces hardware Trojan circuits with logically equivalent circuits, and makes it difficult to detect them. Second, we define Trojan-net concealment degree (TCD) as a possibility of misclassification, and modification evaluating value (MEV) as a measure of the amount of modifications. Third, judging from MEV, we pick up adversarial modification patterns to apply to the circuits against hardware-Trojan detection. The experimental results using benchmarks demonstrate that the proposed framework successfully decreases true positive rate (TPR) by at most 30.15 points.

Original languageEnglish
Title of host publicationComputer Security - ESORICS 2019 International Workshops, CyberICPS, SECPRE, SPOSE, and ADIoT, Revised Selected Papers
EditorsSokratis Katsikas, Sokratis Katsikas, Frédéric Cuppens, Nora Cuppens, Costas Lambrinoudakis, Stefanos Gritzalis, Christos Kalloniatis, John Mylopoulos, Annie Antón, Frank Pallas, Jörg Pohle, Angela Sasse, Weizhi Meng, Steven Furnell, Joaquin Garcia-Alfaro
PublisherSpringer
Pages341-359
Number of pages19
ISBN (Print)9783030420475
DOIs
Publication statusPublished - 2020
Event5th International Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2019, the 3rd International Workshop on Security and Privacy Requirements Engineering, SECPRE 2019, the 1st International Workshop on Security, Privacy, Organizations, and Systems Engineering, SPOSE 2019, and the 2nd International Workshop on Attacks and Defenses for Internet-of-Things, ADIoT 2019, held in conjunction with the 24th European Symposium on Research in Computer Security, ESORICS 2019 - Luxembourg City, Luxembourg
Duration: 2019 Sep 262019 Sep 27

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11980 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference5th International Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2019, the 3rd International Workshop on Security and Privacy Requirements Engineering, SECPRE 2019, the 1st International Workshop on Security, Privacy, Organizations, and Systems Engineering, SPOSE 2019, and the 2nd International Workshop on Attacks and Defenses for Internet-of-Things, ADIoT 2019, held in conjunction with the 24th European Symposium on Research in Computer Security, ESORICS 2019
CountryLuxembourg
CityLuxembourg City
Period19/9/2619/9/27

Keywords

  • Adversarial example
  • Hardware trojan
  • Logic gate
  • Machine learning
  • Netlist

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Adversarial examples for hardware-trojan detection at gate-level netlists'. Together they form a unique fingerprint.

  • Cite this

    Nozawa, K., Hasegawa, K., Hidano, S., Kiyomoto, S., Hashimoto, K., & Togawa, N. (2020). Adversarial examples for hardware-trojan detection at gate-level netlists. In S. Katsikas, S. Katsikas, F. Cuppens, N. Cuppens, C. Lambrinoudakis, S. Gritzalis, C. Kalloniatis, J. Mylopoulos, A. Antón, F. Pallas, J. Pohle, A. Sasse, W. Meng, S. Furnell, & J. Garcia-Alfaro (Eds.), Computer Security - ESORICS 2019 International Workshops, CyberICPS, SECPRE, SPOSE, and ADIoT, Revised Selected Papers (pp. 341-359). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11980 LNCS). Springer. https://doi.org/10.1007/978-3-030-42048-2_22