Generating adversarial examples for hardware-trojan detection at gate-level netlists

Kohei Nozawa*, Kento Hasegawa, Seira Hidano, Shinsaku Kiyomoto, Kazuo Hashimoto, Nozomu Togawa

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

3 Citations (Scopus)

Abstract

Recently, the great demand for integrated circuits (ICs) drives third parties to be involved in IC design and manufacturing steps. At the same time, the threat of injecting a malicious circuit, called a hardware Trojan, by third parties has been increasing. Machine learning is one of the powerful solutions for detecting hardware Trojans. How-ever, a weakness of such a machine-learning-based classification method against adversarial examples (AEs) has been reported, which causes misclassification by adding perturbation in input samples. This paper firstly proposes a framework generating adversarial examples for hardware-Trojan detection at gate-level netlists utilizing neural networks. The proposed framework replaces hardware Trojan circuits with logically equivalent ones, and makes it difficult to detect them. Secondly, we propose a Trojan-net concealment degree (TCD) and a modification evaluating value (MEV) as measures of the amount of modifications. Finally, based on the MEV, we pick up adversarial modification patterns to apply to the circuits against hardware-Trojan detection. The experimental results using benchmarks demonstrate that the proposed framework successfully decreases the true positive rate (TPR) by a maximum of 30.15 points.

Original languageEnglish
Pages (from-to)236-246
Number of pages11
JournalJournal of information processing
Volume29
DOIs
Publication statusPublished - 2021

Keywords

  • Adversarial example
  • Hardware Trojan
  • Logic gate
  • Machine learning
  • Netlist

ASJC Scopus subject areas

  • Computer Science(all)

Fingerprint

Dive into the research topics of 'Generating adversarial examples for hardware-trojan detection at gate-level netlists'. Together they form a unique fingerprint.

Cite this