TY - GEN
T1 - Effective Hardware-Trojan Feature Extraction Against Adversarial Attacks at Gate-Level Netlists
AU - Yamashita, Kazuki
AU - Kato, Tomohiro
AU - Hasegawa, Kento
AU - Hidano, Seira
AU - Fukushima, Kazuhide
AU - Togawa, Nozomu
N1 - Funding Information:
This paper is part of the results of projects “Research and Development of AI-Based Chip Vulnerability Inspection Methods in Design and Manufacturing” (PRISM, Cabinet Office, Government of Japan in FY2019) and “The contract of research for detection techniques of hardware vulnerabilities” (Ministry of Internal Affairs and Communication in FY2020– FY2022).
Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - Recently, with the increase in outsourcing of IC design and manufacturing, the possibility of inserting hardware Trojans, which are circuits with malicious functions, has been pointed out. To prevent this threat, a method to identify hardware Trojans using neural networks has been proposed. On the other hand, adversarial attacks have emerged that modify circuit design information to reduce the accuracy of hardware-Trojan classification by neural networks. Since the features designed by existing methods do not take the attacks into account, it is necessary to consider a new method for countermeasures. In this paper, out of 76 features that are strongly related to hardware-Trojan features, we investigate them from the viewpoint of the robustness against the adversarial attacks on circuit design information and newly propose 24 hardware-Trojan features. We compare the classifiers using the proposed 24 features with the classifiers using 11, 36, 51, and 76 existing features, respectively and confirm that the proposed ones are more robust in identifying hardware Trojans in circuits subjected to the adversarial attacks.
AB - Recently, with the increase in outsourcing of IC design and manufacturing, the possibility of inserting hardware Trojans, which are circuits with malicious functions, has been pointed out. To prevent this threat, a method to identify hardware Trojans using neural networks has been proposed. On the other hand, adversarial attacks have emerged that modify circuit design information to reduce the accuracy of hardware-Trojan classification by neural networks. Since the features designed by existing methods do not take the attacks into account, it is necessary to consider a new method for countermeasures. In this paper, out of 76 features that are strongly related to hardware-Trojan features, we investigate them from the viewpoint of the robustness against the adversarial attacks on circuit design information and newly propose 24 hardware-Trojan features. We compare the classifiers using the proposed 24 features with the classifiers using 11, 36, 51, and 76 existing features, respectively and confirm that the proposed ones are more robust in identifying hardware Trojans in circuits subjected to the adversarial attacks.
KW - adversarial attack
KW - gate-level netlist
KW - hardware Trojan
KW - machine learning
KW - neural network
UR - http://www.scopus.com/inward/record.url?scp=85141392088&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85141392088&partnerID=8YFLogxK
U2 - 10.1109/IOLTS56730.2022.9897557
DO - 10.1109/IOLTS56730.2022.9897557
M3 - Conference contribution
AN - SCOPUS:85141392088
T3 - Proceedings - 2022 IEEE 28th International Symposium on On-Line Testing and Robust System Design, IOLTS 2022
BT - Proceedings - 2022 IEEE 28th International Symposium on On-Line Testing and Robust System Design, IOLTS 2022
A2 - Savino, Alessandro
A2 - Rech, Paolo
A2 - Di Carlo, Stefano
A2 - Gizopoulos, Dimitris
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 28th IEEE International Symposium on On-Line Testing and Robust System Design, IOLTS 2022
Y2 - 12 September 2022 through 14 September 2022
ER -