Biblio

In this paper we tackle the open paradoxical challenge of FPGA-accelerated cloud computing: On one hand, clients aim to secure their Intellectual Property (IP) by encrypting their configuration bitstreams prior to uploading them to the cloud. On the other hand, cloud service providers disallow the use of encrypted bitstreams to mitigate rogue configurations from damaging or disabling the FPGA. Instead, cloud providers require a verifiable check on the hardware design that is intended to run on a cloud FPGA at the netlist-level before generating the bitstream and loading it onto the FPGA, therefore, contradicting the IP protection requirement of clients. Currently, there exist no practical solution that can adequately address this challenge.We present the first practical solution that, under reasonable trust assumptions, satisfies the IP protection requirement of the client and provides a bitstream sanity check to the cloud provider. Our proof-of-concept implementation uses existing tools and commodity hardware. It is based on a trusted FPGA shell that utilizes less than 1% of the FPGA resources on a Xilinx VCU118 evaluation board, and an Intel SGX machine running the design checks on the client bitstream.

Logic locking is a holistic design-for-trust technique that aims to protect the design intellectual property (IP) from untrustworthy entities throughout the supply chain. Functional and structural analysis-based attacks successfully circumvent state-of-the-art, provably secure logic locking (PSLL) techniques. However, such attacks are not holistic and target specific implementations of PSLL. Automating the detection and subsequent removal of protection logic added by PSLL while accounting for all possible variations is an open research problem. In this paper, we propose GNNUnlock, the first-of-its-kind oracle-less machine learning-based attack on PSLL that can identify any desired protection logic without focusing on a specific syntactic topology. The key is to leverage a well-trained graph neural network (GNN) to identify all the gates in a given locked netlist that belong to the targeted protection logic, without requiring an oracle. This approach fits perfectly with the targeted problem since a circuit is a graph with an inherent structure and the protection logic is a sub-graph of nodes (gates) with specific and common characteristics. GNNs are powerful in capturing the nodes' neighborhood properties, facilitating the detection of the protection logic. To rectify any misclassifications induced by the GNN, we additionally propose a connectivity analysis-based post-processing algorithm to successfully remove the predicted protection logic, thereby retrieving the original design. Our extensive experimental evaluation demonstrates that GNNUnlock is 99.24% - 100% successful in breaking various benchmarks locked using stripped-functionality logic locking [1], tenacious and traceless logic locking [2], and Anti-SAT [3]. Our proposed post-processing enhances the detection accuracy, reaching 100% for all of our tested locked benchmarks. Analysis of the results corroborates that GNNUnlock is powerful enough to break the considered schemes under different parameters, synthesis settings, and technology nodes. The evaluation further shows that GNNUnlock successfully breaks corner cases where even the most advanced state-of-the-art attacks [4], [5] fail. We also open source our attack framework [6].

Many techniques are available nowadays, for Intellectual Property(IP) protection of Digital circuits. Out of these techniques, the popular one is watermarking. Similar to the watermarking used in case of text, image and video, watermarking of digital circuits also modifies a digital circuit design in such a way, that only the IP owner of design is able to extract the watermark form the design. In this paper, Multi – Feedback configuration of Linear Feedback Shift Register(LFSR) is used to watermark a FSM based design. This watermarking technique improves the watermark strength of already existing LFSR based watermarking technique. In terms of hardware utilization, it is significantly efficient than some popular watermarking techniques. The proposed technique has been implemented using Verilog HDL in Xilinx ISE and the simulation is done using ModelSim.

The protection of Intellectual Property (IP) has gradually increased in recent years. Traditional intellectual property management service has lower efficiency for such scale of data. Considering that the maturity of deep learning models has led to the development of knowledge graphs. Relevant researchers have investigated the application of knowledge graphs in different domains, such as medical services, social media, etc. However, few studies of knowledge graphs have been undertaken in the domain of intellectual property. In this paper, we introduce the process of building a domain knowledge graph and start from data preparation to conduct the research of named entity recognition.

With the high development of Internet technology and the global impacts of Covid-19, a trend of multiple growth is being shown in the business of cross-border e-commerce. The issue of intellectual property rights becomes more obvious in this new mode of trade than in others. China's "14th Five-Year Plan" marked the beginning to implement the strategy of the intellectual property rights for a powerful country. Through the law-and-economics analysis, this paper analyzes the research reports of China's Intellectual Property Court and American Chamber of Commerce, and finds it essential for the cross-border e-commerce to attach great importance to the risk control and protection of property rights. After the analysis and research, on the possible risk of intellectual property rights faced by cross-border e-commerce, it is proposed that enterprises must not only pay attention to but also actively identify and conduct risk warning of the legal risks of their own intellectual property rights as well as the causes of them, so as to put forward corresponding risk control measures and construct prevention and protection mechanisms.

The rise of artificial intelligence plays an important role in social progress and economic development, which is a hot topic in the Internet industry. In the past few years, the Chinese government has vigorously increased policy support to promote the golden age of artificial intelligence. However, with the rapid development of artificial intelligence, the copyright protection and intellectual property legislation of artificial intelligence products have brought some challenges.

In recent years, the “whole chain” development level of China's intellectual property creation, protection and application has been greatly improved. At the same time, cloud computing technology is booming, and intellectual property data distributed platforms based on cloud storage are emerging one after another. Firstly, this paper introduces the domestic intellectual property cloud platform services from the perspectives of government, state-owned enterprises and private enterprises; Secondly, four typical distributed platforms provided by commercial resources are selected to summarize the problems faced by the operation mode of domestic intellectual property services; Then, it compares and discusses the functions and service modes of domestic intellectual property distributed platform, and takes TSITE IP as an example, puts forward the design and construction strategies of intellectual property protection, intellectual property operation service distributed platform and operation service mode under the background of information age. Finally, according to the development of contemporary information technology, this paper puts forward challenges and development direction for the future development of intellectual property platform.

Deep Neural Networks (DNN) has gained great success in solving several challenging problems in recent years. It is well known that training a DNN model from scratch requires a lot of data and computational resources. However, using a pre-trained model directly or using it to initialize weights cost less time and often gets better results. Therefore, well pre-trained DNN models are valuable intellectual property that we should protect. In this work, we propose DeepTrace, a framework for model owners to secretly fingerprinting the target DNN model using a special trigger set and verifying from outputs. An embedded fingerprint can be extracted to uniquely identify the information of model owner and authorized users. Our framework benefits from both white-box and black-box verification, which makes it useful whether we know the model details or not. We evaluate the performance of DeepTrace on two different datasets, with different DNN architectures. Our experiment shows that, with the advantages of combining white-box and black-box verification, our framework has very little effect on model accuracy, and is robust against different model modifications. It also consumes very little computing resources when extracting fingerprint.

In the crowdsourced testing system, due to the openness of crowdsourced testing platform and other factors, the security of crowdsourced testing intellectual property cannot be effectively protected. We proposed an attribute-based double encryption scheme, combined with the blockchain technology, to achieve the data access control method of the code to be tested. It can meet the privacy protection and traceability of specific intellectual property in the crowdsourced testing environment. Through the experimental verification, the access control method is feasible, and the performance test is good, which can meet the normal business requirements.

Intellectual Property Rights (IPR) results from years of research and wisdom by property owners, and it plays an increasingly important role in promoting economic development, technological progress, and cultural prosperity. Thus, we need to strengthen the degree of protection of IPR. However, as internet technology continues to open up the market for IPR, the ease of network operation has led to infringement of IPR in some cases. Intellectual property infringement has occurred in some cases. Also, Internet development's concealed and rapid nature has led to the fact that IPR infringers cannot be easily detected. This paper addresses how to protect the rights and interests of IPR holders in the context of the rapid development of the internet. This paper explains the IPR and proposes an algorithm to enhance security for a better security model to protect IPR. This proposes optimization techniques to detect intruder attacks for securing IPR, by using support vector machines (SVM), it provides better results to secure public and private intellectual data by optimizing technologies.

The globalized supply chain in the semiconductor industry raises several security concerns such as IC overproduction, intellectual property piracy and design tampering. Logic locking has emerged as a Design-for-Trust countermeasure to address these issues. Original logic locking proposals provide a high degree of output corruption – i.e., errors on circuit outputs – unless it is unlocked with the correct key. This is a prerequisite for making a manufactured circuit unusable without the designer’s intervention. Since the introduction of SAT-based attacks – highly efficient attacks for retrieving the correct key from an oracle and the corresponding locked design – resulting design-based countermeasures have compromised output corruption for the benefit of better resilience against such attacks. Our proposed logic locking scheme, referred to as SKG-Lock, aims to thwart SAT-based attacks while maintaining significant output corruption. The proposed provable SAT-resilience scheme is based on the novel concept of decoy key-inputs. Compared with recent related works, SKG-Lock provides higher output corruption, while having high resistance to evaluated attacks.

As the scale of integrated circuits continues to expand, electronic design automation (EDA) and intellectual property (IP) reuse play an increasingly important role in the integrated circuit design process. Although many Web-EDA platforms have begun to provide online EDA software to reduce the threshold for the use of EDA tools, IP protection on the Web- EDA platform is an issue. This article uses blockchain technology to design an IP trading system for the Web-EDA platform to achieve mutual trust and transactions between IP owners and users. The structure of the IP trading system is described in detail, and a blockchain wallet for the Web-EDA platform is developed.

Existing logic-locking attacks are known to successfully decrypt functionally correct key of a locked combinational circuit. It is possible to extend these attacks to real-world Silicon-based Intellectual Properties (IPs, which are sequential circuits) through scan-chains by selectively initializing the combinational logic and analyzing the responses. In this paper, we propose SeqL, which achieves functional isolation and locks selective flip-flop functional-input/scan-output pairs, thus rendering the decrypted key functionally incorrect. We conduct a formal study of the scan-locking problem and demonstrate automating our proposed defense on any given IP. We show that SeqL hides functionally correct keys from the attacker, thereby increasing the likelihood of the decrypted key being functionally incorrect. When tested on pipelined combinational benchmarks (ISCAS, MCNC), sequential benchmarks (ITC) and a fully-fledged RISC-V CPU, SeqL gave 100% resilience to a broad range of state-of-the-art attacks including SAT [1], Double-DIP [2], HackTest [3], SMT [4], FALL [5], Shift-and-Leak [6] and Multi-cycle attacks [7].

Logic encryption is a popular Design-for-Security(DfS) solution that offers protection against the potential adversaries in the third-party fab labs and end-users. However, over the years, logic encryption has been a target of several attacks, especially Boolean satisfiability attacks. This paper exploits SAT attack's inability of deobfuscating sequential circuits as a defense against it. We propose several strategies capable of preventing the SAT attack by obfuscating the scan-based Design-for-Testability (DfT) infrastructure. Unlike the existing SAT-resilient schemes, the proposed techniques do not suffer from poor output corruption for wrong keys. This paper also offers various probable solutions for inserting the key-gates into the circuit that ensures protection against numerous other attacks, which exploit weak key-gate locations. Along with several gate-level obfuscation strategies, this paper also presents a Cellular Automata (CA) guided FSM obfuscation strategy to offer protection at a higher abstraction level, that is, RTL-level. For all the proposed schemes, rigorous security analysis against various attacks evaluates their strengths and limitations. Testability analysis also ensures that none of the proposed techniques hamper the basic testing properties of the ICs. We also present a CA-based FSM watermarking strategy that helps to detect potential theft of the designer's IP by any adversary.

Distributed denial of service (DDoS) attacks can bring tremendous damage to online services and ISPs. Existing adopted mitigation methods either require the victim to have a sufficient number of resources for traffic filtering or to pay a third party cloud service to filter the traffic. In our previous work we proposed CoFence, a collaborative network that allows member domains to help each other in terms of DDoS traffic handling. In that network, victim servers facing a DDoS attack can redirect excessive connection requests to other helping servers in different domains for filtering. Only filtered traffic will continue to interact with the victim server. However, sending traffic to third party servers brings up the issue of privacy: specifically leaked client source IP addresses. In this work we propose a privacy protection mechanism for defense so that the helping servers will not be able to see the IP address of the client traffic while it has minimum impact to the data filtering function. We implemented the design through a test bed to demonstrated the feasibility of the proposed design.

GDSII layouts of IP-confidential products are heavily controlled and access is only granted to certain privileged personnel. Failure analysts are generally excluded. Without guidance from GDSII, failure analysis, specifically physical inspection based on fault isolation findings cannot proceed. To overcome this challenge, we develop an automated approach that enables image snapshots relevant to failure analysts to be furnished without compromising the confidentiality of the GDSII content in this paper. Modules built are executed to trace the suspected nets and extract them into multiple images of different pre-defined frame specifications to facilitate failure analysis.

IP geolocation technology is widely adopted in network security, privacy protection, online advertising, etc. However, existing IP geolocation methods are vulnerable to delay inflation, which reduces their reliability and applicability, especially in weakly connected networks. To solve this problem, a ranking nodes based IP geolocation method (RNBG) is proposed. RNBG leverages the scale-free nature of complex networks to find a few important and stable nodes in networks. And then these nodes are used in the geolocation of IPs in different regions. Experimental results in China and the US show that RNBG can achieve high accuracy even in weakly connected network. Compared with typical methods, the geolocation accuracy is increased by 2.60%-14.27%, up to 97.55%.

Directional Overcurrent Relays (DOCRs) play an essential role in the power system protection to guarantee the reliability, speed of relay operation and avoiding mal-trip in the primary and backup relays when unintentional fault conditions occur in the system. Moreover, the dual setting protection scheme is more efficient protection schemes for offering fast response protection and providing flexibility in the coordination of relay. In this paper, the Adaptive Modified Firefly Algorithm (AMFA) is used to determine the optimal coordination of dual setting DOCRs in the ring distribution system. The AMFA is completed by choosing the minimum value of pickup current (\textbackslashtextbackslashpmbI\textbackslashtextbackslashpmbP) and time dial setting (TDS). On the other hand, dual setting DOCRs protection scheme also proposed for operating in both forward and reverse directions that consisted of individual time current characteristics (TCC) curve for each direction. The previous method is applied to the ring distribution system network of PT. Pupuk Sriwidjaja by considering the fault on each bus. The result illustration that the AMFA within dual setting protection scheme is significantly reaching the optimized coordination and the relay coordination is certain for all simulation scenarios with the minimum operation. The AMFA has been successfully implemented in MATLAB software programming.

In this paper Intelligent Electronic Devices (IED) that use ethernet for communicating with substation devices on the grid where modelled in OPNET. There is a need to test the communication protocol performance over the network. A model for the substation communication network was implemented in OPNET. This was done for ESKOM, which is the electrical power generation and distribution authority in South Africa. The substation communication model consists of 10 ethernet nodes which simulate protection Intelligent Electronic Devices (IEDs), 13 ethernet switches, a server which simulates the substation Remote Terminal Unit (RTU) and the DNP3 Protocol over TCP/IP simulated on the model. DNP3 is a protocol that can be used in a power utility computer network to provide communication service for the grid components. It was selected as the communication protocol because it is widely used in the energy sector in South Africa. The network load and packet delay parameters were sampled when 10%, 50%, 90% and 100% of devices are online. Analysis of the results showed that with an increase in number of nodes there was an increase in packet delay as well as the network load. The load on the network should be taken into consideration when designing a substation communication network that requires a quick response such as a smart gird.

The globalization of IC manufacturing has increased the likelihood for IP providers to suffer financial and reputational loss from IP piracy. Logic locking prevents IP piracy by corrupting the functionality of an IP unless a correct secret key is inserted. However, existing logic-locking techniques can impose significant area overhead and performance impact (delay and power) on designs. In this work, we propose BISTLock, a logic-locking technique that utilizes built-in self-test (BIST) to isolate functional inputs when the circuit is locked. We also propose a set of security metrics and use the proposed metrics to quantify BISTLock's security strength for an open-source AES core. Our experimental results demonstrate that BISTLock is easy to implement and introduces an average of 0.74% area and no power or delay overhead across the set of benchmarks used for evaluation.

Recent advances in resistive synaptic devices have enabled the emergence of brain-inspired smart chips. These chips can execute complex cognitive tasks in digital signal processing precisely and efficiently using an efficient neuromorphic system. The neuromorphic synapses used in such chips, however, are different from the traditional integrated circuit architectures, thereby weakening their resistance to malicious transformation and intellectual property (IP) counterfeiting. Accordingly, in this paper, we propose an effective hybrid encryption methodology for IP core protection in neuromorphic computing systems, in-corporating elliptic curve cryptography and SM4 simultaneously. Experimental results confirm that the proposed method can implement real-time encryption of any number of crossbar arrays in neuromorphic systems accurately, while reducing the time overhead by 14.40%-26.08%.

A popular countermeasure against IP piracy relies on obfuscating the Finite State Machine (FSM), which is assumed to be the heart of a digital system. In this paper, we propose to use a special class of non-group additive cellular automata (CA) called D1 * CA, and it's counterpart D1 * CAdual to obfuscate each state-transition of an FSM. The synthesized FSM exhibits correct state-transitions only for a correct key, which is a designer's secret. The proposed easily testable key-controlled FSM synthesis scheme can thwart reverse engineering attacks, thus offers IP protection.

Emerging hardware architectures for Deep Neural Networks (DNNs) are being commercialized and considered as the hardware- level Intellectual Property (IP) of the device providers. However, these intelligent devices might be abused and such vulnerability has not been identified. The unregulated usage of intelligent platforms and the lack of hardware-bounded IP protection impair the commercial advantage of the device provider and prohibit reliable technology transfer. Our goal is to design a systematic methodology that provides hardware-level IP protection and usage control for DNN applications on various platforms. To address the IP concern, we present DeepAttest, the first on-device DNN attestation method that certifies the legitimacy of the DNN program mapped to the device. DeepAttest works by designing a device-specific fingerprint which is encoded in the weights of the DNN deployed on the target platform. The embedded fingerprint (FP) is later extracted with the support of the Trusted Execution Environment (TEE). The existence of the pre-defined FP is used as the attestation criterion to determine whether the queried DNN is authenticated. Our attestation framework ensures that only authorized DNN programs yield the matching FP and are allowed for inference on the target device. DeepAttest provisions the device provider with a practical solution to limit the application usage of her manufactured hardware and prevents unauthorized or tampered DNNs from execution. We take an Algorithm/Software/Hardware co-design approach to optimize DeepAttest's overhead in terms of latency and energy consumption. To facilitate the deployment, we provide a high-level API of DeepAttest that can be seamlessly integrated into existing deep learning frameworks and TEEs for hardware-level IP protection and usage control. Extensive experiments corroborate the fidelity, reliability, security, and efficiency of DeepAttest on various DNN benchmarks and TEE-supported platforms.

The similarity detection of the program has important significance in code reuse, plagiarism detection, intellectual property protection and information retrieval methods. Attribute counting methods cannot take into account program semantics. The method based on syntax tree or graph structure has a very high construction cost and low space efficiency. So it is difficult to solve problems in large-scale software systems. This paper uses different decision strategies for different levels, then puts forward a similarity detection method at the file level. This method can make full use of the features of the program and take into account the space-time efficiency. By using static analysis methods, we get function features and control flow features of files. And based on this, we establish the function call graph. The similar degree between two files can be measured with the two graphs. Experimental results show the method can effectively detect similar files. Finally, this paper discusses the direction of development of this method.

With the globalization of manufacturing and supply chains, ensuring the security and trustworthiness of ICs has become an urgent challenge. Split manufacturing (SM) and layout camouflaging (LC) are promising techniques to protect the intellectual property (IP) of ICs from malicious entities during and after manufacturing (i.e., from untrusted foundries and reverse-engineering by end-users). In this paper, we strive for “the best of both worlds,” that is of SM and LC. To do so, we extend both techniques towards 3D integration, an up-and-coming design and manufacturing paradigm based on stacking and interconnecting of multiple chips/dies/tiers. Initially, we review prior art and their limitations. We also put forward a novel, practical threat model of IP piracy which is in line with the business models of present-day design houses. Next, we discuss how 3D integration is a naturally strong match to combine SM and LC. We propose a security-driven CAD and manufacturing flow for face-to-face (F2F) 3D ICs, along with obfuscation of interconnects. Based on this CAD flow, we conduct comprehensive experiments on DRC-clean layouts. Strengthened by an extensive security analysis (also based on a novel attack to recover obfuscated F2F interconnects), we argue that entering the next, third dimension is eminent for effective and efficient IP protection.