Biblio

Over the past few years, malicious hardware modifications, a.k.a. hardware Trojans (HT), have emerged as a major security threat because integrated circuit (IC) companies have been fabricating chips at offshore foundries due to various factors including time-to-market, cost reduction demands, and the increased complexity of ICs. Among proposed hardware Trojan detection techniques, reverse engineering appears to be the most accurate and reliable one because it works for all circuits and Trojan types without a golden example of the chip. However, because reverse engineering is an extremely expensive, time-consuming, and destructive process, it is difficult to apply this technique for a large population of ICs in a real test environment. This paper proposes a novel golden-chip-free clustering method using backscattering side-channel to divide ICs into groups of Trojan-free and Trojan-infected boards. The technique requires no golden chip or a priori knowledge of the chip circuitry, and divides a large population of ICs into clusters based on how HTs (if existed) affect their backscattered signals. This significantly reduces the size of test vectors for reverse engineering based detection techniques, thus enables deployment of reverse engineering approaches to a large population of ICs in a real testing scenario. The results are collected on 100 different FPGA boards where boards are randomly chosen to be infected or not. The results show that we can cluster the boards with 100% accuracy and demonstrate that our technique can tolerate manufacturing variations among hardware instances to cluster all the boards accurately for 9 different dormant Trojan designs on 3 different benchmark circuits from Trusthub. We have also shown that we can detect dormant Trojan designs whose trigger size has shrunk to as small as 0.19% of the original circuit with 100% accuracy as well.

The security of integrated circuits (IC) plays a very significant role on military, economy, communication and other industries. Due to the globalization of the integrated circuit (IC) from design to manufacturing process, the IC chip is vulnerable to be implanted malicious circuit, which is known as hardware Trojan (HT). When the HT is activated, it will modify the functionality, reduce the reliability of IC, and even leak confidential information about the system and seriously threatens national security. The HT detection theory and method is hotspot in the security of integrated circuit. However, most methods are focusing on the simulated data. Moreover, the measurement data of the real circuit are greatly affected by the measurement noise and process disturbances and few methods are available with small size of the Trojan circuit. In this paper, the problem of detection was cast as signal representation among multiple linear regression and sparse representation-based classifier (SRC) were first applied for Trojan detection. We assume that the training samples from a single class do lie on a subspace, and the test samples can be represented by the single class. The proposed SRC HT detection method on real integrated circuit shows high accuracy and efficiency.

Hardware security has long been an important issue in the current IC design. In this paper, a hardware Trojan detection method based on frequency domain characteristics of power consumption is proposed. For some HTs, it is difficult to detect based on the time domain characteristics, these types of hardware Trojan can be analyzed in the frequency domain, and Mahalanobis distance is used to classify designs with or without HTs. The experimental results demonstrate that taking 10% distance as the criterion, the hardware Trojan detection results in the frequency domain have almost no failure cases in all the tested designs.

This paper uses side channel analysis to detect hardware Trojan based on back propagation neural network. First, a power consumption collection platform is built to collect power waveforms, and the amplifier is utilized to amplify power consumption information to improve the detection accuracy. Then the small difference between the power waveforms is recognized by the back propagation neural network to achieve the purpose of detection. This method is validated on Advanced Encryption Standard circuit. Results show this method is able to identify the circuits with a Trojan occupied 0.19% of Advanced Encryption Standard circuit. And the detection accuracy rate can reach 100%.

This work proposes a plausible detection scheme for Hardware Trojan (HT) detection in frequency domain analysis. Due to shrinking technology every node consumes low power values (in the range of $μ$W) which are difficult to manipulate for HT detection using conventional methods. The proposed method utilizes the time domain power signals which is converted to frequency domain that represents the implausible signals and analyzed. The precision of HT detection is found to be increased because of the magnified power values in frequency domain. This work uses ISCAS89 bench mark circuits for conducting experiments. In this, the wide range of power values that spans from 695 $μ$W to 22.3 $μ$W are observed in frequency domain whereas the respective powers in time domain have narrow span of 2.29 $μ$W to 0.783 $μ$W which is unconvincing. This work uses the wide span of power values to identify HT and observed that the mid-band of frequencies have larger footprints than the side bands. These methods intend to help the designers in easy identification of HT even of single gate events.

At present, most Trojan detection methods are based on the features of host and code. Such methods have certain limitations and lag. This paper analyzes the network behavior features and network traffic of several typical Trojans such as Zeus and Weasel, and proposes a Trojan traffic detection algorithm based on machine learning. First, model different machine learning algorithms and use Random Forest algorithm to extract features for Trojan behavior and communication features. Then identify and detect Trojans' traffic. The accuracy is as high as 95.1%. Comparing the detection of different machine learning algorithms, experiments show that our algorithm has higher accuracy, which is helpful and useful for identifying Trojan.

Hardware Trojan war is expanding from digital world to analog domain. Although hardware Trojans in digital integrated circuits have been extensively investigated, there still lacks study on the Trojans crossing the boundary between digital and analog worlds. This work uses Inter-integrated Circuit (I2C) as an example to demonstrate the potential security threats on its master-slave interface. Furthermore, an obfuscated Trojan detection method is proposed to monitor the abnormal behaviors induced by analog Trojans on the I2C interface. Experimental results confirm that the proposed method has a high sensitivity to the compromised clock signal and can mitigate the clock mute attack with a success rate of over 98%.

Recently literature indicates that stack based three-dimensional (3D) integration techniques may bring in new security vulnerabilities, such as new attack surfaces for hardware Trojan (HT) insertion. Compared to its two-dimensional counterpart (2DHTs), a 3D hardware Trojan (3DHT) could be stealthily distributed in multiple tiers in a single 3D chip. Although the comprehensive models for 3DHTs are available in recent work, there still lacks 3DHT detection and mitigation methods, especially run-time countermeasures against 3DHTs. This work proposes to leverage the 3D communication infrastructure, 3D network-on-chips (NoCs), to tackle the cross-tier hardware Trojans in stacked multi-tier chips. An invariance checking method is further proposed to detect the Trojans that induce malicious NoC packets or facilitate information leak. The proposed method is successfully deployed in NoC routers and achieves a Trojan detection rate of over 94%. The synthesis result of a hardened router at a 45nm technology node shows that the proposed invariance checking only increases the area by 6.49% and consumes 3.76% more dynamic power than an existing 3D router. The NoC protected with the proposed method is applied to the image authentication in a 3D system. The case study indicates that the proposed security measure reduces the correlation coefficient by up to 31% over the baseline.

As an emerging role in on-chip communication, the optical networks-on-chip (ONoCs) can provide ultra-high bandwidth, low latency and low power dissipation for the data transfer. However, the thermo-optic effects of the photonic devices have a great impact on the operating performance and reliability of ONoCs, where the thermal-aware control is used to alleviate it. Furthermore, the temperature-sensitive ONoCs are prone to be attacked by the hardware Trojans (HTs) covertly embedded in the integrated circuits (ICs) from the malicious third-party components, leading to performance degradation, denial of service (DoS), or even permanent damages. In this paper, we focus on the tampering attacks on optical sampling during the thermal sensing process in ONoCs. Corresponding approaches are proposed to mitigate the negative impacts from HT attacks. Evaluation results indicate that our approach can significantly enhance the hardware security of thermal sensing for ONoC with trivial overheads of up to 3.06% and 2.6% in average latency and energy consumption, respectively.

In many-cores based on Network-on-Chip (NoC), several applications execute simultaneously, sharing computation, communication and memory resources. This resource sharing leads to security and trust problems. Hardware Trojans (HTs) may steal sensitive information, degrade system performance, and in extreme cases, induce physical damages. Methods available in the literature to prevent attacks include firewalls, denial-of-service detection, dedicated routing algorithms, cryptography, task migration, and secure zones. The goal of this paper is to add an HT in an NoC, able to execute three types of attacks: packet duplication, block applications, and misrouting. The paper qualitatively evaluates the attacks' effect against methods available in the literature, and its effects showed in an NoC-based many-core. The resulting system is an open-source NoC-based many-core for researchers to evaluate new methods against HT attacks.

Interconnection networks for multi/many-core processors or server systems are the backbone of the system as they enable data communication among the processing cores, caches, memory and other peripherals. Given the criticality of the interconnects, the system can be severely subverted if the interconnection is compromised. The threat of Hardware Trojans (HTs) penetrating complex hardware systems such as multi/many-core processors are increasing due to the increasing presence of third party players in a System-on-chip (SoC) design. Even by deploying naïve HTs, an adversary can exploit the Network-on-Chip (NoC) backbone of the processor and get access to communication patterns in the system. This information, if leaked to an attacker, can reveal important insights regarding the application suites running on the system; thereby compromising the user privacy and paving the way for more severe attacks on the entire system. In this paper, we demonstrate that one or more HTs embedded in the NoC of a multi/many-core processor is capable of leaking sensitive information regarding traffic patterns to an external malicious attacker; who, in turn, can analyze the HT payload data with machine learning techniques to infer the applications running on the processor. Furthermore, to protect against such attacks, we propose a Simulated Annealing-based randomized routing algorithm in the system. The proposed defense is capable of obfuscating the attacker's data processing capabilities to infer the user profiles successfully. Our experimental results demonstrate that the proposed randomized routing algorithm could reduce the accuracy of identifying user profiles by the attacker from \textbackslashtextgreater98% to \textbackslashtextless; 15% in multi/many-core systems.

Nowadays, the Network on Chip (NoC) is widely adopted by multi-core System on Chip (SoC) to meet its communication needs. With the gradual popularization of the Internet of Things (IoT), the application of NoC is increasing. Due to its distribution characteristics on the chip, NoC has gradually become the focus of potential security attacks. Denial of service (DoS) is a typical attack and it is caused by malicious intellectual property (IP) core with unnecessary data packets causing communication congestion and performance degradation. In this article, we propose a novel approach to detect DoS attacks on-line based on random forest algorithm, and detect the router where the attack enters the sensitive communication path. This method targets malicious third-party vendors to implant a DoS Hardware Trojan into the NoC. The data set is generated based on the behavior of multi-core routers triggered by normal and Hardware Trojans. The detection accuracy of the proposed scheme is in the range of 93% to 94%.

Wireless Network-on-Chip (WNoC) broadly adopts single channel for low overhead data transmission. Sharing of the channel among multiple wireless interfaces (WIs) is controlled by a channel access mechanism (CAM). Such CAM can be malfunctioned by a Hardware Trojan (HT) in a malicious WI or a rogue third party intellectual property (IP) core present on the same System-on-Chip (SoC). This may result in denial-of-service (DoS) or spoofing in WNoC leading to starvation of healthy WIs and under-utilization of wireless channel. Our work demonstrates possible threat model on CAM and proposes low overhead decentralized countermeasures for both DoS and spoofing attacks in WNoC.

Various hardware security solutions have been developed recently to help counter hardware level attacks such as hardware Trojan, integrated circuit (IC) counterfeiting and intellectual property (IP) clone/piracy. However, existing solutions often provide specific types of protections. While these solutions achieve great success in preventing even advanced hardware attacks, the compatibility of among these hardware security methods are rarely discussed. The inconsistency hampers with the development of a comprehensive solution for hardware IC and IP from various attacks. In this paper, we develop a security primitive generator to help solve the compatibility issue among different protection techniques. Specifically, we focus on two modern IC/IP protection methods, logic locking and watermarking. A combined locking and watermarking technique is developed based on enhanced finite state machines (FSMs). The security primitive generator will take user-specified constraints and automatically generate an FSM module to perform both logic locking and watermarking. The generated FSM can be integrated into any designs for protection. Our experimental results show that the generator can facilitate circuit protection and provide the flexibility for users to achieve a better tradeoff between security levels and design overheads.

Hardware design, especially the very large scale integration(VLSI) and systems on chip design(SOC), utilizes many codes from third-party intellectual property (IP) providers and former designers. Hardware Trojans (HTs) are easily inserted in this process. Recently researchers have proposed many HTs detection techniques targeting the design codes. State-of-art detections are based on the testability including Controllability and Observability, which are effective to all HTs from TrustHub, and advanced HTs like DeTrust. Meanwhile, testability based detections have advantages in the timing complexity and can be easily integrated into recently industrial verification. Undoubtedly, the adversaries will upgrade their designs accordingly to evade these detection techniques. Designing a variety of complex trojans is a significant way to perfect the existing detection, therefore, we present a novel design of HTs to defeat the testability based detection methods, namely DeTest. Our approach is simple and straight forward, yet it proves to be effective at adding some logic. Without changing HTs malicious function, DeTest decreases controllability and observability values to about 10% of the original, which invalidates distinguishers like clustering and support vector machines (SVM). As shown in our practical attack results, adversaries can easily use DeTest to upgrade their HTs to evade testability based detections. Combined with advanced HTs design techniques like DeTrust, DeTest can evade previous detecions, like UCI, VeriTrust and FANCI. We further discuss how to extend existing solutions to reduce the threat posed by DeTest.

Design for trust approaches can protect an MPSoC system from hardware Trojan attack due to the high penetration of third-party intellectual property. However, this incurs significant design cost by purchasing IP cores from various IP vendors, and the IP vendors providing particular IP are always limited, making these approaches unable to be performed in practice. This paper treats IP vendor as constraint, and tasks are scheduled with a minimized security constraint violations, furthermore, the area of MPSoC is also optimized during scheduling. Experimental results demonstrate the effectiveness of our proposed algorithm, by reducing 0.37% security constraint violations.

Recent advances in Deep Learning (DL) have enabled a paradigm shift to include machine intelligence in a wide range of autonomous tasks. As a result, a largely unexplored surface has opened up for attacks jeopardizing the integrity of DL models and hindering the success of autonomous systems. To enable ubiquitous deployment of DL approaches across various intelligent applications, we propose to develop architectural support for hardware implementation of secure and robust DL. Towards this goal, we leverage hardware/software co-design to develop a DL execution engine that supports algorithms specifically designed to defend against various attacks. The proposed framework is enhanced with two real-time defense mechanisms, securing both DL training and execution stages. In particular, we enable model-level Trojan detection to mitigate backdoor attacks and malicious behaviors induced on the DL model during training. We further realize real-time adversarial attack detection to avert malicious behavior during execution. The proposed execution engine is equipped with hardware-level IP protection and usage control mechanism to attest the legitimacy of the DL model mapped to the device. Our design is modular and can be tuned to task-specific demands, e.g., power, throughput, and memory bandwidth, by means of a customized hardware compiler. We further provide an accompanying API to reduce the nonrecurring engineering cost and ensure automated adaptation to various domains and applications.

Automatically generating exploits for attacks receives much attention in security testing and auditing. However, little is known about the continuous effect of automatic attack generation and detection. In this paper, we develop an analytic model to understand the cost-benefit tradeoffs in light of the process of vulnerability discovery. We develop a three-phased model, suggesting that the cumulative malware detection has a productive period before the rate of gain flattens. As the detection mechanisms co-evolve, the gain will likely increase. We evaluate our analytic model by using an anti-virus tool to detect the thousands of Trojans automatically created. The anti-virus scanning results over five months show the validity of the model and point out future research directions.

Malware is any software that causes harm to the user information, computer systems or network. Modern computing and internet systems are facing increase in malware threats from the internet. It is observed that different malware follows the same patterns in their structure with minimal alterations. The type of threats has evolved, from file-based malware to fileless malware, such kind of threats are also known as Advance Volatile Threat (AVT). Fileless malware is complex and evasive, exploiting pre-installed trusted programs to infiltrate information with its malicious intent. Fileless malware is designed to run in system memory with a very small footprint, leaving no artifacts on physical hard drives. Traditional antivirus signatures and heuristic analysis are unable to detect this kind of malware due to its sophisticated and evasive nature. This paper provides information relating to detection, mitigation and analysis for such kind of threat.

Advanced persistent threats (APT) have increased in recent times as a result of the rise in interest by nation-states and sophisticated corporations to obtain high profile information. Typically, APT attacks are more challenging to detect since they leverage zero-day attacks and common benign tools. Furthermore, these attack campaigns are often prolonged to evade detection. We leverage an approach that uses a provenance graph to obtain execution traces of host nodes in order to detect anomalous behavior. By using the provenance graph, we extract features that are then used to train an online adaptive metric learning. Online metric learning is a deep learning method that learns a function to minimize the separation between similar classes and maximizes the separation between dis-similar instances. We compare our approach with baseline models and we show our method outperforms the baseline models by increasing detection accuracy on average by 11.3 % and increases True positive rate (TPR) on average by 18.3 %.

When building the architecture of cyber defense systems, one of the important tasks is to create a methodology for current diagnostics of cybersecurity status of information systems and objects of information activity. The complexity of this procedure is that having a strong security level of the object at the software level does not mean that such power is available at the hardware level or at the cryptographic level. There are always weaknesses in all levels of information security that criminals are constantly looking for. Therefore, the task of promptly calculating the likelihood of possible negative consequences from the successful implementation of cyberattacks is an urgent task today. This paper proposes an approach of obtaining an instantaneous calculation of the probabilities of negative consequences from the successful implementation of cyberattacks on objects of information activity on the basis of delayed differential equation theory and the mechanism of constructing a logical Fuzzy function. This makes it possible to diagnose the security status of the information system.

The manufacturing of integrated circuits (IC) outside of the design houses makes it possible for the adversary to easily perform a reverse engineering attack against intellectual property (IP)/IC. The aim of this attack can be the IP piracy, overproduction, counterfeiting or inserting hardware Trojan (HT) throughout the supply chain of the IC. Preventing hardware Trojan insertion is a significant issue in the context of hardware security (HS) and has not been considered in most of the previous logic encryption methods. To eliminate this problem, in this paper an Anti-Trojan insertion algorithm is presented. The idea is based on the fact that reducing the signals with low-observability (LO) and low-controllability (LC) can prevent HT insertion significantly. The security of logic encryption methods depends on the algorithm and the encryption key. However, the security of these methods has been compromised by SAT attacks over recent years. SAT attacks, can decode the correct key from most logic encryption techniques. In this article, by using the PUF-based encryption, the applied key in the encryption is randomized and SAT attack cannot be performed. Based on the output of PUF, a unique encryption has been made for each chip that preventing from counterfeiting and IP piracy.

Reversible logic is a building block for adiabatic and quantum computing in addition to other applications. Since common functions are non-reversible, one needs to embed them into proper-size reversible functions by adding ancillary inputs and garbage outputs. We explore the Intellectual Property (IP) piracy of reversible circuits. The number of embeddings of regular functions in a reversible function and the percent of leaked ancillary inputs measure the difficulty of recovering the embedded function. To illustrate the key concepts, we study reversible logic circuits designed using reversible logic synthesis tools based on Binary Decision Diagrams and Quantum Multi-valued Decision Diagrams.

Digital microfluidic biochips (DMFBs) have become popular in the healthcare industry recently because of its lowcost, high-throughput, and portability. Users can execute the experiments on biochips with high resolution, and the biochips market therefore grows significantly. However, malicious attackers exploit Intellectual Property (IP) piracy and Trojan attacks to gain illegal profits. The conventional approaches present defense mechanisms that target either IP piracy or Trojan attacks. In practical, DMFBs may suffer from the threat of being attacked by these two attacks at the same time. This paper presents a comprehensive security system to protect DMFBs from IP piracy and Trojan attacks. We propose an authentication mechanism to protect IP and detect errors caused by Trojans with CCD cameras. By our security system, we could generate secret keys for authentication and determine whether the bioassay is under the IP piracy and Trojan attacks. Experimental results demonstrate the efficacy of our security system without overhead of the bioassay completion time.

The high penetration of third-party intellectual property (3PIP) brings a high risk of malicious inclusions and data leakage in products due to the planted hardware Trojans, and system level security constraints have recently been proposed for MPSoCs protection against hardware Trojans. However, secret communication still can be established in the context of the proposed security constraints, and thus, another type of security constraints is also introduced to fully prevent such malicious inclusions. In addition, fulfilling the security constraints incurs serious overhead of schedule length, and a two-stage performance-constrained task scheduling algorithm is then proposed to maintain most of the security constraints. In the first stage, the schedule length is iteratively reduced by assigning sets of adjacent tasks into the same core after calculating the maximum weight independent set of a graph consisting of all timing critical paths. In the second stage, tasks are assigned to proper IP vendors and scheduled to time periods with a minimization of cores required. The experimental results show that our work reduces the schedule length of a task graph, while only a small number of security constraints are violated.