nach oben

Journal of Electronic Testing

Erschienen in:

07.12.2022

A CatBoost Based Approach to Detect Label Flipping Poisoning Attack in Hardware Trojan Detection Systems

verfasst von: Richa Sharma, G. K. Sharma, Manisha Pattanaik

Erschienen in: Journal of Electronic Testing | Ausgabe 6/2022

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Hardware Trojan (HT) intrusion at different integrated circuit (IC) phases is the most important concern for the semiconductor industries. Recently, machine learning (ML) models have been used to detect HT from the pre-silicon IC phase, which utilizes either structural or SCOAP gate level netlist features. However, the main concern is that an adversary may poison the training dataset by flipping the target labels to malign the ML model training, which further provides an incorrect prediction on the test dataset. Thus, due to the malicious training of ML models, the Trojan-inserted ICs are missed out and can easily perform their malicious activities. Hence, it is of utmost importance to scan the training dataset and identify the poisoned input samples before applying ML models for HT detection. Therefore, this paper proposes a new technique that first identifies the poisoned training samples, which consist of SCOAP features, and then detects HTs from the unseen gate-level netlist. The proposed technique employs a robust ensemble Categorical Boosting (CatBoost) model, which avoids the problem of target leakage by using the concept of ordered boosting. Further, a label flipping poisoning attack based on a stochastic hill-climbing search is proposed, which flips the labels of the handful of samples that maximizes the validation dataset loss by deteriorating the model performance. Moreover, a defense method is proposed which utilizes CatBoost object importance and k-nearest neighbor to detect malicious training samples and restore their original labels. Finally, the CatBoost model is trained on the clean dataset to detect the HT nets from the unseen gate-level netlist accurately. Experimental results shows that the proposed attack method increases the on-an-average loss up to \(58\%\) and \(54\%\) on Trust-Hub and DeTrust benchmarks. Whereas the proposed defense method accurately identifies the poisoned input labels from the training dataset with on-an-average \(99\%\) accuracy on these benchmarks.

Vorheriger Artikel Design and Evaluation of XOR Arbiter Physical Unclonable Function and its Implementation on FPGA in Hardware Security Applications

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

ATZelectronics worldwide

ATZlectronics worldwide is up-to-speed on new trends and developments in automotive electronics on a scientific level with a high depth of information.

Order your 30-days-trial for free and without any commitment.

Jetzt informieren

ATZelektronik

Die Fachzeitschrift ATZelektronik bietet für Entwickler und Entscheider in der Automobil- und Zulieferindustrie qualitativ hochwertige und fundierte Informationen aus dem gesamten Spektrum der Pkw- und Nutzfahrzeug-Elektronik.

Lassen Sie sich jetzt unverbindlich 2 kostenlose Ausgabe zusenden.

Jetzt informieren

Aryal K, Gupta M, Abdelsalam M (2021) A survey on adversarial attacks for malware analysis. arXiv preprint arXiv:2111.08223

Basu K, Saeed SM, Pilato C, Ashraf M, Nabeel MT, Chakrabarty K, Karri R (2019) Cad-base: An attack vector into the electronics supply chain. ACM Trans Des Autom Electron Syst (TODAES) 24(4):1–30CrossRef

Bhunia S, Hsiao MS, Banga M, Narasimhan S (2014) Hardware trojan attacks: threat analysis and countermeasures. Proc IEEE 102(8):1229–1247CrossRef

Chakraborty RS, Narasimhan S, Bhunia S (2009) Hardware trojan: Threats and emerging solutions. In: Proc. IEEE International high level design validation and test workshop. pp 166–171

Chen T, Guestrin C (2016) Xgboost: A scalable tree boosting system. In: Proceedings of the 22nd acm sigkdd international conference on knowledge discovery and data mining. pp 785–794

Cheng N, Zhang H, Li Z (2021) Data sanitization against label flipping attacks using adaboost-based semi-supervised learning technology. Soft Comput 25(23)14573–14581

Clements J, Lao Y (2018) Hardware trojan attacks on neural networks. arXiv preprint arXiv:1806.05768

Elnaggar R, Chakrabarty K (2018) Machine learning for hardware security: Opportunities and risks. J Electron Test 34(2):183–201CrossRef

Fern N, Kulkarni S, Cheng K-TT (2015) Hardware trojans hidden in RTL don’t cares-automated insertion and prevention methodologies. In: Proc. IEEE International Test Conference (ITC). pp 1–8

10.

Friedman JH (2001) Greedy function approximation: a gradient boosting machine. Ann Stat pp. 1189–1232

11.

Gao Y, Doan BG, Zhang Z, Ma S, Zhang J, Fu A, Nepal S, Kim H (2020) Backdoor attacks and countermeasures on deep learning: A comprehensive review. arXiv preprint arXiv:2007.10760

12.

Goldstein LH, Thigpen EL (1980) Scoap: Sandia controllability/observability analysis program. In Proceedings of the 17th Design Automation Conference pp. 190–196

13.

Goodfellow IJ, Shlens J, Szegedy C (2014) Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572

14.

Gu T, Liu K, Dolan-Gavitt B, Garg S (2019) Badnets: Evaluating backdooring attacks on deep neural networks. IEEE Access 7:47230–47244

15.

Hasegawa K, Oya M, Yanagisawa M, Togawa N (2016) Hardware trojans classification for gate-level netlists based on machine learning. In: Proc. 22nd International Symposium on On-Line Testing and Robust System Design (IOLTS). IEEE, pp 203–206

16.

Hasegawa K, Yanagisawa M, Togawa N (2017) Trojan-feature extraction at gate-level netlists and its application to hardware-trojan detection using random forest classifier. In: Proc. IEEE International Symposium on Circuits and Systems (ISCAS). pp 1–4

17.

Hasegawaa K, Yanagisawa M, Togawa N (2017) Hardware trojans classification for gate-level netlists using multi-layer neural networks. In: Proc. IEEE 23rd International Symposium on On-Line Testing and Robust System Design (IOLTS). pp 227–232

18.

Hu W, Zhang L, Ardeshiricham A, Blackstone J, Hou B, Tai Y, Kastner R (2017) Why you should care about don’t cares: Exploiting internal don’t care conditions for hardware trojans. In: Proc. IEEE/ACM International Conference on Computer-Aided Design (ICCAD). pp 707–713

19.

Huang Z, Wang Q, Chen Y, Jiang X (2020) A survey on machine learning against hardware trojan attacks: Recent advances and challenges. IEEE Access 8:10796–10826

20.

Jacob N, Merli D, Heyszl J, Sigl G (2014) Hardware trojans: current challenges and approaches. IET Comput Digit Tech 8(6):264–273CrossRef

21.

Kaviani S, Sohn I (2021) Defense against neural trojan attacks: A survey. Neurocomputing 423:651–667CrossRef

22.

Khamitkar R, Dube R (2022) A survey on using machine learning to counter hardware trojan challenges. In: ICT with Intelligent Applications. Springer, pp 539–547

23.

Kok CH, Ooi CY, Inoue M, Moghbel M, Dass SB, Choo HS, Ismail N, Hussin FA (2019) Net classification based on testability and netlist structural features for hardware trojan detection. In: Proc. IEEE 28th Asian Test Symposium (ATS). pp 105–1055

24.

Kok CH, Ooi CY, Moghbel M, Ismail N, Choo HS, Inoue M (2019) Classification of trojan nets based on scoap values using supervised learning. In: Proc. IEEE International Symposium on Circuits and Systems (ISCAS). pp 1–5

25.

Kurihara T, Togawa N (2021) Hardware-trojan classification based on the structure of trigger circuits utilizing random forests. In: Proc. IEEE 27th International Symposium on On-Line Testing and Robust System Design (IOLTS). pp 1–4

26.

Li H, Liu Q, Zhang J (2016) A survey of hardware trojan threat and defense. Integration 55:426–437CrossRef

27.

Liakos KG, Georgakilas GK, Moustakidis S, Sklavos N, Plessas FC (2020) Conventional and machine learning approaches as countermeasures against hardware trojan attacks. Microprocess Microsyst p. 103295

28.

Liu W, Chang C-H, Wang X, Liu C, Fung JM, Ebrahimabadi M, Karimi N, Meng X, Basu K (2021) Two sides of the same coin: Boons and banes of machine learning in hardware security. IEEE J Emerging Sel Top Circuits Syst 11(2):228–251CrossRef

29.

Liu Y, Mondal A, Chakraborty A, Zuzak M, Jacobsen N, Xing D, Srivastava A (2020) A survey on neural trojans. In: Proc. 21st International Symposium on Quality Electronic Design (ISQED). pp 33–39

30.

Liu Y, Xie Y, Srivastava A (2017) Neural trojans. In: Proc. IEEE International Conference on Computer Design (ICCD). pp 45–48

31.

Mondal A, Biswal RK, Mahalat MH, Roy S, Sen B (2021) Hardware trojan free netlist identification: A clustering approach. J Electron Test 37(3):317–328CrossRef

32.

Nahiyan A, Sadi M, Vittal R, Contreras G, Forte D, Tehranipoor M (2017) Hardware trojan detection through information flow security verification. In: Proc. IEEE International Test Conference (ITC). pp 1–10

33.

Nozawa K, Hasegawa K, Hidano S, Kiyomoto S, Hashimoto K, Togawa N (2019) Adversarial examples for hardware-trojan detection at gate-level netlists. In: Comput Secur. Springer, pp 341–359

34.

Paudice A, Muñoz-González L, Lupu EC (2018) Label sanitization against label flipping poisoning attacks. In: Joint European conference on machine learning and knowledge discovery in databases. Springer, pp 5–15

35.

Pedregosa F, Varoquaux G, Gramfort A, Michel V, Thirion B, Grisel O, Blondel M, Prettenhofer P, Weiss R, Dubourg V et al (2011) Scikit-learn: Machine learning in python. J Mach Learn Res 12:2825–2830

36.

Peterson LE (2009) K-nearest neighbor. Scholarpedia 4(2):1883CrossRef

37.

Pilato C, Basu K, Regazzoni F, Karri R (2018) Black-hat high-level synthesis: Myth or reality? IEEE Transactions on Very Large Scale Integration (VLSI) Systems 27(4):913–926

38.

Pitropakis N, Panaousis E, Giannetsos T, Anastasiadis E, Loukas G (2019) A taxonomy and survey of attacks against machine learning. Comput Sci Rev 34:100199

39.

Prokhorenkova L, Gusev G, Vorobev A, Dorogush AV, Gulin A (2017) Catboost: unbiased boosting with categorical features. arXiv preprint arXiv:1706.09516

40.

Rawal A, Rawat D, Sadler BM (2021) Recent advances in adversarial machine learning: status, challenges and perspectives. Artificial Intelligence and Machine Learning for Multi-Domain Operations Applications III 11746:701–712

41.

Rostami M, Koushanfar F, Karri R (2014) A primer on hardware security: Models, methods, and metrics. Proc IEEE 102(8):1283–1295CrossRef

42.

Russell SJ (2010) Artificial intelligence a modern approach. Pearson Education, Inc

43.

Salmani H (2017) Cotd: reference-free hardware trojan detection and recovery based on controllability and observability in gate-level netlist. IEEE Trans Inf Forensics Secur 12(2):338–350CrossRef

44.

Salmani H, Tehranipoor M, Karri R (2013) On design vulnerability analysis and trust benchmarks development. In: Proc. IEEE 31st international conference on computer design (ICCD). pp 471–474

45.

Samimi SMS (2016) Testability measurement tool. https://sourceforge.net/projects/testabilitymeasurementtool/

46.

Sharma R, Valivati NK, Sharma G, Pattanaik M (2020) A new hardware trojan detection technique using class weighted xgboost classifier. In: Proc. 24th International Symposium on VLSI Design and Test (VDAT). pp 1–6

47.

Taheri R, Javidan R, Shojafar M, Pooranian Z, Miri A, Conti M (2020) On defending against label flipping attacks on malware detection systems. Neural Comput Appl 32(18):14781–14800

48.

Wang J, Hassan GM, Akhtar N (2022) A survey of neural trojan attacks and defenses in deep learning. arXiv preprint arXiv:2202.07183

49.

Wang Y, Han T, Han X, Liu P (2019) Ensemble-learning-based hardware trojans detection method by detecting the trigger nets. In: Proc. IEEE International Symposium on Circuits and Systems (ISCAS). pp 1–5

50.

Xiao H, Biggio B, Nelson B, Xiao H, Eckert C, Roli F (2015) Support vector machines under adversarial label contamination. Neurocomputing 160:53–62CrossRef

51.

Xiao H, Xiao H, Eckert C (2012) Adversarial label flips attack on support vector machines. In: ECAI 2012. IOS Press, pp 870–875

52.

Xiao K, Forte D, Jin Y, Karri R, Bhunia S, Tehranipoor M (2016) Hardware trojans: Lessons learned after one decade of research. ACM Trans Des Autom Electron Syst (TODAES) 22(1):6

53.

Xie X, Sun Y, Chen H, Ding Y (2017) Hardware trojans classification based on controllability and observability in gate-level netlist. IEICE Electronics Express 14(18):20170682–20170682

54.

Xue M, Gu C, Liu W, Yu S, O’Neill M (2020) Ten years of hardware trojans: a survey from the attacker’s perspective. IET Comput Digit Tech 14(6):231–246CrossRef

55.

Xue M, Yuan C, Wu H, Zhang Y, Liu W (2020) Machine learning security: Threats, countermeasures, and evaluations. IEEE Access 8:74720–74742

56.

Yang Y, Ye J, Cao Y, Zhang J, Li X, Li H, Hu Y (2020) Survey: Hardware trojan detection for netlist. In: Proc. IEEE 29th Asian Test Symposium (ATS). pp 1–6

57.

Zhang H, Cheng N, Zhang Y, Li Z (2021) Label flipping attacks against naive bayes on spam filtering systems. Appl Intell 51(7):4503–4514CrossRef

58.

Zhang J, Yuan F, Xu Q (2014) Detrust: Defeating hardware trust verification with stealthy implicitly-triggered hardware trojans. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM pp. 153–166

Titel: A CatBoost Based Approach to Detect Label Flipping Poisoning Attack in Hardware Trojan Detection Systems
verfasst von: Richa Sharma
G. K. Sharma
Manisha Pattanaik
Publikationsdatum: 07.12.2022
Verlag: Springer US
Erschienen in: Journal of Electronic Testing / Ausgabe 6/2022
Print ISSN: 0923-8174
Elektronische ISSN: 1573-0727
DOI: https://doi.org/10.1007/s10836-022-06035-6

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Kryptowährungen/© gopixa / Getty Images / iStock, MG4 aus China auf dem Prüfstand im ADAC-Technik-Zentrum in Landsberg am Lech/© ADAC e.V., Chassis eines Elektrofahrzeugs/© chesky / stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Sustainibility Finance/© Robert Kneschke / stock.adobe.com / Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

ATZelectronics worldwide

ATZelektronik

Weitere Artikel der Ausgabe 6/2022

Effect of Sizing and Scaling on Power Dissipation and Resilience of an RHBD SRAM Circuit

Design and Evaluation of XOR Arbiter Physical Unclonable Function and its Implementation on FPGA in Hardware Security Applications

Development of a Simplified Programming Kit Based 16LF18856 for Embedded Systems Testing and Education in Developing Countries

Editorial

Test Technology Newsletter

Smell Detection Agent Optimization Approach to Path Generation in Automated Software Testing

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.