TY - GEN
T1 - A Command-Activated Hardware Trojan Detection Method Based on LUNAR Framework
AU - Yang, Xue
AU - Wei, Congming
AU - Ding, Yaoling
AU - Sun, Shaofei
AU - Wang, An
AU - Chen, Jiazhe
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.
PY - 2024
Y1 - 2024
N2 - Hardware Trojans have become a major challenge to ICs due to their serious damage to the reliability and security. However, hardware Trojans can be activated in a variety of ways, making accurate activation of hidden hardware Trojans extremely difficult. In this paper, we propose an automatic anomaly detection method based on LUNAR (Learnable Unified Neighborhood-based Anomaly Ranking) based on graph neural networks to efficiently, quickly, accurately, and automatically detect unknown commands secretly inserted by untrusted parties. This method could effectively detect the command-activated hardware Trojans, which are the most frequently used activation mode. While retaining the linear time complexity advantage of PBCS (Pruning Bytes Command Search), we try to use neighbor information in a trainable way to find anomalies in each node, which could effectively reduce manual intervention in unsupervised conditions. Our experiments mainly focus on the preprocessed waveform sets with obvious features, Gaussian noise waveform sets with weak features, and original waveform sets without any obvious features. The results show that the LUNAR framework can detect anomalies significantly better than One-Class SVM, Isolation Forest and Local Outlier Factor, which are easily affected by parameter adjustment, especially in scenarios with no preprocessing and no obvious features.
AB - Hardware Trojans have become a major challenge to ICs due to their serious damage to the reliability and security. However, hardware Trojans can be activated in a variety of ways, making accurate activation of hidden hardware Trojans extremely difficult. In this paper, we propose an automatic anomaly detection method based on LUNAR (Learnable Unified Neighborhood-based Anomaly Ranking) based on graph neural networks to efficiently, quickly, accurately, and automatically detect unknown commands secretly inserted by untrusted parties. This method could effectively detect the command-activated hardware Trojans, which are the most frequently used activation mode. While retaining the linear time complexity advantage of PBCS (Pruning Bytes Command Search), we try to use neighbor information in a trainable way to find anomalies in each node, which could effectively reduce manual intervention in unsupervised conditions. Our experiments mainly focus on the preprocessed waveform sets with obvious features, Gaussian noise waveform sets with weak features, and original waveform sets without any obvious features. The results show that the LUNAR framework can detect anomalies significantly better than One-Class SVM, Isolation Forest and Local Outlier Factor, which are easily affected by parameter adjustment, especially in scenarios with no preprocessing and no obvious features.
KW - Graph Neural Network
KW - Hardware Trojan Detection
KW - Side Channel Analysis
UR - http://www.scopus.com/inward/record.url?scp=85198477544&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-61486-6_20
DO - 10.1007/978-3-031-61486-6_20
M3 - Conference contribution
AN - SCOPUS:85198477544
SN - 9783031614859
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 340
EP - 358
BT - Applied Cryptography and Network Security Workshops - ACNS 2024 Satellite Workshops, AIBlock, AIHWS, AIoTS, SCI, AAC, SiMLA, LLE, and CIMSS, Proceedings
A2 - Andreoni, Martin
PB - Springer Science and Business Media Deutschland GmbH
T2 - Satellite Workshops held in parallel with the 22nd International Conference on Applied Cryptography and Network Security, ACNS 2024
Y2 - 5 March 2024 through 8 March 2024
ER -