Showing papers on "Trojan published in 2021"
18 Jan 2021
TL;DR: In this paper, the authors proposed a logic testing approach for Trojan detection using an effective combination of testability analysis and reinforcement learning, which can significantly improve the trigger coverage and reduce the test generation time.
Abstract: Due to globalized semiconductor supply chain, there is an increasing risk of exposing System-on-Chip (SoC) designs to malicious implants, popularly known as hardware Trojans. Unfortunately, traditional simulation-based validation using millions of test vectors is unsuitable for detecting stealthy Trojans with extremely rare trigger conditions due to exponential input space complexity of modern SoCs. There is a critical need to develop efficient Trojan detection techniques to ensure trustworthy SoCs. While there are promising test generation approaches, they have serious limitations in terms of scalability and detection accuracy. In this paper, we propose a novel logic testing approach for Trojan detection using an effective combination of testability analysis and reinforcement learning. Specifically, this paper makes three important contributions. 1) Unlike existing approaches, we utilize both controllability and observability analysis along with rareness of signals to significantly improve the trigger coverage. 2) Utilization of reinforcement learning considerably reduces the test generation time without sacrificing the test quality. 3) Experimental results demonstrate that our approach can drastically improve both trigger coverage (14.5% on average) and test generation time (6.5 times on average) compared to state-of-the-art techniques.
57 citations
23 May 2021
TL;DR: Meta Neural Trojan Detection (MNTD) as mentioned in this paper proposes to train a meta-classifier that predicts whether a given target model is Trojaned, without knowledge of the attack strategy.
Abstract: In machine learning Trojan attacks, an adversary trains a corrupted model that obtains good performance on normal data but behaves maliciously on data samples with certain trigger patterns. Several approaches have been proposed to detect such attacks, but they make undesirable assumptions about the attack strategies or require direct access to the trained models, which restricts their utility in practice.This paper addresses these challenges by introducing a Meta Neural Trojan Detection (MNTD) pipeline that does not make assumptions on the attack strategies and only needs black-box access to models. The strategy is to train a meta-classifier that predicts whether a given target model is Trojaned. To train the meta-model without knowledge of the attack strategy, we introduce a technique called jumbo learning that samples a set of Trojaned models following a general distribution. We then dynamically optimize a query set together with the meta-classifier to distinguish between Trojaned and benign models.We evaluate MNTD with experiments on vision, speech, tabular data and natural language text datasets, and against different Trojan attacks such as data poisoning attack, model manipulation attack, and latent attack. We show that MNTD achieves 97% detection AUC score and significantly outperforms existing detection approaches. In addition, MNTD generalizes well and achieves high detection performance against unforeseen attacks. We also propose a robust MNTD pipeline which achieves around 90% detection AUC even when the attacker aims to evade the detection with full knowledge of the system.
44 citations
Posted Content•
TL;DR: T-Miner is presented -- a defense framework for Trojan attacks on DNN-based text classifiers that employs a sequence-to-sequence (seq-2-seq) generative model that probes the suspicious classifier and learns to produce text sequences that are likely to contain the Trojan trigger.
Abstract: Deep Neural Network (DNN) classifiers are known to be vulnerable to Trojan or backdoor attacks, where the classifier is manipulated such that it misclassifies any input containing an attacker-determined Trojan trigger. Backdoors compromise a model's integrity, thereby posing a severe threat to the landscape of DNN-based classification. While multiple defenses against such attacks exist for classifiers in the image domain, there have been limited efforts to protect classifiers in the text domain.
We present Trojan-Miner (T-Miner) -- a defense framework for Trojan attacks on DNN-based text classifiers. T-Miner employs a sequence-to-sequence (seq-2-seq) generative model that probes the suspicious classifier and learns to produce text sequences that are likely to contain the Trojan trigger. T-Miner then analyzes the text produced by the generative model to determine if they contain trigger phrases, and correspondingly, whether the tested classifier has a backdoor. T-Miner requires no access to the training dataset or clean inputs of the suspicious classifier, and instead uses synthetically crafted "nonsensical" text inputs to train the generative model. We extensively evaluate T-Miner on 1100 model instances spanning 3 ubiquitous DNN model architectures, 5 different classification tasks, and a variety of trigger phrases. We show that T-Miner detects Trojan and clean models with a 98.75% overall accuracy, while achieving low false positives on clean models. We also show that T-Miner is robust against a variety of targeted, advanced attacks from an adaptive attacker.
35 citations
Southwest Research Institute1, Goddard Space Flight Center2, Arizona State University3, Massachusetts Institute of Technology4, University of Central Florida5, California Institute of Technology6, Northern Arizona University7, Lowell Observatory8, University of Cologne9, NASA Headquarters10, University of Maryland, College Park11, Johns Hopkins University Applied Physics Laboratory12
TL;DR: Lucy as mentioned in this paper is a NASA Discovery-class mission to send a highly capable and robust spacecraft to investigate seven primitive asteroids near both the L4 and L5 Lagrange points with Jupiter: the Jupiter Trojan asteroids.
Abstract: The Lucy Mission is a NASA Discovery-class mission to send a highly capable and robust spacecraft to investigate seven primitive bodies near both the L4 and L5 Lagrange points with Jupiter: the Jupiter Trojan asteroids. These planetesimals from the outer planetary system have been preserved since early in solar system history. The Lucy mission will fly by and extensively study a diverse selection of Trojan asteroids, including all the recognized taxonomic classes, a collisional family member, and a near equal-mass binary. It will visit objects with diameters ranging from roughly 1 km to 100 km. The payload suite consists of a color camera and infrared imaging spectrometer, a high-resolution panchromatic imager, and a thermal infrared spectrometer. Additionally, two spacecraft subsystems will also contribute to the science investigations: the terminal tracking cameras will supplement imaging during closest approach and the telecommunication subsystem will be used to measure the mass of the Trojans. The science goals are derived from the 2013 Planetary Decadal Survey and include determining the surface composition, assessing the geology, determining the bulk properties, and searching for satellites and rings.
23 citations
TL;DR: Comet P/2019 LD2 has orbital elements currently resembling those of a Jupiter Trojan, and therefore superficially appears to represent a unique opportunity to study the volatile content and active behavior of a member of this population for the first time.
19 citations
TL;DR: A memory Trojan methodology is proposed that implants the malicious logics merely into the memory controllers of DNN systems without the necessity of toolchain manipulation or accessing to the victim model and thus is feasible for practical uses.
Abstract: Deep neural network (DNN) accelerators are widely deployed in computer vision, speech recognition, and machine translation applications, in which attacks on DNNs have become a growing concern. This article focuses on exploring the implications of hardware Trojan attacks on DNNs. Trojans are one of the most challenging threat models in hardware security where adversaries insert malicious modifications to the original integrated circuits (ICs), leading to malfunction once being triggered. Such attacks can be conducted by adversaries because modern ICs commonly include third-party intellectual property (IP) blocks. Previous studies design hardware Trojans to attack DNNs with the assumption that adversaries have full knowledge or manipulation of the DNN systems’ victim model and toolchain in addition to the hardware platforms, yet such a threat model is strict, limiting their practical adoption. In this article, we propose a memory Trojan methodology that implants the malicious logics merely into the memory controllers of DNN systems without the necessity of toolchain manipulation or accessing to the victim model and thus is feasible for practical uses. Specifically, we locate the input image data among the massive volume of memory traffics based on memory access patterns and propose a Trojan trigger mechanism based on detecting the geometric feature in input images. Extensive experiments show that the proposed trigger mechanism is effective even in the presence of environmental noises and preprocessing operations. Furthermore, we design and implement the payload and verify that the proposed Trojan technique can effectively conduct both untargeted and targeted attacks on DNNs.
19 citations
TL;DR: Two important threat models are referred to and the detection and mitigation techniques against these types of attacks on neural networks which has been proposed recently are focused on.
15 citations
Posted Content•
TL;DR: It is shown that the FLAW3D bootloader can hide from programming tools, and even within tight design constraints, it can compromise the quality of additively manufactured prints and reduce tensile strengths by up to 50%.
Abstract: Additive Manufacturing (AM) systems such as 3D printers use inexpensive microcontrollers that rarely feature cybersecurity defenses. This is a risk, especially given the rising threat landscape within the larger digital manufacturing domain. In this work we demonstrate this risk by presenting the design and study of a malicious Trojan (the FLAW3D bootloader) for AVR-based Marlin-compatible 3D printers (>100 commercial models). We show that the Trojan can hide from programming tools, and even within tight design constraints (less than 1.7 kilobytes in size), it can compromise the quality of additively manufactured prints and reduce tensile strengths by up to 50%.
14 citations
01 Oct 2021
TL;DR: The Lucy mission as discussed by the authors achieved science during a series of five flyby encounters with seven Trojan asteroid targets using a payload suite consisting of a color camera and infrared imaging spectrometer, a high-resolution panchromatic imager, and a thermal infrared spectrometers.
Abstract: The Lucy Mission accomplishes its science during a series of five flyby encounters with seven Trojan asteroid targets. This mission architecture drives a concept of operations design that maximizes science return, provides redundancy in observations where possible, features autonomous fault protection and utilizes onboard target tracking near closest approach. These design considerations reduce risk during the relatively short time-critical periods when science data is collected. The payload suite consists of a color camera and infrared imaging spectrometer, a high-resolution panchromatic imager, and a thermal infrared spectrometer. The mission design allows for concurrent observations of all instruments. Additionally, two spacecraft subsystems will also contribute to the science investigations: the Terminal Tracking Cameras will obtain wide field-of-view imaging near closest approach to determine the shape of each of the Trojan targets and the telecommunication subsystem will carry out Doppler tracking of the spacecraft to determine the mass of each of the Trojan targets.
14 citations
TL;DR: Zhang et al. as mentioned in this paper proposed an efficient test generation technique to facilitate side-channel analysis utilizing dynamic current, which can quickly find the profitable ordered pairs of test vectors that can maximize sidechannel sensitivity.
Abstract: Detection of hardware Trojans is vital to ensure the security and trustworthiness of System-on-Chip (SoC) designs. Side-channel analysis is effective for Trojan detection by analyzing various side-channel signatures such as power, current, and delay. In this article, we propose an efficient test generation technique to facilitate side-channel analysis utilizing dynamic current. While early work on current-aware test generation has proposed several promising ideas, there are two major challenges in applying it on large designs: (i) The test generation time grows exponentially with the design complexity, and (ii) it is infeasible to detect Trojans, since the side-channel sensitivity is marginal compared to the noise and process variations. Our proposed work addresses both challenges by effectively exploiting the affinity between the inputs and rare (suspicious) nodes. The basic idea is to quickly find the profitable ordered pairs of test vectors that can maximize side-channel sensitivity. This article makes two important contributions: (i) It proposed an efficient test generation algorithm that can produce the first patterns in the test vectors to maximize activation of suspicious nodes using an SMT solver, and (ii) it developed a genetic-algorithm based test generation technique to produce the second patterns in the test vectors to maximize the switching in the suspicious regions while minimizing the switching in the rest of the design. Our experimental results demonstrate that we can drastically improve both the side-channel sensitivity (62× on average) and time complexity (13× on average) compared to the state-of-the-art test generation techniques.
14 citations
TL;DR: In this paper, the authors proposed HTDet, a novel HT detection method using information entropy-based clustering and developed a heuristic test pattern generation method using mutual information to increase the transitions of suspicious Trojan logics.
TL;DR: This taxonomy reflects practically significant characteristics ofBoard-level Trojans to guide development of board-level countermeasures and fair, comprehensive benchmark suites and to inform a new taxonomy suited for PCB Trojan attacks.
TL;DR: STRIP-ViTA is the first confirmed Trojan detection method that is demonstratively independent of both the task domain and model architectures and can effectively detect Trojan inputs with small false acceptance rate (FAR) with an acceptable preset false rejection rate (FRR).
Abstract: This work designs and evaluates a run-time deep neural network (DNN) model Trojan detection method exploiting STRong Intentional Perturbation of inputs that is a multi-domain Trojan detection defence across Vision, Text and Audio domains---termed as STRIP-ViTA. Specifically, STRIP-ViTA is demonstratively independent of not only task domain but also model architectures. Most importantly, unlike other detection mechanisms, it requires neither machine learning expertise nor expensive computational resource, which are the reason behind DNN model outsourcing scenario---one main attack surface of Trojan attack. We have extensively evaluated the performance of STRIP-ViTA over: i) CIFAR10 and GTSRB datasets using 2D CNNs for vision tasks; ii) IMDB and consumer complaint datasets using both LSTM and 1D CNNs for text tasks; and iii) speech command dataset using both 1D CNNs and 2D CNNs for audio tasks. Experimental results based on 28 tested Trojaned models (including publicly Trojaned mode) corroborate that STRIP-ViTA performs well across all nine architectures and five datasets. Overall, STRIP-ViTA can effectively detect Trojaned inputs with small false acceptance rate (FAR) with an acceptable preset false rejection rate (FRR). Moreover, we have evaluated STRIP-ViTA against a number of advanced backdoor attacks and compare its effectiveness with other recent published state-of-the-arts.
University of Michigan1, Academia Sinica2, University of Arizona3, University of British Columbia4, University of California, Santa Barbara5, Harvard University6, University of Canterbury7, Queen's University Belfast8, University of Regina9, Macau University of Science and Technology10, National Central University11, Kindai University12, National Research Council13, University of Victoria14, Centre national de la recherche scientifique15
TL;DR: In this paper, the intrinsic libration amplitude, eccentricity, and inclination distribution of the stable Trojans of the Kuiper belt was explored using the detections and survey efficiency of the Outer Solar System Origins Survey (OSSOSOS) and Pan-STARRS1.
22 May 2021
TL;DR: A practical approach recently developed using the characterization of Electro-Optical Frequency Mapping images of the chip to detect a hardware Trojan by identifying malicious state elements is described.
Abstract: The outsourcing of the design and manufacturing of Integrated Circuits (ICs) poses a severe threat to our critical infrastructures as an adversary can exploit them by bypassing the security features by activating a hardware Trojan. These malicious modifications in the design introduced at an untrusted fabrication site can virtually leak any secret information from a secure system to an adversary. This paper discusses all three different hardware Trojan models, such as combinational, sequential, and analog Trojans. We provide a survey of the recent advancements in Trojan detection techniques classified based on their applicability to different Trojans types. We describe a practical approach recently developed using the characterization of Electro-Optical Frequency Mapping (EOFM) images of the chip to detect a hardware Trojan by identifying malicious state elements. This survey also presents open problems with Trojan detection and suggests future research directions in hardware Trojan detection.
TL;DR: An integrated hardware Trojan detection and localization methodology is presented by employing the proposed SAT-based test pattern generation scheme and the MUX-based debugging technique and the experimental results show that the methodology can effectively detect timing anomalies in the path-delays caused by hardware Trojans.
Abstract: With the rapid growth in IC outsourcing in the semiconductors industry, concerns have increased about the weakening ICs security against hardware Trojan attacks. In this brief, an integrated hardware Trojan detection and localization methodology is presented by employing the proposed SAT-based test pattern generation scheme and the MUX-based debugging technique. The experimental results show that our methodology can effectively detect timing anomalies in the path-delays caused by hardware Trojans with node coverage around 97% as well as localizing all Trojan’s gates with a localization resolution around 99.6%. Moreover, all timing error sites are successfully identified with zero False Negative and 0.56% False Positive rates.
TL;DR: In this paper, the authors focused mainly on the supply-side of this relationship, especially on the links between the Kremlin and specific parties, and surprisingly few studies focused on the relationship between the two sides.
Abstract: Scholarship analyzing Russia’s influence in Europe has focused primarily on the supply-side of this relationship, especially on the links between the Kremlin and specific parties. Surprisingly few ...
TL;DR: A nondestructive technique based on thermal maps and inception neural networks (INNs) and the corresponding Trojan detection accuracy can be achieved over 98.2% after training the INNs with 150 000 thermal maps.
Abstract: Hardware Trojan detection on modern integrated circuits (ICs) is a challenging task since the inspector may have no idea about the location and size of the embedded Trojan circuit. To achieve an accurate Trojan detection, instead of relying on hardware reverse engineering, a nondestructive technique based on thermal maps and inception neural networks (INNs) is proposed in this letter. The thermal maps generated by a Trojan-free (TF) IC chip and multiple emulated Trojan-infected (TI) IC chips are collected and optimized as the critical side-channel leakages at first. Then, INNs are utilized to analyze these optimized thermal maps to exactly extract the information of the embedded Trojans under the assistance of customized filters. As shown in the results, after training the INNs with 150 000 thermal maps, the corresponding Trojan detection accuracy can be achieved over 98.2%.
TL;DR: In this paper, the authors present a novel Trojan detection approach based on a technique known from integrated circuit (IC) failure analysis, capable of detecting virtually all classes of dormant Trojans.
Abstract: The threat of hardware Trojans (HTs) and their detection is a widely studied field. While the effort for inserting a Trojan into an application-specific integrated circuit (ASIC) can be considered relatively high, especially when trusting the chip manufacturer, programmable hardware is vulnerable to Trojan insertion even after the product has been shipped or during usage. At the same time, detecting dormant HTs with small or zero-overhead triggers and payloads on these platforms is still a challenging task, as the Trojan might not get activated during the chip verification using logical testing or physical measurements. In this work, we present a novel Trojan detection approach based on a technique known from integrated circuit (IC) failure analysis, capable of detecting virtually all classes of dormant Trojans. Using laser logic state imaging (LLSI), we show how supply voltage modulations can awaken inactive Trojans, making them detectable using laser voltage imaging techniques. Therefore, our technique does not require triggering the Trojan. To support our claims, we present two case studies on 28 SRAM- and flash-based field-programmable gate arrays (FPGAs). We demonstrate how to detect with high confidence small changes in sequential and combinatorial logic as well as in the routing configuration of FPGAs in a non-invasive manner. Finally, we discuss the practical applicability of our approach on dormant analog Trojans in ASICs.
TL;DR: In this paper, an adaptive approach that applies superposition to perform a fine-grained circuit analysis and expose any extant Trojan circuitry is proposed, all embedded within the design for test and test pattern cost paradigms of a common industrial circuit.
Abstract: As society becomes increasingly reliant on products and systems that make use of integrated circuits, the defense against potential hardware Trojan attacks by an untrusted foundry becomes an important part of any certification flow for critical components. The slew of recent proposals notwithstanding, a satisfactory solution is still wanting as the solutions offered heretofore either require impractical design/test pattern cost or deliver insufficient detection capabilities, primarily challenged by the noise induced by process variation. The methodology put forth by this proposal aims to remedy this, leveraging an adaptive approach that applies superposition to perform a fine-grained circuit analysis and expose any extant Trojan circuitry. Iterative test pattern modifications, circuit response analysis, and adaptive decision-making are deployed, all embedded within the design-for-test and test pattern cost paradigms of a common industrial circuit. We demonstrate the efficacy of this technique on standard Trust-Hub benchmark circuits with combinational Trojans inserted in sequential designs, showing significant improvement over prior techniques. We also explore the potential cost–benefit tradeoffs that exist within such a methodology, with the intent to provide an efficient solution for an array of potential product markets. This methodology provides a reliable and effective means for Trojan detection, addressing an important piece of the overall circuit certification puzzle.
28 Jun 2021
TL;DR: Wang et al. as discussed by the authors proposed 25 hardware-Trojan features based on the structure of trigger circuits for machine-learning-based hardware Trojan detection, and combined the proposed features into 11 existing hardware-trojan features.
Abstract: Recently, with the spread of Internet of Things (IoT) devices, embedded hardware devices have been used in a variety of everyday electrical items. Due to the increased demand for embedded hardware devices, some of the IC design and manufacturing steps have been outsourced to third-party vendors. Since malicious third-party vendors may insert malicious circuits, called hardware Trojans, into their products, developing an effective hardware Trojan detection method is strongly required. In this paper, we propose 25 hardware-Trojan features based on the structure of trigger circuits for machine-learning-based hardware Trojan detection. Combining the proposed features into 11 existing hardware-Trojan features, we totally utilize 36 hardware-Trojan features for classification. Then we classify the nets in an unknown netlist into a set of normal nets and Trojan nets based on the random-forest classifier. The experimental results demonstrate that the average true positive rate (TPR) becomes 63.6% and the average true negative rate (TNR) becomes 100.0%. They improve the average TPR by 14.7 points while keeping the average TNR compared to existing state-of-the-art methods. In particular, the proposed method successfully finds out Trojan nets in several benchmark circuits, which are not found by the existing method.
TL;DR: AVATAR as discussed by the authors is a learning-assisted Trojan testing flow to detect hardware Trojans placed into fabricated ICs at an untrusted foundry, without needing a Golden IC.
Abstract: This paper presents AVATAR, a learning-assisted Trojan testing flow to detect hardware Trojans placed into fabricated ICs at an untrusted foundry, without needing a Golden IC. AVATAR is a side-channel delay-based testing solution that is assisted by a learning model (process watchdog) for tracking the process drift and systematic process variation. AVATAR’s process watchdog model is trained using a limited number of test samples, collected at test time, to tightly correlate the Static Timing Analysis results (generated at design time) to the test results (generated from clock frequency sweeping test). The experimental results confirm that AVATAR detects over 98% of (small) Trojans inserted in the selected benchmarks. We have complemented our proposed solution with a diagnostic test that 1) further reduces the false-positive rate of AVATAR Trojan detection to zero or near zero, and 2) pinpoints the net-location of the Trojan Trigger or Payload.
DOI•
19 Nov 2021TL;DR: In this paper, the authors present a novel Trojan detection approach based on a technique known from integrated circuit (IC) failure analysis, capable of detecting virtually all classes of dormant Trojans.
Abstract: The threat of hardware Trojans (HTs) and their detection is a widely studied field. While the effort for inserting a Trojan into an application-specific integrated circuit (ASIC) can be considered relatively high, especially when trusting the chip manufacturer, programmable hardware is vulnerable to Trojan insertion even after the product has been shipped or during usage. At the same time, detecting dormant HTs with small or zero-overhead triggers and payloads on these platforms is still a challenging task, as the Trojan might not get activated during the chip verification using logical testing or physical measurements. In this work, we present a novel Trojan detection approach based on a technique known from integrated circuit (IC) failure analysis, capable of detecting virtually all classes of dormant Trojans. Using laser logic state imaging (LLSI), we show how supply voltage modulations can awaken inactive Trojans, making them detectable using laser voltage imaging techniques. Therefore, our technique does not require triggering the Trojan. To support our claims, we present two case studies on 28 nm SRAM- and flash-based field-programmable gate arrays (FPGAs). We demonstrate how to detect with high confidence small changes in sequential and combinatorial logic as well as in the routing configuration of FPGAs in a non-invasive manner. Finally, we discuss the practical applicability of our approach on dormant analog Trojans in ASICs.
01 May 2021
TL;DR: This paper presents a framework for designing and inserting an SCT based on an engineering change order (ECO) flow, which makes it the first to disclose how effortlessly a trojan can be inserted into an IC.
Abstract: Design companies often outsource their integrated circuit (IC) fabrication to third parties where ICs are susceptible to malicious acts such as the insertion of a side-channel hardware trojan horse (SCT). In this paper, we present a framework for designing and inserting an SCT based on an engineering change order (ECO) flow, which makes it the first to disclose how effortlessly a trojan can be inserted into an IC. The trojan is designed with the goal of leaking multiple bits per power signature reading. Our findings and results show that a rogue element within a foundry has, today, all means necessary for performing a foundry-side attack via ECO.
01 Feb 2021
TL;DR: A novel attack that leverages malicious routing of the inserted Trojan circuit to acquire a dormant state even in the generated and transmitted bitstream and can currently neither be prevented by conventional testing and verification methods nor by recent bitstream-level verification techniques.
Abstract: The battle of developing hardware Trojans and corresponding countermeasures has taken adversaries towards ingenious ways of compromising hardware designs by circumventing even advanced testing and verification methods. Besides conventional methods of inserting Trojans into a design by a malicious entity, the design flow for field-programmable gate arrays (FPGAs) can also be surreptitiously compromised to assist the attacker to perform a successful malfunctioning or information leakage attack. The advanced stealthy malicious look-up-table (LUT) attack activates a Trojan only when generating the FPGA bitstream and can thus not be detected by register transfer and gate level testing and verification. However, also this attack was recently revealed by a bitstream-level proof-carrying hardware (PCH) approach. In this paper, we present a novel attack that leverages malicious routing of the inserted Trojan circuit to acquire a dormant state even in the generated and transmitted bitstream. The Trojan's payload is connected to primary inputs/outputs of the FPGA via a programmable interconnect point (PIP). The Trojan is detached from inputs/outputs during place-and-route and re-connected only when the FPGA is being programmed, thus activating the Trojan circuit without any need for a trigger logic. Since the Trojan is injected in a post-synthesis step and remains unconnected in the bitstream, the presented attack can currently neither be prevented by conventional testing and verification methods nor by recent bitstream-level verification techniques.
TL;DR: Large delay-based analog Trojan circuits are presented, a new class of analog Trojans that can be interfaced with digital and analog macros to launch fabrication-time hardware attacks and implemented the thick-oxide gate leakage modeling to study the robustness of the proposed Trojan design.
Abstract: This article presents large delay-based analog Trojan circuits, a new class of analog Trojans that can be interfaced with digital and analog macros to launch fabrication-time hardware attacks. Two different circuit topologies of analog Trojan are presented, which can generate a delayed trigger output after two days and 60 ms, respectively, when implemented in 65-nm CMOS technology. The large delay is achieved using the transistor’s gate-oxide leakage current or a diode’s reverse saturation current in combination with the Miller capacitance-based circuits. The proposed analog Trojans can operate across multiple on-chip power domains and can be launched without any digital input signal, making their detection challenging. They show very limited variation in side-channel parameters, which makes them harder to detect through side-channel analysis. In addition, the proposed designs have a small area footprint of $55.5 ~\mu m^{2}$ and $28 ~\mu m^{2}$ , respectively, and can be easily concealed on-chip. We also demonstrate an attack launched using these Trojans to construct a “kill-switch” that disables the power management unit of an IC. Process and temperature variations were also investigated to assess their impact on the design. We implemented the thick-oxide gate leakage modeling to study the robustness of the proposed Trojan design. We also present the long-term potential threat of these Trojans where the output trigger signal is generated after an even larger delay.
22 Jan 2021
TL;DR: In this paper, the shape distribution of the L4 and L5 Lagrange points of the Jupiter Trojans is derived using sparse photometric data taken by the Asteroid Terrestrial-impact Last Alert System (ATLAS).
Abstract: Jupiter has nearly 8000~known co-orbital asteroids orbiting in the L4 and L5 Lagrange points called Jupiter Trojan asteroids. Aside from the greater number density of the L4 cloud the two clouds are in many ways considered to be identical. Using sparse photometric data taken by the Asteroid Terrestrial-impact Last Alert System (ATLAS) for 863 L4 Trojans and 380 L5 Trojans we derive the shape distribution for each of the clouds and find that, on average, the L4 asteroids are more elongated than the L5 asteroids. This shape difference is most likely due to the greater collision rate in the L4 cloud that results from its larger population. We additionally present the phase functions and $c-o$ colours of 266~objects.
01 Jan 2021
TL;DR: A hardware Trojan detection method that works at the gate-level using the netlist of the circuit under test using the unsupervised machine learning algorithm, K-Means classification is used for categorization.
Abstract: As the internationalization of Integrated Circuit (IC) production increased, the inclusion of deliberately stealthy modification called hardware Trojans has also escalated. A hardware Trojan detection method that works at the gate-level using the netlist of the circuit under test is presented in this paper. The unsupervised machine learning algorithm, K-Means classification is used for categorization. Every net of the circuit is analyzed to determine if the net is genuine or is Trojan infected by the extraction of seven relevant features from every net. The technique has been validated on ISCAS’85 benchmark circuits and parameters like true positive (TP), false negative (FN) and recall (TPR) have been illustrated.
TL;DR: Christou et al. as discussed by the authors investigated the mineralogical makeup of L5 Martian Trojan asteroids via reflectance spectroscopy, paying special attention to (101429) 1998 VF31, the only L5 Trojan that does not belong to the Eureka family.
01 Jan 2021
TL;DR: Deep Learning (DL) class of ML can choose the relevant features and learn and learn, which has been proposed in this paper and which is higher than previously discussed works.
Abstract: Due to the outsourcing of integrated circuit manufacturing to third party vendors. The chances of malicious hardware insertion also got increased. Untrusted foundries can always add Hardware Trojan circuits, which can alter the behavior or working of the integrated circuits. Since new hardware threats are emerging day by day, a generalized solution for threat detection should be defined. Machine learning based threat detection which is widely popular nowadays, it requires handcrafted features. On the contrary, the Deep Learning (DL) class of ML can choose the relevant features and learn, which has been proposed in this paper. Raw circuit features are extracted and fed to the DL model (Deep Stacked Auto Encoder), which could extract features that can aid in Trojan detection. 95% average TPR and 75% average TNR is obtained and which is higher than previously discussed works.