Trojan

About: Trojan is a research topic. Over the lifetime, 2028 publications have been published within this topic receiving 33209 citations.

Ensemble-Learning-Based Hardware Trojans Detection Method by Detecting the Trigger Nets

Abstract: With the globalization of integrated circuit (IC) design and manufacturing, malicious third-party vendors can easily insert hardware Trojans into their intellect property (IP) cores during IC design phase, threatening the security of IC systems. It is strongly required to develop hardware-Trojan detection methods especially for the IC design phase. As the particularity of Trigger nets in Trojan circuits, in this paper, we propose an ensemble-learning-based hardware-Trojan detection method by detecting the Trigger nets at the gate level. We extract the Trigger-net features for each net from known netlists and use the ensemble learning method to train two detection models according to the Trojan types. The detection models are used to identify suspicious Trigger nets in an unknown detected netlist and give results of suspiciousness values for each detected net. By flagging the top n% suspicious nets of each detection model as the suspicious Trigger nets based on the suspiciousness values, the proposed method can achieve, on average, 88% true positive rate, 90% true negative rate, and 90% Accuracy.

A hardware-Trojan classification method utilizing boundary net structures

Abstract: Recently, cybersecurity has become a serious concern for us. For example, the threats of hardware Trojans (malfunctions inserted into hardware devices) have appeared. Since hardware vendors often outsource parts of their hardware products to third-party vendors, the risk of hardware-Trojan insertion has been increased. Especially in the hardware design step, malicious vendors have a chance to insert hardware Trojans easily. In this paper, we propose a hardware-Trojan classification method utilizing boundary net structures. To begin with, we use a machine-learning-based hardware-Trojan detection method and classify the nets in a given netlist into a set of normal nets and that of Trojan nets. Based on the classification, we investigate the nets around the boundary between normal nets and Trojan nets and extract the features of the nets identified to be normal nets or Trojan nets mistakenly. Finally, using the classification results of machine-learning-based hardware-Trojan detection and the extracted features of the boundary nets, we classify the nets in a given netlist into a set of normal nets and that of Trojan nets again. The experimental results demonstrate that our method outperforms an existing machine-learning-based hardware-Trojan detection method in terms of true positive rate.

Method and device for detecting web Trojan

Abstract: The invention discloses a method and a device for detecting web Trojan. The technical proposal comprises the steps of obtaining html webpage script information from a webpage; executing the html webpage script information and recording behavior characteristics generated in the process of execution; matching the behavior characteristics with stored bug feature codes, and when matching is successful, determining the webpage content contains the web Trojan. The device comprises: a script information acquisition module, a behavior characteristic extraction module and a web Trojan characteristic matching module. The technical proposal can be adopted to comparatively comprehensively detect the web Trojan and overcome the problem of detection limitation caused by relying on the third party software in the prior art.

A Hardware Trojan Detection Method Based on Structural Features of Trojan and Host Circuits

Abstract: Modern IC designs often involve outsourced IP cores. It is convinced that there are opportunities in which the IP cores contain malicious logic, namely hardware Trojan (HT), which raises serious concerns about the trustworthiness of ICs used in mission-critical applications. This paper proposes an HT detection method by analyzing the combined structural features of HTs and host circuits. The structural features of combinational and sequential logic HTs are extracted and form an HT feature database. An efficient quantization approach on feature matching is proposed to search the features from circuit designs. The experiments conducted on TrustHub benchmarks show that the proposed method can successfully detect all stealth Trojans with runtime within 72 s on a platform with an AMD 2.00-GHz CPU with 4-GB RAM and a low false positive rate compared with the existing methods.