Trojan

About: Trojan is a research topic. Over the lifetime, 2028 publications have been published within this topic receiving 33209 citations.

Hardware Trojan horse detection using gate-level characterization

Abstract: Hardware Trojan horses (HTHs) are the malicious altering of hardware specification or implementation in such a way that its functionality is altered under a set of conditions defined by the attacker. There are numerous HTHs sources including untrusted foundries, synthesis tools and libraries, testing and verification tools, and configuration scripts. HTH attacks can greatly comprise security and privacy of hardware users either directly or through interaction with pertinent systems and application software or with data. However, while there has been a huge research and development effort for detecting software Trojan horses, surprisingly, HTHs are rarely addressed. HTH detection is a particularly difficult task in modern and pending deep submicron technologies due to intrinsic manufacturing variability. Our goal is to provide an impetus for HTH research by creating a generic and easily applicable set of techniques and tools for HTH detection. We start by introducing a technique for recovery of characteristics of gates in terms of leakage current, switching power, and delay, which utilizes linear programming to solve a system of equations created using non-destructive measurements of power or delays. This technique is combined with constraint manipulation techniques to detect embedded HTHs. The effectiveness of the approach is demonstrated on a number of standard benchmarks.

A Novel Technique for Improving Hardware Trojan Detection and Reducing Trojan Activation Time

Abstract: Fabless semiconductor industry and government agencies have raised serious concerns about tampering with inserting hardware Trojans in an integrated circuit supply chain in recent years. Most of the recently proposed Trojan detection methods are based on Trojan activation to observe either a faulty output or measurable abnormality on side-channel signals. Time to activate a hardware Trojan circuit is a major concern from the authentication standpoint. This paper analyzes time to generate a transition in functional Trojans. Transition is modeled by geometric distribution and the number of clock cycles required to generate a transition is estimated. Furthermore, a dummy scan flip-flop insertion procedure is proposed aiming at decreasing transition generation time. The procedure increases transition probabilities of nets beyond a specific threshold. The relation between circuit topology, authentication time, and the threshold is carefully studied. The simulation results on s38417 benchmark circuit demonstrate that, with a negligible area overhead, our proposed method can significantly increase Trojan activity and reduce Trojan activation time.

A region based approach for the identification of hardware Trojans

Abstract: Outsourcing of SoC fabrication units has created the potential threat of design tampering using hardware Trojans. Methods based on side-channel analysis exist to differentiate such maligned ICs from the genuine ones but process variation in the foundries limit the effectiveness of such approaches. In this work, we propose a circuit partition based approach to detect and locate the embedded Trojan. Results show that our approach is effective in separating out candidate Trojans in the circuit. In addition, we provide a power profile based method for refining the candidate regions that may contain a Trojan. In many cases, such an isolation method leads to noticeable manifestation of the anomalous behavior of the circuit due to the presence of the Trojan thereby enhancing chances of their detection.

DeepInspect: A Black-box Trojan Detection and Mitigation Framework for Deep Neural Networks

Abstract: Deep Neural Networks (DNNs) are vulnerable to Neural Trojan (NT) attacks where the adversary injects malicious behaviors during DNN training. This type of ‘backdoor’ attack is activated when the input is stamped with the trigger pattern specified by the attacker, resulting in an incorrect prediction of the model. Due to the wide application of DNNs in various critical fields, it is indispensable to inspect whether the pre-trained DNN has been trojaned before employing a model. Our goal in this paper is to address the security concern on unknown DNN to NT attacks and ensure safe model deployment. We propose DeepInspect, the first black-box Trojan detection solution with minimal prior knowledge of the model. DeepInspect learns the probability distribution of potential triggers from the queried model using a conditional generative model, thus retrieves the footprint of backdoor insertion. In addition to NT detection, we show that DeepInspect’s trigger generator enables effective Trojan mitigation by model patching. We corroborate the effectiveness, efficiency, and scalability of DeepInspect against the state-of-the-art NT attacks across various benchmarks. Extensive experiments show that DeepInspect offers superior detection performance and lower runtime overhead than the prior work.

Neural Trojans

Abstract: While neural networks demonstrate stronger capabilities in pattern recognition nowadays, they are also becoming larger and deeper. As a result, the effort needed to train a network also increases dramatically. In many cases, it is more practical to use a neural network intellectual property (IP) that an IP vendor has already trained. As we do not know about the training process, there can be security threats in the neural IP: the IP vendor (attacker) may embed hidden malicious functionality, i.e neural Trojans, into the neural IP. We show that this is an effective attack and provide three mitigation techniques: input anomaly detection, re-training, and input preprocessing. All the techniques are proven effective. The input anomaly detection approach is able to detect 99.8% of Trojan triggers although with 12.2% false positive. The re-training approach is able to prevent 94.1% of Trojan triggers from triggering the Trojan although it requires that the neural IP be reconfigurable. In the input preprocessing approach, 90.2% of Trojan triggers are rendered ineffective and no assumption about the neural IP is needed.