高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

基于路径特征和支持向量机算法的硬件木马检测技术

冯燕 陈岚

冯燕, 陈岚. 基于路径特征和支持向量机算法的硬件木马检测技术[J]. 电子与信息学报, 2023, 45(6): 1921-1932. doi: 10.11999/JEIT220500
引用本文: 冯燕, 陈岚. 基于路径特征和支持向量机算法的硬件木马检测技术[J]. 电子与信息学报, 2023, 45(6): 1921-1932. doi: 10.11999/JEIT220500
FENG Yan, CHEN Lan. Hardware Trojan Detection Based on Path Feature and Support Vector Machine[J]. Journal of Electronics & Information Technology, 2023, 45(6): 1921-1932. doi: 10.11999/JEIT220500
Citation: FENG Yan, CHEN Lan. Hardware Trojan Detection Based on Path Feature and Support Vector Machine[J]. Journal of Electronics & Information Technology, 2023, 45(6): 1921-1932. doi: 10.11999/JEIT220500

基于路径特征和支持向量机算法的硬件木马检测技术

doi: 10.11999/JEIT220500
详细信息
    作者简介:

    冯燕:女,正高级工程师,研究方向为集成电路硬件安全、IP/SoC设计等

    陈岚:女,研究员,研究方向为计算机系统架构与集成电路设计等

    通讯作者:

    陈岚 chenlan@ime.ac.cn

  • 中图分类号: TN406

Hardware Trojan Detection Based on Path Feature and Support Vector Machine

  • 摘要: 硬件木马攻击成为当前集成电路(IC)面临的严重威胁。针对硬件木马电路具有隐蔽、不易触发以及数据集不均衡等特点,该文提出对门级网表进行静态分析的硬件木马检测技术。基于电路可测性原理建立涵盖节点扇入数、逻辑门距离、路径数、节点扇出数的硬件木马路径特征,简化特征分析流程;基于提取的路径特征,使用支持向量机(SVM)算法区分电路中的木马节点和正常节点。提出训练集双重加权技术,解决数据集不均衡问题,提升分类器的性能。实验结果表明,分类器可以用于电路中的可疑节点检测,准确率(ACC)达到99.85%;训练集静态加权有效提升分类器性能,准确率(ACC)提升5.58%;与现有文献相比,以36%的特征量,真阳性率(TPR)降低1.07%,真阴性率(TNR)提升2.74%,准确率(ACC)提升2.92%。该文验证了路径特征和SVM算法在硬件木马检测中的有效性,明确了数据集均衡性与检测性能的关系。
  • 图  1  子电路区域和逻辑锥示意图

    图  2  硬件木马检测流程

    图  3  路径提取流程

    图  4  不同内核函数进行K-折交叉验证的结果

    图  5  静态加权情况下的K-折交叉验证结果

    图  6  不同(L,S)组合下的模型效果评估结果

    图  7  可疑节点分析

    表  1  木马特征

    序号特征描述
    1fan_in节点Y的扇入数目
    2max_disY的所有扇入中逻辑门距离的最大值
    3max_inL=max_dis的路径数目
    4max_1_inL=max_dis-1的路径数目
    5max_2_inL=max_dis-2的路径数目
    6max_3_inL=max_dis-3的路径数目
    7max_4_inL=max_dis-4的路径数目
    8fan_out节点Y的扇出数目
    下载: 导出CSV

    表  2  基准电路

    电路面积@ SMIC130nm(μm2)正常节点数(GN)木马节点数(GP)木马电路占比(%)
    本文文献[11]文献[19]本文文献[11]文献[19]
    RS232-T1000335265283229536133.09
    RS232-T1100346670284232136122.60
    RS232-T1200350073289229134143.51
    RS232-T130034476828723122992.07
    RS232-T1400351870273230145134.05
    RS232-T1500352369283229239144.19
    RS232-T1600354069292229229124.65
    S15850-T1002463267424292404127280.72
    S35932-T20084647214464055987412120.11
    S38417-T10073707176957985665112120.14
    S38417-T20072572176657985665415150.16
    S38584-T1007085116787343701711990.09
    S38584-T20073502171011.60
    总和10225297642834726333163
    下载: 导出CSV

    表  3  不同数据标签加权情况下的K-折交叉验证结果

    LGNGPTNR(%)TPR(%)Precision(%)F1-measure(%)平均值(%)
    051071699.3086.6739.4636.8765.58
    10510717699.1494.2279.7385.9389.76
    20510733699.1693.7787.8990.6792.87
    30510749699.1293.8391.1792.4094.13
    40510765699.1493.6993.3693.4894.92
    50510781699.1493.6894.6294.1295.39
    60510797699.1293.6795.3294.4895.65
    705107113699.1293.6795.9494.7795.88
    805107129699.0693.7596.2494.9796.01
    905107145699.1093.7896.7295.1996.20
    1005107161699.1293.7697.1095.3996.34
    下载: 导出CSV

    表  4  不同模块尺寸加权情况下的K-折交叉验证结果

    SGNGPGP/(GP+GN)(%)TNR(%)TPR(%)Precision(%)F1-measure(%)平均值(%)
    05107160.3199.3086.6739.4636.8765.58
    106920650.9399.7196.6777.5985.3289.82
    2089671281.4199.9493.1596.0294.1995.83
    30109312742.4599.9598.5397.7998.1098.59
    40130312842.1399.9699.4798.2698.8499.13
    50151213041.9799.5894.5886.1386.2791.64
    下载: 导出CSV

    表  5  (L,S)=(50,20)时的K-折交叉验证结果

    KGNGPTNTPFNFPTNR(%)TPR(%)Precision(%)F1-measure(%)
    187167987064633199.8995.1499.8597.44
    288066987764227399.6695.9699.5397.72
    3895655895616390100.0094.05100.0096.93
    4937612937585270100.0095.59100.0097.74
    5852697852657400100.0094.26100.0097.05
    6915634915606280100.0095.58100.0097.74
    7884666884638280100.0095.80100.0097.85
    8876674876647270100.0095.99100.0097.96
    9944605944579260100.0095.70100.0097.80
    1091363791260631199.8995.1399.8497.43
    平均值------99.9495.3299.9297.57
    下载: 导出CSV

    表  6  不同(L,S)组合下的K-折交叉验证结果

    序号LSGNGPGP/(GN+GP) (%)TNR(%)TPR(%)Precision(%)F1-measure(%)
    1005107160.3199.3086.6739.4636.87
    2500510781613.7899.140.16↓93.688.09↑94.62139.79↑94.12155.28↑
    302089671281.4199.940.64↑93.157.48↑96.02143.34↑94.19155.47↑
    450208967652842.1399.940.64↑95.329.98↑99.92153.22↑97.57164.63↑
    下载: 导出CSV

    表  7  (L,S)=(50,20)时的模型效果评估结果

    测试集GNGPTNTPFNFPTNR(%)TPR1(%)ACC(%)
    RS232-T100035135100100.00100.00100.00
    RS232-T110036036000100.00100.00100.00
    RS232-T120037137100100.00100.00100.00
    RS232-T130035135100100.00100.00100.00
    RS232-T140035135100100.00100.00100.00
    RS232-T150035135100100.00100.00100.00
    RS232-T160036136100100.00100.00100.00
    S15850-T100337133401399.11098.82
    S35932-T200107141071040100.00099.63
    S38417-T1008860886000100.00100.00100.00
    S38417-T2008833883300100.00100.00100.00
    S38584-T100839183801199.88099.76
    S38584-T200856085500199.88100.0099.88
    平均值99.9176.9299.85
    1:GP=0且TP=0时,TRP=100%;GP!=0但TP=0时,TRP=0%
    下载: 导出CSV

    表  8  不同(L,S)组合下的模型效果评估结果(%)

    测试集(L,S)=(0,0)(L,S)=(50,0)(L,S)=(0,20)(L,S)=(50,20)
    TNRACCTNRACCTNRACCTNRACC
    RS232-T1000100.00100.00100.00100.00100.00100.00100.00100.00
    RS232-T110088.8988.8980.5680.56100.00100.00100.00100.00
    RS232-T120089.1989.4781.0881.58100.00100.00100.00100.00
    RS232-T130088.5788.8985.7186.11100.00100.00100.00100.00
    RS232-T140088.5788.8982.8683.33100.00100.00100.00100.00
    RS232-T150088.5788.8988.5788.89100.00100.00100.00100.00
    RS232-T160088.8989.1986.1186.49100.00100.00100.00100.00
    s15850-T10096.4496.1597.0396.7599.1198.8299.1198.82
    s35932-T200100.0099.63100.0099.63100.0099.63100.0099.63
    s38417-T100100.00100.00100.00100.00100.00100.00100.00100.00
    s38417-T200100.00100.00100.00100.00100.00100.00100.00100.00
    s38584-T10099.7699.6499.7699.6499.8899.7699.8899.76
    s38584-T20099.7799.77100.00100.0099.8899.8899.8899.88
    平均值94.5194.5792.4492.5499.9199.8599.9199.85
    提升百分比2.19↓2.15↓5.71↑5.58↑5.71↑5.58↑
    下载: 导出CSV

    表  9  与现有文献检测结果对比

    文献样本数
    (GN+GP)
    学习
    算法
    训练
    时间
    TPR
    (%)
    TNR
    (%)
    ACC
    (%)
    [11]30097RF68.3299.7199.10
    [19]28510SVM77.7597.2597.02
    [22]118334559DL72 min79.2999.9799.91
    本文10225SVM5.5 s76.9299.9199.85
    1:LEDA library-based Trust-HUB Benchmarks, 40个组合型木马在搜索深度=4、过采样、LSTM, 5 epochs条件下的检测结果。
    下载: 导出CSV
  • [1] JAIN A, ZHOU Ziqi, and GUIN U. Survey of recent developments for hardware Trojan detection[C]. 2021 IEEE International Symposium on Circuits and Systems (ISCAS), Daegu, Korea, 2021.
    [2] BHUNIA S, HSIAO M S, BANGA M, et al. Hardware Trojan attacks: Threat analysis and countermeasures[J]. Proceedings of the IEEE, 2014, 102(8): 1229–1247. doi: 10.1109/JPROC.2014.2334493
    [3] YANG Yipei, YE Jing, CAO Yuan, et al. Survey: Hardware Trojan detection for netlist[C]. 2020 IEEE 29th Asian Test Symposium (ATS), Penang, Malaysia, 2020: 1–6.
    [4] AGRAWAL D, BAKTIR S, KARAKOYUNLU D, et al. Trojan detection using IC fingerprinting[C]. 2007 IEEE Symposium on Security and Privacy (SP), Berkeley, USA, 2007: 296–310.
    [5] JIN Yier and MAKRIS Y. Hardware Trojan detection using path delay fingerprint[C]. 2008 IEEE International Workshop on Hardware-Oriented Security and Trust, Anaheim, USA, 2008.
    [6] HUANG Zhao, WANG Quan, CHEN Yin, et al. A survey on machine learning against hardware Trojan attacks: Recent advances and challenges[J]. IEEE Access, 2020, 8: 10796–10826. doi: 10.1109/ACCESS.2020.2965016
    [7] SHARMA R and RANJAN P. A review: Machine learning based hardware Trojan detection[C]. 2021 10th International Conference on Internet of Everything, Microwave Engineering, Communication and Networks (IEMECON), Jaipur, India, 2021.
    [8] KUNDU S, MENG Xingyu, and BASU K. Application of machine learning in hardware Trojan detection[C]. 2021 22nd International Symposium on Quality Electronic Design(ISQED), Santa Clara, USA, 2021: 414–419.
    [9] HASEGAWA K, OYA M, YANAGISAWA M, et al. Hardware Trojans classification for gate-level netlists based on machine learning[C]. 2016 IEEE 22nd International Symposium on On-Line Testing and Robust System Design (IOLTS), Sant Feliu de Guixols, Spain, 2016: 203–206.
    [10] HASEGAWA K, YANAGISAWA M, and TOGAWA N. A hardware-Trojan classification method using machine learning at gate-level netlists based on Trojan features[J]. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2017, E100.A(7): 1427–1438. doi: 10.1587/transfun.E100.A.1427
    [11] HASEGAWA K, YANAGISAWA M, and TOGAWA N. Trojan-feature extraction at gate-level netlists and its application to hardware-Trojan detection using random forest classifier[C]. 2017 IEEE International Symposium on Circuits and Systems (ISCAS), Baltimore, USA, 2017: 1–4.
    [12] HASEGAWA K, YANAGISAWA M, and TOGAWA N. Hardware Trojans classification for gate-level netlists using multi-layer neural networks[C]. 2017 IEEE 23rd International Symposium on On-Line Testing and Robust System Design (IOLTS), Thessaloniki, Greece, 2017: 227–232.
    [13] HASEGAWA K, YANAGISAWA M, and TOGAWA N. A hardware-Trojan classification method utilizing boundary net structures[C]. 2018 IEEE International Conference on Consumer Electronics, Las Vegas, USA, 2018: 1–4.
    [14] SALMANI H. Cotd: Reference-free hardware Trojan detection and recovery based on controllability and observability in gate-level netlist[J]. IEEE Transactions on Information Forensics and Security, 2017, 12(2): 338–350. doi: 10.1109/TIFS.2016.2613842
    [15] GOLDSTEIN L H and THIGPEN E L. SCOAP: Sandia controllability/observability analysis program[C]. 17th Design Automation Conference, Minneapolis, USA, 1980: 190–196.
    [16] XIE Xin, SUN Yangyang, CHEN Hongda, et al. Hardware Trojans classification based on controllability and observability in gate-level netlist[J]. IEICE Electronics Express, 2017, 14(18): 20170682. doi: 10.1587/elex.14.20170682
    [17] PRIYADHARSHINI M and SARAVANAN P. An efficient hardware Trojan detection approach adopting testability based features[C]. 2020 IEEE International Test Conference India, Bangalore, India, 2020.
    [18] LIU Qiang, ZHAO Pengyong, and CHEN Fuqiang. A hardware Trojan detection method based on structural features of Trojan and host circuits[J]. IEEE Access, 2019, 7: 44632–44644. doi: 10.1109/access.2019.2908088
    [19] 严迎建, 赵聪慧, 刘燕江. 基于多维结构特征的硬件木马检测技术[J]. 电子与信息学报, 2021, 43(8): 2128–2139. doi: 10.11999/JEIT210003

    YAN Yingjian, ZHAO Conghui, and LIU Yanjiang. Hardware Trojan detection based on multiple structural features[J]. Journal of Electronics &Information Technology, 2021, 43(8): 2128–2139. doi: 10.11999/JEIT210003
    [20] PARKER K P and MCCLUSKEY E J. Probabilistic treatment of general combinational networks[J]. IEEE Transactions on Computers, 1975, C-24(6): 668–670. doi: 10.1109/T-C.1975.224279
    [21] Trust-Hub. Trust-Hub benchmarks[EB/OL]. https://www.trust-hub.org/, 2018.
    [22] YU Shichao, GU Chongyan, LIU Weiqiang, et al. Deep Learning-based hardware Trojan detection with block-based Netlist information extraction[J]. IEEE Transactions on Emerging Topics in Computing, 2022, 10(4): 1837–1853. doi: 10.1109/TETC.2021.3116484
  • 加载中
图(7) / 表(9)
计量
  • 文章访问数:  672
  • HTML全文浏览量:  240
  • PDF下载量:  163
  • 被引次数: 0
出版历程
  • 收稿日期:  2022-04-22
  • 修回日期:  2022-09-22
  • 网络出版日期:  2022-09-29
  • 刊出日期:  2023-06-10

目录

    /

    返回文章
    返回