SALTY: Explainable Artificial Intelligence Guided Structural Analysis for Hardware Trojan Detection

• URL: http://arxiv.org/abs/2502.14116v1
• Date: Wed, 19 Feb 2025 21:40:00 GMT
• Title: SALTY: Explainable Artificial Intelligence Guided Structural Analysis for Hardware Trojan Detection
• Authors: Tanzim Mahfuz, Pravin Gaikwad, Tasneem Suha, Swarup Bhunia, Prabuddha Chakraborty,
• Abstract summary: Hardware Trojans are malicious modifications in digital designs that can be inserted by untrusted supply chain entities. Our framework (SALTY) mitigates concerns through the use of a novel Graph Neural Network architecture.
• Score: 5.170634751744272
• License:
• Abstract: Hardware Trojans are malicious modifications in digital designs that can be inserted by untrusted supply chain entities. Hardware Trojans can give rise to diverse attack vectors such as information leakage (e.g. MOLES Trojan) and denial-of-service (rarely triggered bit flip). Such an attack in critical systems (e.g. healthcare and aviation) can endanger human lives and lead to catastrophic financial loss. Several techniques have been developed to detect such malicious modifications in digital designs, particularly for designs sourced from third-party intellectual property (IP) vendors. However, most techniques have scalability concerns (due to unsound assumptions during evaluation) and lead to large number of false positive detections (false alerts). Our framework (SALTY) mitigates these concerns through the use of a novel Graph Neural Network architecture (using Jumping-Knowledge mechanism) for generating initial predictions and an Explainable Artificial Intelligence (XAI) approach for fine tuning the outcomes (post-processing). Experiments show 98% True Positive Rate (TPR) and True Negative Rate (TNR), significantly outperforming state-of-the-art techniques across a large set of standard benchmarks.

Related papers

• An AI-Enabled Side Channel Power Analysis Based Hardware Trojan Detection Method for Securing the Integrated Circuits in Cyber-Physical Systems [7.333490062088133]
  One of the stealthiest threats is the insertion of a hardware trojan into an IC. Trojans can severely compromise system safety and security. This paper presents a non-invasive method for hardware trojan detection based on side-channel power analysis.
  arXiv  Detail & Related papers  (2024-11-19T18:39:20Z)
• Propelling Innovation to Defeat Data-Leakage Hardware Trojans: From Theory to Practice [0.0]
  Many companies have gone fabless and rely on external fabrication facilities to produce chips due to increasing cost of semiconductor manufacturing. Some may inject hardware Trojans and jeopardize the security of the system. One common objective of hardware Trojans is to establish a side channel for data leakage.
  arXiv  Detail & Related papers  (2024-09-30T16:51:30Z)
• Uncertainty-Aware Hardware Trojan Detection Using Multimodal Deep Learning [3.118371710802894]
  The risk of hardware Trojans being inserted at various stages of chip production has increased in a zero-trust fabless era. We propose a multimodal deep learning approach to detect hardware Trojans and evaluate the results from both early fusion and late fusion strategies.
  arXiv  Detail & Related papers  (2024-01-15T05:45:51Z)
• Risk-Aware and Explainable Framework for Ensuring Guaranteed Coverage in Evolving Hardware Trojan Detection [2.6396287656676733]
  In high-risk and sensitive domain, we cannot accept even a small misclassification. In this paper, we generate evolving hardware Trojans using our proposed novel conformalized generative adversarial networks. The proposed approach has been validated on both synthetic and real chip-level benchmarks.
  arXiv  Detail & Related papers  (2023-10-14T03:30:21Z)
• Hardly Perceptible Trojan Attack against Neural Networks with Bit Flips [51.17948837118876]
  We present hardly perceptible Trojan attack (HPT) HPT crafts hardly perceptible Trojan images by utilizing the additive noise and per pixel flow field. To achieve superior attack performance, we propose to jointly optimize bit flips, additive noise, and flow field.
  arXiv  Detail & Related papers  (2022-07-27T09:56:17Z)
• Topological Detection of Trojaned Neural Networks [10.559903139528252]
  Trojan attacks occur when attackers stealthily manipulate the model's behavior. We find subtle structural deviation characterizing Trojaned models. We devise a strategy for robust detection of Trojaned models.
  arXiv  Detail & Related papers  (2021-06-11T15:48:16Z)
• Practical Detection of Trojan Neural Networks: Data-Limited and Data-Free Cases [87.69818690239627]
  We study the problem of the Trojan network (TrojanNet) detection in the data-scarce regime. We propose a data-limited TrojanNet detector (TND), when only a few data samples are available for TrojanNet detection. In addition, we propose a data-free TND, which can detect a TrojanNet without accessing any data samples.
  arXiv  Detail & Related papers  (2020-07-31T02:00:38Z)
• Cassandra: Detecting Trojaned Networks from Adversarial Perturbations [92.43879594465422]
  In many cases, pre-trained models are sourced from vendors who may have disrupted the training pipeline to insert Trojan behaviors into the models. We propose a method to verify if a pre-trained model is Trojaned or benign. Our method captures fingerprints of neural networks in the form of adversarial perturbations learned from the network gradients.
  arXiv  Detail & Related papers  (2020-07-28T19:00:40Z)
• Odyssey: Creation, Analysis and Detection of Trojan Models [91.13959405645959]
  Trojan attacks interfere with the training pipeline by inserting triggers into some of the training samples and trains the model to act maliciously only for samples that contain the trigger. Existing Trojan detectors make strong assumptions about the types of triggers and attacks. We propose a detector that is based on the analysis of the intrinsic properties; that are affected due to the Trojaning process.
  arXiv  Detail & Related papers  (2020-07-16T06:55:00Z)
• Graph Backdoor [53.70971502299977]
  We present GTA, the first backdoor attack on graph neural networks (GNNs) GTA departs in significant ways: it defines triggers as specific subgraphs, including both topological structures and descriptive features. It can be instantiated for both transductive (e.g., node classification) and inductive (e.g., graph classification) tasks.
  arXiv  Detail & Related papers  (2020-06-21T19:45:30Z)
• Scalable Backdoor Detection in Neural Networks [61.39635364047679]
  Deep learning models are vulnerable to Trojan attacks, where an attacker can install a backdoor during training time to make the resultant model misidentify samples contaminated with a small trigger patch. We propose a novel trigger reverse-engineering based approach whose computational complexity does not scale with the number of labels, and is based on a measure that is both interpretable and universal across different network and patch types. In experiments, we observe that our method achieves a perfect score in separating Trojaned models from pure models, which is an improvement over the current state-of-the art method.
  arXiv  Detail & Related papers  (2020-06-10T04:12:53Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.