欢迎访问中国科学院大学学报,今天是

中国科学院大学学报 ›› 2021, Vol. 38 ›› Issue (4): 494-502.DOI: 10.7523/j.issn.2095-6134.2021.04.008

• 电子科学 • 上一篇    下一篇

指令级功耗特征的硬件木马检测高效机器学习

李莹1, 陈岚1,2, 佟鑫1   

  1. 1. 中国科学院微电子研究所, 北京 1000;
    2. 三维及纳米集成电路设计自动化技术北京市重点实验室, 北京 100029
  • 收稿日期:2019-09-26 修回日期:2019-11-22 发布日期:2021-07-10
  • 通讯作者: 陈岚
  • 基金资助:
    Supported by Beijing Natural Science Foundation (4184106), National Internet of Things and Smart City Key Project Docking (Z181100003518002), Beijing Science and Technology Project (Z171100001117147)

Efficient machine learning methods for hardware Trojan detection using instruction-level power character

LI Ying1, CHEN Lan1,2, TONG Xin1   

  1. 1. Institute of Microelectronics, Chinese Academy of Sciences, Beijing 100029, China;
    2. Beijing Key Laboratory of Three-dimensional and Nanometer Integrated Circuit Design Automation Technology, Beijing 100029, China
  • Received:2019-09-26 Revised:2019-11-22 Published:2021-07-10
  • Supported by:
    Supported by Beijing Natural Science Foundation (4184106), National Internet of Things and Smart City Key Project Docking (Z181100003518002), Beijing Science and Technology Project (Z171100001117147)

摘要: 由于半导体产业的设计和外包代工制造全球化趋势,使得集成电路容易受到硬件木马造成的严峻威胁。基于电路退化模型等的隐秘硬件木马通常将恶意行为隐藏在正常的芯片行为中,从而难以被传统的测试和验证方法发现。建立一个高效的机器学习框架,利用指令级侧信道功耗特征对无木马和插入木马的芯片电路进行分类。算法模型采用不同的指令和木马构造提取的特征向量集。为评估检测方法性能,在Altera Stratix Ⅱ FPGA中实现基于MC8051微控制器的基准电路,并详细分析在有监督和无监督模式下的5种机器学习算法模型。测试结果表明,综合各种特征条件,有监督的朴素贝叶斯方法检测准确率最高,平均为95%,有监督的支持向量机方法运行时间最短,平均为0.04 s。另外验证了无监督的支持向量机可以作为一种没有黄金参考模型下的有价值方法,即使在恶劣训练条件下,其检测准确率也在17%~72%。

关键词: 硬件木马, 机器学习, 旁路功耗, 指令级, 检测

Abstract: Integrated circuits (IC) are vulnerable to hardware Trojans (HTs) due to the globalization of semiconductor design and outsourcing fabrication. Stealthy HTs which activate malicious aging operations are ususlly hide in normal behaviors.Therefore, it is a challenge to detect those HTs by general test and verification approaches. In this paper, we build an efficient machine learning (ML) framework to classify the genuine and Trojan-insert chips using instruction-level side-channel power characters. Different instructions and HTs are used as feature sets to construct the algorithm models. In order to evaluate the performance of the method, we implemented five HTs benchmarks of MC8051 micro-controller in Altera Stratix II FPGA, and presented analysis on five formulated ML models in both supervised and unsupervised modes. The test results showed that the detection accuracy of supervised Naïve Bayes is 95% in average, which is the highest among the ML models. The supervised SVM consumed the shortest running time, with an average of 0.04 s. We also verified that one-class SVM can be a valuable method without golden reference, which has accuracy in the range from 17% to 72% even in Harsh learning condition.

Key words: hardware Trojans, machine learning, side-channel power, instruction-level, detection

中图分类号: