基於異常檢測及SCOAP特徵之半監督式硬體木馬線網分類

Abstract

近年來，硬體木馬的潛在威脅成為積體電路產業嚴重的安全議題。隨著半導 體設計和製造階段的外包及全球化，積體電路極為容易被惡意的第三方供應商植 入硬體木馬，並暴露在重大的安全風險中，因此開發有效的硬體木馬偵測技術變 得十分必要。在基於機器學習的硬體木馬偵測研究中顯示，可測試性分析是一項 能有效分類木馬線網的特徵。然而，現有的研究大多在訓練過程中使用監督式學 習的方法。監督式學習方法涉及耗時的訓練過程，須額外處理類別不平衡問題以 及倚靠大量有標籤的資料，使它們在真實世界的應用中面臨許多挑戰。除此之外， 我們發現沒有任何研究提出將異常檢測技術用於基於機器學習的邏輯閘層次硬體 木馬偵測。本論文提出了一種在邏輯閘層次使用異常檢測的半監督硬體木馬偵測 方法。我們透過考慮不同類型的 D 型正反器改良了現有的可測試性衡量 The Sandia Controllability/ Observability Analysis Program (SCOAP) 算法，並採用半監督 異常檢測技術來檢測硬體木馬線網，最後設計一項基於拓撲的位置分析演算法來 提高偵測性能。所提出的方法在所有 Trust-Hub 邏輯閘層次木馬基準電路中，達到 99.64%真陽性率、99.999%真陰性率以及 99.998%準確率。

Recently, hardware Trojan has become a severe security concern in the integrated circuit (IC) industry. Due to the outsourcing and globalization of semiconductor design and manufacturing phases, ICs are highly vulnerable to hardware Trojan insertion by malicious third-party vendors and are exposed to a significant security risk. Therefore, the development of effective hardware Trojan detection techniques is necessary. Testability measures have been proven to be efficient features for Trojan nets classification. However, most of the existing machine-learning-based techniques use supervised learning methods, which involve time-consuming training processes, need to cope with the class imbalance problem, and are not pragmatic when facing real-world situations. Furthermore, no works have explored the use of anomaly detection for machine-learning-based hardware Trojan detection tasks at the gate level. This thesis proposes a semi-supervised hardware Trojan detection method at the gate level using anomaly detection. We ameliorate the existing computation of the Sandia Controllability/Observability Analysis Program (SCOAP) values by considering all types of D flip-flops and adopt semi-supervised anomaly detection techniques to detect Trojan nets. Finally, a novel topology-based location analysis is utilized to improve the detection performance. Testing on all Trust-Hub gate-level Trojan benchmarks, the proposed method achieves an overall 99.64% true positive rate (TPR), 99.999% true negative rate (TNR), and 99.998% accuracy.