Trojan Scanner: Detecting Hardware Trojans with Rapid SEM Imaging Combined with Image Processing and Machine Learning

2018 ◽  
Author(s):  
Nidish Vashistha ◽  
Hangwei Lu ◽  
Qihang Shi ◽  
M Tanjidur Rahman ◽  
Haoting Shen ◽  
...  
Keyword(s):  
Machine Learning ◽  
Integrated Circuits ◽  
Reverse Engineering ◽  
Physical Structure ◽  
Supervised Machine Learning ◽  
Hardware Trojan ◽  
Hardware Trojans ◽  
Sem Images ◽  
Sem Image ◽  
Machine Learning Model

Abstract Hardware Trojans are malicious changes to the design of integrated circuits (ICs) at different stages of the design and fabrication processes. Different approaches have been developed to detect Trojans namely non-destructive (electrical tests like run-time monitoring, functional and structural tests) and destructive (full chip reverse engineering). However, these methods cannot detect all types of Trojans and they suffer from a number of disadvantages such as slow speed of detection and lack of confidence in detecting all types of Trojans. Majority of hardware Trojans implemented in an IC will leave a footprint at the doping (active) layer. In this paper, we introduce a new version of our previously developed “Trojan Scanner” [1] framework for the untrusted foundry threat model, where a trusted GDSII layout (golden layout) is available. Advanced computer vision algorithms in combination with the supervised machine-learning model are used to classify different features of the golden layout and SEM images from an IC under authentication, as a unique descriptor for each type of gates. These descriptors are compared with each other to detect any subtle changes on the active region, which can raise the flag for the existence of a potential hardware Trojan. The descriptors can differentiate variation due to fabrication process, defects, and common SEM image distortions to rule out the possibility of false detection. Our results demonstrate that Trojan Scanner is more reliable than electrical testing and faster than full chip reverse engineering. Trojan Scanner does not rely on the functionality of the circuit rather focuses on the real physical structure to detect malicious changes inserted by the untrusted foundry.

Assessment of urban flood susceptibility using semi-supervised machine learning model

2019 ◽  
Vol 659 ◽  
pp. 940-949 ◽  
Author(s):  
Gang Zhao ◽  
Bo Pang ◽  
Zongxue Xu ◽  
Dingzhi Peng ◽  
Liyang Xu
Keyword(s):  
Machine Learning ◽  
Learning Model ◽  
Supervised Machine Learning ◽  
Urban Flood ◽  
Flood Susceptibility ◽  
Machine Learning Model

Proof of Reverse Engineering Barrier: SEM Image Analysis on Covert Gates

2021 ◽  
Author(s):  
Tasnuva Farheen ◽  
Ulbert Botero ◽  
Nitin Varshney ◽  
Damon L. Woodard ◽  
Mark Tehranipoor ◽  
...  
Keyword(s):  
Machine Learning ◽  
Reverse Engineering ◽  
Contact Structures ◽  
Imaging Analysis ◽  
Sem Image ◽  
Device Structures ◽  
Microscope Imaging ◽  
Sem Imaging ◽  
The Difference ◽  
Voltage Contrast

Abstract IC camouflaging has been proposed as a promising countermeasure against malicious reverse engineering. Camouflaged gates contain multiple functional device structures, but appear as one single layout under microscope imaging, thereby hiding the real circuit functionality from adversaries. The recent covert gate camouflaging design comes with a significantly reduced overhead cost, allowing numerous camouflaged gates in circuits and thus being resilient against various invasive and semi-invasive attacks. Dummy inputs are used in the design, but SEM imaging analysis was only performed on simplified dummy contact structures in prior work. Whether the e-beam during SEM imaging will charge differently on different contacts and further reveal the different structures or not requires extended research. In this study, we fabricated real and dummy contacts in various structures and performed a systematic SEM imaging analysis to investigate the possible charging and the consequent passive voltage contrast on contacts. In addition, machine-learning based pattern recognition was also employed to examine the possibility of differentiating real and dummy contacts. Based on our experimental results, we found that the difference between real and dummy contacts is insignificant in SEM imaging, which effectively prevents adversarial SEM-based reverse engineering. Index Terms—Reverse Engineering, IC Camouflaging, Scanning Electron Microscopy, Machine Learning, Countermeasure.

LASRE: A Novel Approach to Large area Accelerated Segmentation for Reverse Engineering on SEM images

2020 ◽  
Author(s):  
Ronald Wilson ◽  
Domenic Forte ◽  
Navid Asadizanjani ◽  
Damon L. Woodard
Keyword(s):  
Integrated Circuits ◽  
Reverse Engineering ◽  
Imaging Modality ◽  
Primary Source ◽  
Time Frame ◽  
Large Area ◽  
Sem Images ◽  
Model Free ◽  
Novel Approach ◽  
Daunting Task

Abstract In the hardware assurance community, Reverse Engineering (RE) is considered a key tool and asset in ensuring the security and reliability of Integrated Circuits (IC). However, with the introduction of advanced node technologies, the application of RE to ICs is turning into a daunting task. This is amplified by the challenges introduced by the imaging modalities such as the Scanning Electron Microscope (SEM) used in acquiring images of ICs. One such challenge is the lack of understanding of the influence of noise in the imaging modality along with its detrimental effect on the quality of images and the overall time frame required for imaging the IC. In this paper, we characterize some aspects of the noise in the image along with its primary source. Furthermore, we use this understanding to propose a novel texture-based segmentation algorithm for SEM images called LASRE. The proposed approach is unsupervised, model-free, robust to the presence of noise and can be applied to all layers of the IC with consistent results. Finally, the results from a comparison study is reported, and the issues associated with the approach are discussed in detail. The approach consistently achieved over 86% accuracy in segmenting various layers in the IC.

scholarly journals Active Learning Approaches for Labeling Text: Review and Assessment of the Performance of Active Learning Approaches

2020 ◽  
Vol 28 (4) ◽  
pp. 532-551
Author(s):  
Blake Miller ◽  
Fridolin Linder ◽  
Walter R. Mebane
Keyword(s):  
Machine Learning ◽  
Active Learning ◽  
Random Sampling ◽  
Supervised Machine Learning ◽  
Learning Approaches ◽  
Simulation Studies ◽  
Text Data ◽  
Passive Learning ◽  
Machine Learning Model ◽  
The Cost

Supervised machine learning methods are increasingly employed in political science. Such models require costly manual labeling of documents. In this paper, we introduce active learning, a framework in which data to be labeled by human coders are not chosen at random but rather targeted in such a way that the required amount of data to train a machine learning model can be minimized. We study the benefits of active learning using text data examples. We perform simulation studies that illustrate conditions where active learning can reduce the cost of labeling text data. We perform these simulations on three corpora that vary in size, document length, and domain. We find that in cases where the document class of interest is not balanced, researchers can label a fraction of the documents one would need using random sampling (or “passive” learning) to achieve equally performing classifiers. We further investigate how varying levels of intercoder reliability affect the active learning procedures and find that even with low reliability, active learning performs more efficiently than does random sampling.

scholarly journals Think Smart, Play Dumb: Analyzing Deception in Hardware Trojan Detection Using Game Theory

2020 ◽  
Author(s):  
Tapadhir Das
Keyword(s):  
Integrated Circuits ◽  
Repeated Game ◽  
Third Party ◽  
Hardware Trojan ◽  
Hardware Trojans ◽  
Learning Stage ◽  
Hardware Trojan Detection ◽  
Trojan Detection ◽  
Utility Gain ◽  
Game Theoretic

In recent years, integrated circuits (ICs) have become<br>significant for various industries and their security has<br>been given greater priority, specifically in the supply chain.<br>Budgetary constraints have compelled IC designers to offshore manufacturing to third-party companies. When the designer gets the manufactured ICs back, it is imperative to test for potential threats like hardware trojans (HT). In this paper, a novel multilevel game-theoretic framework is introduced to analyze the interactions between a malicious IC manufacturer and the tester. In particular, the game is formulated as a non-cooperative, zerosum, repeated game using prospect theory (PT) that captures different players’ rationalities under uncertainty. The repeated game is separated into a learning stage, in which the defender<br><div>learns about the attacker’s tendencies, and an actual game stage, where this learning is used. Experiments show great incentive for the attacker to deceive the defender about their actual rationality by “playing dumb” in the learning stage (deception). This scenario is captured using hypergame theory to model the attacker’s view of the game. The optimal deception rationality of the attacker is analytically derived to maximize utility gain. For the defender, a first-step deception mitigation process is proposed to thwart the effects of deception. Simulation results show that the attacker can profit from the deception as it can successfully insert HTs in the manufactured ICs without being detected.</div><div><br></div><div>This paper has been accepted for publication in <b>IEEE Cyber Science Conference 2020</b><br></div>

scholarly journals Translationese and Post-editese: How comparable is comparable quality?

2018 ◽  
Vol 16 ◽  
Author(s):  
Joke Daems ◽  
Orphée De Clercq ◽  
Lieve Macken
Keyword(s):  
Machine Learning ◽  
Learning Model ◽  
Supervised Machine Learning ◽  
Original Text ◽  
High Quality ◽  
Machine Learning Model ◽  
Comparable Quality

Whereas post-edited texts have been shown to be either of comparable quality to human translations or better, one study shows that people still seem to prefer human-translated texts. The idea of texts being inherently different despite being of high quality is not new. Translated texts, for example, are also different from original texts, a phenomenon referred to as ‘Translationese’. Research into Translationese has shown that, whereas humans cannot distinguish between translated and original text, computers have been trained to detect Translationese successfully. It remains to be seen whether the same can be done for what we call Post-editese. We first establish whether humans are capable of distinguishing post-edited texts from human translations, and then establish whether it is possible to build a supervised machine-learning model that can distinguish between translated and post-edited text.

scholarly journals Predicting Sentiment Polarity of Microblogs using an LSTM – CNN Deep Learning Model

2019 ◽  
Vol 8 (6) ◽  
pp. 4368-4373
Keyword(s):  
Neural Network ◽  
Machine Learning ◽  
Prediction Accuracy ◽  
Short Term Memory ◽  
Learning Model ◽  
Supervised Machine Learning ◽  
Machine Learning Model ◽  
Proposed Model ◽  
Network Approaches

In this paper we propose a novel supervised machine learning model to predict the polarity of sentiments expressed in microblogs. The proposed model has a stacked neural network structure consisting of Long Short Term Memory (LSTM) and Convolutional Neural Network (CNN) layers. In order to capture the long-term dependencies of sentiments in the text ordering of a microblog, the proposed model employs an LSTM layer. The encodings produced by the LSTM layer are then fed to a CNN layer, which generates localized patterns of higher accuracy. These patterns are capable of capturing both local and global long-term dependences in the text of the microblogs. It was observed that the proposed model performs better and gives improved prediction accuracy when compared to semantic, machine learning and deep neural network approaches such as SVM, CNN, LSTM, CNN-LSTM, etc. This paper utilizes the benchmark Stanford Large Movie Review dataset to show the significance of the new approach. The prediction accuracy of the proposed approach is comparable to other state-of-art approaches.

scholarly journals DANA Universal Dataflow Analysis for Gate-Level Netlist Reverse Engineering

2020 ◽  
pp. 309-336
Author(s):  
Nils Albartus ◽  
Max Hoffmann ◽  
Sebastian Temme ◽  
Leonid Azriel ◽  
Christof Paar
Keyword(s):  
Integrated Circuits ◽  
Reverse Engineering ◽  
Dataflow Analysis ◽  
Hardware Trojans ◽  
On Chip ◽  
Perfect Recovery ◽  
High Level ◽  
And Control ◽  
Hardware Designs ◽  
Ip Theft

Reverse engineering of integrated circuits, i.e., understanding the internals of Integrated Circuits (ICs), is required for many benign and malicious applications. Examples of the former are detection of patent infringements, hardware Trojans or Intellectual Property (IP)-theft, as well as interface recovery and defect analysis, while malicious applications include IP-theft and finding insertion points for hardware Trojans. However, regardless of the application, the reverse engineer initially starts with a large unstructured netlist, forming an incomprehensible sea of gates.This work presents DANA, a generic, technology-agnostic, and fully automated dataflow analysis methodology for flattened gate-level netlists. By analyzing the flow of data between individual Flip Flops (FFs), DANA recovers high-level registers. The key idea behind DANA is to combine independent metrics based on structural and control information with a powerful automated architecture. Notably, DANA works without any thresholds, scenario-dependent parameters, or other “magic” values that the user must choose. We evaluate DANA on nine modern hardware designs, ranging from cryptographic co-processors, over CPUs, to the OpenTitan, a stateof- the-art System-on-Chip (SoC), which is maintained by the lowRISC initiative with supporting industry partners like Google and Western Digital. Our results demonstrate almost perfect recovery of registers for all case studies, regardless whether they were synthesized as FPGA or ASIC netlists. Furthermore, we explore two applications for dataflow analysis: we show that the raw output of DANA often already allows to identify crucial components and high-level architecture features and also demonstrate its applicability for detecting simple hardware Trojans.Hence, DANA can be applied universally as the first step when investigating unknown netlists and provides major guidance for human analysts by structuring and condensing the otherwise incomprehensible sea of gates. Our implementation of DANA and all synthesized netlists are available as open source on GitHub.

Sign in / Sign up

Export Citation Format

Share Document