基于多维特征的门级硬件木马检测技术

doi:10.3778/j.issn.1002-8331.2206-0101

摘要/Abstract

摘要： 硬件木马已成为集成电路的主要安全威胁之一，然而现有的安全性分析方法从单一角度描述硬件木马特征，硬件木马的覆盖率低，难以应用到实际的检测中。分析了硬件木马的重要属性和典型结构，提出了13维硬件木马特征向量，可以覆盖目前所有已知类型的硬件木马；利用SMOTETomek算法对特征集进行扩展，消除训练数据集的不平衡性；使用随机森林算法评估13维特征的重要性，依据特征重要性排序和模型评分，优化木马特征集合；基于最优特征向量训练分类器，识别门级网表中的木马信号。基于Trust_Hub硬件木马库中的21个基准电路展开实验验证，木马检出率高达99.22%，误判率仅为0.01%。与现有文献相比，检测效果有了大幅提升。

关键词: 硬件木马检测, 门级网表, 信号特征, 结构特征, 随机森林

Abstract: Hardware Trojans have become one of the main security threats to the integrated circuits. However, the existing safety analysis methods describe the features of hardware Trojans from a single point of view. The detection accuracy is low, which is difficult to be applied to practical detection. In this paper, the essential attributes and typical structures of hardware Trojans are analyzed, and the 13-dimensional feature vector is proposed, which can cover all known types of hardware Trojans. SMOTETomek is introduced to reduce the imbalance of the train set. The importance of Trojan features are evaluated by random forest, and the feature vector is optimized according to the importance ranking and model scoring. The classifier is established based on the optimal feature vector to identify the Trojan signals. 21 benchmark circuits from the Trust-hub are used to validate the efficacy of the proposed approach. The recognition rate of Trojan signals reaches 99.22%, and the misjudgment rate is only 0.01%. Compared with the existing literatures, the detection ability has been greatly improved.

Key words: hardware Trojan detection, gate-level netlist, signal feature, structural feature, random forest

李林源, 徐金甫, 严迎建, 赵聪慧, 刘燕江. 基于多维特征的门级硬件木马检测技术[J]. 计算机工程与应用, 2023, 59(18): 278-284.

LI Linyuan, XU Jinfu, YAN Yingjian, ZHAO Conghui, LIU Yanjiang. Hardware Trojan Detection for Gate-Level Netlists Based on Multidimensional Features[J]. Computer Engineering and Applications, 2023, 59(18): 278-284.

参考文献

[1] LIU Y J，HE J J，MA H C，et al.Golden chip free Trojan detection leveraging probabilistic neural network with genetic algorithm applied in the training phase[J].Science China Information Sciences，2020，63（2）：129401.
[2] LIU Q，ZHAO P，CHEN F.A hardware Trojan detection method based on structural features of Trojan and host circuits[J].IEEE Access，2019，7：44632-44644.
[3] YAO S，CHEN X M，ZHANG J，et al.FASTrust：feature analysis for third-party IP trust verification[C]//2015 IEEE International Test Conference.Anaheim，USA：IEEE，2015：1-10.
[4] HASEGAWA K，OYA M，YANAGISAWA M，et al.Hardware Trojans classification for gate-level netlists based on machine learning[C]//The 22nd IEEE International Symposium on On-Line Testing and Robust System Design，Sant Feliu de Guixols.Spain：IEEE，2016：203-206.
[5] HASEGAWA K，YANAGISAWA M，TOGAWA N，et al.Trojan-feature extraction at gate-level netlists and its application to hardware-Trojan detection using random forest classifier[C]//2017 IEEE International Symposium on Circuits and Systems.Baltimore.USA：IEEE，2017：1-4.
[6] CHEN F Q，LIU Q.Single-triggered hardware Trojan identification based on gate-level circuit structural characteristics[C]//2017 IEEE International Symposium on Circuits and Systems.Baltimore，USA：IEEE，2017：1-4.
[7] 严迎建，赵聪慧，刘燕江.基于多维结构特征的硬件木马检测技术[J].电子与信息学报，2021，43（8）：2128-2139.
YAN Y J，ZHAO C H，LIU Y J.Hardware Trojan detection based on multiple structural features[J].Jounal of Electronics & Information Technology，2021，43（8）：2128-2139.
[8] SALMANI H.COTD：reference-free hardware Trojan detection and recovery based on controllability and observability in gate-level netlist[J].IEEE Transactions on Information Forensics and Security，2017，12（2）：338-350.
[9] DHARMADHIKARI P，RAJU A，VEMURI R.Detection of sequential Trojans in embedded system designs without scan chains[C]//2018 IEEE Computer Society Annual Symposium on VLSI.Hong Kong，China：IEEE，2018：678-683.
[10] KOK C H，OOI C Y，MOGHBEL M，et al.Classification of Trojan nets based on SCOAP values using supervised learning[C]//2019 IEEE International Symposium on Circuits and Systems.Sapporo，Japan：IEEE，2019：1-5.
[11] 赵毅强，李博文，马浩诚，等.基于混合特征分析的硬件木马检测方法[J].华中科技大学学报（自然科学版），2021，49（5）：1-6.
ZHAO Y Q，LI B W，MA H C，et al.A hardware Trojan detection method based on combined features analysis[J].Journal of Huazhong University of Science and Technology（Natural Science Edition），2021，49（5）：1-6.
[12] 高良俊，于金星，陈鑫，等.基于特征提取和SVM的硬件木马检测方法[J].微电子学，2020，50（6）：914-919.
GAO L J，YU J X，CHEN X，et al.Hardware Trojan detection method based on feature extraction and SVM[J].Microelectronics，2020，50（6）：914-919.
[13] Trust-HUB.Chip-level Trojan benchmarks[EB/OL].[2022-03-22].https：//www.trust-hub.org/benchmarks/chip-leveltroj-an.
[14] GOLDSTEIN L H，THIGPEN E L.SCOAP：sandia controllability/observability analysis program[C]//Conference on Design Automation.Minneapolis，USA：IEEE，1988：190-196.
[15] TEBYANIAN M，MOKHTARPOUR A，SHAFIEINEJAD A.SC-COTD：hardware Trojan detection based on sequential/combinational testability features using ensemble classifier[J].Journal of Electronic Testing，2021，37（4）：473-487.
[16] XIE X，SUN Y，CHEN H，et al.Hardware Trojans classification based on controllability and observability in gate-level netlist[J].Ieice Electronics Express，2017，14（18）：20170682-20170682.
[17] SAMIMI S M S.Testability measurement tool[EB/OL].[2022-03-22].https：//sourceforge.net/projects/testabilitymeas-urementtool/.
[18] 魏志强，张浩，陈龙.一种采用SmoteTomek和LightGBM算法的Web异常检测模型[J].小型微型计算机系统，2020，41（3）：141-146.
WEI Z Q，ZHANG H，CHEN L.Web anomaly detection model using SmoteTomek and LightGBM algorithm[J].Journal of Chinese Computer Systems，2020，41（3）：141-146.
[19] BIAU G，SCORNET E.A random forest guided tour[J].Test：An Official Journal of the Spanish Society of Statistics and Operations Research，2015，25（2）：197-227.
[20] ZHANG H R，MIN F.Three-way recommender systems based on random forests[J].Knowledge Based Systems，2016，91（C）：275-286.
[21] 张颖，李森，陈鑫，等.基于XGBoost的混合模式门级硬件木马检测方法[J].电子与信息学报，2021，43（10）：3050-3057.
ZHANG Y，LI S，CHEN X，et al.Hybrid multi-level hardware Trojan detection method for gate-level netlists based on XGBoost[J].Jounal of Electronics & Information Technology，2021，43（10）：3050-3057.
[22] SHARMA R，VALIVATI N K，SHARMA G K，et al.A new hardware Trojan detection technique using class weighted XGBoost classifier[C]//2020 24th International Symposium on VLSI Design and Test（VDAT）.Bhubaneswar，India：IEEE，2020：1-4.