Computer Engineering and Applications ›› 2023, Vol. 59 ›› Issue (18): 278-284.DOI: 10.3778/j.issn.1002-8331.2206-0101

• Network, Communication and Security • Previous Articles     Next Articles

Hardware Trojan Detection for Gate-Level Netlists Based on Multidimensional Features

LI Linyuan, XU Jinfu, YAN Yingjian, ZHAO Conghui, LIU Yanjiang   

  1. Key Laboratory of Information Security, Information Engineering University, Zhengzhou 450000, China
  • Online:2023-09-15 Published:2023-09-15



  1. 信息工程大学 信息安全重点实验室,郑州 450000

Abstract: Hardware Trojans have become one of the main security threats to the integrated circuits. However, the existing safety analysis methods describe the features of hardware Trojans from a single point of view. The detection accuracy is low, which is difficult to be applied to practical detection. In this paper, the essential attributes and typical structures of hardware Trojans are analyzed, and the 13-dimensional feature vector is proposed, which can cover all known types of hardware Trojans. SMOTETomek is introduced to reduce the imbalance of the train set. The importance of Trojan features are evaluated by random forest, and the feature vector is optimized according to the importance ranking and model scoring. The classifier is established based on the optimal feature vector to identify the Trojan signals. 21 benchmark circuits from the Trust-hub are used to validate the efficacy of the proposed approach. The recognition rate of Trojan signals reaches 99.22%, and the misjudgment rate is only 0.01%. Compared with the existing literatures, the detection ability has been greatly improved.

Key words: hardware Trojan detection, gate-level netlist, signal feature, structural feature, random forest

摘要: 硬件木马已成为集成电路的主要安全威胁之一,然而现有的安全性分析方法从单一角度描述硬件木马特征,硬件木马的覆盖率低,难以应用到实际的检测中。分析了硬件木马的重要属性和典型结构,提出了13维硬件木马特征向量,可以覆盖目前所有已知类型的硬件木马;利用SMOTETomek算法对特征集进行扩展,消除训练数据集的不平衡性;使用随机森林算法评估13维特征的重要性,依据特征重要性排序和模型评分,优化木马特征集合;基于最优特征向量训练分类器,识别门级网表中的木马信号。基于Trust_Hub硬件木马库中的21个基准电路展开实验验证,木马检出率高达99.22%,误判率仅为0.01%。与现有文献相比,检测效果有了大幅提升。

关键词: 硬件木马检测, 门级网表, 信号特征, 结构特征, 随机森林