{"title":"A fast modularity hardware Trojan detection technique for large scale gate-level netlists","authors":"Wei Chen, Zhiyuan Bai, Gaoyuan Pan, Jian Wang","doi":"10.1016/j.cose.2024.104111","DOIUrl":null,"url":null,"abstract":"<div><div>Hardware Trojans (HTs) are a kind of malicious circuit implanted by adversaries and induce malfunction under rare situations. Attackers may insert HTs into untrusted third-party intellectual properties (3PIPs), thus severely threatening the hardware security of ICs. To overcome this issue, state-of-art HT detection techniques are proposed based on feature extraction of gate-level netlists (GLNs). However, these techniques may take a long time to extract HT signals for large scale GLNs. In this paper, we propose a fast modularity HT detection (FMTD) method for large scale GLNs. The GLN modularity algorithm can divide the whole GLN into several small modules with the boundaries of D flip-flops (DFFs) of each module. By analyzing the transition rate of critical signals, preserving suspicious DFFs, and repairing the ring circuit, we can ensure the integrity of HT circuits during the GLN modularity process. Then, the calculation of the testability of each module is conducted in parallel with our self-designed tool. In the self-designed tool, we repair the ring circuit, calculate the testability values, and calibrate the testability values of module boundary signals. Compared with the EDA tools, our self-designed tool has no upper limit of testability values. Then, the testability values are sent to the unsupervised K-means clustering simultaneously to diagnose the HT signals. Facilitated by the modularity of the GLN, the detection time of 10<sup>5</sup> order signals sample is reduced by up to 90 % when compared to the traditional COTD method, while our MFTD method shows a similar HT detection performance to that of the traditional COTD method. For all 20 kinds of GLN samples in Trust-hub, our FMTD method can obtain a detection accuracy of 100 %, and signal diagnosis precision of more than 93 % with a diagnosis false positive rate lower than 1 %.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"148 ","pages":"Article 104111"},"PeriodicalIF":4.8000,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824004164","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Hardware Trojans (HTs) are a kind of malicious circuit implanted by adversaries and induce malfunction under rare situations. Attackers may insert HTs into untrusted third-party intellectual properties (3PIPs), thus severely threatening the hardware security of ICs. To overcome this issue, state-of-art HT detection techniques are proposed based on feature extraction of gate-level netlists (GLNs). However, these techniques may take a long time to extract HT signals for large scale GLNs. In this paper, we propose a fast modularity HT detection (FMTD) method for large scale GLNs. The GLN modularity algorithm can divide the whole GLN into several small modules with the boundaries of D flip-flops (DFFs) of each module. By analyzing the transition rate of critical signals, preserving suspicious DFFs, and repairing the ring circuit, we can ensure the integrity of HT circuits during the GLN modularity process. Then, the calculation of the testability of each module is conducted in parallel with our self-designed tool. In the self-designed tool, we repair the ring circuit, calculate the testability values, and calibrate the testability values of module boundary signals. Compared with the EDA tools, our self-designed tool has no upper limit of testability values. Then, the testability values are sent to the unsupervised K-means clustering simultaneously to diagnose the HT signals. Facilitated by the modularity of the GLN, the detection time of 105 order signals sample is reduced by up to 90 % when compared to the traditional COTD method, while our MFTD method shows a similar HT detection performance to that of the traditional COTD method. For all 20 kinds of GLN samples in Trust-hub, our FMTD method can obtain a detection accuracy of 100 %, and signal diagnosis precision of more than 93 % with a diagnosis false positive rate lower than 1 %.
期刊介绍:
Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.