InTrust-IoT: Intelligent Ecosystem based on Power Profiling of Trusted device(s) in IoT for Hardware Trojan Detection

Modern Resource-Constrained (RC) Internet of Things (IoT) devices are subject to several types of attacks, including hardware-level attacks. Most of the existing state-of-the-art solutions are invasive, require expensive design time interventions, or need dataset generation from non-trusted RC-IoT devices or both. We argue that the health of modern RC-IoT devices requires a final line of defense against possible hardware attacks that go undetected during the IC design and test process. Hence, in this paper, we propose a defense methodology against non-zero-day and zero-day attacks, leveraging machine learning techniques trained on the dataset obtained without design time intervention and using ‘only’ trusted IoT devices. In the process, a complete eco-system is developed where data is generated through a trusted group of devices, and machine learning is done on these trusted datasets. Next, this trusted trained model is deployed in regular IoT systems that contain untrusted devices, where the attack on untrusted devices can be detected in real-time. Our results indicate that for non-zero-day attacks, the proposed technique can concurrently detect DoS and power depletion attacks with an accuracy of about 80%. Similarly, zero-day attack experiments are able to detect the attack without fail as well.