HTDet: A Clustering Method using Information Entropy for Hardware Trojan Detection

06/10/2019 ∙ by Renjie Lu, et al. ∙ Institute of Computing Technology, Chinese Academy of Sciences 0

Hardware Trojans (HTs) have drawn more and more attention in both academia and industry because of its significant potential threat. In this paper, we proposed a novel HT detection method using information entropy based clustering, named HTDet. The key insight of HTDet is that the Trojan usually be inserted in the regions with low controllability and low observability in order to maintain high concealment, which will result in that Trojan logics appear extremely low transitions during the simulation. This means that the logical regions with the low transitions will provide us with much more abundant and more important information for HT detection. Therefore, HTDet applies information theory technology and a typical density-based clustering algorithm called Density-Based Spatial Clustering of Applications with Noise (DBSCAN) to detect all suspicious Trojan logics in circuit under detection (CUD). DBSCAN is an unsupervised learning algorithm, which can improve the applicability of HTDet. Besides, we develop a heuristic test patterns generation method using mutual information to increase the transitions of suspicious Trojan logics. Experimental evaluation with benchmarks demenstrates the effectiveness of HTDet.

READ FULL TEXT VIEW PDF
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

I Introduction

Recently, the globalization of modern integrated circuit (IC) industry has raised more and more hardware security challenges. For example, intellectual property (IP) cores and EDA tools provided by the third-party are widely used in IC design to reduce development cost and to shorten the marketing cycle [1]. As third-party IP cores are designed by outsourced vendors, an adversary can easily implement some malicious logics into IP cores, referred to as Hardware Trojans (HTs).

HTs are lightweight structures in large-scale IC designs, which commonly contain two components called Trojan trigger and Trojan payload [2]. Trojan trigger is responsible for monitoring signals to determine whether the trigger signal has arrived. If Trojan trigger is not activated, HTs stay dormant and do not have effect on the original circuit. If Trojan trigger is activated, Trojan payload will perform specific malicious operations such as to change functionality, to degrade performance and to reveal secret information [3]. Since most of HTs usually have extremely rare trigger conditions, it is very challenging to detect suspicious Trojan logics in circuit under detection (CUD).

The existing HTs detection techniques can be roughly classified into five major groups: reverse engineering

[4, 5, 6], side channel analysis [7, 8, 9, 10, 11, 12, 13], static structure analysis [15, 16, 17, 18, 19, 20], statistical feature analysis [21, 22, 23, 24, 25], and functional testing [26, 27, 28, 29]

. In reverse engineering, a fabricated chip is completely dissected layer-by-layer in order to reconstruct the IC design to detect malicious modifications. Reverse engineering approaches consume prohibitively high cost, and it is impossible to carry out reverse engineering for each chip under test. In side-channel analysis, the impacts of HTs on circuit delay, transient current, leakage power and so on can be used to detect whether there are the HTs in CUD. Side-channel analysis approaches can detect HTs inserted in the post-fabrication stage. However, side-channel analysis usually requires a “Golden Circuit” for impact comparison and it also is susceptible to process variations or environmental noise, which can result in lots of false positives. Like software virus detection technique, static structure analysis methods perform HT detection by analyzing circuit structure characteristics. Though static structure analysis is an effective HT detection approach, it can only detect known types of HTs. There are intrinsic differences between Trojan logics and normal circuit, so statistical feature analysis approaches can be used to detect potentail HTs in CUD. Functional testing approaches try to generate test vectors to activate potential HTs and propagate HTs’ effects to the primary outputs. Though functional testing is independent with process variations and environmental noise, functional testing usually consume significant amount of time due to the high concealment of HTs.

The key insight of our approach is that Trojans usually be inserted in the regions with low controllability and low observability in order to maintain high concealment, which will result in that Trojan logics appear extremely low transitions during the simulation. In the field of information theory, if the event is improbable, it will provide much more information when the event happens. That is, the logical regions with the low transitions will provide us with much more abundant and more important information for Trojan detection. In this paper, we propose a novel HT detection method using information entropy based clustering, named HTDet. Firstly, the digital stimuli is generated for the CUD. Then the information entropy of signal sequence of each wire is calculated, and a typical density-based clustering algorithm called Density-Based Spatial Clustering of Applications with Noise (DBSCAN) is applied to obtain all suspicious Trojan logics. Further, a heuristic test patterns generation method using mutual information is developed to increase the transitions of these suspicious Trojan logics. In summary, this paper has the following contributions:

  • To the best of our knowledge, this is the first attempt to use information entropy technology to detect HTs in hardware design, and HTDet can achieve good experimental results.

  • Unsupervised learning algorithm, DBSCAN, is used for Trojan detection, which means that HTDet does not require “Golden Circuit”. Further, HTDet does not require that the Trojan logic is pushed the triggering state. As long as the transitions of logical regions are extremely low, HTDet can detect them based on density-reachable relationship.

  • We develop a heuristic test patterns generation method using mutual information technology to increase the transitions of suspicious Trojan logics.

  • We carry out lots of evalutaion work on TrustHub benchmarks [34], which shows that the proposed technique can detect suspicious Trojan logics with negligible false positives.

The rest of this paper is organized as follows. Section 2 and Section 3 introduces the theoretical basis and the threat model, respectively. We present proposed HT detection method in detail in Section 4. Section 5 presents test patterns generation method for suspicious Trojan logics in detail. Experimental analysis is presented in Section 6. Section 7 briefly summarize the related work. Finally, we conclude this paper and in Section 8.

Ii Theoretical Basis

In this paper, we perform the HT detection using information theory technology [30]. In this section, we give the theoretical basis of the proposed approach.

Ii-a Information Entropy

Information Entropy is also known as the self-information, which is the average rate at which information is produced by a source of data. Entropy is a measure of uncertainty about random variable.

Let X be a discrete random variable, and its probability distribution is consistent with

, where . Hence, the entropy of X can be explicitly written as

(1)

, where b is the base of the logarithm used. In this paper, b is equal to the mathematical constant e. In the case of , the value of is taken to be 0, which is consistent with the limit.

(2)

Ii-B Joint Entropy

In information theory, joint entropy is a measure of the uncertainty associated with a set of variables. In this paper, we focus on the joint entropy of two random variables.

Similarly, let X and Y be two discrete random variables, and their probability distribution is , where and . Hence, the joint entropy of X, Y can be presented as

(3)

Ii-C Conditional Entropy

In information theory, the conditional entropy quantifies the amount of information needed to describe the outcome of a random variable Y given the value of another random variable X is known.

The entropy of Y conditioned on X can be defined as following formula.

(4)

It’s worth noting that , and

can conform the chain rule. That is,

(5)

Ii-D Mutual Information

The mutual information of two variables is a measure of the mutual dependence between the two variables. More specifically, the mutual information quantifies the amount of information obtained about one random variable through observing the other random variable.

Let X, Y be two discrete random variables, and their joint probability distribution is . Hence, the mutual information between X and Y can be defined as

(6)

According to the correlation between probability distributions and the chain rule, Can also be expressed as

(7)

Iii Threat Model

The threat model of proposed method is based on several assumptions.

  • With the globalization of chip design, the adversaries can have more opportunities to insert HTs into a digital circuit design than before. It can be gate-level netlist or register transfer language (RTL).

  • Our threat model assumes that the hardware design that we are given is in the form of digital circuit design.

  • The goal of attack is to change functionality, destroy the IC, and/or leak secret information through logical attack, rather than through side-channels such as current, power or electromagnetic.

Iv HTDet Methodology

In this section, first, we provide the feasibility analysis of proposed HT detection method. Then the technical details of HTDet is presented. The core problem is whether the information entropy technology and clustering algorithm can be used to detect suspicious Trojan logics in the circuit under detection (CUD).

Iv-a Feasibility Analysis

The key insight of HTDet is that there is the significant difference between the Trojan logic and the rest of the circuit. More specifically, the HT usually be inserted in the logical regions with low controllability and low observability, which causes that Trojan logic has a very low transition probability. Moreover, in the field of information theory [30], if an event is very probable, the little information was provided when it happens. Conversely, if the event is improbable, it will provide much more information when the event happens.

That is, the logical regions with the low transitions will provide us with more abundant and more important information for HT detection. However, if we directly apply the transition probability for Trojan detection, which will result in high false positives. Fox example, we consider that the signal wires (from to ) have the transition probabilities listed in Table 1.

Wire
Transition Probability
TABLE I: Signal wires and corresponding transition probabilities.

Due to the density-reachable relationship between low transition probability and high transition probability, signal wires from to can be reported as suspicious Trojan logic as shown in Figure 1 (blue line). While the use of information entropy can significantly reduce false positives. As shown in Figure 1 (orange line), signal wires from to can be reported as suspicious Trojan logic.

Fig. 1: HT detection comparison between transition probability and information entropy.

This is because information entropy can gap the connectivity between low transition probability and high transition probability, and it is more sensitive to low transition probability as shown in Figure 2. It can be seen that the density-reachable relationship between signal wires (from to ) is much closer than the density-reachable relationship between low transition probability and high transition probability.

Fig. 2: Distribution of information entropy for probability listed in Table 1.

It has been proven that the information entropy takes the maximum value when is equal to . In other words, when = = 0.5, the corresponding information entropy can take the maximum value. The transition probability-information entropy curve is as shown in Figure 3 according to formula (1). Because the information entropy has the symmetry, the minimum value can be taken when = 0 or = 1. Therefore, we should exclude the noise data that has very low information entropy because of much large .

Fig. 3: The transition probability-information entropy curve

Besides, the mutual information technology can measure the correlations between primary inputs and internal signal wires, which is beneficial to test patterns generation. Therefore, we first propose applying the information theory technology in the field of HT detection.

Iv-B The Application of Information Entropy

In order to apply the information entropy technology for HT detection, we first use functional testing to generate digital stimuli for the CUD. We believe that the set of test patterns developed during design verification can satisfy this step. The goal of this step is to perform functional tests for the CUD with high coverage as much as possible. After the functional tests, we can obtain the original waveform of each signal wire in the CUD, which contain only binary values (0 or 1). Our goal is to use the information entropy to evaluate the controllability and observability of each logical region such that we can effectively distinguish Trojan logic from the rest of circuit.

However, we can not use the original waveform for HT detection directly. For example, the transition of signal only occurs once in , while have five transitions of signal as shown in Figure 4(a). Because the HT usually is inserted in the logical regions with a low controllability and low observability, which cause that the Trojan logic has a very low transition probability. Hence, the logical region of should be more likely to be Trojan logic than . However, the information entropy of both and are 0.6931 according to formula (1) because the probability of 0 (0.5) and 1 (0.5) in is the same as in .

(a) Original waveform and .
(b) Encoded waveform and .
Fig. 4: Comparison between original waveform and encoded waveform.

Therefore, we should focus on the distribution of signal transitions rather than the distribution of 0 and 1 such that we can use the information entropy to evaluate the controllability and observability of each logical region. To this end, we encode the original waveform according to the following rules. We assume that the original waveform OW = . For each signal pair , i = 1, 2, …, n, if = , we encode as 0; if = , we encode as 1; if = , we encode as 1; if = , we encode as 0. The encoded waveform corresponding to the original waveform of and are shown in the Figure 4(b). Then, we use formula (1) to calculate the information entropy of each encoded waveform. The information entropy of (corresponding to ) is approximately equal to 0.3488, and the information entropy of (corresponding to ) is approximately equal to 0.6870, which is more in line with the results that we expect.

We apply the information entropy to distinguish differences between Trojan logic and the normal circuit. Lots of experiments demonstrate that the information entropy of each wire is almost consistent with the controllability measure [32] of this signal wire in the CUD. As shown in Figure 5, we can obtain information entropy of each wire in the given circuit after functional testing ( cycles). It can be seen that the information entropy at the output of the AND gate is 0.13820, the information entropy at the input (top) of the AND gate is 0.22966 and the information entropy at the input ( bottom) of the AND gate is 0.66271 due to different circuit structures.

Fig. 5: Information entropy of each wire in the given circuit fragment.

Iv-C HT Detection based Clustering

It’s worth noting that our circuit analysis focuses on the state of internal wires in CUD rather than circuit structure. For the sake of the convenience of discussion, we define CUD = , where PI is the set of primary inputs, W is the set of internal signal wires and POUT is the set of primary outpus. More formally, PI = , and W = and POUT = . After functional testing, we encode each original waveform of CUD and calculate the information entropy of each encoded waveform. Once the above step is complete, we apply a typical density-based clustering algorithm called Density-Based Spatial Clustering of Applications with Noise (DBSCAN) to perform HT detection in the information entropy space composed by W and POUT.

In the given data space, the density is defined as the number of data points within a specified radius (r), and the core point that has more than specified number of data points (MinPts) within its r-neighborhood, and the border point that has fewer than MinPts within its r-neighborhood but it is in the r-neighborhood of a core point, and and any point that is not a core point or border point is called noise point. Moreover, date point q is directly density-reachable from another point p, if p is a core point and q is within the r-neighborhood of p. Data point q is density-reachable from another point p, if there is a path of points (p) (q) such that point is directly density-reachable from point . Data point p and data point q are density-connected if there is a data point o such that both p and q are density-reachable from o.

1:Information entropy space, r, MinPts
2:Suspicious Trojan logics
3:repeat
4:     Select an unvisited data point (P) from information entropy space.
5:     if P is core point then
6:         mark P as visited data point, then find all points which are density-reachable from P, and form a cluster.
7:     end if
8:     if P is border point then
9:         mark P as visited data point, return 2
10:     end if
11:     if P is noise point then
12:         delete P from information entropy space, return 2
13:     end if
14:until all data points in information entropy space have been visited
15:Report cluster with very low information entropy as suspicious Trojan logics.
Algorithm 1 HT detection based clustering

The basic idea of DBSCAN is to find the maximal sets of density-connected points. That is, all points within the cluster are mutually density-connected. Algorithm 1 shows the clustering process in the information entropy space.

V Test Pattern Generation for Suspicious Trojan Logics using Mutual Information

In section 4, the proposed HT detection method can find suspicious Trojan logics. This section introduces a heuristic test pattern generation method using mutual information, which can further increase the transitions of suspicious Trojan logics. As is depicted in Figure 6, the correlation between each suspicious Trojan logic and each primary input is measured by mutual information. If the mutual information is greater than the threshold, corresponding primary input is referred to as strongly correlated primary input (SCPI) to this suspicious Trojan logic. Therefore, each suspicious Trojan logic will maintain a set of SCPI (SSCPI). Then, a heuristic algorithm is developed to select minimum SCPIs but to cover all suspicious Trojan logics.

Fig. 6: Overview of test patterns generation method.

V-a Feasibility Analysis

In the field of information theory, the mutual information between X and Y can measure the mutual dependence between the two variables. That is, mutual information can measure the correlation between two variables [33]. If X and Y are independent, their mutual information is zero. If X is a deterministic function of Y (Y also is a deterministic function of X), so knowing the value of X can determine the value of Y and vice versa. In this case, the mutual information between X and Y is the same as the H(X) and as the H(Y).

Natively, each circuit logic can be expressed as a Boolean function of different primary inputs, which conforms statement of the correlation. For example, we can obtain three Boolean formula d = ab, e = and f = ab + for the given circuit structure, as shown in Figure 7. Hence, we can know that d and c, e and a, e and b, are independent such that their mutual information must be zero, and e is a deterministic function of c such that their mutual information is the same as H(c) and H(e), and the mutual information I(d; a) should be equal to the mutual information I(d; b) because of same circuit logic. It is worth noting that the mutual information I(f; a) is different from the mutual information I(f; c) because of different circuit logic (AND gate and Inverter). In short, the mutual information of two variables is higher, the correlation of variables is stronger.

Fig. 7: The example of mutual information analysis for circuit logic.

V-B Correlation Calculation using Mutual Information

We consider that the set of primary inputs PI = , and consider that the set of suspicious Trojan logics (wires) SW = , where t m+n. Firstly, we calculate mutual information I(; ) between each suspicious Trojan logic and each primary input , where i = 1, 2, …, t and j = 1, 2, …, l. According to formula (7), I(; ) = H() + H() - H(, ). Because each encoded waveform only contains 0 (non-transition) and 1 (transition), H(,) = - according to formula (3). If I(; ) is greater than the threshold, we refer to the primary input as the SCPI of suspicious Trojan logic . For each , its threshold is equal to , where l is the number of primary inputs. Finally, each suspicious trojan logic will have a SSCPI, and the strong correlation between primary inputs and suspicious trojan logics can constitute a strong correlation list as shown in Table 2.

1 0 1 1
0 1 1 1
1 1 0 1
TABLE II: The strong correlation list: 1 indicates is a SCPI of and 0 indicates no

V-C Test Patterns Generation

Our goal is to select minimum number of SCPIs but to cover all suspicious Trojan logics. We define that is set of suspicious Trojan logics whose SSCPI includes , and define ‘+’ operation between sets is equivalent to the ‘union’ operation between sets, and define ‘-’ operation between sets is equivalent to the ‘difference’ operation between sets. For example, = , = , + = , and - = . Therefore, the problem can be abstracted as the following formula, where . If is selected, = 1, otherwise 0.

(8)

We develop a heuristic method to solve this problem. We define indicates the optimal solution when and . As shown in formula (9), it can be seen that is the optimal solution of formula (8). Algorithm 2 shows the core of solution. Then we perform constrained-random simulation, setting all the primary input at logic 0 or logic 1, which is not in SCPIs. For the rest of the primary inputs in SCPIs, we still generate full-random stimuli to perform simulation.

1:Strong correlation list
2:SCPIs
3:function f()
4:     if  then
5:          
6:     else
7:          
8:     end if
9:end function
Algorithm 2 SCPI selection
(9)

Vi Experimens and Evaluations

Proposed approach is evaluated on the different digital circuit designs from TrustHub benchmark [34]. All circuits are synthesized by Synopsys Design Compiler (DC) with Semiconductor Manufacturing International Corporation cell library for 90-nm silicon-on-insulator process. All circuits are simulated by Verilog Compiled Simulator (VCS) with high coverage as much as possible. We conduct data processing experiments and data analysis experiments on a computer with 2.8 GHz Intel Core i7 CPU and 8GB memory [35]. Brief information about the benchmarks used in our experiments is provided in Table 3.

Circuit # units Features of HT
RS232_T1000 215 Trojan trigger is a combinational comparator; change functionality
RS232_T1100 217 Trojan trigger is a sequential comparator; change functionality
RS232_T1200 216 Trojan trigger is a sequential comparator; change functionality
RS232_T1300 213 Trojan trigger is a combinational comparator; change functionality
RS232_T1400 215 Trojan trigger is a sequential comparator; change functionality
RS232_T1500 216 Trojan trigger is a sequential comparator; change functionality
RS232_T1600 214 Trojan trigger is a sequential comparator; change functionality
s15850_T100 2182 Trojan trigger consists of two comparators and two flip-flops; leak an internal signal.
s35932_T200 5438 Trojan trigger is a comparator; denial of Service.
s38417_T100 5341 Trojan trigger is a comparator; change functionality, denial of service.
TABLE III: Brief informations of circuits under detection

Vi-a Clustering Comparison between Information Entropy Space and Transition Probability Space

In our experiments, our method can detect all suspicious Trojan logics in the CUD. Taking RS232_T1000 and RS232_T1100 as examples, we present the difference of clustering between information entropy space and transition probability space. Figure 8(a) and Figure 8(b) shows the result of clustering for RS232_T1000 benchmark and RS232_T1100 benchmark, respectively. It is worth noting that the clustering process only focuses on the density-reachable relationship of information entropy space.

(a) Clustering for RS232_T1000 benchmark.
(b) Clustering for RS232_T1100 benchmark.
Fig. 8: Clustering in information entropy space.

As shown in Figure 8, though the clustering algorithm can divide the information entropy space into several cluters (2 or 3), the circuit logics with extremely low information entropy are always divided into one cluster according to the density-reachable relationship. Similarly, we also use transition probability for Trojan detection. Under the same parameters, Figure 9(a) and Figure 9(b) shows the result of clustering for RS232_T1000 and RS232_T1100, respectively.

(a) Clustering for RS232_T1000 benchmark.
(b) Clustering for RS232_T1100 benchmark.
Fig. 9: Clustering in transition probability space.

It can be seen that transitions will result in high false positives. However, the information entropy can effectively distinguish the difference between Trojan logics and normal logics. In order to have a more intuitive insight on the difference between information entropy and transition probability, we sort the information entropy space and transition probability space of RS232_T1000 benchmark from lowest to highest, respectively. Then the distribution of information entropy and transition probability are shown in Figure 10. As shown in Figure 10(a), the area with low information entropy (red) and other area (green) have obvious density-unreachable relationship. However, the area with low transition probability and other area are still density-reachable (red) in transition probability space shown in Figure 10(b), which will lead to poor Trojan detection performance. Because the information entropy can amplify the difference between low transition probability and high transition probability, it can detect effectively suspicious Trojan logics.

(a) Sorted distribution of information entropy.
(b) Sorted distribution of transition probability.
Fig. 10: Difference between information entropy space and transition probability space for RS232_T1000 benchmark.

Vi-B HT Detection Performance and Parameter Analysis

To further evaluate the effectiveness of HTDet, we manually check the suspicious Trojan logics reported by the clustering algorithm. The results are shown in Table 4. MinPts and r are the parameters used in clustering process. The sensitivity of the results is measured by the true positive rate (TPR), i.e. the number of Trojan wires correctly detected as a percentage of the total number of Trojan logics. We also provide the true negative rage (TNR) results, which tells us the ratio of the true negatives over the number of non-Trojan logics. False positive rate (FPR = 1 - TNR) is the fraction of logics that are falsely flagged as being suspicious Trojan logics. It can be seen that HTDet can effectively detect Trojan logics of CUD with the extremely low false positives.

We also analyze the effect of parameters MinPts and r on HT detection performance using control variable method. When r is fixed to 0.05, both TPR and TNR decline as MinPts increases, as shown in Figure 11(a). This is because the number of noise point gradually increases when MinPts increases. Similarly, when MinPts is fixed to 5 and r increases, TPR gradually decline but TNR almost is constant, as shown in Figure 11(b). This is because all data points are clustered into normal logcis when r is equal to 0.06 or 0.07. Hence, the appropriate values of parameters are also necessary for Trojan detection.

Circuit MinPts r TPR TNR
RS232_T1000 2 0.05 62% 99%
RS232_T1100 5 0.04 67% 99%
RS232_T1200 5 0.04 89% 99%
RS232_T1300 2 0.05 89% 99%
RS232_T1400 5 0.04 61% 99%
RS232_T1500 5 0.04 73% 99%
RS232_T1600 5 0.04 62% 99%
s15850_T100 4 0.05 96% 99%
s35932_T200 5 0.05 93% 99%
s38417_T100 4 0.05 100% 99%
TABLE IV: Results of manual check
(a) The effect of MinPts on TPR and TNR.
(b) The effect of r on TPR and TNR.
Fig. 11: Parameter Analysis on RS232_T1000 benchmark.

Vi-C Comparison to existing methods

we compare the experimental results to existing methods in the point of TPR and TNR. Reference [16] proposed a HT detection method based on static structure analysis, and Reference [23] proposed a HT detection method based on signal correlations. Table 5 shows the comparison to [16], and Table 6 shows the comparison to [23]. Obviously, our approach can obtain better HT detection performance in order to achieve the good trade-off between TPR and TNR. In the point of average TNR, it can obtain the 99% average TNR value, which indicates that proposed technique, HTDet, can significantly reduce false positives.

TPR TNR
Circuit [16] Ours [16] Ours
RS232_T1000 53% 62% 31% 99%
RS232_T1100 58% 67% 27% 99%
RS232_T1200 80% 89% 26% 99%
RS232_T1300 89% 89% 26% 99%
RS232_T1400 83% 61% 22% 99%
RS232_T1500 83% 73% 24% 99%
RS232_T1600 89% 62% 26% 99%
s15850_T100 93% 96% 66% 99%
s35932_T200 100% 93% 59% 99%
s38417_T100 100% 100% 76% 99%
Average 83% 79% 39% 99%
TABLE V: Comparison to the existing method [16]
TPR TNR
Circuit [23] Ours [23] Ours
s15850_T100 61% 96% 99% 99%
s35932_T200 27% 93% 99% 99%
s38417_T100 100% 100% 99% 99%
Average 63% 96% 99% 99%
TABLE VI: Comparison to the existing method [23]

In this paper, we do not attempt to find all Trojan logics (wires), but try the best to find a set of most suspicious logics, which can effectively reduce the authentication time. That is, a manual check after the automatic HT detection is always necessary.

Vi-D Effectiveness Analysis of Test Patterns Generation Method

We randomly selected three benchmarks (RS232_T1000, RS232_T1100 and s15850_T100) to evaluate the effectiveness of proposed test patterns generation method. Let the transition of each suspicious logic be during the simulation, where , and i = 1, 2, …, t. Let be the maximum of . Let be equal to . Then, maximum transition and average transition are used to measure the effectiveness of test patterns. After obtaining SCPIs, we set that all the primary inputs, which are not in SCPIs, at logic 0 or logic 1. For the primary inputs in SCPIs, we still generate full-random stimuli to perform simulation. After cycles of simulation, the transitions of suspicious Trojan logics are summarized in Table 7.

It can be seen that proposed test patterns generation method can increase effectively the maximum transition and average transition of these suspicious logics, which means that it can reduce activation time.

Circuit
Before_RS232_T1000 722 224.67
After_RS232_T1000 768 230.89
Before_RS232_T1100 719 224.39
After_RS232_T1100 746 231.56
Before_s15850_T100 716 64.19
After_s15850_T100 954 96.48
TABLE VII: Transitions Comparison: Before_* indicates full-random test stimuli, and After_* indicates constrained-random test stimuli using our approach

Vii Related Works

HT detection is a challenging problem. Lots of researches on HT detection have been proposed in the past decades, which can be roughly classified into reverse engineering, side channel analysis, static structure analysis, statistical feature analysis and functional testing.

Bao proposed that using reverse engineering to dissect the chip under detection can guarantee that any malicious modifications in chip can be detected [5, 6]. However, the limitation of this method is that the time cost is too much, it even takes several weeks to analyze the chip under detection. Hence, the reverse engineering can only be applied to the IC with small scale and simple structure.

In side channel analysis [7, 8, 9, 10, 11, 12, 13], the impacts of HTs (e.g., circuit delay, transient current, leakage power and heat analysis) are used to detect whether there are the HTs in CUD. However, the characteristics of circuit is more susceptible to process variations and environmental noise due to the present nanoscale technologies [14].

A score-based classification method is proposed for identifying HTs in CUD [15]. This technique comprehensively analyzes the characteristics of Trojan logics introduced at TrustHub [34], then uses a strategy of conditional judgment for HT detection. Hasegawa proposed learning structure features for Trojan detection [16, 17, 18]

. For this purpose, support vector machine, multi-layer neural network and random forest is applied to learn circuit structure features, respectively. Reference

[19] summarized the triggering characteristics of Trojan circuits and proposed a feature analysis technique based on flip-flop level information flow graph. Then, a multilevel HT detection framework is proposed [20], which combines flip-flop level and combinational logic level structure feature analysis.

Reference [21]

analyzes time to generate a transition in functional Trojans. Transition is modeled by geometric distribution and the number of clock cycles required to generate a transition is estimated. FANCI

[22] considers that the input-to-output dependency has significant difference between Trojan logic and normal logic, so it flags logics which have weak input-to-output dependency as suspicious Trojan logics by Boolean function analysis. In [23], a HT detection method using signal correlation has been proposed. It basically estimates the statistical correlation between signals in a circuit for Trojan detection with the use of ordering points to identify the clustering structure algorithm. Furthermore, [24] proposed a reference-free HT detection scheme based on controllability and observability. This paper indicates that the characteristics of controllability and observability between Trojan gates and genuine gates have significant difference. In [25]

, a novel HT detection approach through distinguishing the “unnaturalness” of HT from the “naturalness” of normal circuits by applying natural language processing technology. This paper considers that design teams of commercial chips will have the specific design style due to the existence of established design specifications, so the statistical method can be used to detect abnormal circuit logics.

Functional testing-based HT detection approaches [26, 27, 28, 29] try to generate random test patterns to activate the HTs in CUD. If the logical values of primary outputs do not match the correct results, a Trojan is detected. The primary challenge of functional testing-based method is that the Trojan circuit is much smaller than the original circuit, and HTs usually have the dormant nature. Hence, it is difficult to detect potential HTs in CUD by traditional functional testing.

Different from traditional functional verification approaches, we propose HTDet, a novel HT detection technique based on information entropy. We consider that the Trojan usually be inserted in the regions with low controllability and low observability in order to maintain high concealment, which will result in that Trojan logics appear extremely low transitions during the simulation. Our approach does not require that the Trojan logic is pushed the triggering state. As long as the transitions of circuit logics are extremely low, HTDet can flag them as suspicious Trojan logics using density-reachable relationship. Although the information theory has been applied in many fields, to the best of our knowledge, this is the first attempt to use the information theory technology to detect HTs in hardware design.

Viii Conclusions

In this paper, we propose a novel HT detection method named HTDet, which can distinguish effectively the transitions difference betwwen normal logics and Trojan logics using information entropy technique. HTDet is an unsupervised learning method and can find quickly suspicious Trojan logics without the requirement on the “Golden Circuit”. HTDet does not require that the Trojan logic is pushed the activation state during the simulation, and it flags circuit logics with extremely low information entropy as suspicious Trojan logics. Besides, we develop a heuristic method to increase transitions of suspicious Trojan logics using mutual information. Experimental results demonstrate the effectiveness of HTDet.

References

  • [1] Mohammad Tehranipoor, Hassan Salmani, Xuehui Zhang, Michel Wang, Ramesh Karri, Jeyavijayan Rajendran, and Kurt Rosenfeld. Trustworthy hardware: Trojan detection and design-for-trust challenges. Computer, 44(7):66–74, 2011.
  • [2] Qianqian Wang, Randall L Geiger, and Degang Chen. Hardware trojans embedded in the dynamic operation of analog and mixed-signal circuits. In 2015 National aerospace and electronics conference (NAECON), pages 155–158. IEEE, 2015.
  • [3] Bicky Shakya, Tony He, Hassan Salmani, Domenic Forte, Swarup Bhunia, and Mark Tehranipoor. Benchmarking of hardware trojans and maliciously affected circuits. Journal of Hardware and Systems Security, 1(1):85–102, 2017.
  • [4] Wenchao Li, Zach Wasson, and Sanjit A Seshia. Reverse engineering circuits using behavioral pattern mining. In 2012 IEEE international symposium on hardware-oriented security and trust, pages 83–88. IEEE, 2012.
  • [5] Chongxi Bao, Domenic Forte, and Ankur Srivastava. On application of one-class svm to reverse engineering-based hardware trojan detection. In Fifteenth International Symposium on Quality Electronic Design, pages 47–54. IEEE, 2014.
  • [6] Chongxi Bao, Domenic Forte, and Ankur Srivastava. On reverse engineering-based hardware trojan detection. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 35(1):49–57, 2016.
  • [7] Reza M Rad, Xiaoxiao Wang, Mohammad Tehranipoor, and Jim Plusquellic. Power supply signal calibration techniques for improving detection resolution to hardware trojans. In Proceedings of the 2008 IEEE/ACM International Conference on Computer-Aided Design, pages 632–639. IEEE Press, 2008.
  • [8] Sheng Wei and Miodrag Potkonjak. Scalable hardware trojan diagnosis. IEEE Transactions on very large scale integration (VLSI) systems, 20(6):1049–1057, 2012.
  • [9] Jie Li and John Lach. At-speed delay characterization for ic authentication and trojan horse detection. In 2008 IEEE International Workshop on Hardware-Oriented Security and Trust, pages 8–14. IEEE, 2008.
  • [10] Peilin Song, Franco Stellari, Dirk Pfeiffer, Jim Culp, Al Weger, Alyssa Bonnoit, Bob Wisnieff, and Marc Taubenblatt. Marvel—malicious alteration recognition and verification by emission of light. In 2011 IEEE International Symposium on Hardware-Oriented Security and Trust, pages 117–121. IEEE, 2011.
  • [11] Kangqiao Hu, Abdullah Nazma Nowroz, Sherief Reda, and Farinaz Koushanfar. High-sensitivity hardware trojan detection using multimodal characterization. In Proceedings of the Conference on Design, Automation and Test in Europe, pages 1271–1276. EDA Consortium, 2013.
  • [12] Abdullah Nazma Nowroz, Kangqiao Hu, Farinaz Koushanfar, and Sherief Reda. Novel techniques for high-sensitivity hardware trojan detection using thermal and power maps. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 33(12):1792–1805, 2014.
  • [13] Seetharam Narasimhan, Dongdong Du, Rajat Subhra Chakraborty, Somnath Paul, Francis G Wolff, Christos A Papachristou, Kaushik Roy, and Swarup Bhunia. Hardware trojan detection by multiple-parameter side-channel analysis. IEEE Transactions on computers, 62(11):2183–2195, 2013.
  • [14] Zheng Zhang, Tsui-Wei Weng, and Luca Daniel.

    A big-data approach to handle process variations: Uncertainty quantification by tensor recovery.

    In 2016 IEEE 20th Workshop on Signal and Power Integrity (SPI), pages 1–4. IEEE, 2016.
  • [15] Masaru Oya, Youhua Shi, Masao Yanagisawa, and Nozomu Togawa. A score-based classification method for identifying hardware-trojans at gate-level netlists. In Proceedings of the 2015 Design, Automation & Test in Europe Conference & Exhibition, pages 465–470. EDA Consortium, 2015.
  • [16] Kento Hasegawa, Masaru Oya, Masao Yanagisawa, and Nozomu Togawa.

    Hardware trojans classification for gate-level netlists based on machine learning.

    In 2016 IEEE 22nd International Symposium on On-Line Testing and Robust System Design (IOLTS), pages 203–206. IEEE, 2016.
  • [17] Kento Hasegawa, Masao Yanagisawa, and Nozomu Togawa. Hardware trojans classification for gate-level netlists using multi-layer neural networks. In 2017 IEEE 23rd International Symposium on On-Line Testing and Robust System Design (IOLTS), pages 227–232. IEEE, 2017.
  • [18] Kento Hasegawa, Masao Yanagisawa, and Nozomu Togawa.

    Trojan-feature extraction at gate-level netlists and its application to hardware-trojan detection using random forest classifier.

    In 2017 IEEE International Symposium on Circuits and Systems (ISCAS), pages 1–4. IEEE, 2017.
  • [19] Song Yao, Xiaoming Chen, Jie Zhang, Qiaoyi Liu, Jia Wang, Qiang Xu, Yu Wang, and Huazhong Yang. Fastrust: Feature analysis for third-party ip trust verification. In 2015 IEEE International Test Conference (ITC), pages 1–10. IEEE, 2015.
  • [20] Xiaoming Chen, Qiaoyi Liu, Song Yao, Jia Wang, Qiang Xu, Yu Wang, Yongpan Liu, and Huazhong Yang. Hardware trojan detection in third-party digital intellectual property cores by multilevel feature analysis. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 37(7):1370–1383, 2018.
  • [21] Hassan Salmani, Mohammad Tehranipoor, and Jim Plusquellic. A novel technique for improving hardware trojan detection and reducing trojan activation time. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 20(1):112–125, 2012.
  • [22] Adam Waksman, Matthew Suozzo, and Simha Sethumadhavan. Fanci: identification of stealthy malicious logic using boolean functional analysis. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 697–708. ACM, 2013.
  • [23] Burcin Cakir and Sharad Malik. Hardware trojan detection for gate-level ics using signal correlation based clustering. In Proceedings of the 2015 Design, Automation & Test in Europe Conference & Exhibition, pages 471–476. EDA Consortium, 2015.
  • [24] Hassan Salmani. Cotd: Reference-free hardware trojan detection and recovery based on controllability and observability in gate-level netlist. IEEE Transactions on Information Forensics and Security, 12(2):338–350, 2017.
  • [25] Haihua Shen, Huazhe Tan, Huawei Li, Feng Zhang, and Xiaowei Li. Lmdet: A “naturalness” statistical method for hardware trojan detection. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 26(4):720–732, 2018.
  • [26] Rajat Subhra Chakraborty, Somnath Paul, and Swarup Bhunia. On-demand transparency for improving hardware trojan detectability. In 2008 IEEE International Workshop on Hardware-Oriented Security and Trust, pages 48–50. IEEE, 2008.
  • [27] Francis Wolff, Chris Papachristou, Swarup Bhunia, and Rajat S Chakraborty. Towards trojan-free trusted ics: Problem analysis and detection scheme. In Proceedings of the conference on Design, automation and test in Europe, pages 1362–1365. ACM, 2008.
  • [28] Wu-Tung Cheng, Manish Sharma, Thomas Rinderknecht, Liyang Lai, and Chris Hill. Signature based diagnosis for logic bist. In 2006 IEEE International Test Conference, pages 1–9. IEEE, 2006.
  • [29] Graham Hetherington, Tony Fryars, Nagesh Tamarapalli, Mark Kassab, Abu Hassan, and Janusz Rajski. Logic bist for large industrial designs: Real issues and case studies. In International Test Conference 1999. Proceedings (IEEE Cat. No. 99CH37034), pages 358–367. IEEE, 1999.
  • [30] Hirotogu Akaike. Information theory and an extension of the maximum likelihood principle. In Selected papers of hirotugu akaike, pages 199–213. Springer, 1998.
  • [31] Wei-Tung Wang, Yi-Leh Wu, Cheng-Yuan Tang, and Maw-Kae Hor. Adaptive density-based spatial clustering of applications with noise (dbscan) according to data. In 2015 International Conference on Machine Learning and Cybernetics (ICMLC), volume 1, pages 445–451. IEEE, 2015.
  • [32] Lawrence H Goldstein and Evelyn L Thigpen. Scoap: Sandia controllability/observability analysis program. In 17th Design Automation Conference, pages 190–196. IEEE, 1980.
  • [33] Hanchuan Peng, Fuhui Long, and Chris Ding. Feature selection based on mutual information: criteria of max-dependency, max-relevance, and min-redundancy. IEEE Transactions on Pattern Analysis & Machine Intelligence, (8):1226–1238, 2005.
  • [34] Hassan Salmani, Mohammad Tehranipoor, and Ramesh Karri. On design vulnerability analysis and trust benchmarks development. In 2013 IEEE 31st international conference on computer design (ICCD), pages 471–474. IEEE, 2013.
  • [35] Lars Buitinck, Gilles Louppe, Mathieu Blondel, Fabian Pedregosa, Andreas Mueller, Olivier Grisel, Vlad Niculae, Peter Prettenhofer, Alexandre Gramfort, Jaques Grobler, Robert Layton, Jake VanderPlas, Arnaud Joly, Brian Holt, and Gaël Varoquaux. API design for machine learning software: experiences from the scikit-learn project. In ECML PKDD Workshop: Languages for Data Mining and Machine Learning, pages 108–122, 2013.