WEKO3
アイテム
Generating Adversarial Examples for Hardware-Trojan Detection at Gate-Level Netlists
https://ipsj.ixsq.nii.ac.jp/records/210362
https://ipsj.ixsq.nii.ac.jp/records/210362373510ab-c7a3-4f6c-b7a8-72ddc82ba1b0
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-JNL6203019.pdf (632.9 kB)
|
Copyright (c) 2021 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | Journal(1) | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 公開日 | 2021-03-15 | |||||||||||||||||
| タイトル | ||||||||||||||||||
| タイトル | Generating Adversarial Examples for Hardware-Trojan Detection at Gate-Level Netlists | |||||||||||||||||
| タイトル | ||||||||||||||||||
| 言語 | en | |||||||||||||||||
| タイトル | Generating Adversarial Examples for Hardware-Trojan Detection at Gate-Level Netlists | |||||||||||||||||
| 言語 | ||||||||||||||||||
| 言語 | eng | |||||||||||||||||
| キーワード | ||||||||||||||||||
| 主題Scheme | Other | |||||||||||||||||
| 主題 | [特集:組込みシステム工学] hardware Trojan, netlist, logic gate, machine learning, adversarial example | |||||||||||||||||
| 資源タイプ | ||||||||||||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||||||||||||
| 資源タイプ | journal article | |||||||||||||||||
| 著者所属 | ||||||||||||||||||
| 値 | Dept. Computer Science and Communications Engineering, Waseda University | |||||||||||||||||
| 著者所属 | ||||||||||||||||||
| 値 | Dept. Computer Science and Communications Engineering, Waseda University | |||||||||||||||||
| 著者所属 | ||||||||||||||||||
| 値 | KDDI Research, Inc. | |||||||||||||||||
| 著者所属 | ||||||||||||||||||
| 値 | KDDI Research, Inc. | |||||||||||||||||
| 著者所属 | ||||||||||||||||||
| 値 | Research Innovation Center, Waseda University | |||||||||||||||||
| 著者所属 | ||||||||||||||||||
| 値 | Dept. Computer Science and Communications Engineering, Waseda University | |||||||||||||||||
| 著者所属(英) | ||||||||||||||||||
| 言語 | en | |||||||||||||||||
| 値 | Dept. Computer Science and Communications Engineering, Waseda University | |||||||||||||||||
| 著者所属(英) | ||||||||||||||||||
| 言語 | en | |||||||||||||||||
| 値 | Dept. Computer Science and Communications Engineering, Waseda University | |||||||||||||||||
| 著者所属(英) | ||||||||||||||||||
| 言語 | en | |||||||||||||||||
| 値 | KDDI Research, Inc. | |||||||||||||||||
| 著者所属(英) | ||||||||||||||||||
| 言語 | en | |||||||||||||||||
| 値 | KDDI Research, Inc. | |||||||||||||||||
| 著者所属(英) | ||||||||||||||||||
| 言語 | en | |||||||||||||||||
| 値 | Research Innovation Center, Waseda University | |||||||||||||||||
| 著者所属(英) | ||||||||||||||||||
| 言語 | en | |||||||||||||||||
| 値 | Dept. Computer Science and Communications Engineering, Waseda University | |||||||||||||||||
| 著者名 |
Kohei, Nozawa
× Kohei, Nozawa
× Kento, Hasegawa
× Seira, Hidano
× Shinsaku, Kiyomoto
× Kazuo, Hashimoto
× Nozomu, Togawa
|
|||||||||||||||||
| 著者名(英) |
Kohei, Nozawa
× Kohei, Nozawa
× Kento, Hasegawa
× Seira, Hidano
× Shinsaku, Kiyomoto
× Kazuo, Hashimoto
× Nozomu, Togawa
|
|||||||||||||||||
| 論文抄録 | ||||||||||||||||||
| 内容記述タイプ | Other | |||||||||||||||||
| 内容記述 | Recently, the great demand for integrated circuits (ICs) drives third parties to be involved in IC design and manufacturing steps. At the same time, the threat of injecting a malicious circuit, called a hardware Trojan, by third parties has been increasing. Machine learning is one of the powerful solutions for detecting hardware Trojans. However, a weakness of such a machine-learning-based classification method against adversarial examples (AEs) has been reported, which causes misclassification by adding perturbation in input samples. This paper firstly proposes a framework generating adversarial examples for hardware-Trojan detection at gate-level netlists utilizing neural networks. The proposed framework replaces hardware Trojan circuits with logically equivalent ones, and makes it difficult to detect them. Secondly, we propose a Trojan-net concealment degree (TCD) and a modification evaluating value (MEV) as measures of the amount of modifications. Finally, based on the MEV, we pick up adversarial modification patterns to apply to the circuits against hardware-Trojan detection. The experimental results using benchmarks demonstrate that the proposed framework successfully decreases the true positive rate (TPR) by a maximum of 30.15 points. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.29(2021) (online) DOI http://dx.doi.org/10.2197/ipsjjip.29.236 ------------------------------ |
|||||||||||||||||
| 論文抄録(英) | ||||||||||||||||||
| 内容記述タイプ | Other | |||||||||||||||||
| 内容記述 | Recently, the great demand for integrated circuits (ICs) drives third parties to be involved in IC design and manufacturing steps. At the same time, the threat of injecting a malicious circuit, called a hardware Trojan, by third parties has been increasing. Machine learning is one of the powerful solutions for detecting hardware Trojans. However, a weakness of such a machine-learning-based classification method against adversarial examples (AEs) has been reported, which causes misclassification by adding perturbation in input samples. This paper firstly proposes a framework generating adversarial examples for hardware-Trojan detection at gate-level netlists utilizing neural networks. The proposed framework replaces hardware Trojan circuits with logically equivalent ones, and makes it difficult to detect them. Secondly, we propose a Trojan-net concealment degree (TCD) and a modification evaluating value (MEV) as measures of the amount of modifications. Finally, based on the MEV, we pick up adversarial modification patterns to apply to the circuits against hardware-Trojan detection. The experimental results using benchmarks demonstrate that the proposed framework successfully decreases the true positive rate (TPR) by a maximum of 30.15 points. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.29(2021) (online) DOI http://dx.doi.org/10.2197/ipsjjip.29.236 ------------------------------ |
|||||||||||||||||
| 書誌レコードID | ||||||||||||||||||
| 収録物識別子タイプ | NCID | |||||||||||||||||
| 収録物識別子 | AN00116647 | |||||||||||||||||
| 書誌情報 |
情報処理学会論文誌 巻 62, 号 3, 発行日 2021-03-15 |
|||||||||||||||||
| ISSN | ||||||||||||||||||
| 収録物識別子タイプ | ISSN | |||||||||||||||||
| 収録物識別子 | 1882-7764 | |||||||||||||||||
