An Efficient Framework with Node Filtering and Load Expansion for Machine-Learning-Based Hardware Trojan Detection

Round 1

Reviewer 1 Report

Better but not enough

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Reviewer 2 Report

The manuscript deals with a hardware Trojan detection method based on machine learning techniques. The topic is traditional but its solution and approach have a novelty. The abstract and introduction are well-written and -structured. Research background and motivations are properly described. However, the manuscript is poorly organized. For example, the manuscript roadmap (last part of the introduction) is wrongly written. All the figures and tables must be cited in the manuscript. The realistic hardware Trojan scenarios can be added, not just describing the hardware Trojan detection mechanism, with an example. There is an algorithm for subgraph matching, but no algorithms/pseudocodes are provided for machine learning methods. Moreover, the core development section (Section 3) is too general and delivers no direct knowledge in the field. It seems like utilizing existing machine learning methods for the dataset. Thus, contributions can be void. I recommend revising the section. For results, the authors should describe insights and implications, not just describing the result itself. The source codes should be uploaded to Github in addition to datasets. More recent references and scientific representations are required. For this matter, I recommend consulting a manuscript editing service. In summary, the manuscript is incomplete and requires extensive revisions.

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Round 2

Reviewer 1 Report

The paper still contains fails to explain fundamental concepts, such as the used features in the HT detection captureing, what gate-level and load expanded stand for, netlists, or what the trojan attack intends. New paragraphs do not carry any essential update nor presentation quality improvement.

Author Response

Please see the attachment.

Author Response File: Author Response.docx

Reviewer 2 Report

The authors revised the manuscript based on the previous review.

Thus, I recommend the manuscript for publication.

Author Response

Thanks for your recognition of our work.

This manuscript is a resubmission of an earlier submission. The following is a list of the peer review reports and author responses from that submission.

Round 1

Reviewer 1 Report

Topic is hot. I expected more technical approach instead of design/library validation. HT appliaction occurs somewhere bweteen design and device delivery. Design validation by another design available is trivial. Technology independent design level does not say nothing on device functionality, parameters, yield. Design accuracy if fully dependent on library model accuracy. I suggest fundamental paper review and focus on HT detectability for particular HT implementations/cases. I would appeciate such procedure reliability/effectiveness analysis for a sample microcontroller implementation in digital or mixed periphery module implementation. I would appreciate HT detection for prototyped device arriving from IC foundry.

Reviewer 2 Report

In a world that is growing digital every day and cyber threats are increasing and becoming more impactful, this work focuses on improving performance, solving data imbalance in an anomaly detection environment, as well as coping with unknown threats that current methods fail to propose a solution.

Despite showing essential concerns, this work fails to explain fundamental concepts, such as the used features in the HT detection and what it should capture, what gate-level and load expanded stand for, netlists, or what the trojan attack intends. Furthermore, although minor, the text could use some proofreading to clarify some sentences.

Abstract

The work netlists are present in the keywords, but it is not stated in the text. It is missing a final sentence with the most important contributions.

Introduction

In this section, all concepts that characterize the environment or the proposed framework must be stated and explained so that the impact and coverage of this work are clear. Furthermore, the model description is unclear and insufficient. The last sentence of this section should appear either after the model description or after the contribution as proof of concept.

Trojan detection framework

In the sampling strategy described before, the methodology is stated in undersampling. However, in this section, it is reported that the dangerous nodes are filtered to balance the dataset. Are dangerous nodes the threats in this setup?

It mentions that the features and model are selected according to the actual scenario. However, this requires further comments.

The data or features used to train or describe the dynamics must be explained.

The machine learning subsection makes it clear how these methods are introduced in the proposed framework. Is it applied on top of node filtering and load expansion? What are the training and testing datasets? Are the first two methods used to classify instances?

Summary and conclusion

This section does not have enough information. Topics such as further directions, what could be improved, and contributions and results that should be considered in other approaches should be discussed