Next Article in Journal
Recent Progress in Fabrication and Physical Properties of 2D TMDC-Based Multilayered Vertical Heterostructures
Previous Article in Journal
High-Level Design Optimizations for Implementing Data Stream Sketch Frequency Estimators on FPGAs
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Electronics
Volume 11
Issue 15
10.3390/electronics11152400
electronics-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles thumb_up
...
Endorse textsms
...
Comment
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

A Deep Learning Method Based on the Attention Mechanism for Hardware Trojan Detection

by
Wenjing Tang
1,
Jing Su
1,*,
Jiaji He
2 and
Yuchan Gao
1
1
School of Artificial Intelligence, Tianjin University of Science and Technology, Tianjin 300457, China
2
School of Microelectronics, Tianjin University, Tianjin 300072, China
*
Author to whom correspondence should be addressed.
Electronics 2022, 11(15), 2400; https://doi.org/10.3390/electronics11152400
Submission received: 5 June 2022 / Revised: 28 July 2022 / Accepted: 28 July 2022 / Published: 31 July 2022
(This article belongs to the Section Circuit and Signal Processing)
Browse Figures
Review Reports Versions Notes

Abstract

:
The chip manufacturing of integrated circuits requires the participation of multiple parties, which greatly increases the possibility of hardware Trojan insertion and poses a significant threat to the entire hardware device landing; however, traditional hardware Trojan detection methods require gold chips, so the detection cost is relatively high. The attention mechanism can extract data with more adequate features, which can enhance the expressiveness of the network. This paper combines an attention module with a multilayer perceptron and convolutional neural network for hardware Trojan detection based on side-channel information, and evaluates the detection results by implementing specific experiments. The results show that the proposed method significantly outperforms machine learning classification methods and network-related methods, such as SVM and KNN, in terms of accuracy, precision, recall, and F1 value. In addition, the proposed method is effective in detecting data containing one or multiple hardware Trojans, and shows high sensitivity to the size of datasets.

1. Introduction

With the advancement in today’s technology, both simple appliances in daily life and precision instruments in the military and industrial fields are trying to achieve higher application values by inserting better performance chips [1]. Since ICs manufactured by third-party companies have tremendous advantages in terms of manufacturing costs and time to market, many foundries have emerged, making the design, manufacturing, packaging, and testing stages of ICs separate from each other [2]. A hardware Trojan refers to the intentional modification of an original circuit or the implantation of dangerous codes by an attacker during the designing and manufacturing of an integrated circuit chip. A hardware Trojan causes a circuit chip to have redundant circuits that do not belong to the function of the chip, such that its circuit has some uncontrollable behaviors, such as destroying the original circuit logic structure of the underlying chip and modifying the parameters. Hardware Trojans have the characteristics of destructiveness, latency, mutability, and parasitism [3,4]. Once a hardware Trojan attacks an IC, it can lead to device function and performance changes, the leakage of sensitive information, and even system paralysis, which can seriously threaten production life [5].
The production chain of modern chip circuits is shown in Figure 1 [6]. The first and most crucial step in IC design is the specification. The requirements analysis of the chip and the definition of the product specifications are conducted to determine the overall direction of the design to ensure that the design of the chip will not include any mistakes, and so that there will not be the need to spend extra time modifying it. Subsequently, a hardware description language (HDL) is used to describe the circuit, and the specification is converted into the behavior level of the circuit. The commonly used HDL is Verilog, VHDL, etc. Next, a computer converts the HDL code into a logic circuit and the behavior level into a logic gate design. Following this, the synthesized code is put into another EDA tool for circuit layout and winding. Finally, a digital graphics database system (GDSII) is provided to the foundry for IC development so that the presilicon manufacturing stage is completed. The postsilicon stage includes three steps: factory manufacturing, chip packaging testing, and market entry [7,8,9,10,11,12]. The production process involves several third-party foundries, significantly increasing the risk of hardware Trojan insertion, and chip circuit security detection is urgent.
There have been various studies carried out to date to attempt to overcome the HT problem. Rongzhen Bian et al. [13] used unsupervised clustering algorithms to identify hardware Trojans, which gather structural data from a collection of unlabeled ICs and then separate the suspect ICs from the test ICs. Kyle Worley et al. [14] objectively compared four supervised machine learning techniques (FPR) to increase the accuracy and decrease the false positive rate. Using unlabeled manufactured ICs and imprecise simulation models, Mingfu Xue et al. [15] offered a cotraining-based hardware Trojan detection system that trains two classification algorithms using simulated ICs. Hau Sim Choo et al. [16] proposed utilizing machine learning and features to detect RTL Trojans using four branching-statement-related characteristics. The identification approach can categorize a branch as either a Trojan branch or a regular branch. Tomotaka Inoue et al. [17] generated six different types of hardware Trojans at the gate-level netlist level and used an approach based on a neural network (NN) to detect them. Antonios Pavlidis et al. [18] proposed a runtime monitoring approach for HT attack methods that impact the analog and mixed-signal (AMS) parts of an integrated circuit, which can identify different HT assaults.
The attention mechanism calculates the difference in the importance of each piece of input information, allocates computing resources according to their importance, uses the execution effect to reverse the information weight update, and finally completes the task efficiently and accurately [19]. In recent years, the attention mechanism has been widely used in deep learning, such as in fault detection, target detection, face recognition, text classification, and so on, and has achieved excellent results.
In order to extract the compelling features of side-channel information, improve the detection accuracy, and at the same time reduce the network model parameters, this paper proposes a deep learning method based on the attention mechanism for hardware Trojan detection. By analyzing the obtained side-channel information and improving the two different neural network models, the attention mechanism is introduced to further improve the network discrimination ability and achieve higher-precision detection tasks. This paper’s method validation experiments were carried out based on collected side-channel datasets. The results show that, compared with other machine learning methods and network-related methods, the accuracy, precision, recall, and F1 value of this method are improved. In addition, it also has high accuracy when dealing with multiclassification tasks.
The organizational structure of this paper is as follows: the second part is the background, the third part introduces the hardware Trojan detection method proposed in this paper, the fourth part is the analysis of the algorithm flow, the fifth part is the analysis of the experimental results, and the sixth part is the conclusion.

2. Background

2.1. Hardware Trojan Architecture

The hardware Trojan mentioned in this paper consists of two parts—a trigger and a payload [20]—and its structure is shown in Figure 2. The function of the trigger is to activate the load circuit to run. If the activation conditions do not meet its specific requirements, the load circuit cannot work in a dormant state. If the requirements are met, the load circuit is activated [21]. The function of the load circuit is a specific attack on the original circuit after the Trojan is activated, that is, the function module of the hardware Trojan [22].

2.2. Hardware Trojan Detection Technology

Hardware Trojan detection methods can be divided into presilicon and postsilicon detection, according to different stages [23]. Detection methods in the presilicon stage include formal verification, functional verification, and coding/structure analysis, whereas detection methods in the postsilicon stage include reverse engineering, logic testing, and side-channel analysis [24]. Specific methods are as follows:

2.2.1. Presilicon Detection

  • Formal Verification
Formal verification is an automated checking method that catches many common design errors and finds ambiguities in the design. The authors of [25] present a fully automated formal verification approach to detect the presence of hardware Trojans in a third-party behavioral IP (3PBIP), in the absence of a golden reference IP, using some advanced HLS tools, including formal verification tools to detect malicious modifications made to a 3PIP. The authors of [26] concentrate on formal hardware Trojan detection in the design phase and emphasize highlighting the application of verification techniques to abstract and formalize Trojan designs into mathematical structures, as well as using reachability analysis and equivalence checks to detect the presence or absence of hardware Trojans.
  • Functional Verification
The principle concept of functional verification is the same as that of logic testing described in postsilicon technology. Logic testing is performed on a tester and requires the collection of output responses for each input pattern, whereas functional verification is performed by a simulation using existing functional testing techniques [27].
  • Coding/Structure Analysis
The authors of [28] proposed a classification method based on Unused Circuit Identification (UCI), a hybrid hardware and software method that separates suspicious circuits at runtime and compensates for UCI classifier errors—BlueChip. UCI marks new circuits (circuits that are not activated by design verification tests) as suspicious circuits. The BlueChip exception handling software is responsible for simulating the overall behavior of the hardware to allow the system to be used properly.

2.2.2. Postsilicon Detection

  • Reverse Engineering
Reverse engineering, also known as failure analysis, is a violently irreversible physical testing method. By sampling some of the products from the same batch of test chips, the sampled products are dissected in layers from the bottom up [29]. The purpose of dissection is to obtain specific layout information, such that the logical structure of the circuit can be analyzed. The circuit design structure obtained after the dissection of the sample is compared with the original design file to determine whether they are identical [30].
  • Logic Testing
Logic testing is performed on the digital logic layer of the IC. It focuses on detecting and activating hardware Trojans by generating guided test vectors and comparing the raw output generated by these vectors with the desired output [31]. This method can detect the presence of the Trojan and know the type of the structure of the Trojan as well as the area where it is implanted [32].
  • Side-Channel Analysis
Side-channel information is the external physical characteristics revealed due to the operation of the circuit and commonly includes time consumption information, power consumption information, and electromagnetic information [33]. In the same experimental setting, the original circuit generates a set of inherent physical characteristic information when it operates. Similarly, the additional physical information generated by the hardware Trojan module will differ from the side-channel information of the original circuit. By comparing this difference, it is possible to distinguish whether the circuit contains a hardware Trojan [34,35]. Given the advantages of its high accuracy, high speed, and low price, side-channel analysis is gradually becoming the main direction of hardware Trojan detection research.

2.3. Attention Mechanism

The attention mechanism borrows from the signal processing mechanism of the human brain by quickly scanning all features, obtaining the feature categories that need to be focused on, and assigning the corresponding attention weights according to the criticality of the feature categories, such that the brain can use limited resources to process huge amounts of information [36]. In simple terms, the attention mechanism will focus more on the focused regions by reducing the attention level in some regions to obtain more important information. Its application in convolutional neural networks is reflected in generating differences in the importance of each piece of input information [37]. The prominent role of the attention mechanism is to effectively fuse the side-channel information collected by the sensors by suppressing the information that is not related to the Trojan and highlighting the information that is closely associated with the Trojan information. The principle of the attention module implementation is shown in Figure 3.

3. Hardware Trojan Detection Model

3.1. MLP-Attention Detection Model

A multilayer perceptron, also known as an artificial neural network and a deep feedforward network, is the most fundamental class of deep learning models, with broad applications in recognition and prediction problems [38,39]. It consists of three parts: an input layer, one or more hidden layers, and an output layer. The number of hidden layers can be single or multiple layers, and the layers are connected, utilizing full connectivity. The input layer is responsible for receiving input information, and the output of the previous layer continues to be used as the input of the next layer for passing information between them progressively until the output layer outputs the target result [40].
The hardware Trojan detection model proposed in this paper, based on MLP-Attention, adds the attention mechanism between the input layer and the first hidden layer, which obtains more critical features and improves the efficiency of hardware Trojan detection. As shown in Figure 4, the MLP-Attention network structure includes an input layer, multiple hidden layers, and an output layer. The layers are connected in the same fully connected way. First, the training data are fed into the input layer of MLP-Attention to obtain the attention distribution of the input data and the importance of each feature. For this layer, we set the number of the units to three. Then, the attention distribution from the first layer is stitched with the product of the input data to obtain the intermediate data with the attention influence factor. These data are then processed again by the intermediate hidden layer and then to the final output layer for classification prediction. For the first middle layer, we set the number of the units to 20. For the second middle layer, we set the number of the units to 50. For the output layer, we set the number of the units to 2 or more. The detection of hardware Trojans is a binary classification problem, so we use the softmax activation function in the last output layer to obtain the probability of Trojan insertion, and the expression of softmax is as follows:
s o f t m a x ( η i ) = e η i j = 1 k e η j
The probability sum of the classifications is one. The output result with the Trojan insertion circuit is one, and, conversely, the output result without the Trojan insertion circuit is zero. After 50 iterations, the model reaches the convergence state. Finally, in the testing phase, we input the test set into the previously trained MLP-Attention model for hardware Trojan classification detection and obtain the final detection results.

3.2. CNN-Attention Detection Model

The convolutional neural network is the first multilayer neural network structure learning algorithm, including an input layer, convolutional layer, pooling layer, fully connected layer, and output layer, as well as multilayer cooperation to build a deep learning framework [41]. Convolutional neural networks can be used to analyze network data through the construction of learning networks, which can identify and process data parameters to meet the comprehensive needs of data analysis and information processing [42].
The CNN-Attention-based hardware Trojan detection model proposed in this paper is shown in Figure 5. The input layer receives data. After obtaining the side-channel input information, three convolutional layers are used to extract the side-channel information features. The activation function used in each convolutional layer is the ReLU activation function, and the stride is two. A pooling layer follows each convolutional layer to filter the extracted side-channel information and the useless features. The pooling function of the pooling layer is usually set to reduce the dimensionality of the convolutional output and make the data compact. The pooling layer chosen for this method is the highest pooling layer, which is used to reduce the estimated mean bias caused by errors in the training process of the convolutional layers. After the convolution and pooling layers, we add the attention module to give higher weights to the more important feature information to extract side-channel information better. We use the softmax function to activate the output data of the third convolution layer and multiply it by itself to obtain more attention information. A fully connected layer follows the attention module. Finally, the probability of the presence or absence of a Trojan insertion is obtained using the softmax activation function. For multiple Trojans, the total classification probability is still one. In the training process, the number of iterations is set to 80, and the model parameters are shown in Table 1.

4. Hardware Trojan Detection Flow

The specific flow of the proposed deep learning method based on the attention mechanism for hardware Trojan detection is shown in Figure 6, and the implementation steps are as follows:
  • Step 1: Data Acquisition Stage
Collecting raw side-channel information data and normalizing it using a side-channel information collection device. The normalized data are divided into a labeled training set and an unlabeled test set in a ratio of 7:3. The training set is used for model training, and the test set is used for the subsequent testing of the model’s performance.
  • Step 2: Model Training Stage
The maximum number of iterations, epoch values, and weights in the loss function are set empirically to initialize the parameters of the neural network and attention layers. Input the training set data, calculate the classification loss, and update the weights as well as bias parameters layer-by-layer by using backpropagation. Repeat the above steps until the maximum number of iterations is reached to stop training and obtain the trained classification model.
  • Step 3: Hardware Trojan Detection Stage
Input the test-set data of the chip to be tested, use the trained classification model to classify and judge them, and detect whether the chip contains a hardware Trojan.

5. Results

5.1. Experimental Environment

The experiments in this paper use a Windows 10 operating system. The processor is an Intel(R) Core(TM) i7-5557U CPU @ 3.10 GHz. The memory is 8.0 GB. The engineering software is Pycharm, using the deep learning framework Tensorflow to build an MLP-Attention model and a CNN-Attention model; the machine learning library Sklearn is used to build the comparison experiments.

5.2. Data Acquisition and Preprocessing

This paper is based on a field-programmable gate array (FPGA) detection platform to obtain experimental data. The side-channel information collection system [43,44] has a SAKURA-G FPGA board specially designed for research and development on side-channel security analysis. Both power and electromagnetic radiation are collected using an oscilloscope. Then, the collected data are transferred to a PC and stored in a CSV format for further analysis.
The Trojan circuit is first implanted into the original circuit in the data acquisition process. Then, this circuit is transplanted into the FPGA chip, and the process of running the circuit causes the Trojan to be activated. The chip to be tested is the core component of the system. In the acquisition test, the probe end should be made as close as possible to the FPGA chip in this position, and the oscilloscope should be used to display and store the side-channel data generated during the operation of the circuit in real time according to the set sampling frequency. The format of the side-channel information is then converted to obtain the original input parameters required for preprocessing.

5.3. Experimental Results and Analysis

In order to further analyze the classification performance of the proposed method, we compare the classification results of the current mainstream machine learning classification methods for the dataset used in the experiments [45].
Table 2 discloses the methods in this paper and the six machine learning methods used for comparison, along with their corresponding abbreviations. The parameters of the machine learning models in the experiments are shown in Table 3.
In order to verify the effectiveness of the attention module, this paper embeds the fully connected neural network and deep convolutional neural network as the base network, respectively, into the attention module and conducts comparative experiments on the dataset. In this paper, we use the MLP-Att and CNN-Att classification methods in addition to several machine learning classification methods to process the dichotomous classification task, and count the classification results to determine whether the experimental data contain hardware Trojans. Table 4 shows the accuracy, precision, recall, and F1 value of hardware Trojan detection using different classification algorithms.
As can be seen from Table 4, the accuracy, precision, recall, and F1 value of the hardware Trojan detection method with the attention mechanism are significantly better than those of several other machine learning methods. In addition, the experiments show that the improved MLP-Att and CNN-Att methods both have higher detection effects than the base network, which proves the effectiveness of the improved method in this paper.
We extend the experimental data from one class to multiple ones to further evaluate the performance of the proposed method in this paper for multi classification problems. Specifically, we combine four different types of Trojan data with each other and then classify them using the MLP-Att and CNN-Att classification methods. Table 5 and Table 6 are the classification results of the two methods, where 1-2 indicates that the dataset includes two types of Trojan data: Trojan 1 and Trojan 2; 1-2-3 indicates that the dataset includes three types of Trojan data: Trojan 1, Trojan 2, and Trojan 3; and 1-2-3-4 indicates that the dataset includes four types of Trojan data: Trojan 1, Trojan 2, Trojan 3, and Trojan 4.
From Table 5, it can be seen that the proposed MLP-Att method has the highest accuracy and precision on the dataset containing Trojan 1 and Trojan 3; the lowest accuracy and precision on the dataset containing Trojan 2, Trojan 3, and Trojan 4; the highest recall on the dataset containing Trojan 2, Trojan 3, and Trojan 4; the lowest recall on the dataset containing Trojan 1 and Trojan 4; the highest F1 value on the dataset containing Trojan 1 and Trojan 3; and the lowest F1 value on the dataset containing Trojan 1 and Trojan 4.
From Table 6, it can be seen that the proposed CNN-Att method has the highest accuracy and precision on the dataset containing Trojan 1, Trojan 3, and Trojan 4; the lowest accuracy on the dataset containing Trojan 2 and Trojan 4; the lowest precision on the dataset containing Trojan 2 and Trojan 3; the highest recall and F1 value on the dataset containing Trojan 1, Trojan 2, and Trojan 3; and the lowest recall and F1 value on the dataset containing Trojan 1 and Trojan 4.
Combining Table 5 with Table 6, the deep learning method based on the attention mechanism for hardware Trojan detection gives better performance on each mixed dataset, further proving the effectiveness of this method.
In addition, a sensitivity analysis experiment of dataset size and model performance was conducted to observe the influence of different numbers of training sets on the model’s detection accuracy. It can be seen from Figure 7 that, with the increase in the training set data, the detection accuracy of all of the models is improved to a certain extent, and that the CNN-Att model is the most sensitive to the size of the data, with a detection accuracy difference of 60.8%.
As shown in Table 7, this paper also makes a comparison with network-related methods. The same dataset that was used in the experiment in this paper was used in all comparative experiments. Additionally, it is seen to be the case that, compared with the literature [46,47,48], the proposed detection model improves the detection accuracy effectively.

6. Conclusions

Hardware Trojan detection is essential for the manufacturing and safe use of IC chips. In this paper, we propose a deep learning method based on the attention mechanism for hardware Trojan detection in a multilayer perceptron and convolutional neural network to verify the impact of this method on hardware Trojan classification performance. The experiments show that, compared with other machine learning classification methods and network-related methods, the proposed method in this paper has significantly improved detection accuracy, precision, recall, and F1 value, and is also applicable to multiclassification tasks. However, the improved method proposed in this paper has a significant time overhead in finding the optimal parameters and requires relatively high hardware computing power, memory bandwidth, and data storage. The detection cost is magnified to some extent. In later work, we will further analyze the characteristics of the experimental data, explore more available information on the existing bases, reduce the detection costs in many aspects, and further improve the generality of the hardware Trojan detection method.

Author Contributions

Conceptualization, W.T.; methodology, W.T. and J.S.; software, W.T.; validation, W.T. and J.S.; formal analysis, W.T.; resources, J.S.; data curation, J.H.; writing—original draft preparation, W.T.; writing—review and editing, W.T., J.S., and Y.G.; funding acquisition, J.S. All authors have read and agreed to the published version of the manuscript.

Funding

This work was supported by the Natural Science Foundation of Tianjin (No. 19JCYBJC15300).

Data Availability Statement

The data presented in this study are available on request from the corresponding author.

Conflicts of Interest

The authors declare no conflict of interest.

References

  1. Basak, A.; Bhunia, S.; Tkacik, T.; Ray, S. Security Assurance for System-on-Chip Designs with Untrusted IPs. IEEE Trans. Inf. Forensics Secur. 2017, 12, 1515–1528. [Google Scholar] [CrossRef]
  2. Gundabolu, S.; Wang, X. On-chip Data Security Against Untrustworthy Software and Hardware IPs in Embedded Systems. In Proceedings of the 2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI), Hong Kong, China, 8–11 July 2018; pp. 644–649. [Google Scholar] [CrossRef]
  3. Yang, Y.; Ye, J.; Cao, Y.; Zhang, J.; Li, X.; Li, H.; Hu, Y. Survey: Hardware Trojan Detection for Netlist. In Proceedings of the 2020 IEEE 29th Asian Test Symposium (ATS), Penang, Malaysia, 23–26 November 2020; pp. 1–6. [Google Scholar] [CrossRef]
  4. Mal-Sarkar, S.; Karam, R.; Narasimhan, S.; Ghosh, A.; Krishna, A.; Bhunia, S. Design and Validation for FPGA Trust under Hardware Trojan Attacks. IEEE Trans. Multi-Scale Comput. Syst. 2016, 2, 186–198. [Google Scholar] [CrossRef] [Green Version]
  5. Li, H.; Liu, Q.; Zhang, J. A survey of hardware Trojan threat and defense. Integration 2016, 55, 426–437. [Google Scholar] [CrossRef]
  6. Huang, Z.; Wang, Q.; Chen, Y.; Jiang, X. A Survey on Machine Learning Against Hardware Trojan Attacks: Recent Advances and Challenges. IEEE Access 2020, 8, 10796–10826. [Google Scholar] [CrossRef]
  7. Malik, S.; Subramanyan, P. Invited-Specification and modeling for systems-on-chip security verification. In Proceedings of the 53rd Annual Design Automation Conference; Association for Computing Machinery: New York, NY, USA, 2016; pp. 1–6. [Google Scholar] [CrossRef]
  8. Huang, X.; Liu, G.; Guo, W.; Niu, Y.; Chen, G. Obstacle-Avoiding Algorithm in X-Architecture Based on Discrete Particle Swarm Optimization for VLSI Design. ACM Trans. Des. Autom. Electron. Syst. 2015, 20, 1–28. [Google Scholar] [CrossRef]
  9. Dong, C.; He, G.; Liu, X.; Yang, Y.; Guo, W. A Multi-Layer Hardware Trojan Protection Framework for IoT Chips. IEEE Access 2019, 7, 23628–23639. [Google Scholar] [CrossRef]
  10. Sterpone, L.; Violante, M. A new reliability-oriented place and route algorithm for SRAM-based FPGAs. IEEE Trans. Comput. 2006, 55, 732–744. [Google Scholar] [CrossRef]
  11. Lu, J.; Taskin, B. From RTL to GDSII: An ASIC design course development using Synopsys® University Program. In Proceedings of the 2011 IEEE International Conference on Microelectronic Systems Education, San Diego, CA, USA, 5–6 June 2011; pp. 72–75. [Google Scholar] [CrossRef]
  12. Mitra, S.; Seshia, S.A.; Nicolici, N. Post-silicon validation opportunities, challenges and recent advances. In Proceedings of the Design Automation Conference, Anaheim, CA, USA, 13–18 June 2010; pp. 12–17. [Google Scholar] [CrossRef] [Green Version]
  13. Bian, R.; Xue, M.; Wang, J. A Novel Golden Models-Free Hardware Trojan Detection Technique Using Unsupervised Clustering Analysis. In International Conference on Cloud Computing and Security; Springer: Cham, Switzerland, 2018; pp. 634–646. [Google Scholar] [CrossRef]
  14. Worley, K.; Rahman, T. Supervised Machine Learning Techniques for Trojan Detection with Ring Oscillator Network. In Proceedings of the 2019 SoutheastCon, Huntsville, AL, USA, 11–14 April 2019; pp. 1–7. [Google Scholar] [CrossRef] [Green Version]
  15. Xue, M.; Bian, R.; Wang, J.; Liu, W. A Co-training Based Hardware Trojan Detection Technique by Exploiting Unlabeled ICs and Inaccurate Simulation Models. In Proceedings of the 2018 17th IEEE International Conference on Trust, Security and Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), New York, NY, USA, 1–3 August 2018; pp. 1452–1457. [Google Scholar] [CrossRef]
  16. Choo, H.S.; Ooi, C.Y.; Inoue, M.; Ismail, N.; Moghbel, M.; Kok, C.H. Register-Transfer-Level Features for Machine-Learning-Based Hardware Trojan Detection. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 2020, E103.A, 502–509. [Google Scholar] [CrossRef]
  17. Inoue, T.; Hasegawa, K.; Kobayashi, Y.; Yanagisawa, M.; Togawa, N. Designing Subspecies of Hardware Trojans and Their Detection Using Neural Network Approach. In Proceedings of the 2018 IEEE 8th International Conference on Consumer Electronics-Berlin (ICCE-Berlin), Berlin, Germany, 2–5 September 2018; pp. 1–4. [Google Scholar] [CrossRef]
  18. Pavlidis, A.; Faehn, E.; Louerat, M.-M.; Stratigopoulos, H.-G. Run-Time Hardware Trojan Detection in Analog and Mixed-Signal ICs. In Proceedings of the 40th IEEE VLSI Test Symposium 2022, San Diego, CA, USA, 25–27 April 2022; pp. 1–8. [Google Scholar] [CrossRef]
  19. Niu, Z.; Zhong, G.; Yu, H. A review on the attention mechanism of deep learning. Neurocomputing 2021, 452, 48–62. [Google Scholar] [CrossRef]
  20. Jin, Y.; Kupp, N.; Makris, Y. Experiences in Hardware Trojan design and implementation. In Proceedings of the 2009 IEEE International Workshop on Hardware-Oriented Security and Trust, San Francisco, CA, USA, 27 July 2009; pp. 50–57. [Google Scholar] [CrossRef]
  21. Baumgarten, A.; Steffen, M.; Clausman, M.; Zambreno, J. A case study in hardware Trojan design and implementation. Int. J. Inf. Secur. 2010, 10, 1–14. [Google Scholar] [CrossRef]
  22. Bhasin, S.; Danger, J.-L.; Guilley, S.; Ngo, X.T.; Sauvage, L. Hardware Trojan Horses in Cryptographic IP Cores. In Proceedings of the 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography, Los Alamitos, CA, USA, 20 August 2013; pp. 15–29. [Google Scholar] [CrossRef] [Green Version]
  23. Dong, C.; Liu, Y.; Chen, J.; Liu, X.; Guo, W.; Chen, Y. An Unsupervised Detection Approach for Hardware Trojans. IEEE Access 2020, 8, 158169–158183. [Google Scholar] [CrossRef]
  24. Saravanan, P.; Mehtre, B.M. A Novel Approach to Detect Hardware Malware Using Hamming Weight Model and One Class Support Vector Machine. In VLSI Design and Test. VDAT 2018. Communications in Computer and Information Science; Rajaram, S., Balamurugan, N., Gracia Nirmala Rani, D., Singh, V., Eds.; Springer: Singapore, 2019; Volume 892, pp. 159–172. [Google Scholar] [CrossRef]
  25. Veeranna, N.; Schafer, B.C. Hardware Trojan Detection in Behavioral Intellectual Properties (IP’s) Using Property Checking Techniques. IEEE Trans. Emerg. Top. Comput. 2016, 5, 576–585. [Google Scholar] [CrossRef]
  26. Rathmair, M.; Schupfer, F.; Krieg, C. Applied formal methods for hardware Trojan detection. In Proceedings of the 2014 IEEE International Symposium on Circuits and Systems (ISCAS), Melbourne, VIC, Australia, 1–5 June 2014; pp. 169–172. [Google Scholar] [CrossRef]
  27. Xiao, K.; Forte, D.; Jin, Y.; Karri, R.; Bhunia, S.; Tehranipoor, M.M. Hardware Trojans: Lessons learned after one decade of research. ACM Trans. Des. Autom. Electron. Syst. 2016, 22, 1–23. [Google Scholar] [CrossRef]
  28. Zhang, X.; Tehranipoor, M. RON: An on-chip ring oscillator network for hardware Trojan detection. In Proceedings of the 2011 Design, Automation & Test in Europe, Grenoble, France, 14–18 March 2011; pp. 1–6. [Google Scholar] [CrossRef]
  29. Torrance, R.; James, D. The State-of-the-Art in IC Reverse Engineering. In Cryptographic Hardware and Embedded Systems-CHES 2009; Lecture Notes in Computer, Science; Clavier, C., Gaj, K., Eds.; Springer: Berlin/Heidelberg, Germany, 2009; Volume 5747, pp. 363–381. [Google Scholar] [CrossRef] [Green Version]
  30. Bao, C.; Forte, D.; Srivastava, A. On Reverse Engineering-Based Hardware Trojan Detection. IEEE Trans. Comput. Des. Integr. Circuits Syst. 2015, 35, 49–57. [Google Scholar] [CrossRef]
  31. Bazzazi, A.; Shalmani, M.T.M.; Hemmatyar, A.M.A. Hardware Trojan Detection Based on Logical Testing. J. Electron. Test. 2017, 33, 381–395. [Google Scholar] [CrossRef]
  32. Nourian, M.A.; Fazeli, M.; Hely, D. Hardware Trojan Detection Using an Advised Genetic Algorithm Based Logic Testing. J. Electron. Test. 2018, 34, 461–470. [Google Scholar] [CrossRef]
  33. Du, D.; Narasimhan, S.; Chakraborty, R.S.; Bhunia, S. Self-referencing: A Scalable Side-Channel Approach for Hardware Trojan Detection. In International Workshop on Cryptographic Hardware and Embedded Systems; CHES, 2010; Lecture Notes in Computer, Science; Mangard, S., Standaert, F.X., Eds.; Springer: Berlin/Heidelberg, Germany, 2010; Volume 6225, pp. 173–187. [Google Scholar] [CrossRef]
  34. Narasimhan, S.; Du, D.; Chakraborty, R.S.; Paul, S.; Wolff, F.G.; Papachristou, C.A.; Roy, K.; Bhunia, S. Hardware Trojan Detection by Multiple-Parameter Side-Channel Analysis. IEEE Trans. Comput. 2012, 62, 2183–2195. [Google Scholar] [CrossRef]
  35. Huang, Y.; Bhunia, S.; Mishra, P. Scalable Test Generation for Trojan Detection Using Side Channel Analysis. IEEE Trans. Inf. Forensics Secur. 2018, 13, 2746–2760. [Google Scholar] [CrossRef]
  36. Li, X.; Zhang, W.; Ding, Q. Understanding and improving deep learning-based rolling bearing fault diagnosis with attention mechanism. Signal Process. 2019, 161, 136–154. [Google Scholar] [CrossRef]
  37. Lashgari, E.; Ott, J.; Connelly, A.; Baldi, P.; Maoz, U. An end-to-end CNN with attentional mechanism applied to raw EEG in a BCI classification task. J. Neural Eng. 2021, 18, 0460e3. [Google Scholar] [CrossRef]
  38. Kruse, R.; Mostaghim, S.; Borgelt, C.; Braune, C.; Steinbrecher, M. Multi-layer Perceptrons. In Computational Intelligence; Texts in Computer Science; Springer: Cham, Switzerland, 2022; pp. 53–124. [Google Scholar] [CrossRef]
  39. Alsmadi, M.K.; Bin Omar, K.; Noah, S.A.; Almarashdah, I. Performance Comparison of Multi-layer Perceptron (Back Propagation, Delta Rule and Perceptron) algorithms in Neural Networks. In Proceedings of the 2009 IEEE International Advance Computing Conference, Patiala, India, 6–7 March 2009; pp. 296–299. [Google Scholar] [CrossRef]
  40. Hasegawa, K.; Yanagisawa, M.; Togawa, N. Empirical Evaluation and Optimization of Hardware-Trojan Classification for Gate-Level Netlists Based on Multi-Layer Neural Networks. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 2018, E101.A, 2320–2326. [Google Scholar] [CrossRef]
  41. O’Shea, K.; Nash, R. An introduction to convolutional neural networks. arXiv 2015, arXiv:1511.08458. [Google Scholar] [CrossRef]
  42. Yamashita, R.; Nishio, M.; Do, R.K.G.; Togashi, K. Convolutional neural networks: An overview and application in radiology. Insights Into Imaging 2018, 9, 611–629. [Google Scholar] [CrossRef] [PubMed] [Green Version]
  43. He, J.; Ma, H.; Liu, Y.; Zhao, Y. Golden Chip-Free Trojan Detection Leveraging Trojan Trigger’s Side-Channel Fingerprinting. ACM Trans. Embed. Comput. Syst. 2021, 20, 1–18. [Google Scholar] [CrossRef]
  44. He, J.; Zhao, Y.; Guo, X.; Jin, Y. Hardware Trojan Detection Through Chip-Free Electromagnetic Side-Channel Statistical Analysis. IEEE Trans. Very Large Scale Integr. Syst. 2017, 25, 2939–2948. [Google Scholar] [CrossRef]
  45. Machine Learning Techniques for Hardware Trojan Detection. Available online: https://github.com/Kkalais/Hardware-Trojan-Detection (accessed on 24 September 2020).
  46. Madden, K.; Harkin, J.; McDaid, L.; Nugent, C. Adding Security to Networks-on-Chip using Neural Networks. In Proceedings of the 2018 IEEE Symposium Series on Computational Intelligence (SSCI), Bangalore, India, 18–21 November 2018; pp. 1299–1306. [Google Scholar] [CrossRef]
  47. Reshma, K.; Priyatharishini, M.; Devi, M.N. Hardware Trojan Detection Using Deep Learning Technique. In Soft Computing and Signal Processing; Advances in Intelligent Systems and, Computing; Wang, J., Reddy, G., Prasad, V., Reddy, V., Eds.; Springer: Singapore, 2019; Volume 898, pp. 671–680. [Google Scholar] [CrossRef]
  48. Hu, T.; Dian, S.; Jiang, R. Hardware Trojan detection based on long short-term memory neural network. Comput. Eng. 2020, 46, 110–115. [Google Scholar] [CrossRef]
Electronics 11 02400 g001 550
Figure 1. The production chain of modern chip circuits.
Figure 1. The production chain of modern chip circuits.
Electronics 11 02400 g001
Electronics 11 02400 g002 550
Figure 2. Hardware Trojan structure.
Figure 2. Hardware Trojan structure.
Electronics 11 02400 g002
Electronics 11 02400 g003 550
Figure 3. Attention module schematic.
Figure 3. Attention module schematic.
Electronics 11 02400 g003
Electronics 11 02400 g004 550
Figure 4. Network structure of MLP-Attention.
Figure 4. Network structure of MLP-Attention.
Electronics 11 02400 g004
Electronics 11 02400 g005 550
Figure 5. Network structure of CNN-Attention.
Figure 5. Network structure of CNN-Attention.
Electronics 11 02400 g005
Electronics 11 02400 g006 550
Figure 6. Hardware Trojan detection process based on the attention network.
Figure 6. Hardware Trojan detection process based on the attention network.
Electronics 11 02400 g006
Electronics 11 02400 g007 550
Figure 7. Sensitivity analysis of data size and model performance.
Figure 7. Sensitivity analysis of data size and model performance.
Electronics 11 02400 g007
Table
Table 1. Hyperparameter selection.
Table 1. Hyperparameter selection.
HyperparameterValue
Epoch80
Learning_rate0.001
Filters116
Kernel_size18
Filters264
Kernel_size24
Filters3256
Kernel_size34
Dropout_rate0.3
Dense_units128
Output_units2
Table
Table 2. Acronym for different classification methods.
Table 2. Acronym for different classification methods.
AcronymDefinition
CNNConvolutional neural network
CNN-AttCNN-Attention
GBGradient boosting
KNNK-nearest neighbors
LRLogistic regression
MLPMultilayer perceptron
MLP-AttMLP-Attention
RFRandom forest
SVMSupport vector machine
Table
Table 3. Model parameters of different classification models.
Table 3. Model parameters of different classification models.
Model NameModel Parameters
GBNumber of decision trees6
Learning rate0.1
KNNNumber of neighbors8
Distance measureED 1
LRNumber of decision trees6
Learning rate0.1
RFMax depth of tree10
Number of decision trees10
1 ED is Euclidean distance.
Table
Table 4. Classification results of different classification methods.
Table 4. Classification results of different classification methods.
Model NameAccuracy (%)Precision (%)Recall (%)F1 Score (%)
CNN80.3181.2080.7780.93
CNN-Att85.1785.5085.3684.22
GB68.0966.9463.2263.28
KNN66.5566.0762.4862.43
LR63.7962.8857.3655.21
MLP76.0875.9069.8672.63
MLI-Att84.8785.1384.8784.89
RF68.2166.8063.8064.01
SVM62.4660.0054.6951.44
Table
Table 5. Classification results of different datasets with MLP-Att.
Table 5. Classification results of different datasets with MLP-Att.
Mix of TrojanAccuracy (%)Precision (%)Recall (%)F1 Score (%)
1-284.3282.3585.2583.77
1-385.3285.6186.1285.71
1-482.1182.6781.7680.05
2-384.2083.2382.9382.77
2-484.1684.4984.2281.65
3-484.3683.7882.6782.91
1-2-384.5383.1687.7885.41
1-2-484.1783.5586.2984.90
1-3-484.3684.6386.0385.32
2-3-481.2581.2589.3285.09
1-2-3-482.6882.1084.5683.34
Table
Table 6. Classification results of different datasets with CNN-Att.
Table 6. Classification results of different datasets with CNN-Att.
Model NameAccuracy (%)Precision (%)Recall (%)F1 Score (%)
1-284.5084.3184.2281.87
1-385.2085.9983.2983.79
1-482.1582.0680.5879.80
2-382.3181.4485.3683.36
2-482.0282.3482.8082.46
3-483.9583.1283.0583.09
1-2-384.5786.0192.4387.62
1-2-485.6882.7485.3085.45
1-3-487.5287.3884.2785.80
2-3-486.2786.8487.0386.94
1-2-3-483.7383.3382.6082.97
Table
Table 7. Classification results of network-related methods.
Table 7. Classification results of network-related methods.
Model NameAccuracy (%)Precision (%)Recall (%)F1 Score (%)
CNN-Att85.1785.5085.3684.22
MLI-Att84.8785.1384.8784.89
[46]74.0175.3372.0677.84
[47]81.8579.8279.2980.46
[48]84.7981.9980.0679.52
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Share and Cite

MDPI and ACS Style

Tang, W.; Su, J.; He, J.; Gao, Y. A Deep Learning Method Based on the Attention Mechanism for Hardware Trojan Detection. Electronics 2022, 11, 2400. https://doi.org/10.3390/electronics11152400

AMA Style

Tang W, Su J, He J, Gao Y. A Deep Learning Method Based on the Attention Mechanism for Hardware Trojan Detection. Electronics. 2022; 11(15):2400. https://doi.org/10.3390/electronics11152400

Chicago/Turabian Style

Tang, Wenjing, Jing Su, Jiaji He, and Yuchan Gao. 2022. "A Deep Learning Method Based on the Attention Mechanism for Hardware Trojan Detection" Electronics 11, no. 15: 2400. https://doi.org/10.3390/electronics11152400

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop