IP軟核硬件木馬圖譜特征分析檢測(cè)方法

倪林; 李霖; 張帥; 童思程; 錢楊

doi:10.11999/JEIT240219

IP軟核硬件木馬圖譜特征分析檢測(cè)方法

doi: 10.11999/JEIT240219 cstr: 32379.14.JEIT240219

倪林^{1, 3},
李霖³,
張帥^{2, 3, ,},
童思程³,
錢楊³

1.
國(guó)防科技大學(xué)電子科學(xué)學(xué)院長(zhǎng)沙 410073
2.
國(guó)防科技大學(xué)計(jì)算機(jī)學(xué)院長(zhǎng)沙 410073
3.
國(guó)防科技大學(xué)信息通信學(xué)院武漢 430035

詳細(xì)信息

作者簡(jiǎn)介:
倪林：男，博士生，講師，研究方向?yàn)橛布踩⒕W(wǎng)絡(luò)安全等

李霖：男，研究方向?yàn)橛布踩?/p>
張帥：男，博士生，講師，研究方向?yàn)橛布踩⒕W(wǎng)絡(luò)安全等

童思程：男，研究方向?yàn)橛布踩?/p>
錢楊：男，研究方向?yàn)橛布踩?/p>

通訊作者:
張帥　zhangshuai16a@nudt.edu.cn

中圖分類號(hào): TN915.08; TP309.1
計(jì)量
- 文章訪問數(shù): 216
- HTML全文瀏覽量: 132
- PDF下載量: 25
- 被引次數(shù): 0
出版歷程
- 收稿日期: 2024-03-29
- 修回日期: 2024-09-05
- 網(wǎng)絡(luò)出版日期: 2024-09-28
- 刊出日期: 2024-11-01

Graph Features Analysis and Detection Method of IP Soft Core Hardware Trojan

NI Lin^{1, 3},
LI Lin³,
ZHANG Shuai^{2, 3
, ,},
TONG Sicheng³,
QIAN Yang³

1.
College of Electronic Science and Technology, National University of Defense Technology, Changsha 410073, China
2.
College of Computer Science and Technology, National University of Defense Technology, Changsha 410073, China
3.
College of Information and Communication, National University of Defense Technology, Wuhan 430035, China

摘要

摘要: 隨著集成電路技術(shù)的飛速發(fā)展，芯片在設(shè)計(jì)、生產(chǎn)和封裝過程中，很容易被惡意植入硬件木馬邏輯，當(dāng)前IP軟核的安全檢測(cè)方法邏輯復(fù)雜、容易錯(cuò)漏且無(wú)法對(duì)加密IP軟核進(jìn)行檢測(cè)。該文利用非可控IP軟核與硬件木馬寄存器傳輸級(jí)(RTL)代碼灰度圖譜的特征差異，提出一種基于圖譜特征分析的IP軟核硬件木馬檢測(cè)方法，通過圖譜轉(zhuǎn)換和圖譜增強(qiáng)得到標(biāo)準(zhǔn)圖譜，利用紋理特征提取匹配算法實(shí)現(xiàn)硬件木馬檢測(cè)。實(shí)驗(yàn)使用設(shè)計(jì)階段被植入7類典型木馬的功能邏輯單元為實(shí)驗(yàn)對(duì)象，檢測(cè)結(jié)果顯示7類典型硬件木馬的檢測(cè)正確率均達(dá)到了90%以上，圖像增強(qiáng)后特征點(diǎn)匹配成功數(shù)量的平均增長(zhǎng)率達(dá)到了13.24%，有效提高了硬件木馬檢測(cè)的效率。
- IP軟核 /
- 硬件木馬 /
- 灰度圖譜 /
- 紋理特征 /
- 檢測(cè)算法
Abstract: With the rapid development of integrated circuit technology, chips are easily implanted with malicious hardware Trojan logic in the process of design, production and packaging. Current security detection methods for IP soft core are logically complex, prone to errors and omissions, and unable to detect encrypted IP soft core. The paper uses the feature differences of non-controllable IP soft core and hardware Trojan Register Transfer Level (RTL) code grayscale map, proposing a hardware Trojan detection method for IP soft cores based on graph feature analysis, through the map conversion and map enhancement to get the standard map, using the texture feature extraction matching algorithm to achieve hardware Trojan detection. The experimental subjects are functional logic units with seven types of typical Trojans implanted during the design phase, and the detection results show that the detection correct rate of seven types of typical hardware Trojans has reached more than 90%, and the average growth rate of the number of successful feature point matches after the image enhancement has reached 13.24%, effectively improving the effectiveness of hardware Trojan detection.
- IP soft core /
- Hardware Trojan /
- Grayscale map /
- Texture feature /
- Detection algorithm

HTML全文

圖 1 IP軟核硬件木馬檢測(cè)流程

下載: 全尺寸圖片幻燈片

圖 2 硬件木馬圖譜庫(kù)生成流程

下載: 全尺寸圖片幻燈片

圖 3 同一圖像進(jìn)行圖像增強(qiáng)前后對(duì)比

下載: 全尺寸圖片幻燈片

圖 4 硬件木馬圖譜圖像增強(qiáng)前后對(duì)比圖

下載: 全尺寸圖片幻燈片

圖 5 成功匹配特征點(diǎn)的圖譜紋理特征檢測(cè)

下載: 全尺寸圖片幻燈片

圖 6 圖像增強(qiáng)前后的圖譜特征匹配結(jié)果

下載: 全尺寸圖片幻燈片

圖 7 不同分辨率下木馬圖譜特征點(diǎn)總數(shù)

下載: 全尺寸圖片幻燈片

圖 8 硬件木馬圖譜紋理特征匹配檢測(cè)結(jié)果

下載: 全尺寸圖片幻燈片

圖 9 B19-T100硬件木馬與含PIC16F84-T100樣本的匹配檢測(cè)結(jié)果

下載: 全尺寸圖片幻燈片

圖 10 B19-T100硬件木馬與含B19-T100樣本的匹配檢測(cè)結(jié)果

下載: 全尺寸圖片幻燈片

表 1 7種硬件木馬分類原理特點(diǎn)對(duì)照表

	插入階段	抽象層次	激活機(jī)制	效果	物理特性
B19-T100	設(shè)計(jì)階段	門級(jí)	基于內(nèi)部時(shí)間的觸發(fā)	改變功能	緊密、功能性、布局相同
PIC16F84-T100	設(shè)計(jì)階段	寄存器傳輸級(jí)別	內(nèi)部條件觸發(fā)	服務(wù)拒絕	功能性
s35932-T100	設(shè)計(jì)階段	門級(jí)	內(nèi)部條件觸發(fā)	改變功能，泄露信息	功能性
AES-T100	設(shè)計(jì)階段	寄存器傳輸級(jí)別	始終激活	泄露信息	功能性
wb_conmax-T100	設(shè)計(jì)階段	門級(jí)	內(nèi)部條件觸發(fā)	改變功能，拒絕服務(wù)	功能性
BasicRSA-T100	設(shè)計(jì)階段	寄存器傳輸級(jí)別	外部用戶輸入觸發(fā)	泄露信息	功能性
RS232-T100	設(shè)計(jì)階段	寄存器傳輸級(jí)別	內(nèi)部條件觸發(fā)	拒絕服務(wù)	功能性

下載: 導(dǎo)出CSV

表 2 7種木馬圖譜圖像增強(qiáng)前后的圖譜特征提取匹配結(jié)果

木馬類型	圖像增強(qiáng)前		圖像增強(qiáng)后
木馬類型	特征點(diǎn)總數(shù)	匹配成功的數(shù)量	特征點(diǎn)總數(shù)	匹配成功的數(shù)量
B19-T100	46	44	50	48
PIC16F84-T100	6	6	6	6
s35932-T100	40	37	41	39
AES-T100	22	22	25	25
wb_conmax-T100	10	7	13	11
BasicRSA-T100	63	49	65	51
RS232-T100	51	30	52	31

下載: 導(dǎo)出CSV

表 3 BasicRSA-T100在寬度為25不同高度下的匹配結(jié)果

	25	50	75	100	125	150	175	200
特征點(diǎn)總數(shù)	54	62	62	65	68	68	68	68
匹配成功的數(shù)量	27	37	47	51	61	52	52	52
匹配成功率(%)	50.00	59.68	75.81	78.46	89.71	76.47	76.47	76.47

下載: 導(dǎo)出CSV

表 4 BasicRSA-T100在高度為100不同寬度下的匹配結(jié)果

	25	50	75	100	125	150	175	200
特征點(diǎn)總數(shù)	65	60	81	80	80	80	80	80
匹配成功的數(shù)量	51	44	65	67	67	67	67	67
匹配成功率(%)	78.46	73.33	80.25	83.75	83.75	83.75	83.75	83.75

下載: 導(dǎo)出CSV

參考文獻(xiàn)(16)

[1]	楊達(dá)明, 黃姣英, 高成. 工藝偏差影響下硬件木馬檢測(cè)功率分析方法[J]. 計(jì)算機(jī)工程與應(yīng)用, 2018, 54(24): 1–5,45. doi: 10.3778/j.issn.1002-8331.1810-0197. YANG Daming, HUANG Jiaoying, and GAO Cheng. Power analysis method of hardware Trojan detection considering process variation[J]. Computer Engineering and Applications, 2018, 54(24): 1–5,45. doi: 10.3778/j.issn.1002-8331.1810-0197.
[2]	劉志強(qiáng), 張銘津, 池源, 等. 一種深度學(xué)習(xí)的硬件木馬檢測(cè)算法[J]. 西安電子科技大學(xué)學(xué)報(bào), 2019, 46(6): 37–45. doi: 10.19665/j.issn1001-2400.2019.06.006. LIU Zhiqiang, ZHANG Mingjin, CHI Yuan, et al. Hardware Trojan detection algorithm based on deep learning[J]. Journal of Xidian University, 2019, 46(6): 37–45. doi: 10.19665/j.issn1001-2400.2019.06.006.
[3]	成祥, 李磊, 程偉. 基于RTL級(jí)硬件木馬的檢測(cè)方法[J]. 微電子學(xué)與計(jì)算機(jī), 2017, 34(3): 56–60. doi: 10.19304/j.cnki.issn1000-7180.2017.03.012. CHENG Xiang, LI Lei, and CHENG Wei. A detection method of hardware Trojans based on RTL[J]. Microelectronics & Computer, 2017, 34(3): 56–60. doi: 10.19304/j.cnki.issn1000-7180.2017.03.012.
[4]	SANKAR V and NIRMALA DEVI M. Efficient hardware Trojan detection using generic feature extraction and weighted ensemble method[C]. The ICACIT 2021 on Advanced Computing and Intelligent Technologies, Singapore, Singapore, 2022: 165–181. doi: 10.1007/978-981-16-2164-2_14.
[5]	謝俊, 周慧忠, 厲小燕, 等. 基于旁路分析的集成電路芯片硬件木馬檢測(cè)分析[J]. 電子技術(shù)與軟件工程, 2022(18): 112–115. XIE Jun, ZHOU Huizhong, LI Xiaoyan, et al. Hardware Trojan detection and analysis of integrated circuit chips based on bypass analysis[J]. Electronic Technology and Software Engineering, 2022(18): 112–115.
[6]	徐皓, 易茂祥, 金禮玉, 等. 電路分區(qū)自比較的硬件木馬檢測(cè)方法[J]. 合肥工業(yè)大學(xué)學(xué)報(bào): 自然科學(xué)版, 2022, 45(12): 1630–1636. doi: 10.3969/j.issn.1003-5060.2022.12.007. XU Hao, YI Maoxiang, JIN Liyu, et al. Hardware Trojan detection method based on circuit partition self-comparison[J]. Journal of Hefei University of Technology: Natural Science, 2022, 45(12): 1630–1636. doi: 10.3969/j.issn.1003-5060.2022.12.007.
[7]	趙毅強(qiáng), 李博文, 馬浩誠(chéng), 等. 基于混合特征分析的硬件木馬檢測(cè)方法[J]. 華中科技大學(xué)學(xué)報(bào): 自然科學(xué)版, 2021, 49(5): 1–6. doi: 10.13245/j.hust.210501. ZHAO Yiqiang, LI Bowen, MA Haocheng, et al. Hardware Trojan detection method based on combined features analysis[J]. Journal of Huazhong University of Science and Technology: Natural Science Edition, 2021, 49(5): 1–6. doi: 10.13245/j.hust.210501.
[8]	JOSE F, PRIYATHARISHINI M, and NIRMALA DEVI M. Hardware Trojan detection using deep learning-generative adversarial network and stacked auto encoder neural networks[C]. The ICT Analysis and Applications, Singapore, Singapore, 2022: 203–210. doi: 10.1007/978-981-16-5655-2_19.
[9]	李林源, 徐金甫, 嚴(yán)迎建, 等. 基于多維特征的門級(jí)硬件木馬檢測(cè)技術(shù)[J]. 計(jì)算機(jī)工程與應(yīng)用, 2023, 59(18): 278–284. doi: 10.3778/j.issn.1002-8331.2206-0101. LI Linyuan, XU Jinfu, YAN Yingjian, et al. Hardware Trojan detection for gate-level netlists based on multidimensional features[J]. Computer Engineering and Applications, 2023, 59(18): 278–284. doi: 10.3778/j.issn.1002-8331.2206-0101.
[10]	楊歡, 李海明. MLDet: 基于結(jié)構(gòu)特征和XGBoost的硬件木馬檢測(cè)方法[J]. 計(jì)算機(jī)應(yīng)用與軟件, 2023, 40(11): 302–307. doi: 10.3969/j.issn.1000-386x.2023.11.045. YANG Huan and LI Haiming. MLDet: Hardware Trojan detection method based on structural features and XGBoost[J]. Computer Applications and Software, 2023, 40(11): 302–307. doi: 10.3969/j.issn.1000-386x.2023.11.045.
[11]	史江義, 溫聰, 劉鴻瑾, 等. 基于圖神經(jīng)網(wǎng)絡(luò)的門級(jí)硬件木馬檢測(cè)方法[J]. 電子與信息學(xué)報(bào), 2023, 45(9): 3253–3262. doi: 10.11999/JEIT221201. SHI Jiangyi, WEN Cong, LIU Hongjin, et al. Hardware Trojan detection for gate-level netlists based on graph neural network[J]. Journal of Electronics & Information Technology, 2023, 45(9): 3253–3262. doi: 10.11999/JEIT221201.
[12]	PAN Zhixin and MISHRA P. Hardware Trojan detection using side -channel analysis[M]. PAN Zhixin and MISHRA P. Explainable AI for Cybersecurity. Cham: Springer, 2023: 123–140. doi: 10.1007/978-3-031-46479-9_6.
[13]	JYOTHI V and RAJENDRAN J. Hardware Trojan attacks in FPGA and protection approaches[M]. BHUNIA S and TEHRANIPOOR M. The Hardware Trojan War: Attacks, Myths, and Defenses. Cham: Springer, 2018: 345–368. doi: 10.1007/978-3-319-68511-3_14.
[14]	ABDELLATIF K M, CORNESSE C, FOURNIER J, et al. New partitioning approach for hardware Trojan detection using side-channel measurements[C]. Proceedings of the 12th International Symposium on Applied Reconfigurable Computing, Mangaratiba, Brazil, 2016: 171–182. doi: 10.1007/978-3-319-30481-6_14.
[15]	VINOD G, RAMESH S R, and NIRMALA DEVI M. Simulation based hardware Trojan detection using path delay analysis[M]. RANGANATHAN G, FERNANDO X, and ROCHA á. Inventive Communication and Computational Technologies. Singapore: Springer, 2022: 853–863. doi: 10.1007/978-981-19-4960-9_64.
[16]	NOZAWA K, HASEGAWA K, HIDANO S, et al. Adversarial examples for hardware-Trojan detection at gate-level netlists[C]. Proceedings of the ESORICS 2019 International Workshops, CyberICPS, SECPRE, SPOSE, and ADIoT on Computer Security, Luxembourg City, Luxembourg, 2020: 341–359. doi: 10.1007/978-3-030-42048-2_22.