Adaptive real-time Trojan detection framework through machine learning

Abstract

Hardware Trojans inserted at the time of design or fabrication by untrustworthy design house or foundry, poses important security concerns. With the increase in attacker's resources and capabilities, we can anticipate an unexpected new attack from the attacker at run-time. Therefore, the challenge is not only to reduce hardware overhead of added security feature but also to secure design from new attacks introduced at real-time. In this work, we propose a Real-time Online Learning approach for Securing many-core design. In order to prevent unexpected attacks, many-core provides feed-back to online learning algorithm based on core information and its behavior to incoming data packet. The proposed Online Learning approach updates the model run-time at each data transfer based on feed-back from many-core. For demonstration, Online Machine Learning model is initially trained with two types of (known) attacks and Trojan free router packets and then unexpected attack is introduced later at run-time. The results show that, feedback based Online Machine Learning algorithm has 8% higher overall detection accuracy and an average of 3% higher accuracy for unexpected attacks at each interval of 1000 test records than Supervised Machine Learning algorithms. The proposed feed-back based Trojan detection framework is demonstrated using a custom many-core architecture integrated with “Modified Balanced Winnow” Online Machine Learning algorithm on Xilinx Virtex-7 FPGA. Post place and route implementation results show that, secured many-core architecture requires 4 extra cycles to complete data transfer. The proposed architecture achieves 56% reduction in area and 50% less latency overhead as compared to previous published work [1]. Furthermore, we evaluate our framework for many-core platform by employing seizure detection application as a case study.