CN110752928B - APUF based on confusion incentive design and method for realizing machine learning attack resistance - Google Patents
APUF based on confusion incentive design and method for realizing machine learning attack resistance Download PDFInfo
- Publication number
- CN110752928B CN110752928B CN201910844265.2A CN201910844265A CN110752928B CN 110752928 B CN110752928 B CN 110752928B CN 201910844265 A CN201910844265 A CN 201910844265A CN 110752928 B CN110752928 B CN 110752928B
- Authority
- CN
- China
- Prior art keywords
- excitation
- original excitation
- stimulus
- original
- exchanged
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000010801 machine learning Methods 0.000 title claims abstract description 35
- 238000000034 method Methods 0.000 title claims abstract description 18
- 238000013461 design Methods 0.000 title claims abstract description 10
- 230000005284 excitation Effects 0.000 claims abstract description 102
- 230000004044 response Effects 0.000 claims abstract description 28
- 238000012795 verification Methods 0.000 claims abstract description 7
- 239000000126 substance Substances 0.000 claims description 8
- 230000003044 adaptive effect Effects 0.000 claims 2
- 238000012549 training Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 4
- 238000011084 recovery Methods 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000002474 experimental method Methods 0.000 description 2
- 238000007477 logistic regression Methods 0.000 description 2
- 238000004088 simulation Methods 0.000 description 2
- XUIMIQQOPSSXEZ-UHFFFAOYSA-N Silicon Chemical compound [Si] XUIMIQQOPSSXEZ-UHFFFAOYSA-N 0.000 description 1
- 239000000654 additive Substances 0.000 description 1
- 230000000996 additive effect Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000012907 on board imaging Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 229910052710 silicon Inorganic materials 0.000 description 1
- 239000010703 silicon Substances 0.000 description 1
- 238000013179 statistical model Methods 0.000 description 1
- 230000004936 stimulating effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
- H04L9/3278—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
Abstract
The invention provides a method for realizing machine learning attack resistance by APUF based on confusion incentive design, which comprises the following steps that the APUF receives confusion incentive generated by a server; the APUF restores the received confusion excitation into the original excitation, generates a corresponding response, and further sends the generated response to the server for identity verification to resist machine learning attack; the confusion incentive is obtained by representing the original incentive by binary bits and exchanging bit positions on the original incentive according to a preset rule. By implementing the invention, the direct connection between the excitation and the response is mixed up under the condition of not changing the structure and the characteristics of the APUF, thereby realizing the resistance to the machine learning attack.
Description
Technical Field
The invention relates to the technical field of information security, in particular to an APUF based on confusion excitation design and a method for realizing machine learning attack resistance.
Background
Physical Unclonable Functions (PUFs) have become lightweight security primitives for current resource-constrained devices. The arbiter PUF (apuf) is typically a strong PUF. However, the conventional APUF is composed of a series of additive linear delay models, such as wires, inverters and multiplexers, and is vulnerable to Machine Learning Attacks (Machine Learning Attacks) when mathematical modeling is performed, so that the security of the APUF circuit has been one of the key points of PUF research.
Currently, modeling attacks against PUFs have also met with some success, among which Machine Learning (ML) attacks are the most effective way to model an APUF circuit with a precision that exceeds the stability of the actual circuit design. In this method, a set of actual stimulus response pairs (CRPs) is first collected as a training set for training the model, and then the trained model can predict the response to the new stimulus.
To combat ML attacks, several solutions have been proposed in some literature. For example, in documents of PUF modeling attacks based on simulation data and silicon data, which are proposed by scholars such as Ruhrmair U, Solter J and Sehnke F, some different nonlinear structures are introduced, so that the hardware complexity of the APUF is increased, but the reliability of the APUF is greatly reduced, and the protection effect is not obvious. Also, at the expense of reliability, the prediction rate can be reduced to some extent by using a multi-APUF design with a mixture of weak PUFs and strong PUFs, as described in a frequency ordering algorithm based on a statistical model of the dynamic ring oscillator physical unclonable function proposed by Miskely J, Gu C Y and Ma Q, et al. Another strategy to resist ML attacks is to develop special communication protocols, but the protocol standards are not uniform. As another example, the document "PUF-based reliable self-correcting local authentication" proposes a new method of changing the structure of an APUF using a Finite State Machine (FSM), but does not perform an actual security analysis on it.
However, several solutions proposed in the above documents to resist ML attacks either change the structure of the APUF but cannot perform actual security analysis, or increase the hardware complexity of the APUF but greatly reduce the reliability of the APUF.
Disclosure of Invention
The technical problem to be solved by the embodiments of the present invention is to provide an APUF based on confusion incentive design and a method for implementing machine learning attack resistance, which can implement machine learning attack resistance by directly associating confusion incentive and response without changing the structure and characteristics of the APUF.
In order to solve the technical problem, an embodiment of the present invention provides a method for implementing machine learning attack resistance based on an APUF designed by confusing stimuli, where the method includes the following steps:
the APUF receives confusion excitation generated by a server;
the APUF restores the received confusion excitation to the original excitation, generates a corresponding response, and further sends the generated response to the server for identity verification to resist machine learning attack; the confusing excitation is obtained by exchanging bit positions on the original excitation according to a predetermined rule after the original excitation is represented by binary bits.
Wherein, theThe total bit length of the original excitation is n, including p with the bit length of (n-4)/41~p4Part and bit length fixed to 4 p5A moiety; wherein the content of the first and second substances,
when p of the original excitation5When the part is 0000 or 1000, p is1p2p3p4p5The original excitation formed is exchanged to obtain P2P1P4P3P5(ii) a formed confounding stimulus;
when p of the original excitation5When the moiety is 0001 or 1001, then from p1p2p3p4p5The original excitation formed is exchanged to obtain P2P3P4P1P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0010 or 1010, p is substituted1p2p3p4p5The original excitation formed is exchanged to obtain P2P4P4P1P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0011 or 1011, p is1p2p3p4p5The original excitation formed is exchanged to obtain P3P1P4P2P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0100 or 1100, p is1p2p3p4p5The original excitation formed is exchanged to obtain P3P4P1P2P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0101 or 1101, then p is1p2p3p4p5The original excitation formed is exchanged to obtain P3P4P2P1P5(ii) a formed confounding stimulus;
when the original laser is excitedOf (p)5When part is 0110 or 1110, p is1p2p3p4p5The original excitation formed is exchanged to obtain P4P1P2P3P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0111 or 1111, p is1p2p3p4p5The original excitation formed is exchanged to obtain P4P3P1P2P5The resulting confusing stimulus.
The embodiment of the invention also provides an APUF designed based on confusion excitation, which comprises a receiving unit and a response unit: wherein the content of the first and second substances,
the receiving unit is used for APUF to receive confusion excitation generated by the server;
the response unit is used for generating a corresponding response after the APUF recovers the received confusion stimulus to the original stimulus, and further sending the generated response to the server for identity verification so as to resist machine learning attacks; the confusing excitation is obtained by exchanging bit positions on the original excitation according to a predetermined rule after the original excitation is represented by binary bits.
Wherein the total bit length of the original excitation is n, and p with the bit length of (n-4)/4 is included1~p4Part and bit length fixed to 4 p5A moiety; wherein the content of the first and second substances,
when p of the original excitation5When the part is 0000 or 1000, p is1p2p3p4p5The original excitation formed is exchanged to obtain P2P1P4P3P5(ii) a formed confounding stimulus;
when p of the original excitation5When the moiety is 0001 or 1001, then from p1p2p3p4p5The original excitation formed is exchanged to obtain P2P3P4P1P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0010 or 1010, p is substituted1p2p3p4p5The original excitation formed is exchanged to obtain P2P4P4P1P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0011 or 1011, p is1p2p3p4p5The original excitation formed is exchanged to obtain P3P1P4P2P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0100 or 1100, p is1p2p3p4p5The original excitation formed is exchanged to obtain P3P4P1P2P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0101 or 1101, then p is1p2p3p4p5The original excitation formed is exchanged to obtain P3P4P2P1P5(ii) a formed confounding stimulus;
when p of the original excitation5When part is 0110 or 1110, p is1p2p3p4p5The original excitation formed is exchanged to obtain P4P1P2P3P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0111 or 1111, p is1p2p3p4p5The original excitation formed is exchanged to obtain P4P3P1P2P5The resulting confusing stimulus.
The embodiment of the invention has the following beneficial effects:
1. the invention adopts the bit positions in the original excitation to be exchanged according to the preset rule, thereby achieving the purpose of confusion, and leading the direct connection between the confusion excitation and the response to resist the machine learning attack;
2. the present invention retains the unclonability of APUF with little increase in hardware complexity while still maintaining a high level of security.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is within the scope of the present invention for a person skilled in the art to obtain other drawings based on the drawings without any creative efforts.
Fig. 1 is a flowchart of a method for implementing an APUF designed based on confusion excitation to resist a machine learning attack according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of an original excitation in an application scenario of a method for implementing an anti-machine learning attack method based on an APUF designed by a confusion excitation according to an embodiment of the present invention;
fig. 3 is a schematic system structure diagram of an APUF designed based on aliasing excitation according to an embodiment of the present invention;
fig. 4 is a graph comparing machine learning attack length of 32 and 64 bit APUF and OC-APUF.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the accompanying drawings.
As shown in fig. 1, in an embodiment of the present invention, a method for implementing machine learning attack resistance of an APUF is provided, where the method includes the following steps:
step S1, APUF receives confusion excitation generated by the server;
step S2, the APUF generates a corresponding response after recovering the received confusion stimulus to the original stimulus, and further sends the generated response to the server for authentication to defend against machine learning attacks; the confusing excitation is obtained by exchanging bit positions on the original excitation according to a predetermined rule after the original excitation is represented by binary bits.
Specifically, in step S1, the original stimulus C is converted into a confusion stimulus C by using a preset stimulus confusion circuit on the serverOBAnd sent to the APUF for reception.
In step S2, the confusion stimulus COBSent to the APUF, the original stimulus C must be recovered by a stimulus recovery circuit before a corresponding response generated by the APUF can be sent to the server for identity verification, and the confusing stimulus design can prevent an adversary from successfully constructing a circuit model to resist ML attacks.
It should be noted that the excitation garbled circuit and the excitation recovery circuit are very similar in structure and each consists of four multiplexers, each with the same control signal. This means that only a small number of gates are required to perform the functions of stimulating aliasing and recovery. Therefore, the light weight performance of the APUF is effectively guaranteed.
In the embodiment of the present invention, as shown in fig. 2, the original excitation C is divided into five parts, and the total bit length of the original excitation is n, including p with the bit length of (n-4)/41~p4Part and bit length fixed to 4 p5And (4) partial. Of course, the original excitation C may be divided differently in different systems.
In FIG. 2, in holding P5The front four parts p are unchanged1~p4According to P5Is changed. For example, there are 9 alignment methods in total for the purpose of making each part different from the original position. Of which 8 are chosen for simplicity, the confusing stimulus COBFrom P5Last three-bit determination of (P)5Is temporarily not used, or is used for other later expansion, specifically as follows:
when p is originally excited5When the part is 0000 or 1000, p is1p2p3p4p5The formed original excitation is exchanged to obtain P2P1P4P3P5(ii) a formed confounding stimulus;
when p is originally excited5When the moiety is 0001 or 1001, then from p1p2p3p4p5The formed original excitation is exchanged to obtain P2P3P4P1P5(ii) a formed confounding stimulus;
when p is originally excited5When the part is 0010 or 1010, p is substituted1p2p3p4p5The formed original excitation is exchanged to obtain P2P4P4P1P5(ii) a formed confounding stimulus;
when p is originally excited5When the part is 0011 or 1011, p is1p2p3p4p5The formed original excitation is exchanged to obtain P3P1P4P2P5(ii) a formed confounding stimulus;
when p is originally excited5When the part is 0100 or 1100, p is1p2p3p4p5The formed original excitation is exchanged to obtain P3P4P1P2P5(ii) a formed confounding stimulus;
when p is originally excited5When the part is 0101 or 1101, then p is1p2p3p4p5The formed original excitation is exchanged to obtain P3P4P2P1P5(ii) a formed confounding stimulus;
when p is originally excited5When part is 0110 or 1110, p is1p2p3p4p5The formed original excitation is exchanged to obtain P4P1P2P3P5(ii) a formed confounding stimulus;
when p is originally excited5Part is 0111 or1111 hour(s), then p1p2p3p4p5The formed original excitation is exchanged to obtain P4P3P1P2P5The resulting confusing stimulus.
The above can be seen in table 1:
TABLE 1
P5 | COB | |
1 | 0000,1000 | P2P1P4P3P5 |
2 | 0001,1001 | P2P3P4P1P5 |
3 | 0010,1010 | P2P4P1P3P5 |
4 | 0011,1011 | P3P1P4P2P5 |
5 | 0100,1100 | P3P4P1P2P5 |
6 | 0101,1101 | P3P4P2P1P5 |
7 | 0110,1110 | P4P1P2P3P5 |
8 | 0111,1111 | P4P3P1P2P5 |
As shown in fig. 3, an APUF designed based on aliasing excitation according to an embodiment of the present invention includes a receiving unit 10 and a response unit 20: wherein the content of the first and second substances,
the receiving unit 10 is used for the APUF to receive the confusion excitation generated by the server;
the response unit 20 is configured to, after the APUF recovers the received confusion stimulus to the original stimulus, generate a corresponding response, and further send the generated response to the server for identity verification, so as to defend against machine learning attacks; the confusing excitation is obtained by exchanging bit positions on the original excitation according to a predetermined rule after the original excitation is represented by binary bits.
Wherein the total bit length of the original excitation is n, and p with the bit length of (n-4)/4 is included1~p4Fixed part and bit lengthP to be 45A moiety; wherein the content of the first and second substances,
when p of the original excitation5When the part is 0000 or 1000, p is1p2p3p4p5The original excitation formed is exchanged to obtain P2P1P4P3P5(ii) a formed confounding stimulus;
when p of the original excitation5When the moiety is 0001 or 1001, then from p1p2p3p4p5The original excitation formed is exchanged to obtain P2P3P4P1P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0010 or 1010, p is substituted1p2p3p4p5The original excitation formed is exchanged to obtain P2P4P4P1P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0011 or 1011, p is1p2p3p4p5The original excitation formed is exchanged to obtain P3P1P4P2P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0100 or 1100, p is1p2p3p4p5The original excitation formed is exchanged to obtain P3P4P1P2P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0101 or 1101, then p is1p2p3p4p5The original excitation formed is exchanged to obtain P3P4P2P1P5(ii) a formed confounding stimulus;
when p of the original excitation5When part is 0110 or 1110, p is1p2p3p4p5Formed ofThe original excitation is exchanged to obtain P4P1P2P3P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0111 or 1111, p is1p2p3p4p5The original excitation formed is exchanged to obtain P4P3P1P2P5The resulting confusing stimulus.
Note that in our example, the position of P5 does not change. The task of the OC-APUF is to receive a confusion stimulus C once it has received itOBThe original excitation C is recovered therefrom. The stimulus recovery circuit can easily recover C according to P5 and the previous obfuscation rulesOBIs converted to C. The APUF then generates a corresponding response R. It can be seen that an APUF module can be made up of multiple APUFs.
We performed machine learning ML attack evaluation on the proposed OC-APUF using logistic regression LR strategy. LR is an ML strategy that uses the correlation between independent and dependent variables of a known training set to construct a linear model of the system.
In our experiments we assume that an adversary can eavesdrop on the communication between the server and the device without any restriction.
The noise-free CRPs are adopted for simulation, and the physical APUF system structure can be effectively modeled. The prediction rates of the conventional APUF model after training by the training set and the OC-APUF model with the bit length of 64 are shown in Table 2. The accuracy of the former can be predicted to be more than 96% by using a training set of 1000 CRPs, and the latter can resist ML attacks more reliably. All data were evaluated for accuracy using a test set of 10000 CRPs.
TABLE 2
By way of comparison, we also performed further experiments using a logistic regression strategy, as shown in fig. 4. It roughly shows the relation between the relevant parameters (prediction rate, number of CRPs needed in the training set and excited bit length). It is clear that OC-APUF greatly improves the ability to resist ML attacks. In particular, we can observe that as CRPs increase, the prediction rate converges to a fairly ideal value.
The embodiment of the invention has the following beneficial effects:
1. the invention adopts the bit positions in the original excitation to be exchanged according to the preset rule, thereby achieving the purpose of confusion, and leading the direct connection between the confusion excitation and the response to resist the machine learning attack;
2. the present invention retains the unclonability of APUF with little increase in hardware complexity while still maintaining a high level of security.
It should be noted that, in the above system embodiment, each included unit is only divided according to functional logic, but is not limited to the above division as long as the corresponding function can be implemented; in addition, specific names of the functional units are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present invention.
It will be understood by those skilled in the art that all or part of the steps in the method for implementing the above embodiments may be implemented by instructing the relevant hardware through a program, and the program may be stored in a computer-readable storage medium, such as ROM/RAM, magnetic disk, optical disk, etc.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present invention, and it is therefore to be understood that the invention is not limited by the scope of the appended claims.
Claims (4)
1. A method for realizing machine learning attack resistance based on APUF (adaptive finite impulse filter) designed by confusion excitation, which is characterized by comprising the following steps:
the APUF receives confusion excitation generated by a server;
the APUF restores the received confusion excitation to the original excitation, generates a corresponding response, and further sends the generated response to the server for identity verification to resist machine learning attack; the confusing excitation is obtained by exchanging bit positions on the original excitation according to a predetermined rule after the original excitation is represented by binary bits.
2. The method for implementing APUF (adaptive Power Filter) based on confusion incentive design according to claim 1, wherein the original incentive has a total bit length of n, including p with a bit length of (n-4)/41~p4Part and bit length fixed to 4 p5A moiety; wherein the content of the first and second substances,
when p of the original excitation5When the part is 0000 or 1000, p is1p2p3p4p5The formed original excitation is exchanged to obtain P2P1P4P3P5(ii) a formed confounding stimulus;
when p of the original excitation5When the moiety is 0001 or 1001, then from p1p2p3p4p5The formed original excitation is exchanged to obtain P2P3P4P1P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0010 or 1010, p is substituted1p2p3p4p5The formed original excitation is exchanged to obtain P2P4P4P1P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0011 or 1011, p is1p2p3p4p5The formed original excitation is exchanged to obtain P3P1P4P2P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0100 or 1100, p is1p2p3p4p5The formed original excitation is carried outExchange to obtain P3P4P1P2P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0101 or 1101, then p is1p2p3p4p5The formed original excitation is exchanged to obtain P3P4P2P1P5(ii) a formed confounding stimulus;
when p of the original excitation5When part is 0110 or 1110, p is1p2p3p4p5The formed original excitation is exchanged to obtain P4P1P2P3P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0111 or 1111, p is1p2p3p4p5The formed original excitation is exchanged to obtain P4P3P1P2P5The resulting confusing stimulus.
3. An APUF designed based on aliasing stimuli, comprising a receiving unit and a response unit: wherein the content of the first and second substances,
the receiving unit is used for APUF to receive confusion excitation generated by the server;
the response unit is used for generating a corresponding response after the APUF recovers the received confusion stimulus to the original stimulus, and further sending the generated response to the server for identity verification so as to resist machine learning attack; the confusing excitation is obtained by exchanging bit positions on the original excitation according to a predetermined rule after the original excitation is represented by binary bits.
4. The confounded excitation based design APUF of claim 3, wherein the original excitation has a total bit length of n, including p with a bit length of (n-4)/41~p4Part and bit length fixed to 4 p5A moiety; wherein the content of the first and second substances,
when p of the original excitation5When the part is 0000 or 1000, p is1p2p3p4p5The formed original excitation is exchanged to obtain P2P1P4P3P5(ii) a formed confounding stimulus;
when p of the original excitation5When the moiety is 0001 or 1001, then from p1p2p3p4p5The formed original excitation is exchanged to obtain P2P3P4P1P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0010 or 1010, p is substituted1p2p3p4p5The formed original excitation is exchanged to obtain P2P4P4P1P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0011 or 1011, p is1p2p3p4p5The formed original excitation is exchanged to obtain P3P1P4P2P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0100 or 1100, p is1p2p3p4p5The formed original excitation is exchanged to obtain P3P4P1P2P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0101 or 1101, then p is1p2p3p4p5The formed original excitation is exchanged to obtain P3P4P2P1P5(ii) a formed confounding stimulus;
when p of the original excitation5When part is 0110 or 1110, p is1p2p3p4p5The formed original excitation is exchanged to obtain P4P1P2P3P5(ii) a formed confounding stimulus;
when p of the original excitation5When the part is 0111 or 1111, p is1p2p3p4p5The formed original excitation is exchanged to obtain P4P3P1P2P5The resulting confusing stimulus.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910844265.2A CN110752928B (en) | 2019-09-06 | 2019-09-06 | APUF based on confusion incentive design and method for realizing machine learning attack resistance |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910844265.2A CN110752928B (en) | 2019-09-06 | 2019-09-06 | APUF based on confusion incentive design and method for realizing machine learning attack resistance |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110752928A CN110752928A (en) | 2020-02-04 |
CN110752928B true CN110752928B (en) | 2022-03-01 |
Family
ID=69276221
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910844265.2A Active CN110752928B (en) | 2019-09-06 | 2019-09-06 | APUF based on confusion incentive design and method for realizing machine learning attack resistance |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110752928B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113919012B (en) * | 2021-08-31 | 2024-03-19 | 温州大学 | Strong PUF (physical unclonable function) machine learning attack resisting method and circuit based on sequence password |
CN113922990B (en) * | 2021-09-17 | 2023-04-25 | 温州大学 | Strong PUF (physical unclonable function) machine learning attack resisting method based on matrix encryption |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA3011279A1 (en) * | 2016-01-11 | 2017-07-20 | Stc.Unm | A privacy-preserving, mutual puf-based authentication protocol |
CN107733655A (en) * | 2017-10-13 | 2018-02-23 | 东南大学 | A kind of APUF safety certifying methods based on Polynomial Reconstructing |
CN109614790A (en) * | 2018-11-28 | 2019-04-12 | 河海大学常州校区 | Light-weight authentication equipment and authentication method based on feedback loop PUF |
-
2019
- 2019-09-06 CN CN201910844265.2A patent/CN110752928B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA3011279A1 (en) * | 2016-01-11 | 2017-07-20 | Stc.Unm | A privacy-preserving, mutual puf-based authentication protocol |
CN107733655A (en) * | 2017-10-13 | 2018-02-23 | 东南大学 | A kind of APUF safety certifying methods based on Polynomial Reconstructing |
CN109614790A (en) * | 2018-11-28 | 2019-04-12 | 河海大学常州校区 | Light-weight authentication equipment and authentication method based on feedback loop PUF |
Non-Patent Citations (1)
Title |
---|
Obfuscated Challenge-Response: A Secure Lightweight Authentication Mechanism for PUF-Based Pervasive Devices;Y Gao .et;《2016 IEEE International Conference on Pervasive Computing and Communication Workshops》;20160421;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN110752928A (en) | 2020-02-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9524393B2 (en) | System and methods for analyzing and modifying passwords | |
Chen et al. | Impulsive synchronization of reaction–diffusion neural networks with mixed delays and its application to image encryption | |
Yu et al. | A noise bifurcation architecture for linear additive physical functions | |
Weir et al. | Password cracking using probabilistic context-free grammars | |
EP3693886A1 (en) | Optimizations for verification of interactions system and method | |
Maximov et al. | Two trivial attacks on Trivium | |
CN109391645A (en) | Block chain light-weight technologg method, block chain node and storage medium | |
CN109005040A (en) | Dynamic multi-secrets key obscures PUF structure and its authentication method | |
CN110752928B (en) | APUF based on confusion incentive design and method for realizing machine learning attack resistance | |
US20210157790A1 (en) | Optimizations for verification of interactions system and method using probability density functions | |
CN108683505B (en) | APUF circuit that possesses security | |
CN103841111A (en) | Method for preventing data from being submitted repeatedly and server | |
CN106991403A (en) | A kind of method and apparatus of recognition of face | |
Wang et al. | Multi-source training deep-learning side-channel attacks | |
CN107733655B (en) | APUF security authentication method based on polynomial reconstruction | |
CN104899499A (en) | Internet image search based Web verification code generation method | |
CN113469371B (en) | Federal learning method and apparatus | |
CN111641712A (en) | Block chain data updating method, device, equipment, system and readable storage medium | |
Gong et al. | Surakav: Generating realistic traces for a strong website fingerprinting defense | |
Wen et al. | Enhancing PUF reliability by machine learning | |
CN110704511B (en) | Data processing method, device, apparatus and medium | |
Bendersky et al. | Nonsignaling deterministic models for nonlocal correlations have to be uncomputable | |
CN111865595B (en) | Block chain consensus method and device | |
Mohammadpourfard et al. | Generation of false data injection attacks using conditional generative adversarial networks | |
CN110119621B (en) | Attack defense method, system and defense device for abnormal system call |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20200204 Assignee: Ningbo Xungao Intelligent Technology Co.,Ltd. Assignor: Wenzhou University Contract record no.: X2024330000002 Denomination of invention: APUF Based on Confusion Motivation Design and Its Implementation for Anti Machine Learning Attacks Granted publication date: 20220301 License type: Common License Record date: 20240103 |
|
EE01 | Entry into force of recordation of patent licensing contract |