CN115168843A - Hardware Trojan side channel detection method based on self-encoder - Google Patents
Hardware Trojan side channel detection method based on self-encoder Download PDFInfo
- Publication number
- CN115168843A CN115168843A CN202210595414.8A CN202210595414A CN115168843A CN 115168843 A CN115168843 A CN 115168843A CN 202210595414 A CN202210595414 A CN 202210595414A CN 115168843 A CN115168843 A CN 115168843A
- Authority
- CN
- China
- Prior art keywords
- encoder
- output
- self
- side information
- decoder
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/556—Detecting local intrusion or implementing counter-measures involving covert channels, i.e. data leakage between processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/76—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Mathematical Physics (AREA)
- Maintenance And Management Of Digital Transmission (AREA)
Abstract
The invention relates to a hardware Trojan horse side channel detection method based on a self-encoder, belongs to the technical field of network security side channel analysis, and particularly relates to an artificial intelligence hardware Trojan horse side channel detection method based on the self-encoder. The method is easy to realize, normal data used for training are easy to collect, and the self-encoder method is relatively small in calculated amount and suitable for being applied to actual scenes. The method takes the side information as the input of the self-encoder, and carries out the abnormity detection according to the encoding result obtained by the encoder, and the result is visual and accurate.
Description
Technical Field
The invention relates to a hardware Trojan horse side channel detection method based on an auto-encoder, belongs to the technical field of network security side channel analysis, and particularly relates to an artificial intelligent hardware Trojan horse side channel detection method based on the auto-encoder.
Background
Hardware Trojan Horse (Hardware Trojan Horse) refers to a special module intentionally implanted in a chip or electronic system or a defective module left unintentionally by a designer. Such a module is hidden within the original circuit, causing the original circuit to experience what it would otherwise have been when the circuit was operated to some particular value or condition. The malicious circuit can purposefully modify the original circuit, such as leaking information to an attacker, changing the function of the circuit and even directly damaging the circuit.
The cipher detection rule of GM/T0008-2012 security chip specifies that the physical interface and the logical interface supported by the security chip must not contain an implicit channel. If such an implicit channel is used for malicious attacks, such as the transmission of keys or other sensitive information in the event of a security violation, it may be referred to as a hardware trojan. The hardware trojans are various in types, different in functions and different in implantation modes, relate to all levels and have extremely high detection difficulty. The existence of hardware trojans may bring huge potential safety hazards to chip users and even threaten national safety.
Over the past few years, hardware trojan detection technology has evolved rapidly. The hardware Trojan horse detection method based on the failure analysis technology compares the result of reverse engineering with the original design, and the method is time-consuming and labor-consuming and has poor effect on chips with high integration level and complex structures; the hardware Trojan horse detection method based on logic test needs to generate test excitation and activate the possible hardware Trojan horse with the maximum probability, but the exhaustive test is very time-consuming and the generation of test vectors is possibly very complicated; the hardware Trojan horse detection method based on side channel information is a method which is used more at present, and the working condition of a circuit is analyzed according to the side channel information such as time sequence, energy, electromagnetism and the like.
In general, it is very difficult to determine whether a hardware trojan exists in a chip. Hardware Trojan horse detection based on an artificial intelligence algorithm is mainly divided into supervised learning and unsupervised learning, wherein the supervised learning requires that a detector can determine whether hardware Trojan horses exist in a part of chips or not, and is difficult in an actual scene; algorithms such as clustering, isolated forest, local abnormal factors and the like are commonly used in unsupervised learning, and the algorithms are respectively suitable for different data distributions and possibly have parameters needing manual adjustment.
Disclosure of Invention
The purpose of the invention is: the method does not need to manually screen key information, can automatically extract key characteristics in side information in an unsupervised scene, has relatively small calculated amount, can reduce dimensions in a nonlinear way, and has better adaptability to different data distributions.
The invention is realized by adopting the following technical scheme.
A hardware Trojan side channel detection method based on a self-encoder comprises the following steps:
step 1: sending a large number of invalid instructions to a chip, and simultaneously acquiring corresponding side information (such as energy waveform) X, wherein the side information can be regarded as normal data and is used as a training set; the large number of invalid instructions means that the number of the sent invalid instructions is not less than a set value;
sending a traversal instruction to a chip, and simultaneously acquiring corresponding side information Y which can be regarded as a test set for detection;
and 2, step: the self-encoder is divided into an encoder and a decoder, normal data X is used as the input of the encoder, and the encoder and the decoder are trained until the output X' of the decoder and the input X of the encoder have smaller errors; a small error means that the error is smaller than a set threshold;
and 3, step 3: taking the test set Y as the input of an encoder to obtain the output T of the encoder and the output Y' of a decoder;
and 4, step 4: judging abnormal conditions, wherein the output T of the encoder corresponds to the characteristics of the side information, when the chip executes similar operation, the side information has similar encoding results, and calculating the output y of the decoder i ' with original data y i The larger the calculated loss function value is, the more conspicuous the side information abnormality is, and the corresponding operation command is valid.
Advantageous effects
Compared with the existing hardware Trojan side channel analysis method, the method of the invention has the following advantages:
1. compared with the traditional neural network, the method does not need abnormal data to participate in training, and unsupervised learning is more consistent with the actual situation;
2. compared with the traditional anomaly detection method, the method does not need to manually adjust parameters, completes network training through network self-supervision, has higher automation degree, and has better adaptability to different data distributions.
3. The method is easy to realize, normal data used for training are easy to collect, and the self-encoder method is relatively small in calculation amount and suitable for being applied to actual scenes.
4. The method takes the side information as the input of the self-encoder, and performs the abnormity detection according to the encoding result obtained by the encoder, and the result is visual and accurate.
Drawings
FIG. 1 is a flow chart of the method of the present invention;
FIG. 2 is a superimposed graph of smart card empty command energy waveforms in an embodiment of the method of the present invention;
FIG. 3 is a diagram of a smart card traversal instruction energy waveform overlay in an embodiment of the method of the present invention;
FIG. 4 is a diagram illustrating side information data corresponding to a normal command in an embodiment of a method of the present invention;
FIG. 5 is a diagram illustrating side information data corresponding to an abnormal instruction according to an embodiment of the present invention;
FIG. 6 is a low dimensional code calculated in an embodiment of the method of the present invention;
figure 7 is the result of a loss function value in an embodiment of the method of the invention.
Detailed Description
The method of the present invention is further described in detail with reference to the drawings and examples.
Examples
As shown in fig. 1-7, taking a contact smart card conforming to the ISO7816 specification as an example, the commands valid in the smart card are analyzed.
As shown in fig. 1, an artificial intelligence side channel analysis method for a hardware trojan horse includes the following steps:
step 1: sending a large number of invalid instructions to a chip, and simultaneously acquiring corresponding side information (such as energy waveform) X, wherein the side information can be regarded as normal data and is used as a training set;
and sending a traversal instruction to the chip, and simultaneously acquiring corresponding side information Y, wherein the side information can be regarded as a test set for detection.
The communication protocol ISO7816 specification specifies the communication standard of smart cards, the application protocol data unit of which is defined as follows:
CLA | INS | P1 | P2 | Lc | Data | Le |
instruction classes | Instruction code | Parameter 1 | |
Data length | Data of | Maximum length of response answer |
According to the definition of an application protocol data unit, the first five bytes of communication data correspond to an instruction part, the traditional scheme needs to traverse the space of five bytes, and the corresponding time complexity is O (256) n ). However, considering that the chip judges byte by byte when analyzing the instruction, analyzes byte by byte, firstly determines the effective CLA, and then traverses the INS bytes backwards, thereby reducing the traversed search space, and the time complexity of the method is O (256 n).
Step 1.1: according to an instruction set published by a chip manufacturer, a plurality of null instructions are sent to the chip, and corresponding side information, such as energy waveforms, electromagnetic waveforms and the like, is acquired. 256 corresponding to n-bit instruction according to general design principle of chip n Most of the bar instructions are null instructions, so that the acquisition of side information of the null instructions is easy to realize. This embodiment sends a large number of null commands to the smartcard chip and collects the corresponding energy waveforms as the training set of the self-encoder, as shown in fig. 2.
Step 1.2: the instruction to be analyzed is sent to the chip in a traversing manner, and meanwhile, the energy waveform of the chip is collected and used as a test set of the self-encoder, as shown in fig. 3.
Step 2: the self-encoder is divided into an encoder part and a decoder part. The normal data X is used as the input of the encoder, and the encoder and the decoder are trained until the output X' of the decoder and the input X of the encoder have small errors.
The Auto-Encoder (Auto-Encoder) is based on a back propagation algorithm and an optimization method (such as gradient descent), input data are used as supervision, a mapping relation is learned through a neural network, a low-dimensional encoding representation is obtained, and output close to the original input can be reconstructed through encoding.
Before training, the neural network is initialized, and the network structure, the number of neurons, the optimization mode and the like of the self-encoder are determined.
And step 3: the output T of the encoder and the output Y' of the decoder can be obtained by using the test set Y as the input of the encoder.
Specifically, the method comprises the following steps:
step 3.1: the test set Y is input from an encoder module in an encoder, and the encoder outputs a low-dimensional code T which is also a feature expression of the original data.
Step 3.2: the coding result T is input from the decoder module of the encoder, which outputs the reconstructed data Y'.
And 4, step 4: and judging the abnormal condition. The output T of the encoder corresponds to the characteristics of the side information, and when the chip executes similar operation, the side information should have similar encoding results; and calculating a loss function value of the output Y' of the decoder and the original data Y, wherein the larger the loss value is, the more obvious the abnormal condition of the corresponding side information is.
Specifically, the method comprises the following steps:
step 4.1: the trained self-encoder can automatically extract the characteristics of input data and represent the characteristics in a low-dimensional coding form. If the input is the side information corresponding to the invalid instruction, the low-dimensional coding result is similar to the coding result of the training set; if the input is the side information corresponding to the effective instruction, the low-dimensional coding result is obviously different from the coding result of the training set;
in this embodiment, the side information data corresponding to the normal instruction is shown in fig. 4, the side information data corresponding to the abnormal instruction is shown in fig. 5, and the corresponding low-dimensional code is shown in fig. 6. It can be seen that normal data differs significantly from abnormal data in the low-dimensional encoded representation.
Step 4.2: the loss function value of the decoder output Y' and the original data Y is calculated. The higher the loss function value, the higher the corresponding raw data anomaly. The loss function values are normalized, and the abnormal score calculation result in the embodiment of the method is shown in a schematic diagram 7.
While the foregoing is directed to the preferred embodiment of the present invention, it is not intended that the invention be limited to the embodiment and the drawings disclosed herein. Equivalents and modifications may be made without departing from the spirit of the disclosure, which is to be considered as within the scope of the invention.
Claims (3)
1. A hardware Trojan side channel detection method based on a self-encoder, wherein the self-encoder used in the method is divided into an encoder and a decoder, and the method is characterized by comprising the following steps:
step 1: sending a large number of invalid instructions to a chip, and simultaneously collecting corresponding side information X which is used as a training set of training;
sending a traversal instruction to the chip, and simultaneously acquiring corresponding side information Y, wherein the side information is a test set Y for detection;
and 2, step: taking the side information X in the step 1 as the input of an encoder, training the encoder and a decoder until the output X' of the decoder and the input X of the encoder have a small error;
and 3, step 3: taking the side information Y in the step 1 as the input of the encoder trained in the step 2 to obtain the output T of the encoder and the output Y' of the decoder;
and 4, step 4: dividing the instruction type according to the output T of the encoder, and judging the encoding result T of the side information i And t j If the correlation coefficient is higher than the threshold value, the instructions i and j executed by the chip are considered to have similar operations; t is t i 、t j The elements in the corresponding encoder output set T are output, i and j are instructions executed by a chip at the time;
judging whether the command is valid according to the output Y' of the decoder, and calculating the output Y of the decoder i ' with original data y i The larger the calculated loss function value is, the more remarkable the side information abnormality is, the corresponding operation instruction is valid, and y i ′、y i I is an instruction executed by the chip at the time, corresponding to an element in the output set Y and the original data set Y of the decoder.
2. The hardware Trojan side channel detection method based on the self-encoder as claimed in claim 1, wherein:
in step 1, the large number of invalid instructions means that the number of the transmitted invalid instructions is not less than a set value.
3. The hardware trojan side channel detection method based on self-encoder as claimed in claim 1 or 2, wherein:
in step 2, a small error means that the error is smaller than a set threshold.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210595414.8A CN115168843A (en) | 2022-05-29 | 2022-05-29 | Hardware Trojan side channel detection method based on self-encoder |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210595414.8A CN115168843A (en) | 2022-05-29 | 2022-05-29 | Hardware Trojan side channel detection method based on self-encoder |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115168843A true CN115168843A (en) | 2022-10-11 |
Family
ID=83484114
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210595414.8A Pending CN115168843A (en) | 2022-05-29 | 2022-05-29 | Hardware Trojan side channel detection method based on self-encoder |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115168843A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117040722A (en) * | 2023-10-08 | 2023-11-10 | 杭州海康威视数字技术股份有限公司 | Side channel analysis method based on multi-loss regularized noise reduction automatic encoder |
-
2022
- 2022-05-29 CN CN202210595414.8A patent/CN115168843A/en active Pending
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117040722A (en) * | 2023-10-08 | 2023-11-10 | 杭州海康威视数字技术股份有限公司 | Side channel analysis method based on multi-loss regularized noise reduction automatic encoder |
CN117040722B (en) * | 2023-10-08 | 2024-02-02 | 杭州海康威视数字技术股份有限公司 | Side channel analysis method based on multi-loss regularized noise reduction automatic encoder |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2021189364A1 (en) | Method and device for generating adversarial image, equipment, and readable storage medium | |
KR102389094B1 (en) | System and Method for Detection of Anomaly Pattern | |
CN111885035A (en) | Network anomaly detection method, system, terminal and storage medium | |
CN117155706B (en) | Network abnormal behavior detection method and system | |
CN111652290A (en) | Detection method and device for confrontation sample | |
CN113935033A (en) | Feature-fused malicious code family classification method and device and storage medium | |
CN109033833B (en) | Malicious code classification method based on multiple features and feature selection | |
CN111062036A (en) | Malicious software identification model construction method, malicious software identification medium and malicious software identification equipment | |
CN115168843A (en) | Hardware Trojan side channel detection method based on self-encoder | |
CN111126420A (en) | Method and device for establishing recognition model | |
CN110119621B (en) | Attack defense method, system and defense device for abnormal system call | |
CN114168938A (en) | Semi-supervised SQL injection attack detection method based on few abnormal labels | |
CN117176433A (en) | Abnormal behavior detection system and method for network data | |
CN116305119A (en) | APT malicious software classification method and device based on predictive guidance prototype | |
CN116403253A (en) | Face recognition monitoring management system and method based on convolutional neural network | |
CN116756578B (en) | Vehicle information security threat aggregation analysis and early warning method and system | |
CN117857195A (en) | Network intrusion detection method, device, electronic equipment and storage medium | |
CN117436077B (en) | Federal learning back door attack method based on image steganography | |
CN111737688B (en) | Attack defense system based on user portrait | |
CN112134858A (en) | Sensitive information detection method, device, equipment and storage medium | |
CN116664922A (en) | Intelligent anti-attack sample generation method and system based on scaling transformation | |
CN111858343A (en) | Countermeasure sample generation method based on attack capability | |
KR20200129353A (en) | method for generating similar malicious codes and method for improving malicious code detection performance using the same | |
CN115712857A (en) | Abnormal flow detection method, equipment and medium | |
CN114299341A (en) | Method, system and storage medium for detecting confrontation sample based on posterior probability |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |