On Reverse Engineering-Based Hardware Trojan Detection Chongxi Bao; Forte, Domenic; Srivastava, Ankur
IEEE transactions on computer-aided design of integrated circuits and systems,
2016-Jan., 2016-1-00, 20160101, Letnik:
35, Številka:
1
Journal Article
Recenzirano
Due to design and fabrication outsourcing to foundries, the problem of malicious modifications to integrated circuits (ICs), also known as hardware Trojans (HTs), has attracted attention in academia ...as well as industry. To reduce the risks associated with Trojans, researchers have proposed different approaches to detect them. Among these approaches, test-time detection approaches have drawn the greatest attention. Many test-time approaches assume the existence of a Trojan-free (TF) chip/model also known as "golden model." Prior works suggest using reverse engineering (RE) to identify such TF ICs for the golden model. However, they did not state how to do this efficiently. In fact, RE is a very costly process which consumes lots of time and intensive manual effort. It is also very error prone. In this paper, we propose an innovative and robust RE scheme to identify the TF ICs. We reformulate the Trojan-detection problem as clustering problem. We then adapt a widely used machine learning method, {K} -means clustering, to solve our problem. Simulation results using state-of-the-art tools on several publicly available circuits show that the proposed approach can detect HTs with high accuracy rate. A comparison of this approach with our previously proposed approach 1 is also conducted. Both the limitations and application scenarios of the two methods are discussed in detail.
With wide deployment of machine learning (ML)-based systems for a variety of applications including medical, military, automotive, genomic, multimedia, and social networking, there is great potential ...for damage from adversarial learning (AL) attacks. In this article, we provide a contemporary survey of AL, focused particularly on defenses against attacks on deep neural network classifiers. After introducing relevant terminology and the goals and range of possible knowledge of both attackers and defenders, we survey recent work on test-time evasion (TTE), data poisoning (DP), backdoor DP, and reverse engineering (RE) attacks and particularly defenses against the same. In so doing, we distinguish robust classification from anomaly detection (AD), unsupervised from supervised, and statistical hypothesis-based defenses from ones that do not have an explicit null (no attack) hypothesis. We also consider several scenarios for detecting backdoors. We provide a technical assessment for reviewed works, including identifying any issues/limitations, required hyperparameters, needed computational complexity, as well as the performance measures evaluated and the obtained quality. We then delve deeper, providing novel insights that challenge conventional AL wisdom and that target unresolved issues, including: robust classification versus AD as a defense strategy; the belief that attack success increases with attack strength, which ignores susceptibility to AD; small perturbations for TTE attacks: a fallacy or a requirement; validity of the universal assumption that a TTE attacker knows the ground-truth class for the example to be attacked; black, gray, or white-box attacks as the standard for defense evaluation; and susceptibility of query-based RE to an AD defense. We also discuss attacks on the privacy of training data. We then present benchmark comparisons of several defenses against TTE, RE, and backdoor DP attacks on images. The article concludes with a discussion of continuing research directions, including the supreme challenge of detecting attacks whose goal is not to alter classification decisions, but rather simply to embed, without detection, "fake news" or other false content.
The paper presents one of the possible solutions of the reverse engineering problem from the point of view of the classical system approach, as well as highlights the direction for the development of ...a complex software product. This approach will make it possible to change the modern practice of reverse engineering, which is applied everywhere. This practice requires expert evaluation by operator teams on non-acceptance basis. The approach proposed by the authors will significantly minimize human participation in this process.
Android users install various apps, such as banking apps, on their smart devices dealing with user‐sensitive information. The Android framework, via Inter‐Component Communication (ICC) mechanism, ...ensures that app components (inside the same app or on different apps) can communicate. The literature works have shown that this mechanism can cause security issues, such as app security policy violations, especially in the case of Inter‐App Communication (IAC). Despite the plethora of research on detecting security issues in IAC, detection techniques face fundamental ICC challenges for improving the precision of static analysis. Challenges include providing comprehensive and scalable modeling of app specification, capturing all potential ICC paths, and enabling more effective IAC analysis. To overcome such challenges, in this paper, we propose a framework called VAnDroid2, as an extension of our previous work, to address the security issues in multiple components at both intra‐ and inter‐app analysis levels. VAnDroid2, based on Model‐Driven Reverse Engineering, has extended our previous work as per following: (1) providing a comprehensive Intermediate Representation (IR) of the app which supports extracting all the ICC information from the app, (2) extracting high‐level representations of the apps and their interactions by omitting the details that are not relevant to inter‐app security analysis, and (3) enabling more effective IAC security analysis. This framework is implemented as an Eclipse‐based tool. The results of evaluating VAnDroid2 w.r.t. correctness, scalability, and run‐time performance, and comparing with state‐of‐the‐art analysis tools well indicate that VAnDroid2 is a promising framework in the field of Android inter‐app security analysis.
Software obfuscation has always been a controversially discussed research area. While theoretical results indicate that provably secure obfuscation in general is impossible, its widespread ...application in malware and commercial software shows that it is nevertheless popular in practice. Still, it remains largely unexplored to what extent today's software obfuscations keep up with state-of-the-art code analysis and where we stand in the arms race between software developers and code analysts. The main goal of this survey is to analyze the effectiveness of different classes of software obfuscation against the continuously improving deobfuscation techniques and off-the-shelf code analysis tools. The answer very much depends on the goals of the analyst and the available resources. On the one hand, many forms of lightweight static analysis have difficulties with even basic obfuscation schemes, which explains the unbroken popularity of obfuscation among malware writers. On the other hand, more expensive analysis techniques, in particular when used interactively by a human analyst, can easily defeat many obfuscations. As a result, software obfuscation for the purpose of intellectual property protection remains highly challenging.
This study proposes a digital construction framework that integrates building information modeling (BIM) and reverse engineering (RE) to improve information utilization in different phases and thus ...reduce mistakes and reworks in renovation projects during urban renewal. Three-dimensional (3D) laser scanning is used to enable the RE process. This framework also incorporates supporting technologies (virtual reality, 3D printing, and prefabrication) for a better understanding of design and construction as well as tools (work breakdown structure and model breakdown structure) for enhanced organization and management quality. Implementing this proposed framework in a renovated shopping center in Hainan, China optimized efficiency of the renovation process by 15%, eliminated design changes by 30% and reworks by 25%, and finally saved two months and 7.41% of cost regarding the steel structure canopy. Thus, this framework can proactively reduce occurrences of mistakes and reworks during the renovation process, greatly improving the effectiveness of urban renewal.
•The need of integrating BIM and reverse engineering (RE) in renovation projects is established.•Tools related to BIM and RE as well as relevant concepts in manufacturing are reviewed.•A digital construction framework integrating BIM and RE is developed for renovation projects.•The framework is validated in a case project in China.•A summary of enhanced project performance and technical solutions is provided.