학술논문
Adversarial Attack Against Golden Reference-Free Hardware Trojan Detection Approach
Document Type
Conference
Source
2024 IEEE Physical Assurance and Inspection of Electronics (PAINE) Physical Assurance and Inspection of Electronics (PAINE), 2024 IEEE. :1-7 Nov, 2024
Subject
Language
Abstract
Modern approaches to detecting hardware Trojans (HTs) leverage unsupervised machine learning to identify HTs in Integrated Circuits (ICs) produced by untrusted manufacturers, bypassing the need for golden references. However, clustering algorithms are prone to adversarial attacks, where attackers can generate adversarial samples to alter their HTs and evade these detection methods. This research introduces adversarial attacks on K-means clustering models that utilize frequency side-channel analysis data for HT detection in ICs. The findings reveal that the clustering model is highly vulnerable to feature space adversarial attacks, with a $99 \%$ success rate in misleading the clustering model to incorrectly classify the source samples into the targeted cluster.