Two Sides of the Same Coin: Boons and Banes of Machine Learning in Hardware Security

The last decade has witnessed remarkable research advances at the intersection of machine learning (ML) and hardware security. The confluence of the two technologies has created many interesting and unique opportunities, but also left some issues in their wake. ML schemes have been extensively used...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	IEEE journal on emerging and selected topics in circuits and systems 2021-06, Vol.11 (2), p.228-251
Hauptverfasser:	Liu, Wenye, Chang, Chip-Hong, Wang, Xueyang, Liu, Chen, Fung, Jason M., Ebrahimabadi, Mohammad, Karimi, Naghmeh, Meng, Xingyu, Basu, Kanad
Format:	Artikel
Sprache:	eng
Schlagworte:	adversarial examples Artificial neural networks cloud FPGA Computational modeling counterfeit IC Deep learning edge AI Electronic devices Embedded systems Hardware hardware security hardware Trojan Integrated circuit modeling Integrated circuits Machine learning Malware malware detection Perturbation physical attacks physically unclonable functions Security side-channel attacks Support vector machines Trojan horses
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	251
container_issue	2
container_start_page	228
container_title	IEEE journal on emerging and selected topics in circuits and systems
container_volume	11
creator	Liu, Wenye Chang, Chip-Hong Wang, Xueyang Liu, Chen Fung, Jason M. Ebrahimabadi, Mohammad Karimi, Naghmeh Meng, Xingyu Basu, Kanad
description	The last decade has witnessed remarkable research advances at the intersection of machine learning (ML) and hardware security. The confluence of the two technologies has created many interesting and unique opportunities, but also left some issues in their wake. ML schemes have been extensively used to enhance the security and trust of embedded systems like hardware Trojans and malware detection. On the other hand, ML-based approaches have also been adopted by adversaries to assist side-channel attacks, reverse engineer integrated circuits and break hardware security primitives like Physically Unclonable Functions (PUFs). Deep learning is a subfield of ML. It can continuously learn from a large amount of labeled data with a layered structure. Despite the impressive outcomes demonstrated by deep learning in many application scenarios, the dark side of it has not been fully exposed yet. The inability to fully understand and explain what has been done within the super-intelligence can turn an inherently benevolent system into malevolent. Recent research has revealed that the outputs of Deep Neural Networks (DNNs) can be easily corrupted by imperceptibly small input perturbations. As computations are brought nearer to the source of data creation, the attack surface of DNN has also been extended from the input data to the edge devices. Accordingly, due to the opportunities of ML-assisted security and the vulnerabilities of ML implementation, in this paper, we will survey the applications, vulnerabilities and fortification of ML from the perspective of hardware security. We will discuss the possible future research directions, and thereby, sharing a roadmap for the hardware security community in general.
doi_str_mv	10.1109/JETCAS.2021.3084400
format	Article
fullrecord	<record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_crossref_primary_10_1109_JETCAS_2021_3084400</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9442769</ieee_id><sourcerecordid>2539969222</sourcerecordid><originalsourceid>FETCH-LOGICAL-c342t-e54fd84acfe2ffda5fa3deafff66e83b6257f90d176e17716730a133ac2c60893</originalsourceid><addsrcrecordid>eNo9kE1PAjEQhhujiQT5BVyaeF7s9269AVHRYDyA56buTqVEWmyXEP69S9Ywl5nD-8xMHoTGlEwoJfrh7Wk9n64mjDA64aQSgpArNGBUqoJzJa8vsyxv0SjnLelKKqqEGKD1-hjxyjeQcXS43QBe2R3gefThEc9iDBnb0OCZDX3i3dYbHwAvwabgwzf2AS9sao42dSjUh-Tb0x26cfYnw-i_D9Hnc_fkolh-vLzOp8ui5oK1BUjhmkrY2gFzrrHSWd6Adc4pBRX_UkyWTpOGlgpoWVJVcmIp57ZmtSKV5kN03-_dp_h7gNyabTyk0J00THKtlWaMdSnep-oUc07gzD75nU0nQ4k5GzS9QXM2aP4NdtS4pzwAXAgtBCuV5n8q4WuE</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2539969222</pqid></control><display><type>article</type><title>Two Sides of the Same Coin: Boons and Banes of Machine Learning in Hardware Security</title><source>IEEE Electronic Library (IEL)</source><creator>Liu, Wenye ; Chang, Chip-Hong ; Wang, Xueyang ; Liu, Chen ; Fung, Jason M. ; Ebrahimabadi, Mohammad ; Karimi, Naghmeh ; Meng, Xingyu ; Basu, Kanad</creator><creatorcontrib>Liu, Wenye ; Chang, Chip-Hong ; Wang, Xueyang ; Liu, Chen ; Fung, Jason M. ; Ebrahimabadi, Mohammad ; Karimi, Naghmeh ; Meng, Xingyu ; Basu, Kanad</creatorcontrib><description>The last decade has witnessed remarkable research advances at the intersection of machine learning (ML) and hardware security. The confluence of the two technologies has created many interesting and unique opportunities, but also left some issues in their wake. ML schemes have been extensively used to enhance the security and trust of embedded systems like hardware Trojans and malware detection. On the other hand, ML-based approaches have also been adopted by adversaries to assist side-channel attacks, reverse engineer integrated circuits and break hardware security primitives like Physically Unclonable Functions (PUFs). Deep learning is a subfield of ML. It can continuously learn from a large amount of labeled data with a layered structure. Despite the impressive outcomes demonstrated by deep learning in many application scenarios, the dark side of it has not been fully exposed yet. The inability to fully understand and explain what has been done within the super-intelligence can turn an inherently benevolent system into malevolent. Recent research has revealed that the outputs of Deep Neural Networks (DNNs) can be easily corrupted by imperceptibly small input perturbations. As computations are brought nearer to the source of data creation, the attack surface of DNN has also been extended from the input data to the edge devices. Accordingly, due to the opportunities of ML-assisted security and the vulnerabilities of ML implementation, in this paper, we will survey the applications, vulnerabilities and fortification of ML from the perspective of hardware security. We will discuss the possible future research directions, and thereby, sharing a roadmap for the hardware security community in general.</description><identifier>ISSN: 2156-3357</identifier><identifier>EISSN: 2156-3365</identifier><identifier>DOI: 10.1109/JETCAS.2021.3084400</identifier><identifier>CODEN: IJESLY</identifier><language>eng</language><publisher>Piscataway: IEEE</publisher><subject>adversarial examples ; Artificial neural networks ; cloud FPGA ; Computational modeling ; counterfeit IC ; Deep learning ; edge AI ; Electronic devices ; Embedded systems ; Hardware ; hardware security ; hardware Trojan ; Integrated circuit modeling ; Integrated circuits ; Machine learning ; Malware ; malware detection ; Perturbation ; physical attacks ; physically unclonable functions ; Security ; side-channel attacks ; Support vector machines ; Trojan horses</subject><ispartof>IEEE journal on emerging and selected topics in circuits and systems, 2021-06, Vol.11 (2), p.228-251</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2021</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c342t-e54fd84acfe2ffda5fa3deafff66e83b6257f90d176e17716730a133ac2c60893</citedby><cites>FETCH-LOGICAL-c342t-e54fd84acfe2ffda5fa3deafff66e83b6257f90d176e17716730a133ac2c60893</cites><orcidid>0000-0001-5787-0101 ; 0000-0002-8897-6176 ; 0000-0001-9754-8715 ; 0000-0003-0390-9909 ; 0000-0003-4590-5367 ; 0000-0002-5825-6637 ; 0000-0002-6431-7512 ; 0000-0003-0763-2003</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9442769$$EHTML$$P50$$Gieee$$Hfree_for_read</linktohtml><link.rule.ids>314,776,780,792,27901,27902,54733</link.rule.ids></links><search><creatorcontrib>Liu, Wenye</creatorcontrib><creatorcontrib>Chang, Chip-Hong</creatorcontrib><creatorcontrib>Wang, Xueyang</creatorcontrib><creatorcontrib>Liu, Chen</creatorcontrib><creatorcontrib>Fung, Jason M.</creatorcontrib><creatorcontrib>Ebrahimabadi, Mohammad</creatorcontrib><creatorcontrib>Karimi, Naghmeh</creatorcontrib><creatorcontrib>Meng, Xingyu</creatorcontrib><creatorcontrib>Basu, Kanad</creatorcontrib><title>Two Sides of the Same Coin: Boons and Banes of Machine Learning in Hardware Security</title><title>IEEE journal on emerging and selected topics in circuits and systems</title><addtitle>JETCAS</addtitle><description>The last decade has witnessed remarkable research advances at the intersection of machine learning (ML) and hardware security. The confluence of the two technologies has created many interesting and unique opportunities, but also left some issues in their wake. ML schemes have been extensively used to enhance the security and trust of embedded systems like hardware Trojans and malware detection. On the other hand, ML-based approaches have also been adopted by adversaries to assist side-channel attacks, reverse engineer integrated circuits and break hardware security primitives like Physically Unclonable Functions (PUFs). Deep learning is a subfield of ML. It can continuously learn from a large amount of labeled data with a layered structure. Despite the impressive outcomes demonstrated by deep learning in many application scenarios, the dark side of it has not been fully exposed yet. The inability to fully understand and explain what has been done within the super-intelligence can turn an inherently benevolent system into malevolent. Recent research has revealed that the outputs of Deep Neural Networks (DNNs) can be easily corrupted by imperceptibly small input perturbations. As computations are brought nearer to the source of data creation, the attack surface of DNN has also been extended from the input data to the edge devices. Accordingly, due to the opportunities of ML-assisted security and the vulnerabilities of ML implementation, in this paper, we will survey the applications, vulnerabilities and fortification of ML from the perspective of hardware security. We will discuss the possible future research directions, and thereby, sharing a roadmap for the hardware security community in general.</description><subject>adversarial examples</subject><subject>Artificial neural networks</subject><subject>cloud FPGA</subject><subject>Computational modeling</subject><subject>counterfeit IC</subject><subject>Deep learning</subject><subject>edge AI</subject><subject>Electronic devices</subject><subject>Embedded systems</subject><subject>Hardware</subject><subject>hardware security</subject><subject>hardware Trojan</subject><subject>Integrated circuit modeling</subject><subject>Integrated circuits</subject><subject>Machine learning</subject><subject>Malware</subject><subject>malware detection</subject><subject>Perturbation</subject><subject>physical attacks</subject><subject>physically unclonable functions</subject><subject>Security</subject><subject>side-channel attacks</subject><subject>Support vector machines</subject><subject>Trojan horses</subject><issn>2156-3357</issn><issn>2156-3365</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>ESBDL</sourceid><sourceid>RIE</sourceid><recordid>eNo9kE1PAjEQhhujiQT5BVyaeF7s9269AVHRYDyA56buTqVEWmyXEP69S9Ywl5nD-8xMHoTGlEwoJfrh7Wk9n64mjDA64aQSgpArNGBUqoJzJa8vsyxv0SjnLelKKqqEGKD1-hjxyjeQcXS43QBe2R3gefThEc9iDBnb0OCZDX3i3dYbHwAvwabgwzf2AS9sao42dSjUh-Tb0x26cfYnw-i_D9Hnc_fkolh-vLzOp8ui5oK1BUjhmkrY2gFzrrHSWd6Adc4pBRX_UkyWTpOGlgpoWVJVcmIp57ZmtSKV5kN03-_dp_h7gNyabTyk0J00THKtlWaMdSnep-oUc07gzD75nU0nQ4k5GzS9QXM2aP4NdtS4pzwAXAgtBCuV5n8q4WuE</recordid><startdate>20210601</startdate><enddate>20210601</enddate><creator>Liu, Wenye</creator><creator>Chang, Chip-Hong</creator><creator>Wang, Xueyang</creator><creator>Liu, Chen</creator><creator>Fung, Jason M.</creator><creator>Ebrahimabadi, Mohammad</creator><creator>Karimi, Naghmeh</creator><creator>Meng, Xingyu</creator><creator>Basu, Kanad</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>ESBDL</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0001-5787-0101</orcidid><orcidid>https://orcid.org/0000-0002-8897-6176</orcidid><orcidid>https://orcid.org/0000-0001-9754-8715</orcidid><orcidid>https://orcid.org/0000-0003-0390-9909</orcidid><orcidid>https://orcid.org/0000-0003-4590-5367</orcidid><orcidid>https://orcid.org/0000-0002-5825-6637</orcidid><orcidid>https://orcid.org/0000-0002-6431-7512</orcidid><orcidid>https://orcid.org/0000-0003-0763-2003</orcidid></search><sort><creationdate>20210601</creationdate><title>Two Sides of the Same Coin: Boons and Banes of Machine Learning in Hardware Security</title><author>Liu, Wenye ; Chang, Chip-Hong ; Wang, Xueyang ; Liu, Chen ; Fung, Jason M. ; Ebrahimabadi, Mohammad ; Karimi, Naghmeh ; Meng, Xingyu ; Basu, Kanad</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c342t-e54fd84acfe2ffda5fa3deafff66e83b6257f90d176e17716730a133ac2c60893</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>adversarial examples</topic><topic>Artificial neural networks</topic><topic>cloud FPGA</topic><topic>Computational modeling</topic><topic>counterfeit IC</topic><topic>Deep learning</topic><topic>edge AI</topic><topic>Electronic devices</topic><topic>Embedded systems</topic><topic>Hardware</topic><topic>hardware security</topic><topic>hardware Trojan</topic><topic>Integrated circuit modeling</topic><topic>Integrated circuits</topic><topic>Machine learning</topic><topic>Malware</topic><topic>malware detection</topic><topic>Perturbation</topic><topic>physical attacks</topic><topic>physically unclonable functions</topic><topic>Security</topic><topic>side-channel attacks</topic><topic>Support vector machines</topic><topic>Trojan horses</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Liu, Wenye</creatorcontrib><creatorcontrib>Chang, Chip-Hong</creatorcontrib><creatorcontrib>Wang, Xueyang</creatorcontrib><creatorcontrib>Liu, Chen</creatorcontrib><creatorcontrib>Fung, Jason M.</creatorcontrib><creatorcontrib>Ebrahimabadi, Mohammad</creatorcontrib><creatorcontrib>Karimi, Naghmeh</creatorcontrib><creatorcontrib>Meng, Xingyu</creatorcontrib><creatorcontrib>Basu, Kanad</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE Xplore Open Access Journals</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE journal on emerging and selected topics in circuits and systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Liu, Wenye</au><au>Chang, Chip-Hong</au><au>Wang, Xueyang</au><au>Liu, Chen</au><au>Fung, Jason M.</au><au>Ebrahimabadi, Mohammad</au><au>Karimi, Naghmeh</au><au>Meng, Xingyu</au><au>Basu, Kanad</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Two Sides of the Same Coin: Boons and Banes of Machine Learning in Hardware Security</atitle><jtitle>IEEE journal on emerging and selected topics in circuits and systems</jtitle><stitle>JETCAS</stitle><date>2021-06-01</date><risdate>2021</risdate><volume>11</volume><issue>2</issue><spage>228</spage><epage>251</epage><pages>228-251</pages><issn>2156-3357</issn><eissn>2156-3365</eissn><coden>IJESLY</coden><abstract>The last decade has witnessed remarkable research advances at the intersection of machine learning (ML) and hardware security. The confluence of the two technologies has created many interesting and unique opportunities, but also left some issues in their wake. ML schemes have been extensively used to enhance the security and trust of embedded systems like hardware Trojans and malware detection. On the other hand, ML-based approaches have also been adopted by adversaries to assist side-channel attacks, reverse engineer integrated circuits and break hardware security primitives like Physically Unclonable Functions (PUFs). Deep learning is a subfield of ML. It can continuously learn from a large amount of labeled data with a layered structure. Despite the impressive outcomes demonstrated by deep learning in many application scenarios, the dark side of it has not been fully exposed yet. The inability to fully understand and explain what has been done within the super-intelligence can turn an inherently benevolent system into malevolent. Recent research has revealed that the outputs of Deep Neural Networks (DNNs) can be easily corrupted by imperceptibly small input perturbations. As computations are brought nearer to the source of data creation, the attack surface of DNN has also been extended from the input data to the edge devices. Accordingly, due to the opportunities of ML-assisted security and the vulnerabilities of ML implementation, in this paper, we will survey the applications, vulnerabilities and fortification of ML from the perspective of hardware security. We will discuss the possible future research directions, and thereby, sharing a roadmap for the hardware security community in general.</abstract><cop>Piscataway</cop><pub>IEEE</pub><doi>10.1109/JETCAS.2021.3084400</doi><tpages>24</tpages><orcidid>https://orcid.org/0000-0001-5787-0101</orcidid><orcidid>https://orcid.org/0000-0002-8897-6176</orcidid><orcidid>https://orcid.org/0000-0001-9754-8715</orcidid><orcidid>https://orcid.org/0000-0003-0390-9909</orcidid><orcidid>https://orcid.org/0000-0003-4590-5367</orcidid><orcidid>https://orcid.org/0000-0002-5825-6637</orcidid><orcidid>https://orcid.org/0000-0002-6431-7512</orcidid><orcidid>https://orcid.org/0000-0003-0763-2003</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext
identifier	ISSN: 2156-3357
ispartof	IEEE journal on emerging and selected topics in circuits and systems, 2021-06, Vol.11 (2), p.228-251
issn	2156-3357 2156-3365
language	eng
recordid	cdi_crossref_primary_10_1109_JETCAS_2021_3084400
source	IEEE Electronic Library (IEL)
subjects	adversarial examples Artificial neural networks cloud FPGA Computational modeling counterfeit IC Deep learning edge AI Electronic devices Embedded systems Hardware hardware security hardware Trojan Integrated circuit modeling Integrated circuits Machine learning Malware malware detection Perturbation physical attacks physically unclonable functions Security side-channel attacks Support vector machines Trojan horses
title	Two Sides of the Same Coin: Boons and Banes of Machine Learning in Hardware Security
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-08T19%3A32%3A07IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Two%20Sides%20of%20the%20Same%20Coin:%20Boons%20and%20Banes%20of%20Machine%20Learning%20in%20Hardware%20Security&rft.jtitle=IEEE%20journal%20on%20emerging%20and%20selected%20topics%20in%20circuits%20and%20systems&rft.au=Liu,%20Wenye&rft.date=2021-06-01&rft.volume=11&rft.issue=2&rft.spage=228&rft.epage=251&rft.pages=228-251&rft.issn=2156-3357&rft.eissn=2156-3365&rft.coden=IJESLY&rft_id=info:doi/10.1109/JETCAS.2021.3084400&rft_dat=%3Cproquest_cross%3E2539969222%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2539969222&rft_id=info:pmid/&rft_ieee_id=9442769&rfr_iscdi=true