Design of AI Trojans for Evading Machine Learning-based Detection of Hardware Trojans

The globalized semiconductor supply chain signif-

icantlyincreasestheriskofexposingSystem-on-Chip(SoC)

designs to malicious implants, popularly known as hardware

Trojans. Traditional simulation-based validation is unsuitable for

detection of carefully-crafted hardware Trojans with extremely

rare trigger conditions. While machine learning (ML) based

Trojan detection approaches are promising due to their scalability

as well as detection accuracy, ML-based methods themselves

are vulnerable from Trojan attacks. In this paper, we propose

a robust backdoor attack on ML-based Trojan detection algo-

rithms to demonstrate this serious vulnerability. The proposed

frameworkisabletodesignanAITrojanandimplantit

inside the ML model that can be triggered by specific inputs.

Experimental results demonstrate that the proposed AI Trojans

can bypass state-of-the-art defense algorithms. Moreover, our

approach provides a fast and cost-effective solution in achieving

100% attack success rate that significantly outperforms state-of-

the art approaches based on adversarial attacks.

https://www.cise.ufl.edu/research/cad/Publications/date22ai.pdf