TY - JOUR
T1 - UNSAIL
T2 - Thwarting Oracle-Less Machine Learning Attacks on Logic Locking
AU - Alrahis, Lilas
AU - Patnaik, Satwik
AU - Knechtel, Johann
AU - Saleh, Hani
AU - Mohammad, Baker
AU - Al-Qutayri, Mahmoud
AU - Sinanoglu, Ozgur
N1 - Funding Information:
Manuscript received June 12, 2020; revised December 8, 2020; accepted January 21, 2021. Date of publication February 8, 2021; date of current version February 23, 2021. This work was supported in part by Khalifa University under Award [RC2-2018-020] and in part by the Center for Cyber Security at NYU New York/Abu Dhabi (NYU/NYUAD). The work of Satwik Patnaik was supported by the Global Ph.D. Fellowship at NYU/NYUAD. The associate editor coordinating the review of this manuscript and approving it for publication was Prof. Tim Güneysu. (Corresponding authors: Lilas Alrahis; Satwik Patnaik.) Lilas Alrahis, Hani Saleh, Baker Mohammad, and Mahmoud Al-Qutayri are with the Department of Electrical Engineering and Computer Science (EECS), Khalifa University, Abu Dhabi 127788, United Arab Emirates, and also with the System on Chip Center (SoCC), Khalifa University, Abu Dhabi 127788, United Arab Emirates (e-mail: [email protected]).
Publisher Copyright:
© 2005-2012 IEEE.
PY - 2021
Y1 - 2021
N2 - Logic locking aims to protect the intellectual property (IP) of integrated circuit (IC) designs throughout the globalized supply chain. The SAIL attack, based on tailored machine learning (ML) models, circumvents combinational logic locking with high accuracy and is amongst the most potent attacks as it does not require a functional IC acting as an oracle. In this work, we propose UNSAIL, a logic locking technique that inserts key-gate structures with the specific aim to confuse ML models like those used in SAIL. More specifically, UNSAIL serves to prevent attacks seeking to resolve the structural transformations of synthesis-induced obfuscation, which is an essential step for logic locking. Our approach is generic; it can protect any local structure of key-gates against such ML-based attacks in an oracle-less setting. We develop a reference implementation for the SAIL attack and launch it on both traditionally locked and UNSAIL-locked designs. For SAIL, two ML models have been proposed (which we implement accordingly), namely a change-prediction model and a reconstruction model; the change-prediction model is used to determine which key-gate structures to restore using the reconstruction model. Our study on benchmarks ranging from the ISCAS-85 and ITC-99 suites to the OpenRISC Reference Platform System-on-Chip (ORPSoC) confirms that UNSAIL degrades the accuracy of the change-prediction model and the reconstruction model by an average of 20.13 and 17 percentage points (pp), respectively. When the aforementioned models are combined, which is the most powerful scenario for SAIL, UNSAIL reduces the attack accuracy of SAIL by an average of 11pp. We further demonstrate that UNSAIL thwarts other oracle-less attacks, i.e., SWEEP and the redundancy attack, indicating the generic nature and strength of our approach. Detailed layout-level evaluations illustrate that UNSAIL incurs minimal area and power overheads of 0.26% and 0.61%, respectively, on the million-gate ORPSoC design.
AB - Logic locking aims to protect the intellectual property (IP) of integrated circuit (IC) designs throughout the globalized supply chain. The SAIL attack, based on tailored machine learning (ML) models, circumvents combinational logic locking with high accuracy and is amongst the most potent attacks as it does not require a functional IC acting as an oracle. In this work, we propose UNSAIL, a logic locking technique that inserts key-gate structures with the specific aim to confuse ML models like those used in SAIL. More specifically, UNSAIL serves to prevent attacks seeking to resolve the structural transformations of synthesis-induced obfuscation, which is an essential step for logic locking. Our approach is generic; it can protect any local structure of key-gates against such ML-based attacks in an oracle-less setting. We develop a reference implementation for the SAIL attack and launch it on both traditionally locked and UNSAIL-locked designs. For SAIL, two ML models have been proposed (which we implement accordingly), namely a change-prediction model and a reconstruction model; the change-prediction model is used to determine which key-gate structures to restore using the reconstruction model. Our study on benchmarks ranging from the ISCAS-85 and ITC-99 suites to the OpenRISC Reference Platform System-on-Chip (ORPSoC) confirms that UNSAIL degrades the accuracy of the change-prediction model and the reconstruction model by an average of 20.13 and 17 percentage points (pp), respectively. When the aforementioned models are combined, which is the most powerful scenario for SAIL, UNSAIL reduces the attack accuracy of SAIL by an average of 11pp. We further demonstrate that UNSAIL thwarts other oracle-less attacks, i.e., SWEEP and the redundancy attack, indicating the generic nature and strength of our approach. Detailed layout-level evaluations illustrate that UNSAIL incurs minimal area and power overheads of 0.26% and 0.61%, respectively, on the million-gate ORPSoC design.
KW - IP protection
KW - Logic locking
KW - hardware obfuscation
KW - hardware security
KW - machine learning
UR - http://www.scopus.com/inward/record.url?scp=85100850513&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85100850513&partnerID=8YFLogxK
U2 - 10.1109/TIFS.2021.3057576
DO - 10.1109/TIFS.2021.3057576
M3 - Article
AN - SCOPUS:85100850513
SN - 1556-6013
VL - 16
SP - 2508
EP - 2523
JO - IEEE Transactions on Information Forensics and Security
JF - IEEE Transactions on Information Forensics and Security
M1 - 9350294
ER -