A Novel Approach to Detect Hardware Malware Using Hamming Weight Model and One Class Support Vector Machine

  • P. SaravananEmail author
  • B. M. Mehtre
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 892)


Internet of Things (IoT) is an upcoming research area in cyber security and since common security measures are not implemented in these devices, they are most vulnerable to cyber attacks. Though IoT devices are vulnerable to both hardware and software malware attacks, the impact of hardware vulnerabilities will be significant since the devices once fabricated cannot be modified or updated. Among the major hardware vulnerabilities, hardware malware also known as hardware trojan (HT) is critical as it can control, modify, disable or monitor the key information in the device. While many techniques have been explored in the literature to detect HT at the gate level netlist, their computational complexity is very high and detection accuracy is relatively low. In order to reduce the computational complexity and improve the detection accuracy, a novel approach is proposed in this work to detect HT in the gate level netlist using Hamming weight model and unsupervised anomaly based detection method. The leakage power supply current signatures for both HT-free and HT-infected circuits are derived from Hamming weights of the random input sequence. The current signatures are then normalized and applied to one class support vector machine which acts as an anomaly detector to identify the HT-infected circuits. The process parameter and environmental noise variations are considered while characterizing the gates for different Hamming weights. The proposed method is evaluated on ISCAS85 C17 benchmark circuit using 16 nm process technology node in HSpice. A detection accuracy of 100% is achieved even when there is a single malicious gate in the HT-infected circuit. Experiments with other benchmark circuits show that the proposed methodology performs well.


Hardware Trojan Hardware malware Hardware security Hamming weight model One class support vector machine Leakage current 


  1. 1.
    Chakraborty, R.S., Wolff, F., Paul, S., Papachristou, C., Bhunia, S.: MERO: a statistical approach for hardware Trojan detection. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 396–410. Springer, Heidelberg (2009). Scholar
  2. 2.
    Agrawal, D., Baktir, S., Karakoyunlu, D., Rohatgi, P., Sunar, B.: Trojan detection using IC fingerprinting. In: Proceedings of IEEE Symposium on Security Privacy, pp. 296–310, Berkeley (2007)Google Scholar
  3. 3.
    Banga, M., Hsiao, M.S.: A region based approach for the identification of hardware Trojans. In: Proceedings of IEEE International Workshop Hardware Oriented Security Trust (HOST), pp. 40–47, Anaheim (2008)Google Scholar
  4. 4.
    Rad, R., Plusquellic, J., Tehranipoor, M.: A sensitivity analysis of power signal methods for detecting hardware Trojans under real process and environmental conditions. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 18(12), 1735–1744 (2010)CrossRefGoogle Scholar
  5. 5.
    Yuan, C., Chang, C.H., Chen, S.: A cluster-based distributed active current sensing circuit for hardware Trojan detection. IEEE Trans. Inf. Forensics Secur. 9(12), 2220–2231 (2014)CrossRefGoogle Scholar
  6. 6.
    Hassan, S.: COTD: reference-free hardware Trojan detection and recovery based on controllability and observability in gate-Level netlist. IEEE Trans. Inf. Forensics Secur. 12(2), 338–350 (2017)CrossRefGoogle Scholar
  7. 7.
    Sheng, W., Potkonjak, M.: Scalable hardware Trojan diagnosis. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 20(6), 1049–1057 (2012)CrossRefGoogle Scholar
  8. 8.
    Chongxi, B., Forte, D., Srivastava, A.: On application of one-class SVM to reverse engineering-based hardware Trojan detection. In: Proceedings of 15th IEEE International Symposium on Quality Electronic Design (ISQED), pp. 47–54, Santa Clara (2014)Google Scholar
  9. 9.
    Kan, X., Forte, D., Jin, Y., Karri, R., Bhunia, S., Tehranipoor, M.: Hardware Trojans: lessons learned after one decade of research. ACM Trans. Des. Autom. Electron. Syst. (TODAES) 22(1), 1–6 (2016)Google Scholar
  10. 10.
    Alioto, M., Giancane, L., Scotti, G., Trifiletti, A.: Leakage power analysis attacks: a novel class of attacks to nanometer cryptographic circuits. IEEE Trans. Circuits Syst. 57(2), 355–367 (2010)MathSciNetCrossRefGoogle Scholar
  11. 11.
    Tax, D.: One-class classification: concept-learning in the absence of counter-examples. Ph.D. dissertation, Delft University of Technology (2001)Google Scholar
  12. 12.
    Scholkopf, B., Williamson, R.C., Smola, A.J., Shawe-Taylor, J., Platt, J.C.: Support vector method for novelty detection. In: Proceedings of Advances in Neural Information Processing Systems (NIPS), pp. 582–588 (1999)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.Department of ECEPSG College of TechnologyCoimbatoreIndia
  2. 2.Centre for Cyber SecurityInstitute for Development and Research in Banking Technology (IDRBT)HyderabadIndia

Personalised recommendations