(Back to Session Schedule)

The 25th Asia and South Pacific Design Automation Conference

Session 7C  Malicious Activities Generation and Detection
Time: 10:15 - 11:30 Thursday, January 16, 2020
Location: Room 307A
Chairs: Xueyan Wang (Beihang University, China), Qiaoyan Yu (University of New Hampshire, USA)

7C-1 (Time: 10:15 - 10:40)
TitleAutomated Trigger Activation by Repeated Maximal Clique Sampling
Author*Yangdi Lyu, Prabhat Mishra (University of Florida, USA)
Pagepp. 482 - 487
KeywordTrigger Activation, Clique Coverage, Hardware Trojan, Satisfiability
AbstractHardware Trojans are serious threat to security and reliability of computing systems. It is hard to detect these malicious implants using traditional validation methods since an adversary is likely to hide them under rare trigger conditions. While existing statistical test generation methods are promising for Trojan detection, they are not suitable for activating extremely rare trigger conditions in stealthy Trojans. To address the fundamental challenge of activating rare triggers, we propose a new test generation paradigm by mapping trigger activation problem to clique cover problem. The basic idea is to utilize a satisfiability solver to construct a test corresponding to each maximal clique. This paper makes two fundamental contributions: 1) it proves that the trigger activation problem can be mapped to clique cover problem, 2) it proposes an efficient test generation algorithm to activate trigger conditions by repeated maximal clique sampling. Experimental results demonstrate that our approach is scalable and it outperforms state-of-the-art approaches by several orders-of-magnitude in detecting stealthy Trojans.

7C-2 (Time: 10:40 - 11:05)
TitleAudio Adversarial Examples Generation with Recurrent Neural Networks
AuthorKuei-Huan Chang, *Po-Hao Huang (National Tsing Hua University, Taiwan), Honggang Yu, Yier Jin (University of Florida, USA), Ting-Chi Wang (National Tsing Hua University, Taiwan)
Pagepp. 488 - 493
KeywordNeural network security, Adversarial attack
AbstractAbstract—Previous methods of performing adversarial attacks against speech recognition systems often treat this problem as a solely optimization problem and require iterative updates to generate optimal solutions. Although they can achieve high success rate, the process is too computational heavy even with the help of GPU. In this paper, we introduce a new type of real-time adversarial attack methodology, which applies Recurrent Neural Networks (RNN) with a two-step training process to generate adversarial examples targeting a Keyword Spotting (KWS) system. We extend our attack to physical world by adding extra constraints in order to eliminate the distortions in real world.

7C-3 (Time: 11:05 - 11:30)
TitleDatabase and Benchmark for Early-stage Malicious Activity Detection in 3D Printing
Author*Xiaolong Ma (Northeastern University, USA), Zhe Li (Syracuse University, USA), Hongjia Li (Northeastern University, USA), Qiyuan An (Virginia Polytechnic Institute and State University, USA), Qinru Qiu (Syracuse University, USA), Wenyao Xu (The State University of New York at Buffalo, USA), Yanzhi Wang (Northeastern University, USA)
Pagepp. 494 - 499
KeywordDNN, 3D printing, Detection, Dataset
AbstractIncreasing malicious users have sought practices to leverage 3D printing technology to produce unlawful tools in criminal activities. It is of vital importance to enable 3D printers to identify the objects to be printed and terminate at early stage if illegal objects are identified. Deep learning yields significant rises in performance in the object recognition tasks. However, the lack of large-scale databases in 3D printing domain stalls the advancement of automatic illegal weapon recognition. This paper presents a new 3D printing image database, namely C3PO, which compromises two subsets for the different system working scenarios. We extract images from the numerical control programming code files of 22 3D models, and then categorize the images into 10 distinct labels. These two sets are designed for identifying: (i). printing knowledge source (G-code) at beginning of manufacturing, (ii). printing procedure during manufacturing. Importantly, we demonstrate that the weapons can be recognized in either scenario using deep learning based approaches using our proposed database. The quantitative results are promising, and the future exploration of the database and the crime prevention in 3D printing are demanding tasks.