ALMOST: Adversarial Learning to Mitigate Oracle-less ML Attacks via Synthesis Tuning
Animesh Basak Chowdhury, Lilas Alrahis, Luca Collini, Johann Knechtel,, Ramesh Karri, Siddharth Garg, Ozgur Sinanoglu, Benjamin Tan
TL;DR
ALMOST is a framework that uses adversarial learning and synthesis tuning to reduce the effectiveness of oracle-less ML attacks on logic locking schemes without compromising design optimization.
Contribution
It introduces a security-aware synthesis method employing adversarial models and simulated annealing to mitigate ML attacks on logic locking.
Findings
Attack accuracy drops to around 50% on ALMOST-synthesized circuits.
The framework maintains design optimization while enhancing security.
Experiments on ISCAS benchmarks validate effectiveness.
Abstract
Oracle-less machine learning (ML) attacks have broken various logic locking schemes. Regular synthesis, which is tailored for area-power-delay optimization, yields netlists where key-gate localities are vulnerable to learning. Thus, we call for security-aware logic synthesis. We propose ALMOST, a framework for adversarial learning to mitigate oracle-less ML attacks via synthesis tuning. ALMOST uses a simulated-annealing-based synthesis recipe generator, employing adversarially trained models that can predict state-of-the-art attacks' accuracies over wide ranges of recipes and key-gate localities. Experiments on ISCAS benchmarks confirm the attacks' accuracies drops to around 50\% for ALMOST-synthesized circuits, all while not undermining design optimization.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsPhysical Unclonable Functions (PUFs) and Hardware Security · Semiconductor materials and devices · Integrated Circuits and Semiconductor Failure Analysis