Visible to the public Think Smart, Play Dumb: Analyzing Deception in Hardware Trojan Detection Using Game Theory

TitleThink Smart, Play Dumb: Analyzing Deception in Hardware Trojan Detection Using Game Theory
Publication TypeConference Paper
Year of Publication2020
AuthorsDas, T., Eldosouky, A. R., Sengupta, S.
Conference Name2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)
Date Publishedjun
Keywordsactual game stage, cybersecurity, deception, deception analysis, first-step deception mitigation process, game theoretic security, game theory, hardware Trojan detection, Hardware Trojans, human factors, hypergame theory, IC designers, integrated circuits, invasive software, learning (artificial intelligence), learning stage, malicious IC manufacturer, manufactured ICs, multilevel game-theoretic framework, offshore manufacturing, optimal deception rationality, Predictive Metrics, prospect theory, pubcrawl, Repeated game, Resiliency, Scalability, supply chain, Supply chains, third-party companies, zero-sum
AbstractIn recent years, integrated circuits (ICs) have become significant for various industries and their security has been given greater priority, specifically in the supply chain. Budgetary constraints have compelled IC designers to offshore manufacturing to third-party companies. When the designer gets the manufactured ICs back, it is imperative to test for potential threats like hardware trojans (HT). In this paper, a novel multi-level game-theoretic framework is introduced to analyze the interactions between a malicious IC manufacturer and the tester. In particular, the game is formulated as a non-cooperative, zero-sum, repeated game using prospect theory (PT) that captures different players' rationalities under uncertainty. The repeated game is separated into a learning stage, in which the defender learns about the attacker's tendencies, and an actual game stage, where this learning is used. Experiments show great incentive for the attacker to deceive the defender about their actual rationality by "playing dumb" in the learning stage (deception). This scenario is captured using hypergame theory to model the attacker's view of the game. The optimal deception rationality of the attacker is analytically derived to maximize utility gain. For the defender, a first-step deception mitigation process is proposed to thwart the effects of deception. Simulation results show that the attacker can profit from the deception as it can successfully insert HTs in the manufactured ICs without being detected.
Citation Keydas_think_2020