state of the art machine learning based modeling attacks
play

State-of-the-art Machine Learning based Modeling Attacks Phuong Ha - PowerPoint PPT Presentation

Aug 23, 2022 •45 likes •635 views

The Interpose PUF (iPUF): Secure PUF Design against State-of-the-art Machine Learning based Modeling Attacks Phuong Ha Nguyen, Durga P. Sahoo, Kaleel Mahmood, Chenglu Jin, Ulrich Rhrmair and Marten van Dijk Secure Computation Laboratory

  1. The Interpose PUF (iPUF): Secure PUF Design against State-of-the-art Machine Learning based Modeling Attacks Phuong Ha Nguyen, Durga P. Sahoo, Kaleel Mahmood, Chenglu Jin, Ulrich Rührmair and Marten van Dijk Secure Computation Laboratory Department of Electrical & Computer Engineering University of Connecticut Ha Durga Chenglu Kaleel Marten Uli CHES 2019

  2. Content 1. Concept - Overview - Motivation 2. Strong PUFs: APUF, XOR APUF and Interpose PUF (iPUF) 3. Short-term Reliability 4. Reliability based modeling attacks on XOR PUF: understanding 5. Interpose PUF – a lightweight PUF which is secure against state-of-the art modeling attacks 6. Conclusion 2

  3. 1 . Concept - Overview - Motivation 3

  4. Concept - Overview – Motivation [1] Hardware Challenge C Response R Primitive [Device] PUF’s Category : Nature: process variation – physically unclonability - unique Application: device Identification, authentication Weak PUF - small #CRPs: and crypto key generation RO PUF, SRAM PUF, etc. Strong PUF – large #CRPs: No Security Proof: Security Proof: Broken but lightweight: APUF, XOR APUF, Feed Power Grid PUF, LPN PUFs - heavy Forward PUF, Clock PUF, Crossbard PUF Lightweight Secure PUF, Bistable Ring PUF, MPUF etc. 4

  5. Concept - Overview – Motivation [2] Hardware Challenge C Response R Primitive [Device] PUF’s Category : Nature: process variation – physically unclonability - unique Application: device Identification, authentication Weak PUF - small #CRPs: and crypto key generation RO PUF, SRAM PUF, etc. Strong PUF – large #CRPs: No Security Proof: Security Proof: Broken but lightweight: APUF, XOR APUF, Feed Power Grid PUF, LPN PUFs - heavy Forward PUF, Clock PUF, Crossbard PUF Lightweight Secure PUF, Bistable Ring PUF, MPUF etc. 5

  6. Concept - Overview – Motivation [3] Hardware Challenge C Response R Primitive [Device] PUF’s Modeling Attacks on CRPs only : PUF’s Category : Weak PUF - small #CRPs: Advanced ML attacks Classical ML attacks RO PUF, SRAM PUF, etc. – noisy CRPs: – reliable CRPs: CMA-ES + noisy CRPs Strong PUF – large #CRPs: Support Vector Machine (SVM), Logistic Regression (LR), Evolution Strategy (ES), No Security Proof: Security Proof: Broken but lightweight: Covariance Matrix Adaptation APUF, XOR APUF, Feed Power Grid PUF, LPN PUFs ES (CMA-ES), Perceptron, - heavy Forward PUF, Clock PUF, Boolean Attacks, Deep Neural Crossbard PUF Lightweight Secure PUF, Network Attacks (DNN) Bistable Ring PUF, MPUF etc. 6

  7. Concept - Overview – Motivation [4] Hardware Challenge C Response R Primitive [Device] PUF’s Modeling Attacks with CRPs only : PUF’s Category : Weak PUF - small #CRPs: Advanced ML attacks Classical ML attacks RO PUF, SRAM PUF, etc. – noisy CRPs: – reliable CRPs: CMA-ES + noisy CRPs Strong PUF – large #CRPs: Support Vector Machine (SVM), Logistic Regression (LR), Evolution Strategy (ES), No Security Proof: Security Proof: Broken but lightweight: Covariance Matrix Adaptation APUF, XOR APUF, Feed Power Grid PUF, LPN PUFs ES (CMA-ES), Perceptron, - heavy Forward PUF, Clock PUF, Boolean Attacks, Deep Neural Crossbard PUF Lightweight Secure PUF, Network Attacks (DNN) Bistable Ring PUF, MPUF etc. 7

  8. Concept - Overview – Motivation [5] Hardware Challenge C Response R Primitive [Device] PUF’s Modeling Attacks with CRPs only : PUF’s Category : Weak PUF - small #CRPs: Advanced ML attacks Classical ML attacks RO PUF, SRAM PUF, etc. – noisy CRPs: – reliable CRPs: CMA-ES + noisy CRPs Strong PUF – large #CRPs: Support Vector Machine (SVM), Logistic Regression (LR), Evolution Strategy (ES), No Security Proof: Security Proof: Broken but lightweight: Covariance Matrix Adaptation Arbiter PUF/APUF, XOR Power Grid PUF, LPN PUFs ES (CMA-ES), Perceptron, - Large HW APUF, Feed Forward Clock PUF, Boolean Attacks, Deep Neural Crossbar PUF footprint PUF, Lightweight Secure Network Attacks (DNN) PUF, Bistable Ring PUF. 8

  9. Concept - Overview – Motivation [6] Hardware Challenge C Response R Primitive [Device] PUF’s Modeling Attacks with CRPs only : PUF’s Category : Weak PUF - small #CRPs: Advanced ML attacks Classical ML attacks RO PUF, SRAM PUF, etc. – noisy CRPs: – reliable CRPs: CMA-ES + noisy CRPs Strong PUF – large #CRPs: Security Proof Broken but lightweight: Vulnerability Arbiter PUF/APUF, XOR Lightweight, APUF, Feed Forward Precise Math. Model PUF, Lightweight Secure XOR APUF PUF, Bistable Ring PUF. 9

  10. Concept - Overview – Motivation [7] Hardware Challenge C Response R Primitive [Device] PUF’s Modeling Attacks with CRPs only : PUF’s Category : Weak PUF - small #CRPs: Advanced ML attacks Classical ML attacks RO PUF, SRAM PUF, etc. – noisy CRPs: – reliable CRPs: CMA-ES + noisy CRPs Strong PUF – large #CRPs: Security Proof Broken but lightweight: Security Proof Arbiter PUF/APUF, XOR Lightweight, APUF, Feed Forward Precise Math. Model PUF, Lightweight Secure XOR APUF interpose PUF (iPUF) PUF, Bistable Ring PUF. 10

  11. Concept - Overview – Motivation [8] Hardware Challenge C Response R Primitive [Device] PUF’s Modeling Attacks with CRPs only : PUF’s Category : Weak PUF - small #CRPs: Advanced ML attacks Classical ML attacks RO PUF, SRAM PUF, etc. – noisy CRPs: – reliable CRPs: CMA-ES + noisy CRPs Strong PUF – large #CRPs: Security Proof Broken but lightweight: Security Proof Security Philosophy Arbiter PUF/APUF, XOR Lightweight, APUF, Feed Forward Precise Math. Model PUF, Lightweight Secure XOR APUF interpose PUF (iPUF) PUF, Bistable Ring PUF. Design Philosophy 11

  12. 2. APUF- XOR APUF -iPUF 12

  13. APUF, XOR APUF and iPUF [1] Arbiter PUF (APUF) [1] x-XOR APUF Interpose PUF (iPUF) - Extremely lightweight and large number of CRPs i.e, 2 𝑜 CRPs - Environmental noises make the PUF’s outputs unreliable sometimes - Not secure against modeling attacks

  14. APUF, XOR APUF and iPUF [2] Arbiter PUF (APUF) x-XOR APUF

  15. APUF, XOR APUF and iPUF [3] The Interpose PUF / iPUF 15

  16. APUF, XOR APUF and iPUF [4] Interpose PUF (iPUF) x-XOR Arbiter PUF Arbiter PUF (APUF) 𝑦, 𝑧 − 𝐽𝑄𝑉𝐺 ≈ 𝑧 + 𝑦 2 − 𝑌𝑃𝑆 𝑄𝑉𝐺 if a is inserted at the middle Precise non-linear model + CRPs + classical ML = impractically softwarelly clonable • Δ > 0 → 𝑠 = 1. 𝑃𝑢ℎ𝑓𝑠𝑥𝑗𝑡𝑓 𝑠 = 0 • Δ = 𝒆 𝒗𝒒𝒒𝒇𝒔 − 𝒆 𝒎𝒑𝒙𝒇𝒔 = 𝒙 ⋅ 𝚾 Precise non-linear model + CRPs + classical ML • 𝒙 ∶ 𝑣𝑜𝑗𝑟𝑣𝑓 𝑥𝑓𝑗𝑕ℎ𝑢 𝑤𝑓𝑑𝑢𝑝𝑠, = impractically softwarelly clonable 𝑒𝑓𝑚𝑏𝑧 𝑠𝑓𝑞𝑠𝑓𝑡𝑓𝑜𝑢𝑏𝑢𝑗𝑝𝑜 𝑔𝑝𝑠 𝑏𝑜𝑧 𝐵𝑄𝑉𝐺 𝑗𝑜𝑡𝑢𝑏𝑜𝑑𝑓 • XOR APUF is not Secure against noisy CRPs + 𝚾 𝑗𝑡 𝑢ℎ𝑓 𝑞𝑏𝑠𝑗𝑢𝑧 𝑤𝑓𝑑𝑢𝑝𝑠 𝚾 𝑗 = 𝑘=𝑗,…,𝑜−1 1 − 𝒅 𝑘 , 𝑗 = 0, … , 𝑜 − 1 , 𝚾 𝑜 = 1 CMA-ES [Advanced ML]! (CHES2015) why? Precise linear model + CRPs + ML Why not for IPUF? 16 = practically and softwarelly clonable

  17. APUF, XOR APUF and iPUF [5] Interpose PUF (iPUF) x-XOR Arbiter PUF Arbiter PUF (APUF) 𝑦, 𝑧 − 𝐽𝑄𝑉𝐺 ≈ 𝑧 + 𝑦 2 − 𝑌𝑃𝑆 𝑄𝑉𝐺 if a is inserted at the middle • Δ > 0 → 𝑠 = 1. 𝑃𝑢ℎ𝑓𝑠𝑥𝑗𝑡𝑓 𝑠 = 0 Precise non-linear model + CRPs + classical ML • Δ = 𝒆 𝒗𝒒𝒒𝒇𝒔 − 𝒆 𝒎𝒑𝒙𝒇𝒔 = 𝒙 ⋅ 𝚾 = impractically softwarelly clonable • 𝒙 ∶ 𝑣𝑜𝑗𝑟𝑣𝑓 𝑔𝑝𝑠 𝑏𝑜𝑧 𝐵𝑄𝑉𝐺 𝑗𝑜𝑡𝑢𝑏𝑜𝑑𝑓 Precise non-linear model + CRPs + classical ML • 𝚾 𝑗𝑡 𝑢ℎ𝑓 𝑞𝑏𝑠𝑗𝑢𝑧 𝑤𝑓𝑑𝑢𝑝𝑠 = impractically softwarelly clonable 𝚾 𝑗 = 𝑘=𝑗,…,𝑜−1 1 − 𝒅 𝑘 , 𝑗 = 0, … , 𝑜 − 1 , 𝚾 𝑜 = 1 XOR APUF is not Secure against noisy CRPs + • Precise linear model CMA-ES [Advanced ML]! (CHES2015) why? • Large CRP space • Why not for IPUF? Vulnerable to ML attacks 17

  18. APUF, XOR APUF and iPUF [6] Interpose PUF (iPUF) x-XOR Arbiter PUF Arbiter PUF (APUF) 𝑦, 𝑧 − 𝐽𝑄𝑉𝐺 [2] ≈ 𝑧 + 𝑦 2 − 𝑌𝑃𝑆 𝑄𝑉𝐺 if a is inserted at the middle • • Δ > 0 → 𝑠 = 1. 𝑃𝑢ℎ𝑓𝑠𝑥𝑗𝑡𝑓 𝑠 = 0 Precise non-linear model • • Δ = 𝒆 𝒗𝒒𝒒𝒇𝒔 − 𝒆 𝒎𝒑𝒙𝒇𝒔 = 𝒙 ⋅ 𝚾 Large CRP space • • Secure against classical ML 𝒙 ∶ 𝑣𝑜𝑗𝑟𝑣𝑓 𝑔𝑝𝑠 𝑏𝑜𝑧 𝐵𝑄𝑉𝐺 𝑗𝑜𝑡𝑢𝑏𝑜𝑑𝑓 Precise non-linear model + CRPs + classical ML • • Vulnerable to advanced ML 𝚾 𝑗𝑡 𝑢ℎ𝑓 𝑞𝑏𝑠𝑗𝑢𝑧 𝑤𝑓𝑑𝑢𝑝𝑠 = impractically softwarelly clonable 𝚾 𝑗 = 𝑘=𝑗,…,𝑜−1 1 − 𝒅 𝑘 , 𝑗 = 0, … , 𝑜 − 1 , 𝚾 𝑜 = 1 XOR APUF is not Secure against noisy CRPs + • Precise linear model CMA-ES [Advanced ML]! (CHES2015) why? • Large CRP space • Why not for IPUF? Vulnerable to ML attacks 18

Recommend

Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine

Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine

CS573 Data Privacy and Security Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine Learning Under Adversarial Settings Data privacy/confidentiality attacks membership attacks, model inversion

3.44k views • 63 slides
Machine Learning Modeling and Learning 15-110 Monday 4/13 Learning Goals Given a

Machine Learning Modeling and Learning 15-110 Monday 4/13 Learning Goals Given a

Machine Learning Modeling and Learning 15-110 Monday 4/13 Learning Goals Given a dataset, identify features which may help predict information about the data Identify common types of machine learning algorithms 2 Machine

553 views • 27 slides
Non-Profiled Deep Learning-based Side-Channel attacks with Sensitivity Analysis Benjamin Timon

Non-Profiled Deep Learning-based Side-Channel attacks with Sensitivity Analysis Benjamin Timon

Non-Profiled Deep Learning-based Side-Channel attacks with Sensitivity Analysis Benjamin Timon August 28, 2019 Python notebook presentation for CHES 2019 1 Introduction & Motivation Profiled vs Non-Profiled attacks Machine Learning trend

407 views • 14 slides
Modeling and Representing Negation in Data-driven Machine Learning-based Sentiment Analysis

Modeling and Representing Negation in Data-driven Machine Learning-based Sentiment Analysis

Modeling and Representing Negation in Data-driven Machine Learning-based Sentiment Analysis Robert Remus rremus@informatik.uni-leipzig.de Natural Language Processing Group Department of Computer Science University of Leipzig, Germany

357 views • 16 slides
CptS 570 Machine Learning School of EECS Washington State University CptS 570 - Machine

CptS 570 Machine Learning School of EECS Washington State University CptS 570 - Machine

CptS 570 Machine Learning School of EECS Washington State University CptS 570 - Machine Learning 1 Relational data Logic-based representation Graph-based representation Propositionalization Inductive Logic Programming

567 views • 55 slides
CptS 570 Machine Learning School of EECS Washington State University CptS 570 - Machine

CptS 570 Machine Learning School of EECS Washington State University CptS 570 - Machine

CptS 570 Machine Learning School of EECS Washington State University CptS 570 - Machine Learning 1 Or, support vector machine (SVM) Discriminant-based method Learn class boundaries Support vector consists of examples closest

1.01k views • 46 slides
TAXONOMY AND CHALLENGES IN MACHINE LEARNING-BASED APPROACHES TO DETECT ATTACKS IN THE INTERNET

TAXONOMY AND CHALLENGES IN MACHINE LEARNING-BASED APPROACHES TO DETECT ATTACKS IN THE INTERNET

The 15th International Conference on Availability, Reliability and Security (ARES 2020) August 25 to August 28, 2020 in Dublin, Ireland ID-86 workshop paper (IoT-SECFOR) TAXONOMY AND CHALLENGES IN MACHINE LEARNING-BASED APPROACHES TO DETECT

583 views • 13 slides
Machine Learning for Performance and Power Modeling/Prediction Lizy K. John University of Texas

Machine Learning for Performance and Power Modeling/Prediction Lizy K. John University of Texas

PACT 2010 Machine Learning for Performance and Power Modeling/Prediction Lizy K. John University of Texas at Austin Simulation Challenges Simulation Based Performance Models eg: SimOS, SIMICS, GEM5, SimpleScalar Power modeling eg:

778 views • 39 slides
modeling with machine learning Kelly Kochanski NCAR Multicore Workshop 2019 2014 xkcd.com/1425/

modeling with machine learning Kelly Kochanski NCAR Multicore Workshop 2019 2014 xkcd.com/1425/

Accelerating Earth and climate modeling with machine learning Kelly Kochanski NCAR Multicore Workshop 2019 2014 xkcd.com/1425/ What is machine learning? What is machine learning? Machine learning at its most basic is the practice of using

654 views • 49 slides
Neural Networks for Machine Learning Lecture 7a Modeling sequences: A brief overview Geoffrey

Neural Networks for Machine Learning Lecture 7a Modeling sequences: A brief overview Geoffrey

Neural Networks for Machine Learning Lecture 7a Modeling sequences: A brief overview Geoffrey Hinton Nitish Srivastava, Kevin Swersky Tijmen Tieleman Abdel-rahman Mohamed Getting targets when modeling sequences When applying machine

719 views • 34 slides
Interpretability in Machine Learning Why Interpret ? The current state of machine learning And

Interpretability in Machine Learning Why Interpret ? The current state of machine learning And

Interpretability in Machine Learning Why Interpret ? The current state of machine learning And its uses ... https://www.tesla.com/videos/autopilot-self- NYPost MIT Technology Review driving-hardware-neighborhood-long DeepMind DeepMind So

823 views • 55 slides
Limitations of Threat Modeling in Adversarial Machine Learning Florian Tramr EPFL, December 19

Limitations of Threat Modeling in Adversarial Machine Learning Florian Tramr EPFL, December 19

Limitations of Threat Modeling in Adversarial Machine Learning Florian Tramr EPFL, December 19 th 2019 Based on joint work with Jens Behrmannn, Dan Boneh, Nicholas Carlini, Pascal Dupr, Jrn-Henrik Jacobsen, Nicolas Papernot, Giancarlo

498 views • 39 slides
STAT 339 Probabilistic Modeling and Machine Learning 30 January 2017 Colin Reimer Dawson

STAT 339 Probabilistic Modeling and Machine Learning 30 January 2017 Colin Reimer Dawson

STAT 339 Probabilistic Modeling and Machine Learning 30 January 2017 Colin Reimer Dawson Outline Data Science and Machine Learning Types of Learning Supervised Learning Unsupervised Learning Discovering Model Complexity Course Outline

239 views • 22 slides
Welcome to the Machine Learning Toolbox! Machine Learning Toolbox Supervised learning caret

Welcome to the Machine Learning Toolbox! Machine Learning Toolbox Supervised learning caret

MACHINE LEARNING TOOLBOX Welcome to the Machine Learning Toolbox! Machine Learning Toolbox Supervised learning caret R package Automates supervised learning (a.k.a. predictive modeling ) Target variable Machine Learning Toolbox

634 views • 16 slides
Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr.

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr.

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr. Principal Software Engineer 2019/02/19 What are cache based attacks ? In cryptography In cryptographic operations, leaking the internal state of a

338 views • 8 slides
On evasion attacks against machine learning in practical settings Lujo Bauer Professor,

On evasion attacks against machine learning in practical settings Lujo Bauer Professor,

On evasion attacks against machine learning in practical settings Lujo Bauer Professor, Electrical & Computer Engineering + Computer Science Director, Cyber Autonomy Research Center Collaborators: Mahmood Sharif, Sruti Bhagavatula, Mike

754 views • 31 slides
10b Machine Learning: Symbol-based 10.0 Introduction 10.5 Knowledge and Learning 10.1 A

10b Machine Learning: Symbol-based 10.0 Introduction 10.5 Knowledge and Learning 10.1 A

10b Machine Learning: Symbol-based 10.0 Introduction 10.5 Knowledge and Learning 10.1 A Framework for 10.6 Unsupervised Learning Symbol-based Learning 10.7 Reinforcement Learning 10.2 Version Space Search 10.8 Epilogue and 10.3 The

866 views • 50 slides
10c Machine Learning: Symbol-based 10.0 Introduction 10.5 Knowledge and Learning 10.1 A

10c Machine Learning: Symbol-based 10.0 Introduction 10.5 Knowledge and Learning 10.1 A

10c Machine Learning: Symbol-based 10.0 Introduction 10.5 Knowledge and Learning 10.1 A Framework for 10.6 Unsupervised Learning Symbol-based Learning 10.7 Reinforcement Learning 10.2 Version Space Search 10.8 Epilogue and 10.3 The

605 views • 35 slides
10a Machine Learning: Symbol-based 10.0 Introduction 10.5 Knowledge and Learning 10.1 A

10a Machine Learning: Symbol-based 10.0 Introduction 10.5 Knowledge and Learning 10.1 A

10a Machine Learning: Symbol-based 10.0 Introduction 10.5 Knowledge and Learning 10.1 A Framework for 10.6 Unsupervised Learning Symbol-based Learning 10.7 Reinforcement Learning 10.2 Version Space Search 10.8 Epilogue and 10.3 The

935 views • 54 slides
10d Machine Learning: Symbol-based 10.0 Introduction 10.5 Knowledge and Learning 10.1 A

10d Machine Learning: Symbol-based 10.0 Introduction 10.5 Knowledge and Learning 10.1 A

10d Machine Learning: Symbol-based 10.0 Introduction 10.5 Knowledge and Learning 10.1 A Framework for 10.6 Unsupervised Learning Symbol-based Learning 10.7 Reinforcement Learning 10.2 Version Space Search 10.8 Epilogue and 10.3 The

1.05k views • 29 slides
A Machine Learning Approach for Detecting Distributed Denial of Service Attacks Tanaphon Roempluk

A Machine Learning Approach for Detecting Distributed Denial of Service Attacks Tanaphon Roempluk

A Machine Learning Approach for Detecting Distributed Denial of Service Attacks Tanaphon Roempluk Master's degree studying Majoring in Information technology Faculty of informatics, Mahasarakham University The 4th International Conference on

207 views • 17 slides
FSM$Modeling State$Diagrams$(SDs)$and$Algorithmic$State$

FSM$Modeling State$Diagrams$(SDs)$and$Algorithmic$State$

FSM$Modeling State$Diagrams$(SDs)$and$Algorithmic$State$ Machine$(ASM)$charts$Describe$Behavior$of$FSMs Translating$Directly$from$SD/ASMs$to$Verilog$is$ Advantageous No$Worry$about$Mistake$in$Logic$Simplification

260 views • 5 slides
FSM$Modeling State$Diagrams$(SDs)$and$Algorithmic$State$

FSM$Modeling State$Diagrams$(SDs)$and$Algorithmic$State$

FSM$Modeling State$Diagrams$(SDs)$and$Algorithmic$State$ Machine$(ASM)$charts$Describe$Behavior$of$FSMs Translating$Directly$from$SD/ASMs$to$Verilog$is$ Advantageous No$Worry$about$Mistake$in$Logic$Simplification

387 views • 26 slides
Genetics-based Machine Learning and Behaviour Based Robotics: A New Synthesis

Genetics-based Machine Learning and Behaviour Based Robotics: A New Synthesis

Genetics-based Machine Learning and Behaviour Based Robotics: A New Synthesis Genetics-based Machine Learning and Behavior Based Robotics: A New Synthesis, Marco Dorigo, Uwe Schnepf, IEEE Transactions on System, MAn, and Cybernetics,

348 views • 34 slides

More recommend