MaliGNNoma: GNN-Based Malicious Circuit Classifier for Secure Cloud FPGAs
CoRR(2024)
Abstract
The security of cloud field-programmable gate arrays (FPGAs) faces challenges
from untrusted users attempting fault and side-channel attacks through
malicious circuit configurations. Fault injection attacks can result in denial
of service, disrupting functionality or leaking secret information. This threat
is further amplified in multi-tenancy scenarios. Detecting such threats before
loading onto the FPGA is crucial, but existing methods face difficulty
identifying sophisticated attacks.
We present MaliGNNoma, a machine learning-based solution that accurately
identifies malicious FPGA configurations. Serving as a netlist scanning
mechanism, it can be employed by cloud service providers as an initial security
layer within a necessary multi-tiered security system. By leveraging the
inherent graph representation of FPGA netlists, MaliGNNoma employs a graph
neural network (GNN) to learn distinctive malicious features, surpassing
current approaches. To enhance transparency, MaliGNNoma utilizes a
parameterized explainer for the GNN, labeling the FPGA configuration and
pinpointing the sub-circuit responsible for the malicious classification.
Through extensive experimentation on the ZCU102 board with a Xilinx
UltraScale+ FPGA, we validate the effectiveness of MaliGNNoma in detecting
malicious configurations, including sophisticated attacks, such as those based
on benign modules, like cryptography accelerators. MaliGNNoma achieves a
classification accuracy and precision of 98.24
surpassing state-of-the-art. We compare MaliGNNoma with five state-of-the-art
scanning methods, revealing that not all attack vectors detected by MaliGNNoma
are recognized by existing solutions, further emphasizing its effectiveness.
Additionally, we make MaliGNNoma and its associated dataset publicly available.
MoreTranslated text
Key words
Malicious Circuits,Neural Network,Accuracy And Precision,Graph Neural Networks,Multivariable Systems,Denial Of Service,Scanning Method,Side-channel,Attack Vector,Machine Learning Models,Graphics Processing Unit,Pooling Layer,Nodes In The Graph,Graph Structure,Random Data,Feature Engineering,Reverse Engineering,Graph Convolutional Network,Voltage Fluctuations,Node Embeddings,Electronic Design Automation,Graph Classification,Hardware Security,Influential Nodes,Sufficient Explanation,Woodchuck
AI Read Science
Must-Reading Tree
Example
![](https://originalfileserver.aminer.cn/sys/aminer/pubs/mrt_preview.jpeg)
Generate MRT to find the research sequence of this paper
Chat Paper
Summary is being generated by the instructions you defined