Detecting RTL Trojans using Artificial Immune Systems and High Level Behavior Classification

Document Type

Conference Proceeding

Publication Date


Digital Object Identifier (DOI)



Security assurance in a computer system can be viewed as distinguishing between self and non-self. Artificial Immune Systems (AIS) are a class of machine learning (ML) techniques inspired by the behavior of innate biological immune systems, which have evolved to accurately classify self-behavior from non-self-behavior. This work aims to leverage AIS-based ML techniques for identifying certain behavioral traits in high level hardware descriptions, including unsafe or undesirable behaviors, whether such behavior exists due to human error during development, or due to intentional, malicious circuit modifications, known as hardware Trojans, without the need for a golden reference model. We explore the use of Negative Selection and Clonal Selection, which have historically been applied to malware detection on software binaries, to detect potentially unsafe or malicious behavior in hardware. We present a software tool which analyzes Trojan-inserted benchmarks, extracts their control and data-flow graphs (CDFGs), and uses this to train an AIS behavior model, against which new hardware descriptions may be tested. The proposed model is capable of detecting the specified (Trojan or Trojan-like) behavior with an accuracy of ~85% and an average false negative rate of 12.6% for Negative Selection and 12.8% for Clonal Selection.

Was this content written or created while at USF?


Citation / Publisher Attribution

Presented at the 2018 Asian Hardware Oriented Security and Trust Symposium (AsianHOST) in December 2018, in Hong Kong, China