state of the art machine learning based modeling attacks
play

State-of-the-art Machine Learning based Modeling Attacks Phuong Ha - PowerPoint PPT Presentation

Aug 23, 2022 •45 likes •635 views

The Interpose PUF (iPUF): Secure PUF Design against State-of-the-art Machine Learning based Modeling Attacks Phuong Ha Nguyen, Durga P. Sahoo, Kaleel Mahmood, Chenglu Jin, Ulrich Rhrmair and Marten van Dijk Secure Computation Laboratory

  1. The Interpose PUF (iPUF): Secure PUF Design against State-of-the-art Machine Learning based Modeling Attacks Phuong Ha Nguyen, Durga P. Sahoo, Kaleel Mahmood, Chenglu Jin, Ulrich Rührmair and Marten van Dijk Secure Computation Laboratory Department of Electrical & Computer Engineering University of Connecticut Ha Durga Chenglu Kaleel Marten Uli CHES 2019

  2. Content 1. Concept - Overview - Motivation 2. Strong PUFs: APUF, XOR APUF and Interpose PUF (iPUF) 3. Short-term Reliability 4. Reliability based modeling attacks on XOR PUF: understanding 5. Interpose PUF – a lightweight PUF which is secure against state-of-the art modeling attacks 6. Conclusion 2

  3. 1 . Concept - Overview - Motivation 3

  4. Concept - Overview – Motivation [1] Hardware Challenge C Response R Primitive [Device] PUF’s Category : Nature: process variation – physically unclonability - unique Application: device Identification, authentication Weak PUF - small #CRPs: and crypto key generation RO PUF, SRAM PUF, etc. Strong PUF – large #CRPs: No Security Proof: Security Proof: Broken but lightweight: APUF, XOR APUF, Feed Power Grid PUF, LPN PUFs - heavy Forward PUF, Clock PUF, Crossbard PUF Lightweight Secure PUF, Bistable Ring PUF, MPUF etc. 4

  5. Concept - Overview – Motivation [2] Hardware Challenge C Response R Primitive [Device] PUF’s Category : Nature: process variation – physically unclonability - unique Application: device Identification, authentication Weak PUF - small #CRPs: and crypto key generation RO PUF, SRAM PUF, etc. Strong PUF – large #CRPs: No Security Proof: Security Proof: Broken but lightweight: APUF, XOR APUF, Feed Power Grid PUF, LPN PUFs - heavy Forward PUF, Clock PUF, Crossbard PUF Lightweight Secure PUF, Bistable Ring PUF, MPUF etc. 5

  6. Concept - Overview – Motivation [3] Hardware Challenge C Response R Primitive [Device] PUF’s Modeling Attacks on CRPs only : PUF’s Category : Weak PUF - small #CRPs: Advanced ML attacks Classical ML attacks RO PUF, SRAM PUF, etc. – noisy CRPs: – reliable CRPs: CMA-ES + noisy CRPs Strong PUF – large #CRPs: Support Vector Machine (SVM), Logistic Regression (LR), Evolution Strategy (ES), No Security Proof: Security Proof: Broken but lightweight: Covariance Matrix Adaptation APUF, XOR APUF, Feed Power Grid PUF, LPN PUFs ES (CMA-ES), Perceptron, - heavy Forward PUF, Clock PUF, Boolean Attacks, Deep Neural Crossbard PUF Lightweight Secure PUF, Network Attacks (DNN) Bistable Ring PUF, MPUF etc. 6

  7. Concept - Overview – Motivation [4] Hardware Challenge C Response R Primitive [Device] PUF’s Modeling Attacks with CRPs only : PUF’s Category : Weak PUF - small #CRPs: Advanced ML attacks Classical ML attacks RO PUF, SRAM PUF, etc. – noisy CRPs: – reliable CRPs: CMA-ES + noisy CRPs Strong PUF – large #CRPs: Support Vector Machine (SVM), Logistic Regression (LR), Evolution Strategy (ES), No Security Proof: Security Proof: Broken but lightweight: Covariance Matrix Adaptation APUF, XOR APUF, Feed Power Grid PUF, LPN PUFs ES (CMA-ES), Perceptron, - heavy Forward PUF, Clock PUF, Boolean Attacks, Deep Neural Crossbard PUF Lightweight Secure PUF, Network Attacks (DNN) Bistable Ring PUF, MPUF etc. 7

  8. Concept - Overview – Motivation [5] Hardware Challenge C Response R Primitive [Device] PUF’s Modeling Attacks with CRPs only : PUF’s Category : Weak PUF - small #CRPs: Advanced ML attacks Classical ML attacks RO PUF, SRAM PUF, etc. – noisy CRPs: – reliable CRPs: CMA-ES + noisy CRPs Strong PUF – large #CRPs: Support Vector Machine (SVM), Logistic Regression (LR), Evolution Strategy (ES), No Security Proof: Security Proof: Broken but lightweight: Covariance Matrix Adaptation Arbiter PUF/APUF, XOR Power Grid PUF, LPN PUFs ES (CMA-ES), Perceptron, - Large HW APUF, Feed Forward Clock PUF, Boolean Attacks, Deep Neural Crossbar PUF footprint PUF, Lightweight Secure Network Attacks (DNN) PUF, Bistable Ring PUF. 8

  9. Concept - Overview – Motivation [6] Hardware Challenge C Response R Primitive [Device] PUF’s Modeling Attacks with CRPs only : PUF’s Category : Weak PUF - small #CRPs: Advanced ML attacks Classical ML attacks RO PUF, SRAM PUF, etc. – noisy CRPs: – reliable CRPs: CMA-ES + noisy CRPs Strong PUF – large #CRPs: Security Proof Broken but lightweight: Vulnerability Arbiter PUF/APUF, XOR Lightweight, APUF, Feed Forward Precise Math. Model PUF, Lightweight Secure XOR APUF PUF, Bistable Ring PUF. 9

  10. Concept - Overview – Motivation [7] Hardware Challenge C Response R Primitive [Device] PUF’s Modeling Attacks with CRPs only : PUF’s Category : Weak PUF - small #CRPs: Advanced ML attacks Classical ML attacks RO PUF, SRAM PUF, etc. – noisy CRPs: – reliable CRPs: CMA-ES + noisy CRPs Strong PUF – large #CRPs: Security Proof Broken but lightweight: Security Proof Arbiter PUF/APUF, XOR Lightweight, APUF, Feed Forward Precise Math. Model PUF, Lightweight Secure XOR APUF interpose PUF (iPUF) PUF, Bistable Ring PUF. 10

  11. Concept - Overview – Motivation [8] Hardware Challenge C Response R Primitive [Device] PUF’s Modeling Attacks with CRPs only : PUF’s Category : Weak PUF - small #CRPs: Advanced ML attacks Classical ML attacks RO PUF, SRAM PUF, etc. – noisy CRPs: – reliable CRPs: CMA-ES + noisy CRPs Strong PUF – large #CRPs: Security Proof Broken but lightweight: Security Proof Security Philosophy Arbiter PUF/APUF, XOR Lightweight, APUF, Feed Forward Precise Math. Model PUF, Lightweight Secure XOR APUF interpose PUF (iPUF) PUF, Bistable Ring PUF. Design Philosophy 11

  12. 2. APUF- XOR APUF -iPUF 12

  13. APUF, XOR APUF and iPUF [1] Arbiter PUF (APUF) [1] x-XOR APUF Interpose PUF (iPUF) - Extremely lightweight and large number of CRPs i.e, 2 𝑜 CRPs - Environmental noises make the PUF’s outputs unreliable sometimes - Not secure against modeling attacks

  14. APUF, XOR APUF and iPUF [2] Arbiter PUF (APUF) x-XOR APUF

  15. APUF, XOR APUF and iPUF [3] The Interpose PUF / iPUF 15

  16. APUF, XOR APUF and iPUF [4] Interpose PUF (iPUF) x-XOR Arbiter PUF Arbiter PUF (APUF) 𝑦, 𝑧 − 𝐽𝑄𝑉𝐺 ≈ 𝑧 + 𝑦 2 − 𝑌𝑃𝑆 𝑄𝑉𝐺 if a is inserted at the middle Precise non-linear model + CRPs + classical ML = impractically softwarelly clonable • Δ > 0 → 𝑠 = 1. 𝑃𝑢ℎ𝑓𝑠𝑥𝑗𝑡𝑓 𝑠 = 0 • Δ = 𝒆 𝒗𝒒𝒒𝒇𝒔 − 𝒆 𝒎𝒑𝒙𝒇𝒔 = 𝒙 ⋅ 𝚾 Precise non-linear model + CRPs + classical ML • 𝒙 ∶ 𝑣𝑜𝑗𝑟𝑣𝑓 𝑥𝑓𝑗𝑕ℎ𝑢 𝑤𝑓𝑑𝑢𝑝𝑠, = impractically softwarelly clonable 𝑒𝑓𝑚𝑏𝑧 𝑠𝑓𝑞𝑠𝑓𝑡𝑓𝑜𝑢𝑏𝑢𝑗𝑝𝑜 𝑔𝑝𝑠 𝑏𝑜𝑧 𝐵𝑄𝑉𝐺 𝑗𝑜𝑡𝑢𝑏𝑜𝑑𝑓 • XOR APUF is not Secure against noisy CRPs + 𝚾 𝑗𝑡 𝑢ℎ𝑓 𝑞𝑏𝑠𝑗𝑢𝑧 𝑤𝑓𝑑𝑢𝑝𝑠 𝚾 𝑗 = 𝑘=𝑗,…,𝑜−1 1 − 𝒅 𝑘 , 𝑗 = 0, … , 𝑜 − 1 , 𝚾 𝑜 = 1 CMA-ES [Advanced ML]! (CHES2015) why? Precise linear model + CRPs + ML Why not for IPUF? 16 = practically and softwarelly clonable

  17. APUF, XOR APUF and iPUF [5] Interpose PUF (iPUF) x-XOR Arbiter PUF Arbiter PUF (APUF) 𝑦, 𝑧 − 𝐽𝑄𝑉𝐺 ≈ 𝑧 + 𝑦 2 − 𝑌𝑃𝑆 𝑄𝑉𝐺 if a is inserted at the middle • Δ > 0 → 𝑠 = 1. 𝑃𝑢ℎ𝑓𝑠𝑥𝑗𝑡𝑓 𝑠 = 0 Precise non-linear model + CRPs + classical ML • Δ = 𝒆 𝒗𝒒𝒒𝒇𝒔 − 𝒆 𝒎𝒑𝒙𝒇𝒔 = 𝒙 ⋅ 𝚾 = impractically softwarelly clonable • 𝒙 ∶ 𝑣𝑜𝑗𝑟𝑣𝑓 𝑔𝑝𝑠 𝑏𝑜𝑧 𝐵𝑄𝑉𝐺 𝑗𝑜𝑡𝑢𝑏𝑜𝑑𝑓 Precise non-linear model + CRPs + classical ML • 𝚾 𝑗𝑡 𝑢ℎ𝑓 𝑞𝑏𝑠𝑗𝑢𝑧 𝑤𝑓𝑑𝑢𝑝𝑠 = impractically softwarelly clonable 𝚾 𝑗 = 𝑘=𝑗,…,𝑜−1 1 − 𝒅 𝑘 , 𝑗 = 0, … , 𝑜 − 1 , 𝚾 𝑜 = 1 XOR APUF is not Secure against noisy CRPs + • Precise linear model CMA-ES [Advanced ML]! (CHES2015) why? • Large CRP space • Why not for IPUF? Vulnerable to ML attacks 17

  18. APUF, XOR APUF and iPUF [6] Interpose PUF (iPUF) x-XOR Arbiter PUF Arbiter PUF (APUF) 𝑦, 𝑧 − 𝐽𝑄𝑉𝐺 [2] ≈ 𝑧 + 𝑦 2 − 𝑌𝑃𝑆 𝑄𝑉𝐺 if a is inserted at the middle • • Δ > 0 → 𝑠 = 1. 𝑃𝑢ℎ𝑓𝑠𝑥𝑗𝑡𝑓 𝑠 = 0 Precise non-linear model • • Δ = 𝒆 𝒗𝒒𝒒𝒇𝒔 − 𝒆 𝒎𝒑𝒙𝒇𝒔 = 𝒙 ⋅ 𝚾 Large CRP space • • Secure against classical ML 𝒙 ∶ 𝑣𝑜𝑗𝑟𝑣𝑓 𝑔𝑝𝑠 𝑏𝑜𝑧 𝐵𝑄𝑉𝐺 𝑗𝑜𝑡𝑢𝑏𝑜𝑑𝑓 Precise non-linear model + CRPs + classical ML • • Vulnerable to advanced ML 𝚾 𝑗𝑡 𝑢ℎ𝑓 𝑞𝑏𝑠𝑗𝑢𝑧 𝑤𝑓𝑑𝑢𝑝𝑠 = impractically softwarelly clonable 𝚾 𝑗 = 𝑘=𝑗,…,𝑜−1 1 − 𝒅 𝑘 , 𝑗 = 0, … , 𝑜 − 1 , 𝚾 𝑜 = 1 XOR APUF is not Secure against noisy CRPs + • Precise linear model CMA-ES [Advanced ML]! (CHES2015) why? • Large CRP space • Why not for IPUF? Vulnerable to ML attacks 18

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine

Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine

CS573 Data Privacy and Security Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine Learning Under Adversarial Settings Data privacy/confidentiality attacks membership attacks, model inversion

3.44k views • 63 slides
Machine Learning Modeling and Learning 15-110 Monday 4/13 Learning Goals Given a

Machine Learning Modeling and Learning 15-110 Monday 4/13 Learning Goals Given a

Machine Learning Modeling and Learning 15-110 Monday 4/13 Learning Goals Given a dataset, identify features which may help predict information about the data Identify common types of machine learning algorithms 2 Machine

553 views • 27 slides
Non-Profiled Deep Learning-based Side-Channel attacks with Sensitivity Analysis Benjamin Timon

Non-Profiled Deep Learning-based Side-Channel attacks with Sensitivity Analysis Benjamin Timon

Non-Profiled Deep Learning-based Side-Channel attacks with Sensitivity Analysis Benjamin Timon August 28, 2019 Python notebook presentation for CHES 2019 1 Introduction & Motivation Profiled vs Non-Profiled attacks Machine Learning trend

407 views • 14 slides
Modeling and Representing Negation in Data-driven Machine Learning-based Sentiment Analysis

Modeling and Representing Negation in Data-driven Machine Learning-based Sentiment Analysis

Modeling and Representing Negation in Data-driven Machine Learning-based Sentiment Analysis Robert Remus rremus@informatik.uni-leipzig.de Natural Language Processing Group Department of Computer Science University of Leipzig, Germany

357 views • 16 slides
CptS 570 Machine Learning School of EECS Washington State University CptS 570 - Machine

CptS 570 Machine Learning School of EECS Washington State University CptS 570 - Machine

CptS 570 Machine Learning School of EECS Washington State University CptS 570 - Machine Learning 1 Relational data Logic-based representation Graph-based representation Propositionalization Inductive Logic Programming

567 views • 55 slides
CptS 570 Machine Learning School of EECS Washington State University CptS 570 - Machine

CptS 570 Machine Learning School of EECS Washington State University CptS 570 - Machine

CptS 570 Machine Learning School of EECS Washington State University CptS 570 - Machine Learning 1 Or, support vector machine (SVM) Discriminant-based method Learn class boundaries Support vector consists of examples closest

1.01k views • 46 slides
TAXONOMY AND CHALLENGES IN MACHINE LEARNING-BASED APPROACHES TO DETECT ATTACKS IN THE INTERNET

TAXONOMY AND CHALLENGES IN MACHINE LEARNING-BASED APPROACHES TO DETECT ATTACKS IN THE INTERNET

The 15th International Conference on Availability, Reliability and Security (ARES 2020) August 25 to August 28, 2020 in Dublin, Ireland ID-86 workshop paper (IoT-SECFOR) TAXONOMY AND CHALLENGES IN MACHINE LEARNING-BASED APPROACHES TO DETECT

583 views • 13 slides
Machine Learning for Performance and Power Modeling/Prediction Lizy K. John University of Texas

Machine Learning for Performance and Power Modeling/Prediction Lizy K. John University of Texas

PACT 2010 Machine Learning for Performance and Power Modeling/Prediction Lizy K. John University of Texas at Austin Simulation Challenges Simulation Based Performance Models eg: SimOS, SIMICS, GEM5, SimpleScalar Power modeling eg:

778 views • 39 slides
modeling with machine learning Kelly Kochanski NCAR Multicore Workshop 2019 2014 xkcd.com/1425/

modeling with machine learning Kelly Kochanski NCAR Multicore Workshop 2019 2014 xkcd.com/1425/

Accelerating Earth and climate modeling with machine learning Kelly Kochanski NCAR Multicore Workshop 2019 2014 xkcd.com/1425/ What is machine learning? What is machine learning? Machine learning at its most basic is the practice of using

654 views • 49 slides
Neural Networks for Machine Learning Lecture 7a Modeling sequences: A brief overview Geoffrey

Neural Networks for Machine Learning Lecture 7a Modeling sequences: A brief overview Geoffrey

Neural Networks for Machine Learning Lecture 7a Modeling sequences: A brief overview Geoffrey Hinton Nitish Srivastava, Kevin Swersky Tijmen Tieleman Abdel-rahman Mohamed Getting targets when modeling sequences When applying machine

719 views • 34 slides
Interpretability in Machine Learning Why Interpret ? The current state of machine learning And

Interpretability in Machine Learning Why Interpret ? The current state of machine learning And

Interpretability in Machine Learning Why Interpret ? The current state of machine learning And its uses ... https://www.tesla.com/videos/autopilot-self- NYPost MIT Technology Review driving-hardware-neighborhood-long DeepMind DeepMind So

823 views • 55 slides
Limitations of Threat Modeling in Adversarial Machine Learning Florian Tramr EPFL, December 19

Limitations of Threat Modeling in Adversarial Machine Learning Florian Tramr EPFL, December 19

Limitations of Threat Modeling in Adversarial Machine Learning Florian Tramr EPFL, December 19 th 2019 Based on joint work with Jens Behrmannn, Dan Boneh, Nicholas Carlini, Pascal Dupr, Jrn-Henrik Jacobsen, Nicolas Papernot, Giancarlo

498 views • 39 slides
STAT 339 Probabilistic Modeling and Machine Learning 30 January 2017 Colin Reimer Dawson

STAT 339 Probabilistic Modeling and Machine Learning 30 January 2017 Colin Reimer Dawson

STAT 339 Probabilistic Modeling and Machine Learning 30 January 2017 Colin Reimer Dawson Outline Data Science and Machine Learning Types of Learning Supervised Learning Unsupervised Learning Discovering Model Complexity Course Outline

239 views • 22 slides
Welcome to the Machine Learning Toolbox! Machine Learning Toolbox Supervised learning caret

Welcome to the Machine Learning Toolbox! Machine Learning Toolbox Supervised learning caret

MACHINE LEARNING TOOLBOX Welcome to the Machine Learning Toolbox! Machine Learning Toolbox Supervised learning caret R package Automates supervised learning (a.k.a. predictive modeling ) Target variable Machine Learning Toolbox

634 views • 16 slides
Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr.

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr.

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr. Principal Software Engineer 2019/02/19 What are cache based attacks ? In cryptography In cryptographic operations, leaking the internal state of a

338 views • 8 slides
On evasion attacks against machine learning in practical settings Lujo Bauer Professor,

On evasion attacks against machine learning in practical settings Lujo Bauer Professor,

On evasion attacks against machine learning in practical settings Lujo Bauer Professor, Electrical & Computer Engineering + Computer Science Director, Cyber Autonomy Research Center Collaborators: Mahmood Sharif, Sruti Bhagavatula, Mike

754 views • 31 slides
What happens after patient harm? Why one family from Kansas is fighting to stop the secrecy and

What happens after patient harm? Why one family from Kansas is fighting to stop the secrecy and

What happens after patient harm? Why one family from Kansas is fighting to stop the secrecy and start conversations. Melissa Clarkson clarkson_melissa@yahoo.com What happens after patient harm? 1. My familys story 2. Responding to

608 views • 48 slides
Dr. Nonparametric Bayes Or: How I Learned to Stop Worrying and Love the Dirichlet Process Kurt

Dr. Nonparametric Bayes Or: How I Learned to Stop Worrying and Love the Dirichlet Process Kurt

Dr. Nonparametric Bayes Or: How I Learned to Stop Worrying and Love the Dirichlet Process Kurt Miller CS 294: Practical Machine Learning November 19, 2009 Today we will discuss Nonparametric Bayesian methods. Kurt T. Miller Dr.

1.63k views • 124 slides
Citizens Advisory Committee Meeting #4 A REBUILD BY DESIGN PROJECT February 28, 2017 AG AGENDA

Citizens Advisory Committee Meeting #4 A REBUILD BY DESIGN PROJECT February 28, 2017 AG AGENDA

Citizens Advisory Committee Meeting #4 A REBUILD BY DESIGN PROJECT February 28, 2017 AG AGENDA DA Recap Last Meeting Activities Since Last Meeting Presentation of Identified Problem Areas Review Types of Problems NYS Parks

693 views • 35 slides
1 Enabling technologies Advances in sensor and actuator technology GPS, control of quantum

1 Enabling technologies Advances in sensor and actuator technology GPS, control of quantum

An introduction to hybrid systems Thanks to theory and applications School Organizers Maurice Heemels Bart De Schutter Alberto Bemporad George J. Pappas DISC Summer School on Departments of ESE and CIS Modeling and Control of Hybrid

450 views • 8 slides
Positive Emotions: Science & Practice Barbara Fredrickson, PhD, UNC-CH Psychology Mary

Positive Emotions: Science & Practice Barbara Fredrickson, PhD, UNC-CH Psychology Mary

UNC School of Social Work Clinical Lecture Series Positive Emotions: Science & Practice Barbara Fredrickson, PhD, UNC-CH Psychology Mary Brantley, MA, LMFT, Duke Integrative Medicine Sept 22, 2014 Working Definition of Emotion Brief

1.09k views • 93 slides
Finite Approximations of Discrete Random Measures Jonathan H. Huggins Postdoctoral Research

Finite Approximations of Discrete Random Measures Jonathan H. Huggins Postdoctoral Research

Finite Approximations of Discrete Random Measures Jonathan H. Huggins Postdoctoral Research Fellow Department of Biostatistics, Harvard with: Trevor Campbell, Jonathan How, Lorenzo Masoero, Lester Mackey, Tamara Broderick Bayesian

1.27k views • 115 slides
Leukemia and subsequent solid tumors among patients with myeloproliferative neoplasms Tiziano

Leukemia and subsequent solid tumors among patients with myeloproliferative neoplasms Tiziano

Leukemia and subsequent solid tumors among patients with myeloproliferative neoplasms Tiziano Barbui (tbarbui@asst-pg23.it Hematology and Research Foundation ,Ospedale Papa Giovanni XXIII, Bergamo Italy Secondary Leukemia and

559 views • 26 slides
Image and Video Coding: Human Visual Perception Y 1 X 1 1 Z The Human Eye / Structure of

Image and Video Coding: Human Visual Perception Y 1 X 1 1 Z The Human Eye / Structure of

Image and Video Coding: Human Visual Perception Y 1 X 1 1 Z The Human Eye / Structure of the Human Eye The Human Eye Human Eye : Similar components as a camera Two-lens system: Cornea and crystalline lens Variable aperture: Pupil / iris

1.25k views • 60 slides

More recommend