Hardware Security (Trojans, Obfuscation, Side-Channel)
Hardware Software Co-Security (Software Analysis, Timing Side-Channel)
Applied Artificial Intelligence for Security
Edge Intelligence and Internet-of-Things (IoT):
Applied Artificial Intelligence for efficient data storage @ edge/IoT
Optimal IoT system design generation for efficiency & security
Image Processing & Computer Vision for IoT systems
Intelligent Transport Systems
Awards & Honors
Innovation of the Year Award, UF Innovate | Tech Licensing, University of Florida, 2022: For the SAVIOR framework which enables remote charging of electric vehicle batteries, replenishing them on-the-go with the help of drones & mobile charging stations.
TTTC’s E. J. McCluskey Best Doctoral Thesis 2022 Award (1st place): For the most impactful doctoral student work in the field of electronic test technology.
DAC Young Fellow, 2021: I was accepted in the DAC Young Fellows Program 2021.
Top Picks (Winner) in Hardware and Embedded Security 2021, IEEE HSTTC: Our work "SAIL: Machine Learning Guided Structural Analysis Attack on Hardware Obfuscation", was a winner of the Top Picks in Hardware and Embedded Security 2021. Awarded by the IEEE Hardware Security and Trust Technical Committee (IEEE HSTTC).
IEEE Spectrum Website Article: Featured our work related to on-the-go electric vehicle charging for near-perpetual motion and environmental sustainability.
Certificate of Outstanding Achievement: Awarded by the Herbert Wertheim College of Engineering, University of Florida in 2021. Awarded for outstanding academic and research excellence.
Best Hardware Demo (1st): 2019 IEEE International Symp. on Hardware Oriented Security and Trust. Awarded for the presentation of a CAD framework for machine learning based IP trust verification.
Best Poster (1st, Hardware Obfuscation): 2019 FICS Annual Conference on Cybersecurity. Awarded for the presentation of a machine learning guided attack on hardware obfuscation.
Best Technical Demo (1st): 2019 FICS Annual Conference on Cybersecurity. Awarded for the demonstration of a CAD framework for machine learning based IP trust verification.
Best Hardware Demo (2nd): 2019 Warren B. Nelms Annual IoT Conference 2019. Awarded for the demonstration of a smart home with a first-responder drone network for security and safety hazards.
HASTE: Software Security Analysis for Timing Attacks on Clear Hardware Assumption
Publication Status: In IEEE Embedded Systems Letters
Abstract: Information leakage via timing side-channel analysis can compromise embedded systems used in diverse applications that are otherwise secure. Most state-of-the-art timing side-channel detection techniques focus on analyzing the software code while paying little to no attention to the underlying hardware. This limits the ability of such techniques in terms of detection and repair. In this paper, we propose a timing side-channel analysis framework that takes into consideration both the software and the underlying hardware micro-architecture to detect vulnerabilities with high precision. We also propose a set of metrics to quantify the severity of the vulnerabilities. We verify our proposed framework on two different computation subroutines which are widely used in crypto and secure systems.
SAIL: Analyzing Structural Artifacts of Logic Locking using Machine Learning
Abstract: Obfuscation or Logic locking (LL) is a technique for protecting hardware intellectual property (IP) blocks against diverse threats, including IP theft, reverse engineering, and malicious modifications. State-of-the-art locking techniques primarily focus on securing a design from unauthorized usage by disabling correct functionality – they often do not directly address hiding design intent through structural transformations. They rely on the synthesis tool to introduce structural changes. We observe that this process is insufficient as the resulting changes in circuit topology are: (1) local and (2) predictable. In this paper, we analyze the structural transformations introduced by LL and introduce a potential attack, called SAIL, that can exploit structural artifacts introduced by LL. SAIL uses machine learning (ML) guided structural recovery that exposes a critical vulnerability in these techniques. Through this attack, we demonstrate that the gate-level structure of a locked design can be retrieved in most parts through a systematic set of steps. The proposed attack is applicable to most forms of logic locking, and significantly more powerful than existing attacks, e.g., SAT-based attacks, since it does not require the availability of golden functional responses (e.g., an unlocked IC). Evaluation on benchmark circuits shows that we can recover an average of about 92%, up to 97%, transformations (Top-10 R-Metric) introduced by logic locking. We show that this attack is scalable, flexible, and versatile. Additionally, to evaluate the SAIL attack resilience of a locked design, we present the SIVA-Metric that is fast in terms of computation speed and does not require any training. We also propose possible mitigation steps for incorporating SAIL resilience into a locked design.
Publication status on related articles:
In IEEE Transactions on Information Forensics and Security (TIFS)
In 2018 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)
In 2022 IEEE International Test Conference (ITC)
LeGO: A Learning-Guided Obfuscation Framework for Hardware IP Protection
Abstract: The security of hardware intellectual properties (IPs) has become a significant concern, as the opportunity for piracy, reverse engineering, and malicious modification is increasing. Hardware obfuscation has been studied as a potent method to protect against all these attack vectors. However, most of the existing obfuscation techniques have been successfully compromised, where many inherent functional or structural vulnerabilities in these techniques are utilized to reveal the obfuscation key or retrieve the original design. In this paper, we introduce LeGO, a learning-guided obfuscation framework that overcomes known vulnerabilities in a scalable and systematic manner, leading to a robust and lightweight locking mechanism. The proposed framework is guided by our security evaluation process that performs a thorough assessment of an obfuscated IP against various attacks and identifies the vulnerabilities. It then judiciously selects and applies a set of design modification steps or rules that can eliminate these vulnerabilities. Such a rule-based obfuscation process has the distinctive capability to address all existing as well as emerging attacks through the learning of appropriate design transformation steps that prevent these attacks. We present an efficient strategy to apply these rules on a design, while resolving any conflict. Our evaluation of the LeGO framework on a set of ISCAS85 and open-source IP benchmarks has shown promising results in terms of robustness against diverse attacks with an average of area, power and delay overhead of 39%, 45%, and 15%, respectively.
BINGO: Brain-Inspired Learning Memory
Abstract: Storage and retrieval of data in a computer memory play a major role in system performance. Traditionally, computer memory organization is 'static' – i.e., it does not change based on the application-specific characteristics in memory access behaviour during system operation. Such a static nature of computer memory, we observe, not only limits the amount of data we can store in a given physical storage, but it also misses the opportunity for performance improvement in various applications. In this project, we introduce BINGO, a brain-inspired learning memory paradigm that organizes the memory as a flexible neural memory network. In our work, we have formalized the memory organization, designed the operation algorithms, theoretically analyzed the memory framework, and verified the framework's effectiveness using our simulation models. We have also implemented a functional variant of BINGO in FPGA and benchmarked it on hardware using an IoT image processing workload. BINGO achieved an order of magnitude improvement in memory access times and effective storage capacity using the CIFAR-10 dataset and the wildlife surveillance dataset when compared to traditional content-operated memory. We have also filed a US patent to protect this idea.
Publication Status: Published in Neural Computing & Applications.
MAGIC: Machine Learning Guided Image Compression for Vision Applications in Internet-of-Things
Abstract: The emergent ecosystems of intelligent edge devices in diverse Internet of Things (IoT) applications, from automatic surveillance to precision agriculture, increasingly rely on recording and processing a variety of image data. Due to resource constraints, e.g., energy and communication bandwidth requirements, these applications require compressing the recorded images before transmission. For these applications, image compression commonly requires: (1) maintaining features for coarse-grain pattern recognition instead of the high-level details for human perception due to machine-to-machine communications; (2) high compression ratio that leads to improved energy and transmission efficiency; (3) large dynamic range of compression and an easy trade-off between compression factor and quality of reconstruction to accommodate a wide diversity of IoT applications as well as their time-varying energy/performance needs. To address these requirements, we propose, MAGIC, a novel machine learning (ML) guided image compression framework that judiciously sacrifices visual quality to achieve much higher compression when compared to traditional techniques, while maintaining accuracy for coarse-grained vision tasks. The central idea is to capture application-specific domain knowledge and efficiently utilize it in achieving high compression. We demonstrate that the MAGIC framework is configurable across a wide range of compression/quality and is capable of compressing beyond the standard quality factor limits of both JPEG 2000 and WebP. We perform experiments on representative IoT applications using two vision datasets and show 42.65x compression at similar accuracy with respect to the source. We highlight low variance in compression rate across images using our technique as compared to JPEG 2000 and WebP.
Publication Status: Published in IEEE Internet of Things Journal
Hardware Trojan Detection Using Machine learning
Abstract: Increasing reliance on hardware Intellectual Property (IP) cores in modern system-on-chip (SoC) design flow, often obtained from untrusted vendors distributed across the globe, can significantly compromise the security of SoCs. While the design could be verified for a specified functionality using existing tools, it is extremely hard to verify its trustworthiness to guarantee that no hidden, and possibly malicious function exists in the form of a hardware Trojan. Conventional verification process and tools fail to verify the trust of a third-party IP, primarily due to the lack of trusted reference design or golden models. In this paper, for the first time to our knowledge, we introduce a systematic framework to apply machine learning based classification for hardware IP trust verification. A supervised classifier could be trained for identifying Trojan nets within a suspect IP, but the detection coverage and accuracy are extremely sensitive to the quality of training set available. Furthermore, reliance on a static training database limits the classifier's ability in detecting new Trojans and facilitates adversarial learning. The proposed framework includes a Trojan insertion tool that dynamically generates a large number of diverse implementations of Trojan classes for creating a robust training set. It is significantly more difficult for an adversary to evade our classifier using known Trojan classes since the tool dynamically samples the entire Trojan population. To further improve the efficiency of the system, we combined three machine learning models into an average probability Voting Ensemble. Our results for two broad classes of Trojan show excellent classification accuracy of 99.69% and 99.88% with F-score of 86.69% and 88.37% for sequential and combinational Trojans, respectively.
Publication Status: Published in 2018 IEEE International Test Conference (ITC)
Side-channel Analysis for Hardware Trojan Detection using Machine Learning
Abstract: The evolving trend of the semiconductor supply chain resulted in a wide array of trust issues for electronic hardware. Among them, malicious alteration of designs in an untrusted design house or foundry, also known as hardware Trojan insertion, has emerged as a serious concern. A popular countermeasure against hardware Trojan attacks relies on identifying a Trojan fingerprint in a side - channel parameter. However, side - channel analysis suffers from (1) the process variations introduced in chips during fabrication and (2) the inability of conventional techniques to detect side - channel signatures of a small Trojan in a large design. In this project, we develop machine learning approaches to detect malicious Trojan activities in a chip with high sensitivity. We use a custom - designed circuit board and measurements from several Trojan-inserted test chips for validating our proposed technique. We were able to detect Trojans with very high confidence and precision.
2021 IEEE International Test Conference India (ITC India) -- https://ieeexplore.ieee.org/abstract/document/9532888
2021 22nd International Symposium on Quality Electronic Design (ISQED) -- https://ieeexplore.ieee.org/abstract/document/9424257
Intelligent Scheduling Algorithm for On-the-Electric vehicle Charging
Abstract: With rising concerns over fossil fuel depletion and the impact of Internal Combustion Engine (ICE) vehicles on our climate, the transportation industry is observing a rapid proliferation of Electric Vehicles (EVs). Yet, people continue to use ICE vehicles over EVs due to consumer worries over issues such as limited range, limited battery life, long charging times, and the lack of EV charging stations.Existing solutions to these problems, such as building more charging stations, increasing battery capacity, and road-charging have not been proven efficient so far. In this paper, we propose Peer-to-Peer Car Charging (P2C2), a highly scalable novel technique for charging EVs on-the-go with minimal cost overhead. We allow EVs to share charge among each other based on the instructions from a cloud-based control system. The control system assigns and guides EVs for charge sharing.We also introduce Mobile Charging Stations (MoCS), which are high battery capacity vehicles that are used to replenish the overall charge in the vehicle networks. We have implemented P2C2 and integrated it with the traffic simulator, SUMO. We observe promising results with up to 65 % reduction in the number of EV halts and with up to 24.4 % reduction in required battery capacity without any extra halts.
Published at Nature Scientific Reports:
Published at IEEE 91st Vehicular Technology Conference: VTC2020-Spring
SURF: Joint Structural Functional Attack on Logic Locking
Abstract: To help protect hardware Intellectual Property (IP) blocks against piracy and reverse engineering, researchers have proposed various obfuscation techniques that aim at hiding design intent and making black-box usage difficult. A dominant form of obfuscation, referred to as logic locking, relies on the insertion of key gates (e.g., XOR/XNOR) at strategic locations in a design followed by logic synthesis. Recently, it has been shown that such an approach leaves predictable structural signatures, which make them susceptible to machine learning (ML) based structural attacks. These attacks are shown to deobfuscate a design by learning the deterministic nature of transformations incorporated by commercial synthesis tools. They are attractive for unraveling the design intent. However, they may not be able to provide a working design. In this paper, we introduce a novel attack on obfuscation techniques, called Structural Functional (SURF) attack, which, for the first time to our knowledge, accomplishes key extraction through scalable functional analysis while leveraging the output of structural attacks. We have developed complete flow and an automatic tool for the attack, which shows promising results. We are able to retrieve, on average, ~90% keybits for obfuscated ISCAS-85 benchmarks (100% in several cases) with >98% output accuracy. We observe that SURF attack, unlike any known attack, can enable both discovering design intent as well as black-box usage. It is effective for all major variants of logic locking; scalable to large designs; and unlike SAT based attacks, is effective for all design types (e.g., multipliers, where SAT based attacks typically fail).
Publication Status: Published in 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)