Machine learning has been pervasively used in a wide range of applications due to its technical breakthroughs recent years. It demonstrated significant success dealing with various complex problems, and shows capabilities close humans or even beyond humans. However, studies show that machine models are vulnerable attacks, which will compromise the security themselves application systems. Moreover, such attacks stealthy unexplained nature deep models. In this survey, we systematically analyze...

Hardware Trojan detection techniques have been studied extensively. However, to develop reliable and effective defenses, it is important figure out how hardware Trojans are implemented in practical scenarios. The authors attempt make a review of the design implementations last decade also provide an outlook. Unlike all previous surveys that discuss from defender's perspective, for first time, study attacker's focusing on methods, capabilities, challenges when attacker designs implements...

In recent years, deep learning models have been widely deployed in various application scenarios. The training processes of neural network (DNN) are time-consuming, and require massive data large hardware overhead. These issues led to the outsourced procedure, pre-trained supplied from third parties, or untrusted users. However, a few researches indicate that, by injecting some well-designed backdoor instances into set, attackers can create concealed DNN model. this way, attacked model still...

The training and creation of deep learning model is usually costly, thus it can be regarded as an intellectual property (IP) the creator. However, malicious users who obtain high-performance models may illegally copy, redistribute, or abuse without permission. To deal with such security threats, a few neural networks (DNN) IP protection methods have been proposed in recent years. This paper attempts to provide review existing DNN works also outlook. First, we propose first taxonomy for terms...

Recently, integrated circuits (ICs) are becoming increasing vulnerable to hardware Trojans. Most of existing works require golden chips provide references for Trojan detection. However, obtaining a chip is extremely difficult or even not exists. This paper presents novel automated detection technique based on enhanced two-class classification while eliminating the need after fabrication. We formulate problem into problem, and train algorithms using simulated ICs during IC design flow. The...

A well-trained DNN model can be regarded as an intellectual property (IP) of the owner. To date, many IP protection methods have been proposed, but most them are watermarking based verification where owners only verify their ownership passively after copyright models has infringed. In this paper, we propose effective framework to actively protect from infringement. Specifically, encrypt model's parameters by perturbing with well-crafted adversarial perturbations. With encrypted parameters,...

Due to the globalization of design and fabrication process integrated circuits (ICs), ICs are becoming vulnerable hardware Trojans. Most existing Trojan detection works assume that testing stage is trustworthy. However, parties may collude with malicious attackers modify results detection. In this paper, two attack models for untrustworthy formulated. We further propose an adversarial data generation method collected test data. Then, we a novel hybrid clustering ensemble build trusted...

Since the training of deep neural networks (DNN) models requires massive data, time and expensive hardware resources, trained DNN model is oftentimes regarded as an intellectual property (IP). Recent researches show that vulnerable to illegal copy, redistribution abuse. In order protect from infringement, a number IP protection solutions have been proposed in recent years. This paper presents survey on methods. First, we propose first taxonomy for methods terms six attributes: scenario,...

Photo-response non-uniformity (PRNU), as a class of device fingerprint, plays key role in the forgery detection/localization for visual media. The state-of-the-art PRNU-based forensics methods generally rely on multi-scale trace analysis and result fusion, with Markov random field model. However, such hand-crafted strategies are difficult to provide satisfactory decision, exhibiting high false-positive rate. Motivated by this, we propose an end-to-end decision fusion strategy, where mapping...

Hardware Trojan has emerged as an impending security threat to many critical systems. However, detecting hardware is extremely difficult due Trojans are always triggered by rare events. Side-channel signal analysis effective in but facing the challenge with process variation and environment noise nanotechnology. Moreover, side-channel approaches that analyze global signals cannot scale well large circuits. This paper presents a heuristic partition test pattern generation based localized...

Deep neural networks (DNN) have been widely deployed in various applications. However, many researches indicated that DNN is vulnerable to backdoor attacks. The attacker can create a hidden target model, and trigger the malicious behaviors by submitting specific instance. almost all existing works focused on digital domain, while few studies investigate attacks real physical world. Restricted variety of constraints, performance world will be severely degraded. In this paper, we propose...

Current 3D mesh steganography algorithms relying on geometric modification are prone to detection by steganalyzers. In traditional steganography, adaptive has proven be an efficient means of enhancing security. Taking inspiration from this, we propose a highly embedding algorithm, guided the principle minimizing carefully crafted distortion through codes. Specifically, tailor payload-limited optimization problem for settings and devise feature-preserving (FPD) measure impact message...

As training a high-performance deep neural network (DNN) model requires large amount of data, powerful computing resources and expert knowledge, protecting well-trained DNN models from intellectual property (IP) infringement has raised serious concerns in recent years. Most existing methods using watermarks to verify the ownership after IP occurs, which is reactive sense that they cannot prevent unauthorized users first place. Different these methods, this article, we propose an active...

The continuous decline in the birth rate can lead to a series of social and economic problems. Accurately predicting region will help national local governments formulate more scientifically sound development policies. This paper proposes discrete-aware model BRP-Net based on attention mechanism LSTM, for effectively prefecture-level cities. is trained using multiple variables related comprehensive cities, covering factors such as economy, education population structure that influence rate....

T700/TDE-85 composites were aged in cyclic hygrothermal tests accordance with the service environment of military aircraft, and variations interlaminar shear strength (ILSS) ballistic impact resistance during aging cycles determined. It was found that cycling induced damage resin surface, long cracking along fibre/matrix interface, interlayer interface due to combined action swelling stress thermal stress. ILSS first increased by 12.4% after 14 plasticising effect then reduced caused...

Recent research works have demonstrated that deep neural networks (DNNs) are vulnerable to backdoor attacks. The existing attacks can only cause targeted misclassification on instances, which makes them be easily detected by defense methods. In this article, we propose an untargeted attack (UBA) against DNNs, where the instances randomly misclassified backdoored model any incorrect label. To achieve goal of UBA, utilize autoencoder as trigger generation and train target simultaneously. We...

Image hashing schemes have been widely used in content authentication, image retrieval, and digital forensic. In this paper, a novel algorithm (SSL) by incorporating the most stable keypoints local region features is proposed, which robust against various content-preserving manipulations, even multiple combinatorial manipulations. The proposed combines <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML" id="M1"><mml:mrow><mml:munder accentunder="false"><mml:mrow><mml:mi...

Hardware Trojan (HT) has emerged as a serious security threat to many critical systems. HT detection techniques are badly needed ensure trust in hardware In related works, only fixed large number of random patterns applied, with no regard the pattern's effect result. The variations target signal caused by different sets input vectors not addressed. There is also guarantee that vector set used long enough be representative or whether it already over testing. To solve these problems, we...