Graph Similarity and its Applications to Hardware Security

Fyrbiak, Marc; Wallat, Sebastian; Reinhard, Sascha; Bissantz, Nicolai; Paar, Christof

doi:10.1109/tc.2019.2953752

Cited by 31 publications

(23 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the field of computer security, graph similarity has also been studied for various application scenarios, such as the hardware security problem (Fyrbiak et al 2019), the malware indexing problem based on function-call graphs (Hu et al 2009), and the binary function similarity search for identifying vulnerable functions (Li et al 2019).…”

Section: Computer Securitymentioning

confidence: 99%

“…In Fyrbiak et al (2019), a graph similarity heuristic is proposed based on spectral analysis of adjacency matrices for the hardware security problem, where evaluations are done for three tasks, including gate-level netlist reverse engineering, Trojan detection, and obfuscation assessment. The proposed method outperforms the graph edit distance approximation algorithm proposed in Hu et al (2009) and the neighbor matching approach (Vujošević-Janičić et al 2013), which matches neighboring vertices based on graph topology.…”

Section: Computer Securitymentioning

confidence: 99%

See 1 more Smart Citation

Deep graph similarity learning: a survey

Ahmed

Willke

et al. 2021

Data Min Knowl Disc

View full text Add to dashboard Cite

In many domains where data are represented as graphs, learning a similarity metric among graphs is considered a key problem, which can further facilitate various learning tasks, such as classification, clustering, and similarity search. Recently, there has been an increasing interest in deep graph similarity learning, where the key idea is to learn a deep learning model that maps input graphs to a target space such that the distance in the target space approximates the structural distance in the input space. Here, we provide a comprehensive review of the existing literature of deep graph similarity learning. We propose a systematic taxonomy for the methods and applications. Finally, we discuss the challenges and future directions for this problem.

show abstract

Section: Computer Securitymentioning

confidence: 99%

Section: Computer Securitymentioning

confidence: 99%

Deep graph similarity learning: a survey

Ahmed

Willke

et al. 2021

Data Min Knowl Disc

View full text Add to dashboard Cite

show abstract

“…Since netlists extracted from an IC may be incomplete and erroneous, looking for strict isomorphisms when matching with a library of subcircuits does not yield good results in practice. Instead, Fyrbiak et al [25] analyze the applicability of graph similarity algorithms. Their approach uses two phases: First, they detect register stages by leveraging control signals of sequential logic elements.…”

Section: Structural Analysismentioning

confidence: 99%

A survey of algorithmic methods in IC reverse engineering

et al. 2021

Self Cite

View full text Add to dashboard Cite

The discipline of reverse engineering integrated circuits (ICs) is as old as the technology itself. It grew out of the need to analyze competitor's products and detect possible IP infringements. In recent years, the growing hardware Trojan threat motivated a fresh research interest in the topic. The process of IC reverse engineering comprises two steps: netlist extraction and specification discovery. While the process of netlist extraction is rather well understood and established techniques exist throughout the industry, specification discovery still presents researchers with a plurality of open questions. It therefore remains of particular interest to the scientific community. In this paper, we present a survey of the state of the art in IC reverse engineering while focusing on the specification discovery phase. Furthermore, we list noteworthy existing works on methods and algorithms in the area and discuss open challenges as well as unanswered questions. Therefore, we observe that the state of research on algorithmic methods for specification discovery suffers from the lack of a uniform evaluation approach. We point out the urgent need to develop common research infrastructure, benchmarks, and evaluation metrics. KeywordsHardware reverse engineering • Survey • Boolean function learning • Logical equivalence checking IntroductionReverse engineering of integrated circuits serves a multitude of purposes [32]. For example, understanding the details of a competitor's IC helps to conduct a competitive analysis. Furthermore, patent infringements can be detected by locating the stolen IP in a competitor's IC. In addition, a particularly growing topic in recent years is the detection of hardware B Leonid Azriel

show abstract

“…Graph pattern matching and graph similarity computation have been studied for many real applications, such as the binary function similarity search [22] and the hardware security [7]. In the past few decades, many graph matching metrics were defined, e.g., graph edit distance, graph isomorphism, etc.…”

Section: Graph Matching Approachesmentioning

confidence: 99%

DeepHunter: A Graph Neural Network Based Approach for Robust Cyber Threat Hunting

Wei¹,

Cai²,

Yu³

et al. 2021

Preprint

View full text Add to dashboard Cite

Cyber Threat hunting is a proactive search for known attack behaviors in the organizational information system. It is an important component to mitigate advanced persistent threats (APTs). However, the attack behaviors recorded in provenance data may not be completely consistent with the known attack behaviors. In this paper, we propose DeepHunter, a graph neural network (GNN) based graph pattern matching approach that can match provenance data against known attack behaviors in a robust way. Specifically, we design a graph neural network architecture with two novel networks: attribute embedding networks that could incorporate Indicators of Compromise (IOCs) information, and graph embedding networks that could capture the relationships between IOCs. To evaluate DeepHunter, we choose five real and synthetic APT attack scenarios. Results show that DeepHunter can hunt all attack behaviors, and the accuracy and robustness of DeepHunter outperform the state-of-the-art method, Poirot.

show abstract

Graph Similarity and its Applications to Hardware Security

Cited by 31 publications

References 32 publications

Deep graph similarity learning: a survey

Deep graph similarity learning: a survey

A survey of algorithmic methods in IC reverse engineering

DeepHunter: A Graph Neural Network Based Approach for Robust Cyber Threat Hunting

Contact Info

Product

Resources

About