Machine learning has gained a lot of recognition recently and is now being used in many important applications. However, this recognition was limited in the hardware security area. Especially, very few approaches depend on this powerful tool to detect attacks during operation. This thesis reduces this gap in the field of fault injection attack detection and prevention in neural networks and processors. This thesis presents our methods of machine learning-based fault attack detection and prevention in different chapters, after providing the background information. Our first idea is to detect fault attacks from the processor’s instruction flow. The essence of the idea is that machine learning algorithms can learn the generated machine instruction sequences of a security-sensitive application. Thereafter, any fault in the instructions can be detected. The thesis demonstrates this idea by using RNN, CAM, and BF. Additionally, it demonstrates how to correct them using Hopfield networks. The second idea is to use smart sensors to detect fault attacks. The first type of smart sensor is sensitive to multiple changes, such as in clock signal and supply voltage. The thesis demonstrates how to design such a sensor using RO PUFs. The second type of smart sensor is based on the operation of the device. The thesis demonstrates a design for ANNs, where the smart sensor detects fault attacks from discrepancies in neuron activation rates. The thesis finally presents the idea of preventing fault attacks using smart verification. The first way is attained via a memory verification module, which verifies data from the external memory before processor execution. The second way is designed to protect ANNs via redundancy. However, the thesis presents a way to do this more efficiently, by using smart and selective redundancy.@en

Hardware security is currently a very influential domain, where each year countless works are published concerning attacks against hardware and countermeasures. A significant number of them use machine learning, which is proven to be very effective in other domains. This survey, as one of the early attempts, presents the usage of machine learning in hardware security in a full and organized manner. Our contributions include classification and introduction to the relevant fields of machine learning, a comprehensive and critical overview of machine learning usage in hardware security, and an investigation of the hardware attacks against machine learning (neural network) implementations.@en

Fault injection attacks are a threat to all digital systems, especially to the ones conducting security sensitive operations. Recently, the strategy of observing the instruction flow to detect attacks has gained popularity. In this paper, we provide a comparative study between three hardware-based techniques (i.e., recurrent neural network (RNN), content addressable memory (CAM), and Bloom filter (BF)) that detect fault attacks against software RSA decryption. After conducting experiments with various fault models, we observed that the CAM provides the best detection rate, the RNN provides the most software/application flexibility, and the BF is a middle ground between the two. Regardless, all of them exhibit robustness against faults targeted at them, and obtain a very high detection rate when faults change instructions altogether. This affirms the validity of monitoring the integrity of the instruction flow as a strong countermeasure against any type of fault attack.@en

Fault injection attacks pose an important threat to security-sensitive applications, such as secure communication and storage. By injecting faults into instructions, an attacker can cause information leakage or denial-of-service. Hence, it is important to secure the sensitive parts not only by detecting faults in the executed instructions but also by correcting them. In this work, we propose a hardware detection and correction module based on Hopfield networks. Our module is connected to the instruction buffer and validates all fetched instructions. In case faults are detected, faulty instructions are replaced by corrected ones. Experimental results on a small RISC-V processor and two RSA implementations show that we achieve near perfect detection and around 70% accurate correction with 9% area overhead. This correction rate is enough to secure some implementations for all considered attacks.@en

Artificial neural networks (ANNs) are used to accomplish a variety of tasks, including safety critical ones. Hence, it is important to protect them against faults that can influence decisions during operation. In this paper, we propose smart and low-cost redundancy schemes that protect the most vulnerable ANN parts against fault attacks. Experimental results show that the two proposed smart schemes perform similarly to dual modular redundancy (DMR) at a much lower cost, generally improve on the state of the art, and reach protection levels in the range of 93% to 99%.@en

The massive deployment of Internet of Things (IoT) devices makes them vulnerable against physical tampering attacks, such as fault injection. These kind of hardware attacks are very popular as they typically do not require complex equipment or high expertise. Hence, it is important that IoT devices are protected against them. In this work, we present a novel fault injection attack detector with high flexibility and low overhead. Our solution is based on the reuse of a security primitive used in many IoT devices, i.e., ring oscillator (RO) physically unclonable function (PUF). Our results show that we obtain a high detection effectiveness and no false alarms against most popular fault injection attacks based on voltage and clock manipulations.@en

Artificial neural networks are currently used for many tasks, including safety critical ones such as automated driving. Hence, it is very important to protect them against faults and fault attacks. In this work, we propose two fault injection attack detection mechanisms: one based on using output labels for a reference input, and the other on the activations of neurons. First, we calibrate our detectors during normal conditions. Thereafter, we verify them to maximize fault detection performance. To prove the effectiveness of our solution, we consider highly employed neural networks (AlexNet, GoogleNet, and VGG) with their associated dataset ImageNet. Our results show that for both detectors we are able to obtain a high rate of coverage against faults, typically above 96%. Moreover, the hardware and software implementations of our detector indicate an extremely low area and time overhead.@en

Internet of things (IoT) devices are appearing in all aspects of our digital life. As such, they have become prime targets for attackers and hackers. An adequate protection against attacks is only possible when the confidentiality and integrity of the data and applications of these devices are secured. State-of-the-art solutions mostly address software and network attacks, but overlook physical/hardware attacks. Such attacks can still exploit software vulnerabilities or even introduce them. In this paper, we present embedded memory security (EMS); it protects against physical tampering of the memory of IoT devices. As a case study, we have equipped a RISC-V based system-on-chip (SoC) with an EMS module. Our experimental results show that EMS successfully can protect the SoC against hardware tampering attacks, while having a low performance overhead.@en

Physical fault injection attacks are becoming an important threat to computer systems, as fault injection equipment becomes more and more accessible. In this work, we propose a new strategy to detect fault attacks in cryptosystems. We use a recurrent neural network (RNN) to detect problems in the program flow caused by injected faults. Our neural network is trained using the instructions of non-faulty operations and therefore, it can protect against both current and future attacks. As a case study, we use two implementations of software RSA. To test the effectiveness of our detector, we propose a collection of fault injection models, where each model represents different types of faults in the instructions. Evaluation results show that we obtain a high detection accuracy in case injected faults lead to changes in the instruction flow and hence, making it difficult to steal secrete keys. Finally, we propose an efficient hardware implementation with only a 6% area overhead compared to a RISC-V processor.@en