AttackGNN: Red-Teaming GNNs in Hardware Security Using Reinforcement Learning
Vasudev Gohil, Satwik Patnaik, Dileep Kalathil, Jeyavijayan Rajendran
33rd USENIX Security Symposium · Day 1 · USENIX Security '24
In an era defined by a globally interconnected semiconductor supply chain, the security of hardware devices faces unprecedented challenges. From malicious backdoor injections known as **Hardware Trojans** to sophisticated **reverse engineering** attempts and **IP piracy**, the integrity of integrated circuits is under constant threat. To counter these growing vulnerabilities, researchers have increasingly turned to advanced machine learning techniques, particularly **graph neural networks (GNNs)**, given that circuits can naturally be represented as graphs. These GNN-based methods have demonstrated remarkable accuracy, often approaching 100%, in detecting and locating Trojans, identifying IP infringement, and facilitating reverse engineering.
AI review
This research uncovers a critical blind spot in GNN-based hardware security, demonstrating 100% evasion against multiple detectors using a single, cleverly designed RL agent. It's a stark, necessary warning that 'near 100% accuracy' means squat against a determined adversary, providing concrete pathways for more robust defenses.