Skip to main content
SpringerLink
Log in
Book cover

Pacific-Asia Conference on Knowledge Discovery and Data Mining

PAKDD 2021: Advances in Knowledge Discovery and Data Mining pp 176–187Cite as

Attack Is the Best Defense: A Multi-Mode Poisoning PUF Against Machine Learning Attacks

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 12712))

Abstract

Resistance to modeling attacks is an important issue for Physical Unclonable Functions (PUFs). Deep learning, the state-of-the-art modeling attack, has recently been shown to be able to break many newly developed PUFs. Since then, many more complex PUF structures or challenge obfuscations have been proposed to resist deep learning attacks. However, the proposed methods typically focus on increasing the nonlinearity of PUF structure and challenge-response mapping. In this paper, we explore another direction with a multi-mode poisoning approach for a classic PUF (MMP PUF) in which each working mode is a simple add-on function for a classic PUF. By dividing the original challenge space for each working mode, the proposed MMP PUF generates a multi-modal challenge-response dataset that poisons machine learning algorithms. To validate the idea, we design two working mode types, challenge shift and response flip, as examples with widely-used delay-based Arbiter PUF. Experimental results show that our approach respectively achieves 74.37%, 68.08%, and 50.09% accuracy for dual-mode shift, quad-mode circular shift and dual-mode flip with deep learning models trained on over 3 million challenge-response pairs.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Awano, H., Sato, T.: Ising-PUF: a machine learning attack resistant PUF featuring lattice like arrangement of arbiter-PUFs. In: Proceedings of DATE, pp. 1447–1452 (2018)

    Google Scholar 

  2. Babaei, A., Schiele, G.: Physical unclonable functions in the internet of things: state of the art and open challenges. Sensors 19, 3208 (2019)

    Google Scholar 

  3. Biggio, B., Nelson, B., Laskov, P.: Poisoning attacks against support vector machines. In: Proceedings of ICML, pp. 1467–1474 (2012)

    Google Scholar 

  4. Chollet, F., et al.: Keras (2015). https://keras.io

  5. Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Controlled physical random functions. In: Proceedings of ACSAC, pp. 149–160 (2002)

    Google Scholar 

  6. Kearns, M., Li, M.: Learning in the presence of malicious errors. In: Proceedings of STOC, pp. 267–280 (1988)

    Google Scholar 

  7. Khalafalla, M., Gebotys, C.: PUFs deep attacks: enhanced modeling attacks using deep learning techniques to break the security of double arbiter PUFs. In: Proceedings of DATE, pp. 204–209 (2019)

    Google Scholar 

  8. Ma, Q., Gu, C., Hanley, N., Wang, C., Liu, W., O’Neill, M.: A machine learning attack resistant multi-PUF design on FPGA. In: Proceedings of ASP-DAC, pp. 97–104 (2018)

    Google Scholar 

  9. Machida, T., Yamamoto, D., Iwamoto, M., Sakiyama, K.: A new arbiter PUF for enhancing unpredictability on FPGA. Sci. World J. 2015 (2015)

    Google Scholar 

  10. Majzoobi, M., Koushanfar, F., Potkonjak, M.: Lightweight secure PUFs. In: Proceedings of IEEE/ACM ICCAD, pp. 670–673 (2008)

    Google Scholar 

  11. Mispan, M.S., Su, H., Zwolinski, M., Halak, B.: Cost-efficient design for modeling attacks resistant PUFs. In: Proceedings of DATE, pp. 467–472 (2018)

    Google Scholar 

  12. Nguyen, P.H., Sahoo, D.P., Chakraborty, R.S., Mukhopadhyay, D.: Security analysis of arbiter PUF and its lightweight compositions under predictability test. ACM TODAES 22(2), December 2016

    Google Scholar 

  13. Nguyen, P.H., Sahoo, D.P., Jin, C., Mahmood, K., Ruhrmair, U., van Dijk,M.: The interpose PUF: secure PUF design against state-of-the-art machine learning attacks. In: TCHES, vol. 2019, no. 4, pp. 243–290, August 2019

    Google Scholar 

  14. Rührmair, U., et al.: PUF modeling attacks on simulated and silicon data. IEEE TIFS 8(11), 1876–1891 (2013)

    Google Scholar 

  15. Rührmair, U., Sehnke, F., Sölter, J., Dror, G., Devadas, S., Schmidhuber, J.: Modeling attacks on physical unclonable functions. In: Proceedings of CCS, pp. 237–249. ACM (2010)

    Google Scholar 

  16. Sahoo, D.P., Mukhopadhyay, D., Chakraborty, R.S., Nguyen, P.H.: A multiplexer-based arbiter PUF composition with enhanced reliability and security. IEEE TC 67(3), 403–417 (2018)

    Google Scholar 

  17. Santikellur, P., Bhattacharyay, A., Chakraborty, R.S.: Deep learning based model building attacks on arbiter PUF compositions. IACR Cryptol. ePrint Arch. 2019, 566 (2019)

    Google Scholar 

  18. Wang, Q., Gao, M., Qu, G.: A machine learning attack resistant dual-mode PUF. In: Proceedings of ACM GLSVLSI, pp. 177–182 (2018)

    Google Scholar 

  19. Wang, S., Chen, Y., Li, K.S.: Adversarial attack against modeling attack on PUFs. In: Proceedings of ACM/IEEE DAC, pp. 1–6 (2019)

    Google Scholar 

  20. Zalivaka, S.S., Ivaniuk, A.A., Chang, C.: Low-cost fortification of arbiter PUF against modeling attack. In: Proceedings of IEEE ISCAS, pp. 1–4 (2017)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Taiwan University, Taipei, Taiwan

    Chia-Chih Lin & Ming-Syan Chen

Authors
  1. Chia-Chih Lin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ming-Syan Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chia-Chih Lin .

Editor information

Editors and Affiliations

  1. IIIT, Hyderabad, Hyderabad, India

    Kamal Karlapalem

  2. Chinese University of Hong Kong, Shatin, Hong Kong

    Hong Cheng

  3. Virginia Tech, Arlington, VA, USA

    Naren Ramakrishnan

  4. Jawaharlal Nehru University, New Delhi, India

    R. K. Agrawal

  5. IIIT Hyderabad, Hyderabad, India

    P. Krishna Reddy

  6. University of Minnesota, Minneapolis, MN, USA

    Jaideep Srivastava

  7. IIIT Delhi, New Delhi, India

    Tanmoy Chakraborty

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Lin, CC., Chen, MS. (2021). Attack Is the Best Defense: A Multi-Mode Poisoning PUF Against Machine Learning Attacks. In: Karlapalem, K., et al. Advances in Knowledge Discovery and Data Mining. PAKDD 2021. Lecture Notes in Computer Science(), vol 12712. Springer, Cham. https://doi.org/10.1007/978-3-030-75762-5_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-75762-5_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-75761-8

  • Online ISBN: 978-3-030-75762-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation