A machine learning-based security vulnerability study on XOR PUFs for resource-constraint internet of things

Ahmad O. Aseeri, Yu Zhuang, Mohammed Saeed Alkatheiri

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Scopus citations

Abstract

Physical unclonable functions (PUFs) are emerging as a promising class of hardware primitives for delivering security for IoT devices. Cryptographic key-based security mechanisms are heavyweight by demanding resources more than many resource-constraint IoT devices can provide, and are also vulnerable to side-channel invasive attacks. PUFs utilize integrated circuits' manufacturing variations to produce responses unique for individual devices, and hence cannot be reproduced. An important goal of security research is to discover all possible insecure risks, which can provide secure application developers useful information so that they can avoid the risk-containing components or mechanisms. While physically unclonable, some PUFs have been found to be mathematically clonable by machine learning methods. Large XOR arbiter PUFs is one group of PUFs that were shown to withstand existing attack methods unless long training time is used in the machine learning process. In this paper, we investigate the effectiveness of a neural network method in attacking large XOR PUFs, a neural network method modified to handle training datasets possibly larger than memory capacity. Our study shows that the modified neural network method attains high prediction accuracy while consuming substantially less time for large XOR PUFs than the fastest machine learning code used in all earlier studies known to us. Some of the large XOR PUFs that took existing machine learning codes several days of parallel computing time on high-performance computing servers have been broken by our method in less than two hours, indicating vulnerability of even large XOR PUFs. Discovery of all potential vulnerabilities of a PUF is important since secure application developers need such information for deciding which PUF to choose, and an unidentified vulnerability can lead to security risks for IoT devices.

Original languageEnglish
Title of host publicationProceedings - 2018 IEEE International Congress on Internet of Things, ICIOT 2018 - Part of the 2018 IEEE World Congress on Services
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages49-56
Number of pages8
ISBN (Electronic)9781538672440
DOIs
StatePublished - Sep 26 2018
Event3rd IEEE International Congress on Internet of Things, ICIOT 2018 - San Francisco, United States
Duration: Jul 2 2018Jul 7 2018

Publication series

NameProceedings - 2018 IEEE International Congress on Internet of Things, ICIOT 2018 - Part of the 2018 IEEE World Congress on Services

Conference

Conference3rd IEEE International Congress on Internet of Things, ICIOT 2018
CountryUnited States
CitySan Francisco
Period07/2/1807/7/18

Keywords

  • Hardware security
  • Internet of things
  • Machine learning
  • Physical unclonable functions

Fingerprint Dive into the research topics of 'A machine learning-based security vulnerability study on XOR PUFs for resource-constraint internet of things'. Together they form a unique fingerprint.

  • Cite this

    Aseeri, A. O., Zhuang, Y., & Alkatheiri, M. S. (2018). A machine learning-based security vulnerability study on XOR PUFs for resource-constraint internet of things. In Proceedings - 2018 IEEE International Congress on Internet of Things, ICIOT 2018 - Part of the 2018 IEEE World Congress on Services (pp. 49-56). [8473439] (Proceedings - 2018 IEEE International Congress on Internet of Things, ICIOT 2018 - Part of the 2018 IEEE World Congress on Services). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICIOT.2018.00014