ALMOST: Adversarial Learning to Mitigate Oracle-less ML Attacks via Synthesis Tuning
This addresses a security problem for hardware designers by mitigating attacks on logic locking, though it appears incremental as it builds on existing synthesis methods with adversarial tuning.
The paper tackles the vulnerability of logic locking schemes to oracle-less machine learning attacks by proposing ALMOST, a security-aware logic synthesis framework that uses adversarial learning to tune synthesis recipes, resulting in attack accuracies dropping to around 50% on ISCAS benchmarks without compromising design optimization.
Oracle-less machine learning (ML) attacks have broken various logic locking schemes. Regular synthesis, which is tailored for area-power-delay optimization, yields netlists where key-gate localities are vulnerable to learning. Thus, we call for security-aware logic synthesis. We propose ALMOST, a framework for adversarial learning to mitigate oracle-less ML attacks via synthesis tuning. ALMOST uses a simulated-annealing-based synthesis recipe generator, employing adversarially trained models that can predict state-of-the-art attacks' accuracies over wide ranges of recipes and key-gate localities. Experiments on ISCAS benchmarks confirm the attacks' accuracies drops to around 50\% for ALMOST-synthesized circuits, all while not undermining design optimization.