2019 IEEE High Performance Extreme Computing Conference(HPEC ‘19)Twenty-third Annual HPEC Conference24 - 26 September 2019Westin Hotel, Waltham, MA USA
Wednesday, September 25, 2019BRAIDS: Boosting Resilience through Artificial Intelligence and Decision 23:00-5:30 in Eden Vale A1Chair: Alexia Schulz / MIT-LL, Pierre Trepagnier / MIT-LL, Igor Linkov / ACE, Matthew Bates / ACEHardware IP Classification through Weighted CharacteristicsBrendan McGeehan, Flora Smith, Thao Le, Hunter Nauman, Jia Di (Univ. Arkansas)Today’s business model for hardware designs frequently incorporates third-party Intellectual Property (IP) mainly due to economic motivations. However, allowing third-party involvement also increases the possibility of malicious attacks, such as hardware Trojan insertion, which is a particularly dangerous security threat because functional testing can often leave the Trojan undetected. This research provides an improvement on a Trojan detection method and tool known as Structural Checking which analyzes Register-Transfer Level (RTL) soft IPs. Given an unknown IP, the tool will break down the design and label ports and signals with assets. Analyzing the asset patterns reveals how the IP is structured and provides information about its overall functionality. The tool incorporates a library of known designs referred to as the Golden Reference Library (GRL). All entries in the library, grouped into known-clean and know-infested, are analyzed in the same manner. A weighted percent match for each library entry against the unknown IP is calculated. A report is generated detailing all mismatched locations where users need to take a closer look. Due to the structural variability of soft IP designs, it is vital to provide the best possible weighting to best match the unknown IP to the most similar library entry. This paper provides a statistical approach to finding the best weights to optimize the tool’s matching algorithm.Cyber Baselining: Statistical properties of cyber time series and the search for stabilityAlexia Schulz, Ethan Aubin, Pierre Trepagnier, Allan Wollaber (MIT-LL)Many predictive cyber analytics assume, implicitly or explicitly, that the underlying statistical processes they treat have simple properties. Often statistics predicated on Wiener processes are used, but even if not, assumptions on statistical stationarity, ergodicity, and memorylessness are often present. We present here empirical observations of several common network time series, and demonstrate that these assumptions are false; the series are non-stationary, non-ergodic, and possess complicated correlation structures. We compute several statistical tests, borrowed from other disciplines, for the evaluation of network time series. We discuss the implications of these results on the larger goal of constructing a meaningful cyber baseline of a network or host, intended to establish the bounds of “normal” behavior. For many common network observables used in defensive cyber operations, it may prove to be unrealistic to establish such a baseline, or detect significant deviations from it.