Background
A field-programmable gate array (FPGA) is a reprogrammable integrated circuit (IC) that can be configured for many different uses. FPGAs are essentially chips that can configured to perform specific tasks after they are manufactured. A multi-tenant FPGA is one that is designed to be shared by multiple, potentially independent, users or “tenants”. Graph convolutional networks (GCNs) are a type of neural network designed to process data structured as graphs and FPGAs are regularly used to accelerate GCN inference and training.
The sharing of FPGA modules on cloud platforms introduces attack vectors that can be exploited by a third-party adversary. Malicious bitstreams implementing power-wasting circuits can be configured on multi-tenant FPGAs. Deploying these malicious circuits on the FPGA can severely impact the power distribution network of the FPGA fabric, thus leading to voltage-based attacks and denial-of-service (DoS) attacks.
Invention Description
Researchers at Arizona State University have developed a machine learning-based technique using graph convolutional networks (GCNs) to learn patterns extracted from an FPGA bitstream and use them to identify if a bitstream is benign or malicious. This invention has the ability to detect malicious signatures directly from the bitstream. This technology can also pave the way for optimizations and improvements in FPGA design and deployment.
Potential Applications:
Benefits and Advantages: