Securing PUFs via a Predictive Machine Learning System by Modeling of Attackers

The widespread adoption of Internet-of-Things (IoT) devices is elevating the security expectations of many application domains. Meanwhile, numerosity, hardware and software heterogeneity, and low cost of IoT devices makes meeting such expectations challenging. A key security function that IoT devices must possess is identity and the capability to authenticate themselves. However, traditional authentication mechanisms rely on hash-based cryptography, requiring complex hardware and computational resources. To mitigate this problem, the Physical Unclonable Function (PUF) has been proposed as a lightweight source of device-specific entropy that can be used for identifying IoT devices. However, a major challenge to this approach is protecting PUFs against Machine Learning (ML)-based modeling attacks, where an attacker can clone an authentic PUF after collecting enough training data from the communication protocol, e.g., as a passive eavesdropper. In this paper, we propose a Predictive Adversarial System (PAS) that aims to prevent ML modeling attacks by predicting the capabilities of an
attacker in a PUF system. We analyze the best approaches to implement our system and evaluate their performance in terms of the modeling capacity that a passive attacker exhibits. Our experiments show that the proposed approach can increase the training data required for a successful modeling attack over one million samples, without increasing the security overhead of resource-constrained PUF-enabled IoT devices.