Hardware trojans generated with LLM for cryptography implementations
收藏Zenodo2026-05-28 更新2026-06-05 收录
下载链接:
https://zenodo.org/doi/10.5281/zenodo.20435623
下载链接
链接失效反馈官方服务:
资源简介:
Dataset description
This dataset accompanies the manuscript "AI-based hardware trojan generation and detection in post-quantum cryptography". It contains data generated and analysed for evaluating Large Language Model (LLM)-assisted Hardware Trojan (HT) generation and Machine Learning (ML)-based detection in cryptographic hardware implementations, with emphasis on Post-Quantum Cryptography (PQC) accelerators.
The dataset supports a purple-team evaluation workflow in which red-team adversarial prompt refinement is used to generate malicious Register-Transfer-Level (RTL) modifications, and blue-team detection methods are evaluated against the resulting hardware Trojan variants. The experiments use a multi-agent Prompt Automatic Iterative Refinement (PAIR)-based framework with attacker, target, and judge roles to iteratively produce and assess HT insertions.
Contents
The dataset includes experimental artifacts derived from 13 cryptographic hardware implementations spanning symmetric, public-key, and post-quantum cryptographic designs. The evaluated designs include PQC-oriented implementations such as Kyber, Dilithium, Falcon, HQC, and SPHINCS+/SLH-DSA-related modules, as well as classical cryptographic baselines.
The dataset contains records describing:
- LLM-based Hardware Trojan generation attempts;- successful and unsuccessful insertion outcomes;- PAIR iteration metadata and attack-success measurements;- generated Trojan characteristics, including trigger mechanism, payload objective, insertion location, and affected module;- feature-extraction results based on Bag-of-Words (BoW) and Term Frequency--Inverse Document Frequency (TF-IDF) encodings;- ML-based detection results for intra-design, leave-one-design-out, and external benchmark-derived validation settings;- aggregate metrics such as accuracy, precision, recall, F1-score, confusion-matrix counts, and Attack Success Rate (ASR).
Purpose
The dataset is intended to support research on:
- AI-assisted hardware security evaluation;- LLM-generated Hardware Trojans;- adversarial prompting and PAIR-style prompt refinement;- PQC hardware accelerator security;- ML-based Hardware Trojan detection;- cross-design and cross-dataset detector generalization;- purple-team workflows for integrating adversarial generation, detection, verification, and remediation.
Summary of experiments
Across 13 cryptographic hardware implementations, the PAIR-based framework produced 1,230 successful Hardware Trojan insertions in 2,062 attempts, corresponding to a 59.65% overall Attack Success Rate. The generated Trojans were characterized by activation mechanism, payload objective, insertion location, and target cryptographic block. Detection experiments evaluated ML classifiers trained on BoW and TF-IDF representations under intra-design and cross-design settings. The results show strong intra-design detection performance but substantial variation under leave-one-design-out and external benchmark-derived validation, highlighting the importance of dataset diversity and design-aware evaluation.
Reuse notes
This dataset can be reused to benchmark Hardware Trojan detectors, study LLM-assisted adversarial hardware generation, evaluate detector robustness across cryptographic designs, and develop purple-team security validation workflows for AI-assisted hardware design. Users should consider the dual-use nature of the dataset and apply it only for defensive research, benchmarking, education, and responsible security evaluation.
提供机构:
Zenodo创建时间:
2026-05-28



