Hardware Trojan detection has been becoming an attentive research subject since the first Trojan in real-world hardware was found. A common way to activate a hardware Trojan is to send a command, and detecting those command-activated Trojan is one of the significant dimensions in securing hardware. In this paper, we propose a novel chip-free detection method, called Pruning Bytes Command Search (PBCS), which is a machine learning-based approach and can efficiently find out command-activate hardware Trojans. The proposed PBCS has been evaluated in experimental environments (via micro-controller) and real-world validations (on smart cards). Our approach also combines with novelty detection and outlier detection methods and examines effects on One-Class Support Vector Machine, Local Outlier Factor, and Isolation Forest as distinguishers in five scenes, respectively. The findings of the evaluation show that our approach is competent for searching unknown commands. Accuracy performance can be enhanced when proper distinguishers are selected. The results demonstrate that PBCS can successfully find out all executable commands in an uncertain parsing path hardware, which implies our approach is applicable in the complicated context.

自从发现实际硬件中的第一个木马以来，硬件木马检测已成为研究的热点。激活硬件木马的常见方法是发送命令，而检测到这些命令激活的木马是保护硬件安全的重要方面之一。在本文中，我们提出了一种新的无芯片检测方法，称为修剪字节命令搜索（PBCS），这是一种基于机器学习的方法，可以有效地找出命令激活的硬件木马。拟议的PBCS已在实验环境（通过微控制器）和实际验证（在智能卡上）中进行了评估。我们的方法还结合了新颖性检测和离群值检测方法，并研究了对一类支持向量机的影响，在五个场景中，局部离群因子和隔离林分别作为区分符。评估结果表明，我们的方法足以胜任未知命令的搜索。选择适当的区分符可以提高准确性。结果表明，PBCS可以在不确定的解析路径硬件中成功找到所有可执行命令，这表明我们的方法适用于复杂的环境。