[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"doc-detail-85400-en":3,"doc-seo-85400-105":29,"detail-sidebar-cat-0-en-105":90},{"code":4,"msg":5,"data":6},0,"success",{"doc_id":7,"user_id":8,"nickname":9,"user_avatar":10,"doc_module":4,"category_id":11,"category_name":12,"doc_title":13,"doc_description":14,"doc_content":15,"file_id":16,"file_url":17,"file_type":18,"file_size":19,"view_count":4,"is_deleted":4,"is_public":20,"is_downloadable":20,"audit_status":20,"page_count":21,"language":22,"language_code":23,"site_id":24,"html_lang":23,"table_of_contents":25,"faqs":26,"seo_title":13,"seo_description":14,"update_tm":27,"read_time":28},85400,1099513958607,"Jiven","https://ap-avatar.wpscdn.com/avatar/100002390cf8733938c?x-image-process=image/resize,m_fixed,w_180,h_180&k=1778829742770036399",8,"Research & Report","Robust Hardware Trojan Detection Leveraging Dual-Domain Features and Stacked Ensemble Learning","Cyber-physical systems depend on integrated circuits (ICs) that are exposed to stealthy malicious hardware attacks, especially hardware Trojans inserted during design or fabrication. Because Trojans intentionally mimic normal behavior and stay dormant until triggered, conventional validation like functional testing and logic analysis often misses them. The study proposes dual-domain feature extraction from time- and frequency-domain characteristics of power traces and a stacked ensemble framework combining RF, GB, NB, DNN, LSTM, and GNN.","Puspa et al. Cybersecurity (2026) 9:111 [https://doi.org/10.1186/s42400-025-00542-7](https://doi.org/10.1186/s42400-025-00542-7)  \nCybersecurity  \n RESEARCH Open Access  \nRobust hardware Trojan detection leveraging dual-domain features and stacked ensemble learning  \nSefatun‑Noor Puspa 1* , Abyad Enan 1 , Reek Majumder1 , M Sabbir Salek1 , Gurcan Comert2 and Mashrur Chowdhury1  \nAbstract  \nCyber‑physical systems rely on sensors, communication, and computing, all powered by integrated circuits (ICs) .  \nThese ICs are vulnerable to malicious hardware attacks, with hardware Trojans being one of the stealthiest threats. Trojans are malicious implants in the circuitry, which are often inserted during design or fabrication stages. This stealthy addition remains dormant until triggered and might cause functional disruptions or sensitive information leakage once triggered. Traditional IC validation methods, such as functional testing and logic analysis, usually fail to capture these subtle anomalies because hardware Trojans are intentionally designed to mimic normal circuit behavior. They often remain dormant under standard test vectors, and the changes they bring into power consump‑ tion, timing, and area are minimal. We present a dual‑domain feature extraction strategy that combines time‑domain features with frequency‑domain characteristics of power traces. For the detection, we created an artificial intelligence (AI) based robust Trojan detection framework that integrates traditional machine learning models, such as random forest (RF), gradient boosting (GB), naïve bayes (NB), and deep learning models, such as deep neural network (DNN), long short‑term memory (LSTM), and graph neural network (GNN) . In this study, we consider these models as baseline AI models to detect Trojan‑infected circuits via side‑channel power analysis. We employed a stacked ensemble clas‑ sifier that integrates the distinct strengths of the six baseline models used in this study. After evaluating our stacking ensemble‑based detection method on the advanced encryption standard (AES)‑Trojan benchmark, which covers diverse Trojan types, the results demonstrate that the ensemble method consistently outperformed all six baseline models. The ensemble‑based detection method achieved a macro‑averaged area under the receiver operating characteristic (ROC) curve (AUC) of 0 . 987, while remaining golden‑chip‑free, meaning it does not rely on a trusted ref‑ erence IC for baseline comparison. Instead it detects anomalies directly from observable characteristics of untrusted chips, such as side‑channel emissions.  \nKeywords Hardware Trojan, Side‑channel analysis, Signal processing, Integrated circuits, Hardware security, Artificial intelligence, Stacking ensemble  \n*Correspondence: Sefatun‑Noor Puspa[spuspa@clemson.edu](spuspa@clemson.edu)  \n1 Department of Civil Engineering, Clemson University, Clemson, SC 29634, USA  \n2 Computational Data Science and Engineering Department, North Carolina A&T State University, Greensboro, NC 27411, USA  \nIntroduction  \nIntegrated circuits (ICs) form the core of modern cyber-physical systems. The ICs play an important role in applications ranging from automotive control systems and healthcare devices to critical infrastructure and defense systems (Salmani et al. 2013; Tine et al. 2023; Gong et al. 2023) . Given their widespread use, ensuring the integrity and security of ICs is necessary.  \n© The Author(s) 2026. Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. ","cbCaieIhHA7O5V9V","https://ap.wps.com/l/cbCaieIhHA7O5V9V","pdf",1915557,1,21,"English","en",105,"# Abstract\n# Introduction\n## Hardware Trojans in ICs\n## Challenges of Conventional Detection","[{\"question\":\"What makes hardware Trojans difficult to detect using traditional validation methods?\",\"answer\":\"Hardware Trojans are designed to mimic normal circuit behavior and often remain dormant under standard test vectors. Their impact on power consumption, timing, and area can be minimal and masked by noise and variability, causing functional testing and logic analysis to miss subtle anomalies.\"},{\"question\":\"What feature extraction approach does the proposed method use?\",\"answer\":\"The method uses a dual-domain strategy that combines time-domain features with frequency-domain characteristics extracted from power traces. This dual view aims to better expose side-channel emissions caused by Trojan-infected circuits.\"},{\"question\":\"How does the stacked ensemble improve detection compared with single models?\",\"answer\":\"The framework integrates the distinct strengths of six baseline AI models—RF, GB, NB, DNN, LSTM, and GNN—into a stacked ensemble classifier. Evaluations on the AES-Trojan benchmark show the ensemble consistently outperforms all six baseline models, achieving a macro-averaged ROC-AUC of 0.987 without needing a trusted reference IC.\"}]",1784203135,53,{"code":4,"msg":30,"data":31},"ok",{"site_id":24,"language":23,"slug":32,"title":13,"keywords":33,"description":14,"schema_data":34,"social_meta":85,"head_meta":87,"extra_data":89,"updated_unix":27},"robust-hardware-trojan-detection-leveraging-dual-domain-features-and-stacked-ensemble-learning","",{"@graph":35,"@context":84},[36,53,67],{"@type":37,"itemListElement":38},"BreadcrumbList",[39,43,47,50],{"item":40,"name":41,"@type":42,"position":20},"https://docshare.wps.com","Home","ListItem",{"item":44,"name":45,"@type":42,"position":46},"https://docshare.wps.com/document/","Document",2,{"item":48,"name":12,"@type":42,"position":49},"https://docshare.wps.com/document/research-report/",3,{"item":51,"name":13,"@type":42,"position":52},"https://docshare.wps.com/document/robust-hardware-trojan-detection-leveraging-dual-domain-features-and-stacked-ensemble-learning/85400/",4,{"url":51,"name":13,"@type":54,"author":55,"headline":13,"publisher":57,"fileFormat":60,"inLanguage":23,"description":14,"dateModified":61,"datePublished":61,"encodingFormat":60,"isAccessibleForFree":62,"interactionStatistic":63},"DigitalDocument",{"name":9,"@type":56},"Person",{"url":40,"name":58,"@type":59},"DocShare","Organization","application/pdf","2026-07-16",true,{"@type":64,"interactionType":65,"userInteractionCount":4},"InteractionCounter",{"@type":66},"ViewAction",{"@type":68,"mainEntity":69},"FAQPage",[70,76,80],{"name":71,"@type":72,"acceptedAnswer":73},"What makes hardware Trojans difficult to detect using traditional validation methods?","Question",{"text":74,"@type":75},"Hardware Trojans are designed to mimic normal circuit behavior and often remain dormant under standard test vectors. Their impact on power consumption, timing, and area can be minimal and masked by noise and variability, causing functional testing and logic analysis to miss subtle anomalies.","Answer",{"name":77,"@type":72,"acceptedAnswer":78},"What feature extraction approach does the proposed method use?",{"text":79,"@type":75},"The method uses a dual-domain strategy that combines time-domain features with frequency-domain characteristics extracted from power traces. This dual view aims to better expose side-channel emissions caused by Trojan-infected circuits.",{"name":81,"@type":72,"acceptedAnswer":82},"How does the stacked ensemble improve detection compared with single models?",{"text":83,"@type":75},"The framework integrates the distinct strengths of six baseline AI models—RF, GB, NB, DNN, LSTM, and GNN—into a stacked ensemble classifier. Evaluations on the AES-Trojan benchmark show the ensemble consistently outperforms all six baseline models, achieving a macro-averaged ROC-AUC of 0.987 without needing a trusted reference IC.","https://schema.org",{"og:url":51,"og:type":86,"og:title":13,"og:site_name":58,"og:description":14},"article",{"robots":88,"canonical":51},"index,follow",{"doc_id":7,"site_id":24},{"code":4,"msg":5,"data":91},[92,96,100,104,109,114,119,122,127,130,134],{"id":20,"doc_module":4,"doc_module_name":45,"category_name":93,"show_sort_weight":94,"slug":95},"Story & Novel",90,"story-novel",{"id":46,"doc_module":4,"doc_module_name":45,"category_name":97,"show_sort_weight":98,"slug":99},"Literature",80,"literature",{"id":52,"doc_module":4,"doc_module_name":45,"category_name":101,"show_sort_weight":102,"slug":103},"Exam",70,"exam",{"id":105,"doc_module":4,"doc_module_name":45,"category_name":106,"show_sort_weight":107,"slug":108},5,"Comic",60,"comic",{"id":110,"doc_module":4,"doc_module_name":45,"category_name":111,"show_sort_weight":112,"slug":113},6,"Technology",50,"technology",{"id":115,"doc_module":4,"doc_module_name":45,"category_name":116,"show_sort_weight":117,"slug":118},7,"Healthcare",40,"healthcare",{"id":11,"doc_module":4,"doc_module_name":45,"category_name":12,"show_sort_weight":120,"slug":121},30,"research-report",{"id":123,"doc_module":4,"doc_module_name":45,"category_name":124,"show_sort_weight":125,"slug":126},9,"Religion & Spirituality",20,"religion-spirituality",{"id":125,"doc_module":4,"doc_module_name":45,"category_name":128,"show_sort_weight":125,"slug":129},"World Cup","world-cup",{"id":131,"doc_module":4,"doc_module_name":45,"category_name":132,"show_sort_weight":131,"slug":133},10,"Lifestyle","lifestyle",{"id":135,"doc_module":4,"doc_module_name":45,"category_name":136,"show_sort_weight":105,"slug":137},19,"General","general"]