Modeling attacks, in which an adversary uses machine learning techniques to model a hardware-based Physically Unclonable Function (PUF) pose a great threat to the viability of these hardware security primitives. In most modeling attacks, a random subset of challenge-response-pairs (CRPs) are used as the labeled data for the machine learning algorithm. Here, for the arbiter-PUF, a delay based PUF which may be viewed as a linear threshold function with random weights (due to manufacturing imperfections), we investigate the role of active learning in Support Vector Machine (SVM) learning. We focus on challenge selection to help SVM algorithm learn ``fast'' and learn ``slow''. Our methods construct challenges rather than relying on a sample pool of challenges as in prior work. Using active learning to learn ``fast'' (less CRPs revealed, higher accuracies) may help manufacturers learn the manufactured PUFs more efficiently, or may form a more powerful attack when the attacker may query the PUF for CRPs at will. Using active learning to select challenges from which learning is ``slow'' (low accuracy despite a large number of revealed CRPs) may provide a basis for slowing down attackers who are limited to overhearing CRPs.

翻译：建模攻击中，攻击者利用机器学习技术对基于硬件的物理不可克隆函数（PUF）进行建模，这类攻击严重威胁硬件安全原语的可行性。在大多数建模攻击中，随机子集的挑战-响应对（CRPs）被用作机器学习算法的标注数据。本文针对可视为线性阈值函数（因制造缺陷导致权重随机）的基于延迟的仲裁器PUF，探讨了主动学习在支持向量机（SVM）学习中的作用。我们聚焦于挑战选择，旨在帮助SVM算法实现“快速学习”与“慢速学习”。与先前工作中依赖挑战样本池不同，我们的方法直接构造挑战。利用主动学习实现“快速学习”（更少CRPs泄露、更高精度）可帮助制造商更高效地学习已制造的PUF，或当攻击者能任意查询PUF获取CRPs时形成更强大的攻击。而利用主动学习选择“慢速学习”（即便泄露大量CRPs仍保持低精度）的挑战，可为限制仅能窃听CRPs的攻击者速度提供基础。