Reverse Engineering Convolutional Neural Networks Through Side-channel Information Leaks

机译：通过旁通道信息泄漏进行逆向工程卷积神经网络

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

A convolutional neural network (CNN) model represents a crucial piece of intellectual property in many applications. Revealing its structure or weights would leak confidential information. In this paper we present novel reverse-engineering attacks on CNNs running on a hardware accelerator, where an adversary can feed inputs to the accelerator and observe the resulting off-chip memory accesses. Our study shows that even with data encryption, the adversary can infer the underlying network structure by exploiting the memory and timing side-channels. We further identify the information leakage on the values of weights when a CNN accelerator performs dynamic zero pruning for off-chip memory accesses. Overall, this work reveals the importance of hiding off-chip memory access pattern to truly protect confidential CNN models.

机译：卷积神经网络（CNN）模型在许多应用中代表着至关重要的知识产权。揭示其结构或权重将泄漏机密信息。在本文中，我们对在硬件加速器上运行的CNN提出了新颖的逆向工程攻击，攻击者可以在其中将输入提供给加速器，并观察由此产生的片外存储器访问。我们的研究表明，即使进行了数据加密，对手也可以通过利用内存和定时侧通道来推断潜在的网络结构。当CNN加速器对片外内存访问执行动态零修剪时，我们进一步确定权重值上的信息泄漏。总的来说，这项工作揭示了隐藏片外存储器访问模式对真正保护机密CNN模型的重要性。

著录项

来源
《2018 55th ACM/ESDA/IEEE Design Automation Conference》|2018年|1-6|共6页
会议地点 San Francisco(US)
作者
Weizhe Hua; Zhiru Zhang; G. Edward Suh;
展开▼
作者单位

School of Electrical and Computer Engineering, Cornell University, Ithaca, NY;

School of Electrical and Computer Engineering, Cornell University, Ithaca, NY;

School of Electrical and Computer Engineering, Cornell University, Ithaca, NY;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类
关键词
Computational modeling; Hardware; System-on-chip; Reverse engineering; Data models; Random access memory; Mathematical model;

机译：计算建模;硬件;片上系统;逆向工程;数据模型;随机存取存储器;数学模型;;

相似文献

外文文献
中文文献
专利

1. Quantitative estimation of side-channel leaks with neural networks [J] . Tizpaz-Niari Saeid, Cerny Pavol, Sankaranarayanan Sriram, International Journal on Software Tools for Technology Transfer . 2021,第4期

机译：用神经网络定量估计侧通道泄漏
2. Convolutional Neural Networks for Profiled Side-channel Analysis [J] . S. R. Hou, Y. J. Zhou, H. M. Liu Radioengineering . 2019,第3期

机译：卷积神经网络，用于分析侧通道分析
3. A Pipeline Leak Classification and Location Estimation System With Convolutional Neural Networks [J] . Cai Yaojie, Santos Rejane Barbosa, Givigi Sidney N., IEEE systems journal . 2020,第3期

机译：具有卷积神经网络的管道泄漏分类和位置估计系统
4. Reverse Engineering Convolutional Neural Networks Through Side-channel Information Leaks [C] . Weizhe Hua, Zhiru Zhang, G. Edward Suh ACM/ESDA/IEEE Design Automation Conference . 2018

机译：通过侧通道信息泄漏反向工程卷积神经网络
5. Internal and External Feature Engineering Applied to Deep Learning with Convolutional Neural Networks for Monocular Relative Pose Estimation in Visual Odometry and Self-Localization [D] . Parkins, Franz Payton. 2020

机译：内部和外部特征工程应用于卷积神经网络的深度学习，用于视觉测量和自定位中的单眼相对姿态估计
6. 3D Convolutional Neural Networks Initialized from Pretrained 2D Convolutional Neural Networks for Classification of Industrial Parts [O] . Ibon Merino, Jon Azpiazu, Anthony Remazeilles, 2021

机译：3D卷积神经网络从佩带的2D卷积神经网络初始化用于工业部件的分类
7. Improved Hybrid Approach for Side-Channel Analysis Using Efficient Convolutional Neural Network and Dimensionality Reduction [O] . Naila Mukhtar, Apostolos P. Fournaris, Tariq M. Khan, 2020

机译：利用高效卷积神经网络和维度减少改进了侧通道分析的混合方法

Reverse Engineering Convolutional Neural Networks Through Side-channel Information Leaks

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅