DeepAI AI Chat
Log In Sign Up

Defensive ML: Defending Architectural Side-channels with Adversarial Obfuscation

by   Hyoungwook Nam, et al.

Side-channel attacks that use machine learning (ML) for signal analysis have become prominent threats to computer security, as ML models easily find patterns in signals. To address this problem, this paper explores using Adversarial Machine Learning (AML) methods as a defense at the computer architecture layer to obfuscate side channels. We call this approach Defensive ML, and the generator to obfuscate signals, defender. Defensive ML is a workflow to design, implement, train, and deploy defenders for different environments. First, we design a defender architecture given the physical characteristics and hardware constraints of the side-channel. Next, we use our DefenderGAN structure to train the defender. Finally, we apply defensive ML to thwart two side-channel attacks: one based on memory contention and the other on application power. The former uses a hardware defender with ns-level response time that attains a high level of security with half the performance impact of a traditional scheme; the latter uses a software defender with ms-level response time that provides better security than a traditional scheme with only 70


page 1

page 2

page 3

page 4


Guarding Machine Learning Hardware Against Physical Side-Channel Attacks

Machine learning (ML) models can be trade secrets due to their developme...

Minerva: A Portable Machine Learning Microservice Framework for Traditional Enterprise SaaS Applications

In traditional SaaS enterprise applications, microservices are an essent...

Maya: Falsifying Power Sidechannels with Operating System Support

The security of computers is at risk because of information leaking thro...

TPU v4: An Optically Reconfigurable Supercomputer for Machine Learning with Hardware Support for Embeddings

In response to innovations in machine learning (ML) models, production w...

Modular Learning Component Attacks: Today's Reality, Tomorrow's Challenge

Many of today's machine learning (ML) systems are not built from scratch...

ALMOST: Adversarial Learning to Mitigate Oracle-less ML Attacks via Synthesis Tuning

Oracle-less machine learning (ML) attacks have broken various logic lock...

The Three Pillars of Machine-Based Programming

In this position paper, we describe our vision of the future of machine-...