HDLock: Exploiting Privileged Encoding to Protect Hyperdimensional Computing Models against IP Stealing

03/18/2022
by   Shijin Duan, et al.
0

Hyperdimensional Computing (HDC) is facing infringement issues due to straightforward computations. This work, for the first time, raises a critical vulnerability of HDC, an attacker can reverse engineer the entire model, only requiring the unindexed hypervector memory. To mitigate this attack, we propose a defense strategy, namely HDLock, which significantly increases the reasoning cost of encoding. Specifically, HDLock adds extra feature hypervector combination and permutation in the encoding module. Compared to the standard HDC model, a two-layer-key HDLock can increase the adversarial reasoning complexity by 10 order of magnitudes without inference accuracy loss, with only 21

READ FULL TEXT

Please sign up or login with your details

Forgot password? Click here to reset