I Know What You See: Power Side-Channel Attack on Convolutional Neural Network Accelerators

03/05/2018
by   Lingxiao Wei, et al.
0

Deep learning has become the de-facto computational paradigm for various kinds of perception problems, including many privacy-sensitive applications such as online medical image analysis. No doubt to say, the data privacy of these deep learning systems is a serious concern. Different from previous research focusing on exploiting privacy leakage from deep learning models, in this paper, we present the first attack on the implementation of deep learning models. To be specific, we perform the attack on an FPGA-based convolutional neural network accelerator and we manage to recover the input image from the collected power traces without knowing the detailed parameters in the neural network by utilizing the characteristics of the "line buffer" performing convolution in the CNN accelerators. For the MNIST dataset, our power side-channel attack is able to achieve up to 89

READ FULL TEXT

page 1

page 5

research
11/13/2018

How Secure are Deep Learning Algorithms from Side-Channel based Reverse Engineering?

Deep Learning algorithms have recently become the de-facto paradigm for ...
research
11/15/2020

Remote Power Side-Channel Attacks on CNN Accelerators in FPGAs

To lower cost and increase the utilization of Cloud FPGAs, researchers h...
research
12/23/2020

Overview of FPGA deep learning acceleration based on convolutional neural network

In recent years, deep learning has become more and more mature, and as a...
research
12/25/2018

A Survey of FPGA Based Deep Learning Accelerators: Challenges and Opportunities

With the rapid development of in-depth learning, neural network and deep...
research
04/13/2023

PowerGAN: A Machine Learning Approach for Power Side-Channel Attack on Compute-in-Memory Accelerators

Analog compute-in-memory (CIM) accelerators are becoming increasingly po...
research
08/02/2020

SCNet: A Neural Network for Automated Side-Channel Attack

The side-channel attack is an attack method based on the information gai...
research
01/06/2023

Deep-learning models in medical image analysis: Detection of esophagitis from the Kvasir Dataset

Early detection of esophagitis is important because this condition can p...

Please sign up or login with your details

Forgot password? Click here to reset