Explore a 23-minute conference talk from USENIX Security '19 that delves into reverse engineering neural network architectures through electromagnetic side channel analysis. Learn how researchers from Nanyang Technological University in Singapore investigate the vulnerability of machine learning models to side-channel attacks. Discover how non-invasive and passive attackers can exploit timing and electromagnetic emanations to extract critical information about neural network architectures, including activation functions, layer structures, neuron counts, output classes, and even weights. Gain insights into the practical experiments conducted on an ARM Cortex-M3 microcontroller, a platform commonly used in pervasive applications like wearables and surveillance cameras. Understand the implications of these findings for the security of machine learning applications across various industries.
Overview
Syllabus
USENIX Security '19 - CSI NN: Reverse Engineering of Neural Network Architectures
Taught by
USENIX