Watch a 13-minute conference presentation from USENIX Security '24 exploring the systematic analysis of physical side-channel attacks on Deep Neural Networks (DNNs). Examine how researchers from Radboud University developed a taxonomy and framework for understanding various attack methodologies that can compromise DNN implementations on hardware accelerators. Learn about the relationships between threat models, attack objectives, and analysis methods, while discovering practical limitations validated through experiments on commercial DNN accelerators. Gain insights into the security implications for DNN intellectual property protection and user data privacy, along with identified challenges and proposed future research directions in this critical area of cybersecurity.
Neural Network Extraction Through Physical Side Channels - A Systematic Review
Overview
Syllabus
USENIX Security '24 - SoK: Neural Network Extraction Through Physical Side Channels
Taught by
USENIX
Related Courses
-
Side Channel Security – Caches and Physical Attacks
-
DeepTheft: Stealing DNN Model Architectures through Power Side Channel - 2024
-
INSIGHT: Attacking Industry-Adopted Learning Resilient Logic Locking Techniques Using Explainable Graph Neural Network
-
Tossing in the Dark: Practical Bit-Flipping on Gray-box Deep Neural Networks for Runtime Trojan Injection
-
SpecLFB: Eliminating Cache Side Channels in Speculative Executions
-
CSI NN - Reverse Engineering of Neural Network Architectures Through Electromagnetic Side Channel
