2020 57th ACM/IEEE Design Automation Conference (DAC) 2020
DOI: 10.1109/dac18072.2020.9218577
|View full text |Cite
|
Sign up to set email alerts
|

Imperceptible Misclassification Attack on Deep Learning Accelerator by Glitch Injection

Abstract: Imperceptible misclassification attack on deep learning accelerator by glitch injection

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
39
0

Year Published

2021
2021
2023
2023

Publication Types

Select...
3
2
1

Relationship

1
5

Authors

Journals

citations
Cited by 28 publications
(39 citation statements)
references
References 32 publications
0
39
0
Order By: Relevance
“…Moreover, the emerging heterogenous hardware platforms supported by the new paradigm of "model once, run optimized anywhere" AI compilers for deploying trained ML models on edge computing devices and the leasing of AI models on the cloud also open out an uncharted territory of security threats. The threat landscape does not preclude existing hardware-oriented attacks such as device reliability [17] [126] [127], malicious attack [21] [19] [22] and side-channel information leakage [26] [25] [27] from repurposing for ML systems.…”
Section: Hardware Security Of Machine Learningmentioning
confidence: 99%
See 4 more Smart Citations
“…Moreover, the emerging heterogenous hardware platforms supported by the new paradigm of "model once, run optimized anywhere" AI compilers for deploying trained ML models on edge computing devices and the leasing of AI models on the cloud also open out an uncharted territory of security threats. The threat landscape does not preclude existing hardware-oriented attacks such as device reliability [17] [126] [127], malicious attack [21] [19] [22] and side-channel information leakage [26] [25] [27] from repurposing for ML systems.…”
Section: Hardware Security Of Machine Learningmentioning
confidence: 99%
“…Recently, a more stealthy fault injection attack was demonstrated on nine DNN models pre-trained on Imagenet dataset, namely Inception v1 to v4, MobileNet v1 and v2, DenseNet121, ResNet50 and VGG16, implemented on a Xilinx ZYNQ UltraScale+ MPSoC device [22]. Instead of targeting conventional temporal and instruction set based architectures or memory array, this attack exploits the separate clock domain used for DVFS and the DNN dataflow for abstracting the pre-trained models into the FPGA overlay of DNN hardware accelerator.…”
Section: B Hardware-based Attacks On Deployed ML Modelmentioning
confidence: 99%
See 3 more Smart Citations