A Desynchronization-Based Countermeasure Against Side-Channel Analysis of Neural Networks
نویسندگان
چکیده
Model extraction attacks have been widely applied, which can normally be used to recover confidential parameters of neural networks for multiple layers. Recently, side-channel analysis allows parameter even with several deep layers high effectiveness. It is therefore interest implement a certain level protection against these attacks. In this paper, we propose desynchronization-based countermeasure that makes the timing activation functions harder. We analyze properties and design desynchronization in way dependency on input type hidden. experimentally verify effectiveness 32-bit ARM Cortex-M4 microcontroller employ t-test show information leakage. The overhead ultimately depends number neurons fully-connected layer, example, case 4096 VGG-19, overheads are between 2.8% 11%.
منابع مشابه
Formal Study of a Countermeasure Against Side-Channel Attack
Context. In applications such as cryptography or real-time systems, formal methods are used to prove functional properties on the critical parts of the code. Specifically in cryptography, some nonfunctional properties are also important, but are not typically certified by formal proofs yet. One example of such a property is the resistance to side-channel attacks. Side-channel attacks are a real...
متن کاملCompiler Optimizations as a Countermeasure against Side-Channel Analysis in MSP430-Based Devices
Ambient Intelligence (AmI) requires devices everywhere, dynamic and massively distributed networks of low-cost nodes that, among other data, manage private information or control restricted operations. MSP430, a 16-bit microcontroller, is used in WSN platforms, as the TelosB. Physical access to devices cannot be restricted, so attackers consider them a target of their malicious attacks in order...
متن کاملCountermeasure against Side-Channel Attack in Shared Memory of TrustZone
In this paper we introduced countermeasures against side-channel attacks in the shared memory of TrustZone. We proposed zero-contention cache memory or policy between REE and TEE to prevent from TruSpy attacks in TrustZone. And we suggested that delay time of data path of REE is equal or similar to that of data path of TEE to prevent timing side-channel attacks. Also, we proposed security infor...
متن کاملrodbar dam slope stability analysis using neural networks
در این تحقیق شبکه عصبی مصنوعی برای پیش بینی مقادیر ضریب اطمینان و فاکتور ایمنی بحرانی سدهای خاکی ناهمگن ضمن در نظر گرفتن تاثیر نیروی اینرسی زلزله ارائه شده است. ورودی های مدل شامل ارتفاع سد و زاویه شیب بالا دست، ضریب زلزله، ارتفاع آب، پارامترهای مقاومتی هسته و پوسته و خروجی های آن شامل ضریب اطمینان می شود. مهمترین پارامتر مورد نظر در تحلیل پایداری شیب، بدست آوردن فاکتور ایمنی است. در این تحقیق ...
IDP: An Analysis of a Cache-Based Timing Side Channel Attack and a Countermeasure on PikeOS
Virtualization has become of increasing importance for the security of embedded systems during the last years. One of the major threats to this security is posed by side channel attacks. In this work, Bernstein’s time-driven cache-based timing attack against AES is revisited in a virtualization security scenario and the PikeOS micro kernel system is presented. A novel countermeasure against tim...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Lecture Notes in Computer Science
سال: 2023
ISSN: ['1611-3349', '0302-9743']
DOI: https://doi.org/10.1007/978-3-031-34671-2_21