WaC : first results on practical side-channel attacks on commercial machine learning accelerator
Commercial machine learning accelerators like Intel neural Compute Stick 2 (NCS2) enable efficient inference on otherwise low resource edge devices. However, these accelerators are also ex- posed to new threats leveraging physical access. In this paper, we present the first results demonstrating pra...
| Main Authors: | , , , , |
|---|---|
| Other Authors: | |
| Format: | Conference Paper |
| Language: | English |
| Published: |
2021
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/153409 |
| _version_ | 1826112277294612480 |
|---|---|
| author | Won, Yoo-Seung Chatterjee, Soham Jap, Dirmanto Basu, Arindam Bhasin, Shivam |
| author2 | School of Electrical and Electronic Engineering |
| author_facet | School of Electrical and Electronic Engineering Won, Yoo-Seung Chatterjee, Soham Jap, Dirmanto Basu, Arindam Bhasin, Shivam |
| author_sort | Won, Yoo-Seung |
| collection | NTU |
| description | Commercial machine learning accelerators like Intel neural Compute Stick 2 (NCS2) enable efficient inference on otherwise low resource edge devices. However, these accelerators are also ex- posed to new threats leveraging physical access. In this paper, we present the first results demonstrating practical electromagnetic side-channel attack on NCS2, allowing secret weight recovery from executed models |
| first_indexed | 2024-10-01T03:04:20Z |
| format | Conference Paper |
| id | ntu-10356/153409 |
| institution | Nanyang Technological University |
| language | English |
| last_indexed | 2024-10-01T03:04:20Z |
| publishDate | 2021 |
| record_format | dspace |
| spelling | ntu-10356/1534092021-12-02T05:19:57Z WaC : first results on practical side-channel attacks on commercial machine learning accelerator Won, Yoo-Seung Chatterjee, Soham Jap, Dirmanto Basu, Arindam Bhasin, Shivam School of Electrical and Electronic Engineering 5th Workshop on Attacks and Solutions in Hardware Security (ASHES '21) Temasek Laboratories Science::Mathematics::Discrete mathematics::Cryptography Engineering::Computer science and engineering::Computing methodologies::Artificial intelligence Machine Learning Accelerator Intel Neural Compute Stick 2 Commercial machine learning accelerators like Intel neural Compute Stick 2 (NCS2) enable efficient inference on otherwise low resource edge devices. However, these accelerators are also ex- posed to new threats leveraging physical access. In this paper, we present the first results demonstrating practical electromagnetic side-channel attack on NCS2, allowing secret weight recovery from executed models National Research Foundation (NRF) This research is supported by the National Research Foundation, Singapore, under its National Cybersecurity Research & Development Programme / Cyber-Hardware Forensic & Assurance Evaluation R&D Programme (Award: NRF2018NCR-NCR009-0001) 2021-12-02T05:19:12Z 2021-12-02T05:19:12Z 2021 Conference Paper Won, Y., Chatterjee, S., Jap, D., Basu, A. & Bhasin, S. (2021). WaC : first results on practical side-channel attacks on commercial machine learning accelerator. 5th Workshop on Attacks and Solutions in Hardware Security (ASHES '21), 111-114. https://dx.doi.org/10.1145/3474376.3487284 https://hdl.handle.net/10356/153409 10.1145/3474376.3487284 111 114 en NRF2018NCR-NCR009-0001 © 2021 Association for Computing Machinery. All rights reserved. |
| spellingShingle | Science::Mathematics::Discrete mathematics::Cryptography Engineering::Computer science and engineering::Computing methodologies::Artificial intelligence Machine Learning Accelerator Intel Neural Compute Stick 2 Won, Yoo-Seung Chatterjee, Soham Jap, Dirmanto Basu, Arindam Bhasin, Shivam WaC : first results on practical side-channel attacks on commercial machine learning accelerator |
| title | WaC : first results on practical side-channel attacks on commercial machine learning accelerator |
| title_full | WaC : first results on practical side-channel attacks on commercial machine learning accelerator |
| title_fullStr | WaC : first results on practical side-channel attacks on commercial machine learning accelerator |
| title_full_unstemmed | WaC : first results on practical side-channel attacks on commercial machine learning accelerator |
| title_short | WaC : first results on practical side-channel attacks on commercial machine learning accelerator |
| title_sort | wac first results on practical side channel attacks on commercial machine learning accelerator |
| topic | Science::Mathematics::Discrete mathematics::Cryptography Engineering::Computer science and engineering::Computing methodologies::Artificial intelligence Machine Learning Accelerator Intel Neural Compute Stick 2 |
| url | https://hdl.handle.net/10356/153409 |
| work_keys_str_mv | AT wonyooseung wacfirstresultsonpracticalsidechannelattacksoncommercialmachinelearningaccelerator AT chatterjeesoham wacfirstresultsonpracticalsidechannelattacksoncommercialmachinelearningaccelerator AT japdirmanto wacfirstresultsonpracticalsidechannelattacksoncommercialmachinelearningaccelerator AT basuarindam wacfirstresultsonpracticalsidechannelattacksoncommercialmachinelearningaccelerator AT bhasinshivam wacfirstresultsonpracticalsidechannelattacksoncommercialmachinelearningaccelerator |