Please use this identifier to cite or link to this item:
https://hdl.handle.net/10356/147150| Title: | Time to leak : cross-device timing attack on edge deep learning accelerator | Authors: | Won, Yoo-Seung Chatterjee, Soham Jap, Dirmanto Bhasin, Shivam Basu, Arindam |
Keywords: | Engineering::Computer science and engineering::Information systems::Information systems applications | Issue Date: | 2021 | Source: | Won, Y., Chatterjee, S., Jap, D., Bhasin, S. & Basu, A. (2021). Time to leak : cross-device timing attack on edge deep learning accelerator. 2021 International Conference on Electronics, Information, and Communication (ICEIC), 1-4. https://dx.doi.org/10.1109/ICEIC51217.2021.9369754 | Abstract: | Edge deep learning accelerators are optimised hard ware to enable efficient inference on the edge. The models deployed on these accelerators are often proprietary and thus sensitive for commercial and privacy reasons. In this paper, we demonstrate practical vulnerability of deployed deep learning models to timing side-channel attacks. By measuring the execution time of the inference, the adversary can determine and reconstruct the model from a known family of well known deep learning model and then use available techniques to recover remaining hyperparameters. The vulnerability is validated on Intel Compute Stick 2 for VGG and ResNet family of models. Moreover, the presented attack is quite devastating as it can be performed in a cross-device setting, where adversary profiles constructed on a legally own device can be used to exploit the victim device with a single query and still can achieve near perfect success rate. | URI: | https://hdl.handle.net/10356/147150 | ISBN: | 978-1-7281-9161-4 | DOI: | 10.1109/ICEIC51217.2021.9369754 | Rights: | © 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. The published version is available at: https://doi.org/10.1109/ICEIC51217.2021.9369754 | Fulltext Permission: | open | Fulltext Availability: | With Fulltext |
| Appears in Collections: | TL Conference Papers |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| 03_ICEIC2021.pdf | 146.25 kB | Adobe PDF |  View/Open |
SCOPUSTM
Citations
50
3
Updated on Jan 28, 2023
Web of ScienceTM
Citations
50
2
Updated on Feb 3, 2023
Page view(s)
233
Updated on Feb 4, 2023
Download(s) 20
262
Updated on Feb 4, 2023
Google ScholarTM
Check
Altmetric
Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.