Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/147150
Title: Time to leak : cross-device timing attack on edge deep learning accelerator
Authors: Won, Yoo-Seung
Chatterjee, Soham
Jap, Dirmanto
Bhasin, Shivam
Basu, Arindam
Keywords: Engineering::Computer science and engineering::Information systems::Information systems applications
Issue Date: 2021
Source: Won, Y., Chatterjee, S., Jap, D., Bhasin, S. & Basu, A. (2021). Time to leak : cross-device timing attack on edge deep learning accelerator. 2021 International Conference on Electronics, Information, and Communication (ICEIC), 1-4. https://dx.doi.org/10.1109/ICEIC51217.2021.9369754
Abstract: Edge deep learning accelerators are optimised hard ware to enable efficient inference on the edge. The models deployed on these accelerators are often proprietary and thus sensitive for commercial and privacy reasons. In this paper, we demonstrate practical vulnerability of deployed deep learning models to timing side-channel attacks. By measuring the execution time of the inference, the adversary can determine and reconstruct the model from a known family of well known deep learning model and then use available techniques to recover remaining hyperparameters. The vulnerability is validated on Intel Compute Stick 2 for VGG and ResNet family of models. Moreover, the presented attack is quite devastating as it can be performed in a cross-device setting, where adversary profiles constructed on a legally own device can be used to exploit the victim device with a single query and still can achieve near perfect success rate.
URI: https://hdl.handle.net/10356/147150
ISBN: 978-1-7281-9161-4
DOI: 10.1109/ICEIC51217.2021.9369754
Rights: © 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. The published version is available at: https://doi.org/10.1109/ICEIC51217.2021.9369754
Fulltext Permission: open
Fulltext Availability: With Fulltext
Appears in Collections:TL Conference Papers

Files in This Item:
File Description SizeFormat 
03_ICEIC2021.pdf146.25 kBAdobe PDFThumbnail
View/Open

SCOPUSTM   
Citations 50

3
Updated on Jan 28, 2023

Web of ScienceTM
Citations 50

2
Updated on Feb 3, 2023

Page view(s)

233
Updated on Feb 4, 2023

Download(s) 20

262
Updated on Feb 4, 2023

Google ScholarTM

Check

Altmetric


Plumx

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.