skip to main content
10.1145/3526241.3530828acmconferencesArticle/Chapter ViewAbstractPublication PagesglsvlsiConference Proceedingsconference-collections
research-article
Public Access

Hands-On Teaching of Hardware Security for Machine Learning

Authors Info & Claims
Published:06 June 2022Publication History

ABSTRACT

Hardware security for machine learning (ML) and artificial intelligence (AI) circuits is becoming a major topic within the cybersecurity framework. Although much research is ongoing on this front, the community omits the educational components. In this paper, we present a training module comprised of a set of hands-on experiments that allow teaching hardware security concepts to newcomers. Specifically, we propose 5 experiments and related training material that teach side-channel attacks and defenses on the hardware implementations of neural networks. We report the organization and the findings after testing these experiments with sophomore undergraduate students at North Carolina State University. The students first study the basics of neural networks and then build a neural network inference circuit on a breadboard. They then conduct a differential power analysis attack on the hardware to steal trained weights and a circuit-balancing (hiding) style defense to mitigate the attack. The students develop all related hardware and software codes to perform attacks and build defenses. The results show that such complex notions of digital circuits design, neural networks, and side-channel analysis can be instructed at the sophomore level with a well-thought set of experiments. Future extensions could include establishing an online infrastructure for remote teaching and efficient scaling to a broader audience.

References

  1. Lejla Batina, Shivam Bhasin, Dirmanto Jap, and Stjepan Picek. 2019. CSI NN: Reverse engineering of neural network architectures through electromagnetic side channel. In 28th USENIX Security Symposium (USENIX Security 19). 515--532.Google ScholarGoogle Scholar
  2. Swarup Bhunia and Mark Tehranipoor. 2018. Hardware Security: A Hands-on Learning Approach.Google ScholarGoogle Scholar
  3. Jennifer Callen and Jason E James. 2020. CYBERSECURITY ENGINEERING: THE GROWING NEED. Issues in Information Systems 21, 4 (2020).Google ScholarGoogle Scholar
  4. Joseph Clements and Yingjie Lao. 2019. Hardware Trojan Design on Neural Networks. In 2019 IEEE International Symposium on Circuits and Systems. 1--5.Google ScholarGoogle Scholar
  5. Matthieu Courbariaux and Yoshua Bengio. 2016. BinaryNet: Training Deep Neural Networks with Weights and Activations Constrained to +1 or -1. CoRR abs/1602.02830 (2016). arXiv:1602.02830 http://arxiv.org/abs/1602.02830Google ScholarGoogle Scholar
  6. Mircea Dabacan. 2018. Analog Discovery 2 Reference Manual. Analog Discovery 2 Reference Manual-Digilent Reference (2018).Google ScholarGoogle Scholar
  7. Anuj Dubey, Afzal Ahmad, Muhammad Adeel Pasha, Rosario Cammarota, and Aydin Aysu. 2021. ModuloNET: Neural Networks Meet Modular Arithmetic for Efficient Hardware Masking. IACR Transactions on Cryptographic Hardware and Embedded Systems 2022, 1 (Nov. 2021), 506--556.Google ScholarGoogle Scholar
  8. Anuj Dubey, Rosario Cammarota, and Aydin Aysu. 2020. MaskedNet: The First Hardware Inference Engine Aiming Power Side-Channel Protection. In 2020 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2020, San Jose, CA, USA, December 7--11, 2020. IEEE, 197--208.Google ScholarGoogle Scholar
  9. Louis Goubin and Jacques Patarin. 1999. DES and Differential Power Analysis The "Duplication" Method. In Cryptographic Hardware and Embedded Systems. Springer Berlin Heidelberg, Berlin, Heidelberg, 158--172.Google ScholarGoogle Scholar
  10. Xiaolu Hou, Jakub Breier, Dirmanto Jap, Lei Ma, Shivam Bhasin, and Yang Liu. 2020. Security Evaluation of Deep Neural Network Resistance Against Laser Fault Injection. In 2020 IEEE International Symposium on the Physical and Failure Analysis of Integrated Circuits (IPFA). 1--6.Google ScholarGoogle Scholar
  11. Itay Hubara, Matthieu Courbariaux, Daniel Soudry, Ran El-Yaniv, and Yoshua Bengio. 2016. Binarized neural networks. Advances in neural information processing systems 29 (2016).Google ScholarGoogle Scholar
  12. Paul Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential Power Analysis. In Advances in Cryptology - CRYPTO' 99, Michael Wiener (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 388--397.Google ScholarGoogle Scholar
  13. Paul Kocher, Joshua Jaffe, Benjamin Jun, and Pankaj Rohatgi. 2011. Introduction to differential power analysis. Journal of Cryptographic Engineering 1, 1 (01 Apr 2011), 5--27.Google ScholarGoogle ScholarCross RefCross Ref
  14. Yuntao Liu, Yang Xie, Abhishek Charkraborty, and Ankur Srivastava. 2019. Secure and effective logic locking for machine learning applications. Cryptology ePrint Archive (2019).Google ScholarGoogle Scholar
  15. Stefan Mangard, Elisabeth Oswald, and Thomas Popp. 2008. Power analysis attacks: Revealing the secrets of smart cards. Vol. 31. Springer Science & Business Media.Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Svetla Nikova, Christian Rechberger, and Vincent Rijmen. 2006. Threshold Implementations Against Side-Channel Attacks and Glitches. In Information and Communications Security, Peng Ning, Sihan Qing, and Ninghui Li (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 529--545.Google ScholarGoogle Scholar
  17. Nicolas Sklavos, Ricardo Chaves, Giorgio Di Natale, and Francesco Regazzoni. [n.d.]. Hardware security and trust. ([n. d.]).Google ScholarGoogle Scholar
  18. K. Tiri and I. Verbauwhede. 2004. A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation. In Proceedings Design, Automation and Test in Europe Conference and Exhibition, Vol. 1. 246--251 Vol. 1.Google ScholarGoogle Scholar
  19. Yoo-Seung Won, Soham Chatterjee, Dirmanto Jap, Arindam Basu, and Shivam Bhasin. 2021. DeepFreeze: Cold Boot Attacks and High Fidelity Model Recovery on Commercial EdgeML Device. In 2021 IEEE/ACM International Conference On Computer Aided Design (ICCAD). IEEE, 1--9.Google ScholarGoogle Scholar
  20. Qian Xu, Md Tanvir Arafin, and Gang Qu. 2021. Security of Neural Networks from Hardware Perspective: A Survey and Beyond. In 2021 26th Asia and South Pacific Design Automation Conference (ASP-DAC). 449--454.Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Pengyuan Yu and Patrick Schaumont. 2007. Secure FPGA Circuits Using Controlled Placement and Routing. In Proceedings of the 5th IEEE/ACM International Conference on Hardware/Software Codesign and System Synthesis. ACM, New York, NY, USA, 45--50.Google ScholarGoogle ScholarDigital LibraryDigital Library

Recommendations

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Sign in
  • Published in

    cover image ACM Conferences
    GLSVLSI '22: Proceedings of the Great Lakes Symposium on VLSI 2022
    June 2022
    560 pages
    ISBN:9781450393225
    DOI:10.1145/3526241

    Copyright © 2022 ACM

    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    • Published: 6 June 2022

    Permissions

    Request permissions about this article.

    Request Permissions

    Check for updates

    Qualifiers

    • research-article

    Acceptance Rates

    Overall Acceptance Rate312of1,156submissions,27%

    Upcoming Conference

    GLSVLSI '24
    Great Lakes Symposium on VLSI 2024
    June 12 - 14, 2024
    Clearwater , FL , USA

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader