WaC : first results on practical side-channel attacks on commercial machine learning accelerator

Commercial machine learning accelerators like Intel neural Compute Stick 2 (NCS2) enable efficient inference on otherwise low resource edge devices. However, these accelerators are also ex- posed to new threats leveraging physical access. In this paper, we present the first results demonstrating pra...

Full description

Saved in:
Bibliographic Details
Main Authors: Won, Yoo-Seung, Chatterjee, Soham, Jap, Dirmanto, Basu, Arindam, Bhasin, Shivam
Other Authors: School of Electrical and Electronic Engineering
Format: Conference or Workshop Item
Language:English
Published: 2021
Subjects:
Online Access:https://hdl.handle.net/10356/153409
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-153409
record_format dspace
spelling sg-ntu-dr.10356-1534092021-12-02T05:19:57Z WaC : first results on practical side-channel attacks on commercial machine learning accelerator Won, Yoo-Seung Chatterjee, Soham Jap, Dirmanto Basu, Arindam Bhasin, Shivam School of Electrical and Electronic Engineering 5th Workshop on Attacks and Solutions in Hardware Security (ASHES '21) Temasek Laboratories Science::Mathematics::Discrete mathematics::Cryptography Engineering::Computer science and engineering::Computing methodologies::Artificial intelligence Machine Learning Accelerator Intel Neural Compute Stick 2 Commercial machine learning accelerators like Intel neural Compute Stick 2 (NCS2) enable efficient inference on otherwise low resource edge devices. However, these accelerators are also ex- posed to new threats leveraging physical access. In this paper, we present the first results demonstrating practical electromagnetic side-channel attack on NCS2, allowing secret weight recovery from executed models National Research Foundation (NRF) This research is supported by the National Research Foundation, Singapore, under its National Cybersecurity Research & Development Programme / Cyber-Hardware Forensic & Assurance Evaluation R&D Programme (Award: NRF2018NCR-NCR009-0001) 2021-12-02T05:19:12Z 2021-12-02T05:19:12Z 2021 Conference Paper Won, Y., Chatterjee, S., Jap, D., Basu, A. & Bhasin, S. (2021). WaC : first results on practical side-channel attacks on commercial machine learning accelerator. 5th Workshop on Attacks and Solutions in Hardware Security (ASHES '21), 111-114. https://dx.doi.org/10.1145/3474376.3487284 https://hdl.handle.net/10356/153409 10.1145/3474376.3487284 111 114 en NRF2018NCR-NCR009-0001 © 2021 Association for Computing Machinery. All rights reserved.
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic Science::Mathematics::Discrete mathematics::Cryptography
Engineering::Computer science and engineering::Computing methodologies::Artificial intelligence
Machine Learning Accelerator
Intel Neural Compute Stick 2
spellingShingle Science::Mathematics::Discrete mathematics::Cryptography
Engineering::Computer science and engineering::Computing methodologies::Artificial intelligence
Machine Learning Accelerator
Intel Neural Compute Stick 2
Won, Yoo-Seung
Chatterjee, Soham
Jap, Dirmanto
Basu, Arindam
Bhasin, Shivam
WaC : first results on practical side-channel attacks on commercial machine learning accelerator
description Commercial machine learning accelerators like Intel neural Compute Stick 2 (NCS2) enable efficient inference on otherwise low resource edge devices. However, these accelerators are also ex- posed to new threats leveraging physical access. In this paper, we present the first results demonstrating practical electromagnetic side-channel attack on NCS2, allowing secret weight recovery from executed models
author2 School of Electrical and Electronic Engineering
author_facet School of Electrical and Electronic Engineering
Won, Yoo-Seung
Chatterjee, Soham
Jap, Dirmanto
Basu, Arindam
Bhasin, Shivam
format Conference or Workshop Item
author Won, Yoo-Seung
Chatterjee, Soham
Jap, Dirmanto
Basu, Arindam
Bhasin, Shivam
author_sort Won, Yoo-Seung
title WaC : first results on practical side-channel attacks on commercial machine learning accelerator
title_short WaC : first results on practical side-channel attacks on commercial machine learning accelerator
title_full WaC : first results on practical side-channel attacks on commercial machine learning accelerator
title_fullStr WaC : first results on practical side-channel attacks on commercial machine learning accelerator
title_full_unstemmed WaC : first results on practical side-channel attacks on commercial machine learning accelerator
title_sort wac : first results on practical side-channel attacks on commercial machine learning accelerator
publishDate 2021
url https://hdl.handle.net/10356/153409
_version_ 1718368038460325888