Abstract | ||
---|---|---|
Trained Deep Neural Network (DNN) models have become valuable intellectual property. A new attack surface has emerged for DNNs: model reverse engineering. Several recent attempts have utilized various common side channels. However, recovering DNN parameters, weights and biases, remains a challenge. In this paper, we present a novel attack that utilizes a floating-point timing side channel to reverse-engineer parameters of multi-layer perceptron (MLP) models in software implementation, entirely and precisely. To the best of our knowledge, this is the first work that leverages a floating-point timing side-channel for effective DNN model recovery. |
Year | DOI | Venue |
---|---|---|
2020 | 10.1109/DAC18072.2020.9218707 | 2020 57th ACM/IEEE Design Automation Conference (DAC) |
Keywords | DocType | ISSN |
Deep learning,floating-point arithmetic,multilayer perceptrons (MLP),reverse engineering,side-channel attacks | Conference | 0738-100X |
ISBN | Citations | PageRank |
978-1-7281-1085-1 | 1 | 0.34 |
References | Authors | |
0 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Cheng Gongye | 1 | 6 | 1.85 |
Yunsi Fei | 2 | 421 | 49.26 |
Thomas Wahl | 3 | 103 | 10.21 |