scholarly journals Fault Injection Attacks in Spiking Neural Networks and Countermeasures

2022 ◽  
Vol 3 ◽  
Author(s):  
Karthikeyan Nagarajan ◽  
Junde Li ◽  
Sina Sayyah Ensan ◽  
Sachhidh Kannan ◽  
Swaroop Ghosh
Keyword(s):  
Neural Networks ◽  
Threshold Voltage ◽  
Classification Accuracy ◽  
Decay Constant ◽  
Fault Injection ◽  
Learning Rate ◽  
Spiking Neural Networks ◽  
Injection Attacks ◽  
Fault Injection Attacks ◽  
The Impact

Spiking Neural Networks (SNN) are fast emerging as an alternative option to Deep Neural Networks (DNN). They are computationally more powerful and provide higher energy-efficiency than DNNs. While exciting at first glance, SNNs contain security-sensitive assets (e.g., neuron threshold voltage) and vulnerabilities (e.g., sensitivity of classification accuracy to neuron threshold voltage change) that can be exploited by the adversaries. We explore global fault injection attacks using external power supply and laser-induced local power glitches on SNN designed using common analog neurons to corrupt critical training parameters such as spike amplitude and neuron’s membrane threshold potential. We also analyze the impact of power-based attacks on the SNN for digit classification task and observe a worst-case classification accuracy degradation of −85.65%. We explore the impact of various design parameters of SNN (e.g., learning rate, spike trace decay constant, and number of neurons) and identify design choices for robust implementation of SNN. We recover classification accuracy degradation by 30–47% for a subset of power-based attacks by modifying SNN training parameters such as learning rate, trace decay constant, and neurons per layer. We also propose hardware-level defenses, e.g., a robust current driver design that is immune to power-oriented attacks, improved circuit sizing of neuron components to reduce/recover the adversarial accuracy degradation at the cost of negligible area, and 25% power overhead. We also propose a dummy neuron-based detection of voltage fault injection at ∼1% power and area overhead each.

An AOP-Based Fault Injection Environment for Cryptographic SystemC Designs

2014 ◽  
Vol 24 (01) ◽  
pp. 1550008 ◽  
Author(s):  
Hassen Mestiri ◽  
Younes Lahbib ◽  
Mohsen Machhout ◽  
Rached Tourki
Keyword(s):  
Fault Injection ◽  
Electronic System ◽  
System Level ◽  
Standard Case ◽  
Fault Attacks ◽  
Injection Attacks ◽  
Electronic System Level ◽  
Fault Injection Attacks ◽  
The Impact ◽  
Simulation Time

The increasing complexity of cryptographic devices requires fast simulation environment in order to test their security against fault attacks. SystemC is one promising candidate in Electronic System Level that allows models to reach higher simulation speed. However in order to enable both fault injection and detection inside a SystemC cryptographic models, its code modification is mandatory. Aspect-Oriented Programming (AOP), which is a new programming paradigm, can be used to test the robustness of the cryptographic models without any code modifications. This may replace real cryptanalysis schemes. In this paper, we present a new methodology to simulate the security fault attacks of cryptographic systems at the Electronic System Level. A fault injection/detection environment is proposed to test the resistance of cryptographic SystemC models against fault injection attacks. The fault injection technique into cryptographic SystemC models is performed using weaving faults by AspectC++ as an AOP programming language. We validate our methodology with two scenarios applied to a SystemC Advanced Encryption Standard case study: the first is related to the impact of the AOP on fault detection capabilities, while the second refers to the impact of the AOP on simulation time and size of the executable files. Simulation results show that this methodology can evaluate perfectly the robustness of a cryptographic design against fault injection attacks. They show that the impact of AOP on simulation time is not significant.

scholarly journals Private circuits II versus fault injection attacks

2015 ◽  
Author(s):  
Henitsoa Rakotomalala ◽  
Xuan Thuy Ngo ◽  
Zakaria Najm ◽  
Jean-Luc Danger ◽  
Sylvain Guilley
Keyword(s):  
Fault Injection ◽  
Injection Attacks ◽  
Fault Injection Attacks

scholarly journals Impact of Low Resolution on Image Recognition with Deep Neural Networks: An Experimental Study

2018 ◽  
Vol 28 (4) ◽  
pp. 735-744 ◽  
Author(s):  
Michał Koziarski ◽  
Bogusław Cyganek
Keyword(s):  
Neural Networks ◽  
Image Recognition ◽  
Classification Accuracy ◽  
Deep Neural Networks ◽  
Dynamic Range ◽  
Super Resolution ◽  
Image Resolution ◽  
Quality Data ◽  
Low Resolution ◽  
The Impact

Abstract Due to the advances made in recent years, methods based on deep neural networks have been able to achieve a state-of-the-art performance in various computer vision problems. In some tasks, such as image recognition, neural-based approaches have even been able to surpass human performance. However, the benchmarks on which neural networks achieve these impressive results usually consist of fairly high quality data. On the other hand, in practical applications we are often faced with images of low quality, affected by factors such as low resolution, presence of noise or a small dynamic range. It is unclear how resilient deep neural networks are to the presence of such factors. In this paper we experimentally evaluate the impact of low resolution on the classification accuracy of several notable neural architectures of recent years. Furthermore, we examine the possibility of improving neural networks’ performance in the task of low resolution image recognition by applying super-resolution prior to classification. The results of our experiments indicate that contemporary neural architectures remain significantly affected by low image resolution. By applying super-resolution prior to classification we were able to alleviate this issue to a large extent as long as the resolution of the images did not decrease too severely. However, in the case of very low resolution images the classification accuracy remained considerably affected.

Sign in / Sign up

Export Citation Format

Share Document