Security of Neural Network Implementations

Contact: Manuel Brosch, Matthias Probst

In recent years, a trend to implement neural networks on edge devices is noticeable. Compared to performing classification in the cloud and just transmitting from and to the edge device, the power efficiency and latency are improved in this so-called edge-AI scenario. However, edge-AI brings also new challenges, such as maintaining the performance of a neural network on a resource constrained device. Moreover, the training itself is a long and costly process. Consequently, a neural network is an asset worth to protect. In the edge-AI scenario, a device can easily fall into the hands of an attacker. Hence, the need for security in the context of AI is higher than ever.

In our research, we focus on secure and efficient HW/SW implementations of neural networks and analyze their side-channel properties, in order to classify the security and provide efficient countermeasures.

The focus of our research is as follows:

  • Side-channel attacks of artificial neural networks, such as MLPs and CNNs
  • Efficient implementations of countermeasures against such attacks

Selected Publications

Brosch, Manuel and Probst, Matthias and Sigl, Georg: Counteract Side-Channel Analysis of Neural Networks by Shuffling. 2022 Design, Automation & Test in Europe Conference & Exhibition (DATE), IEEE, 2022, Antwerp, Belgium