BrainLeaks: on the privacy-preserving properties of neuromorphic architectures against model inversion attacks

Hamed Poursiami; Ihsen  Alouani; Maryam Parsa

BrainLeaks: on the privacy-preserving properties of neuromorphic architectures against model inversion attacks

Hamed Poursiami
, Ihsen Alouani
, Maryam Parsa

School of Electronics, Electrical Engineering and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

8 Downloads (Pure)

Abstract

With the mainstream integration of machine learning into security-sensitive domains such as healthcare and finance, con-cerns about data privacy have intensified. Conventional artificial neural networks (ANNs) have been found vulnerable to several attacks that can leak sensitive data. Particularly, model inversion (MI) attacks enable the reconstruction of data samples that have been used to train the model. Neuromorphic architectures have emerged as a paradigm shift in neural computing, enabling asynchronous and energy-efficient computation. However, little to no existing work has investigated the privacy of neuromorphic architectures against model inversion. Our study is motivated by the intuition that the non-differentiable aspect of spiking neural networks (SNNs) might result in inherent privacy-preserving properties, especially against gradient-based attacks. To investigate this hypothesis, we propose a thorough exploration of SNNs' privacy-preserving capabilities. Specifically, we develop novel inversion attack strategies that are comprehensively designed to target SNNs, offering a comparative analysis with their conventional ANN counterparts. Our experiments, conducted on diverse event-based and static datasets, demonstrate the effectiveness of the proposed attack strategies and therefore questions the assumption of inherent privacy-preserving in neuromorphic architectures.

Original language	English
Title of host publication	2024 International Conference on Machine Learning and Applications (ICMLA): Proceedings
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	705-712
ISBN (Electronic)	9798350374889
ISBN (Print)	9798350374896
Publication status	Published - 04 Mar 2025
Event	2024 International Conference on Machine Learning and Applications (ICMLA) - Hyatt Regency Coral Gables, Miami, United States Duration: 18 Dec 2024 → 20 Dec 2024 https://www.icmla-conference.org/icmla24/

Publication series

Name	International Conference on Machine Learning and Applications (ICMLA): Proceedings
ISSN (Print)	1946-0740
ISSN (Electronic)	1946-0759

Conference

Conference	2024 International Conference on Machine Learning and Applications (ICMLA)
Abbreviated title	ICMLA24
Country/Territory	United States
City	Miami
Period	18/12/2024 → 20/12/2024
Internet address	https://www.icmla-conference.org/icmla24/

Publications and Copyright Policy

This work is licensed under Queen’s Research Publications and Copyright Policy.

Keywords

BrainLeaks
privacy-preserving properties
neuromorphic
model inversion attacks

Access to Document

BrainLeaks: on the privacy-preserving properties of neuromorphic architectures against model inversion attacks
Copyright 2025 the authors. This is an accepted manuscript distributed under a Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium, provided the author and source are cited.
Accepted author manuscript, 1.22 MBLicence: CC BY

Cite this

Poursiami, H., Alouani, I., & Parsa, M. (2025). BrainLeaks: on the privacy-preserving properties of neuromorphic architectures against model inversion attacks. In 2024 International Conference on Machine Learning and Applications (ICMLA): Proceedings (pp. 705-712). (International Conference on Machine Learning and Applications (ICMLA): Proceedings). Institute of Electrical and Electronics Engineers Inc..

Poursiami, Hamed ; Alouani, Ihsen ; Parsa, Maryam. / BrainLeaks: on the privacy-preserving properties of neuromorphic architectures against model inversion attacks. 2024 International Conference on Machine Learning and Applications (ICMLA): Proceedings. Institute of Electrical and Electronics Engineers Inc., 2025. pp. 705-712 (International Conference on Machine Learning and Applications (ICMLA): Proceedings).

@inproceedings{0106264ed57340f29886ca970144e025,

title = "BrainLeaks: on the privacy-preserving properties of neuromorphic architectures against model inversion attacks",

abstract = "With the mainstream integration of machine learning into security-sensitive domains such as healthcare and finance, con-cerns about data privacy have intensified. Conventional artificial neural networks (ANNs) have been found vulnerable to several attacks that can leak sensitive data. Particularly, model inversion (MI) attacks enable the reconstruction of data samples that have been used to train the model. Neuromorphic architectures have emerged as a paradigm shift in neural computing, enabling asynchronous and energy-efficient computation. However, little to no existing work has investigated the privacy of neuromorphic architectures against model inversion. Our study is motivated by the intuition that the non-differentiable aspect of spiking neural networks (SNNs) might result in inherent privacy-preserving properties, especially against gradient-based attacks. To investigate this hypothesis, we propose a thorough exploration of SNNs' privacy-preserving capabilities. Specifically, we develop novel inversion attack strategies that are comprehensively designed to target SNNs, offering a comparative analysis with their conventional ANN counterparts. Our experiments, conducted on diverse event-based and static datasets, demonstrate the effectiveness of the proposed attack strategies and therefore questions the assumption of inherent privacy-preserving in neuromorphic architectures. ",

keywords = "BrainLeaks, privacy-preserving properties, neuromorphic, model inversion attacks",

author = "Hamed Poursiami and Ihsen Alouani and Maryam Parsa",

year = "2025",

month = mar,

day = "4",

language = "English",

isbn = "9798350374896",

series = "International Conference on Machine Learning and Applications (ICMLA): Proceedings",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "705--712",

booktitle = "2024 International Conference on Machine Learning and Applications (ICMLA): Proceedings",

address = "United States",

note = "2024 International Conference on Machine Learning and Applications (ICMLA), ICMLA24 ; Conference date: 18-12-2024 Through 20-12-2024",

url = "https://www.icmla-conference.org/icmla24/",

}

Poursiami, H, Alouani, I & Parsa, M 2025, BrainLeaks: on the privacy-preserving properties of neuromorphic architectures against model inversion attacks. in 2024 International Conference on Machine Learning and Applications (ICMLA): Proceedings. International Conference on Machine Learning and Applications (ICMLA): Proceedings, Institute of Electrical and Electronics Engineers Inc., pp. 705-712, 2024 International Conference on Machine Learning and Applications (ICMLA), Miami, Florida, United States, 18/12/2024.

BrainLeaks: on the privacy-preserving properties of neuromorphic architectures against model inversion attacks. / Poursiami, Hamed; Alouani, Ihsen ; Parsa, Maryam.
2024 International Conference on Machine Learning and Applications (ICMLA): Proceedings. Institute of Electrical and Electronics Engineers Inc., 2025. p. 705-712 (International Conference on Machine Learning and Applications (ICMLA): Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - BrainLeaks: on the privacy-preserving properties of neuromorphic architectures against model inversion attacks

AU - Poursiami, Hamed

AU - Alouani, Ihsen

AU - Parsa, Maryam

PY - 2025/3/4

Y1 - 2025/3/4

N2 - With the mainstream integration of machine learning into security-sensitive domains such as healthcare and finance, con-cerns about data privacy have intensified. Conventional artificial neural networks (ANNs) have been found vulnerable to several attacks that can leak sensitive data. Particularly, model inversion (MI) attacks enable the reconstruction of data samples that have been used to train the model. Neuromorphic architectures have emerged as a paradigm shift in neural computing, enabling asynchronous and energy-efficient computation. However, little to no existing work has investigated the privacy of neuromorphic architectures against model inversion. Our study is motivated by the intuition that the non-differentiable aspect of spiking neural networks (SNNs) might result in inherent privacy-preserving properties, especially against gradient-based attacks. To investigate this hypothesis, we propose a thorough exploration of SNNs' privacy-preserving capabilities. Specifically, we develop novel inversion attack strategies that are comprehensively designed to target SNNs, offering a comparative analysis with their conventional ANN counterparts. Our experiments, conducted on diverse event-based and static datasets, demonstrate the effectiveness of the proposed attack strategies and therefore questions the assumption of inherent privacy-preserving in neuromorphic architectures.

AB - With the mainstream integration of machine learning into security-sensitive domains such as healthcare and finance, con-cerns about data privacy have intensified. Conventional artificial neural networks (ANNs) have been found vulnerable to several attacks that can leak sensitive data. Particularly, model inversion (MI) attacks enable the reconstruction of data samples that have been used to train the model. Neuromorphic architectures have emerged as a paradigm shift in neural computing, enabling asynchronous and energy-efficient computation. However, little to no existing work has investigated the privacy of neuromorphic architectures against model inversion. Our study is motivated by the intuition that the non-differentiable aspect of spiking neural networks (SNNs) might result in inherent privacy-preserving properties, especially against gradient-based attacks. To investigate this hypothesis, we propose a thorough exploration of SNNs' privacy-preserving capabilities. Specifically, we develop novel inversion attack strategies that are comprehensively designed to target SNNs, offering a comparative analysis with their conventional ANN counterparts. Our experiments, conducted on diverse event-based and static datasets, demonstrate the effectiveness of the proposed attack strategies and therefore questions the assumption of inherent privacy-preserving in neuromorphic architectures.

KW - BrainLeaks

KW - privacy-preserving properties

KW - neuromorphic

KW - model inversion attacks

M3 - Conference contribution

SN - 9798350374896

T3 - International Conference on Machine Learning and Applications (ICMLA): Proceedings

SP - 705

EP - 712

BT - 2024 International Conference on Machine Learning and Applications (ICMLA): Proceedings

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2024 International Conference on Machine Learning and Applications (ICMLA)

Y2 - 18 December 2024 through 20 December 2024

ER -

Poursiami H, Alouani I, Parsa M. BrainLeaks: on the privacy-preserving properties of neuromorphic architectures against model inversion attacks. In 2024 International Conference on Machine Learning and Applications (ICMLA): Proceedings. Institute of Electrical and Electronics Engineers Inc. 2025. p. 705-712. (International Conference on Machine Learning and Applications (ICMLA): Proceedings).

BrainLeaks: on the privacy-preserving properties of neuromorphic architectures against model inversion attacks

Abstract

Publication series

Conference

Publications and Copyright Policy

Keywords

Access to Document

Fingerprint

Cite this