Harnessing ML privacy by design through crossbar array non-idealities

Md Shohidul Islam; Sankha B.  Dutta; Andres Marquez; Ihsen  Alouani; Khaled N. Khasawneh

Harnessing ML privacy by design through crossbar array non-idealities

Md Shohidul Islam
, Sankha B. Dutta
, Andres Marquez
, Ihsen Alouani
, Khaled N. Khasawneh

School of Electronics, Electrical Engineering and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

27 Downloads (Pure)

Abstract

Deep Neural Networks (DNNs), handling compute- and data-intensive tasks, often utilize accelerators like Resistive- switching Random-access Memory (RRAM) crossbar for energy- efficient in-memory computation. Despite RRAM's inherent non- idealities causing deviations in DNN output, this study transforms the weakness into strength. By leveraging RRAM non-idealities, the research enhances privacy protection against Membership Inference Attacks (MIAs), which reveal private information from training data. RRAM non-idealities disrupt MIA features, increasing model robustness and revealing a privacy-accuracy tradeoff. Empirical results with four MIAs and DNNs trained on different datasets demonstrate significant privacy leakage reduction with a minor accuracy drop (e.g., up to 2.8% for ResNet-18 with CIFAR-100).

Original language	English
Title of host publication	Design, Automation & Test in Europe Conference & Exhibition (DATE 2024): proceedings
Publisher	Institute of Electrical and Electronics Engineers Inc.
Number of pages	2
ISBN (Electronic)	9783981926385
ISBN (Print)	9798350348606
Publication status	Published - 10 Jun 2024
Event	Design, Automation and Test in Europe Conference 2024 - Valencia, Spain Duration: 25 Mar 2024 → 27 Mar 2024 https://www.date-conference.com/

Publication series

Name	Design, Automation & Test in Europe Conference & Exhibition: proceedings
ISSN (Print)	1530-1591
ISSN (Electronic)	1558-1101

Conference

Conference	Design, Automation and Test in Europe Conference 2024
Abbreviated title	DATE 2024
Country/Territory	Spain
City	Valencia
Period	25/03/2024 → 27/03/2024
Internet address	https://www.date-conference.com/

Keywords

harnessing ML privacy
by design
crossbar array non-idealities

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

Harnessing ML privacy by design through crossbar array non-idealities
Copyright 2024 EDAA. This work is made available online in accordance with the publisher’s policies. Please refer to any applicable terms of use of the publisher.
Accepted author manuscript, 207 KBLicence: Unspecified

Cite this

Islam, M. S., Dutta, S. B., Marquez, A., Alouani, I., & Khasawneh, K. N. (2024). Harnessing ML privacy by design through crossbar array non-idealities. In Design, Automation & Test in Europe Conference & Exhibition (DATE 2024): proceedings (Design, Automation & Test in Europe Conference & Exhibition: proceedings). Institute of Electrical and Electronics Engineers Inc..

@inproceedings{48c643c2106d4b0b8543698fd7fb96a7,

title = "Harnessing ML privacy by design through crossbar array non-idealities",

abstract = "Deep Neural Networks (DNNs), handling compute- and data-intensive tasks, often utilize accelerators like Resistive- switching Random-access Memory (RRAM) crossbar for energy- efficient in-memory computation. Despite RRAM's inherent non- idealities causing deviations in DNN output, this study transforms the weakness into strength. By leveraging RRAM non-idealities, the research enhances privacy protection against Membership Inference Attacks (MIAs), which reveal private information from training data. RRAM non-idealities disrupt MIA features, increasing model robustness and revealing a privacy-accuracy tradeoff. Empirical results with four MIAs and DNNs trained on different datasets demonstrate significant privacy leakage reduction with a minor accuracy drop (e.g., up to 2.8\% for ResNet-18 with CIFAR-100). ",

keywords = "harnessing ML privacy, by design, crossbar array non-idealities",

author = "Islam, \{Md Shohidul\} and Dutta, \{Sankha B.\} and Andres Marquez and Ihsen Alouani and Khasawneh, \{Khaled N.\}",

year = "2024",

month = jun,

day = "10",

language = "English",

isbn = "9798350348606",

series = "Design, Automation \& Test in Europe Conference \& Exhibition: proceedings",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "Design, Automation \& Test in Europe Conference \& Exhibition (DATE 2024): proceedings",

address = "United States",

note = "Design, Automation and Test in Europe Conference 2024, DATE 2024 ; Conference date: 25-03-2024 Through 27-03-2024",

url = "https://www.date-conference.com/",

}

Islam, MS, Dutta, SB, Marquez, A, Alouani, I & Khasawneh, KN 2024, Harnessing ML privacy by design through crossbar array non-idealities. in Design, Automation & Test in Europe Conference & Exhibition (DATE 2024): proceedings. Design, Automation & Test in Europe Conference & Exhibition: proceedings, Institute of Electrical and Electronics Engineers Inc., Design, Automation and Test in Europe Conference 2024, Valencia, Spain, 25/03/2024.

Harnessing ML privacy by design through crossbar array non-idealities. / Islam, Md Shohidul; Dutta, Sankha B. ; Marquez, Andres et al.
Design, Automation & Test in Europe Conference & Exhibition (DATE 2024): proceedings. Institute of Electrical and Electronics Engineers Inc., 2024. (Design, Automation & Test in Europe Conference & Exhibition: proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Harnessing ML privacy by design through crossbar array non-idealities

AU - Islam, Md Shohidul

AU - Dutta, Sankha B.

AU - Marquez, Andres

AU - Alouani, Ihsen

AU - Khasawneh, Khaled N.

PY - 2024/6/10

Y1 - 2024/6/10

N2 - Deep Neural Networks (DNNs), handling compute- and data-intensive tasks, often utilize accelerators like Resistive- switching Random-access Memory (RRAM) crossbar for energy- efficient in-memory computation. Despite RRAM's inherent non- idealities causing deviations in DNN output, this study transforms the weakness into strength. By leveraging RRAM non-idealities, the research enhances privacy protection against Membership Inference Attacks (MIAs), which reveal private information from training data. RRAM non-idealities disrupt MIA features, increasing model robustness and revealing a privacy-accuracy tradeoff. Empirical results with four MIAs and DNNs trained on different datasets demonstrate significant privacy leakage reduction with a minor accuracy drop (e.g., up to 2.8% for ResNet-18 with CIFAR-100).

AB - Deep Neural Networks (DNNs), handling compute- and data-intensive tasks, often utilize accelerators like Resistive- switching Random-access Memory (RRAM) crossbar for energy- efficient in-memory computation. Despite RRAM's inherent non- idealities causing deviations in DNN output, this study transforms the weakness into strength. By leveraging RRAM non-idealities, the research enhances privacy protection against Membership Inference Attacks (MIAs), which reveal private information from training data. RRAM non-idealities disrupt MIA features, increasing model robustness and revealing a privacy-accuracy tradeoff. Empirical results with four MIAs and DNNs trained on different datasets demonstrate significant privacy leakage reduction with a minor accuracy drop (e.g., up to 2.8% for ResNet-18 with CIFAR-100).

KW - harnessing ML privacy

KW - by design

KW - crossbar array non-idealities

M3 - Conference contribution

SN - 9798350348606

T3 - Design, Automation & Test in Europe Conference & Exhibition: proceedings

BT - Design, Automation & Test in Europe Conference & Exhibition (DATE 2024): proceedings

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - Design, Automation and Test in Europe Conference 2024

Y2 - 25 March 2024 through 27 March 2024

ER -

Harnessing ML privacy by design through crossbar array non-idealities

Abstract

Publication series

Conference

Keywords

UN SDGs

Access to Document

Fingerprint

Cite this