Lower Voltage for Higher Security: Using Voltage Overscaling to Secure Deep Neural Networks

Md Shohidul Islam, Ihsen Alouani, Khaled N. Khasawneh

Research output: Chapter in Book/Report/Conference proceedingConference contribution

8 Citations (Scopus)
97 Downloads (Pure)

Abstract

Deep neural networks (DNNs) are shown to be vulnerable to adversarial attacks—– carefully crafted additive noise that undermines DNNs integrity. Previously proposed defenses against these attacks require substantial overheads, making it challenging to deploy these solutions in power and computational resource-constrained devices, such as embedded systems and the Edge. In this paper, we explore the use of voltage overscaling (VOS) as a lightweight defense against adversarial attacks. Specifically, we exploit the stochastic timing violations of VOS to implement a moving-target defense for DNNs. Our experimental results demonstrate that VOS guarantees effective defense against different attack methods, does not require any software/hardware modifications, and offers a by-product reduction in power consumption.

Original languageEnglish
Title of host publication2021 40th IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2021 - Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781665445078
DOIs
Publication statusPublished - 23 Dec 2021
Externally publishedYes
Event40th IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2021 - Munich, Germany
Duration: 01 Nov 202104 Nov 2021

Publication series

NameIEEE/ACM International Conference on Computer-Aided Design: Proceedings
PublisherIEEE
ISSN (Print)1933-7760
ISSN (Electronic)1558-2434

Conference

Conference40th IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2021
Country/TerritoryGermany
CityMunich
Period01/11/202104/11/2021

Bibliographical note

Publisher Copyright:
© 2021 IEEE.

Keywords

  • Adversarial attacks
  • Approximate computing
  • Machine learning
  • Voltage overscaling

ASJC Scopus subject areas

  • Software
  • Computer Science Applications
  • Computer Graphics and Computer-Aided Design

Fingerprint

Dive into the research topics of 'Lower Voltage for Higher Security: Using Voltage Overscaling to Secure Deep Neural Networks'. Together they form a unique fingerprint.

Cite this