2020 International Conference On Computer Aided Design

The Premier Conference Devoted to Technical Innovations in Electronic Design Automation

November 2-5, 2020VIRTUAL CONFERENCE

MP Associates, Inc.
WEDNESDAY November 04, 8:00am - 8:30am | Slot 4
EVENT TYPE: SPECIAL SESSION
SESSION 10D
Machine Learning and Hardware Security: Challenges and Opportunities
Moderator:
Shivam Bhasin - Nanyang Technological Univ.
Organizers:
Shivam Bhasin - Nanyang Technical University , Singapore
Francesco Regazzoni - University of Amstedam and ALaRI - USI, The Netherlands
Machine learning techniques have significantly changed our live. They helped improving several of our everyday applications, but they also have been demonstrated to be an extremely helpful tool for more advanced and complex applications. However, the implications on hardware security problems of a massive diffusion of machine learning techniques is still to be completely understood. This special session consists of 4 papers and addresses hardware security issues related with the use of machine learning and threats that classical attacks to hardware can cause to machine learning implementations. The topic is timely, and of interest of the attendees of ICCAD. Machine learning implementations are pervading every aspect of our lives, and their diffusion in IoT devices and Cyber-physical systems expose them to classical hardware security threats such as side channel attacks. Recent results demonstrated the feasibility of the approach. For instance, a recent attack demonstrated that a generic and practical reverse engineering of neural networks on embedded microcontrollers is indeed possible and these threat needs to be addressed in a proper way with dedicated countermeasures. On the other side, machine learning can be used also as a powerful tool to improve the resistance of hardware security or to improve the effectiveness of the attacks. It is thus of crucial importance that designers of future IoT devices and Cyber-physical systems, are aware of the most important security challenges caused by the massive use of machine learning techniques, which needs to be addressed a correct and effective way. [1] Batina, L., Bhasin, S., Jap, D. and Picek, S., 2019. CSI NN: Reverse Engineering of Neural Network Architectures Through Electromagnetic Side Channel. In 28th USENIX Security Symposium (USENIX Security 19) (pp. 515-532). Intended audience (subject area and level of expertise): This special session targets designers of embedded and cyber-physical systems as well as researches in the broad field of machine learning. The attendees will learn about the main implications, challenges and opportunities related to the hardware security field caused by the rapid diffusion of machine learning techniques, as well as their diffusion as an offensive or defensive tool; they will get an updated overview of current threats and attacks to machine learning implementations, the way in which machine learning could help in making constructions more robust, how the same tools can be used to increase the power of the attack, and, finally, the way in which machine learning implementations can be protected. The various facet of the hardware security implication of machine learning will be presented and discussed in depth, allowing the attendees to also acquire a better insight into the new threats that designers have to face and the novel opportunities that can be exploited to increase the robustness of systems.

10D.1Physically Unclonable Functions Extracted from Embedded Neural Networks
 Speaker: Giorgio Di Natale - univ-grenoble-alpes, France
 Authors: Ihab Alshaer - Univ. Grenoble Alpes & TIMA Lab, CNRS/Grenoble INP/UJF, Grenoble, France
Amir Ali Pour - Grenoble INP
David Hely - Grenoble-INP
Vincent Beroulle - Grenoble INP
Elena Ioana Vatajelu - Univ. Grenoble Alps
Giorgio Di Natale - univ-grenoble-alpes, France
10D.2Breaking Side-Channel Countermeasures Through Deep Learning
 Speaker: Aydin Aysu - North Carolina State Univ.
 Authors: Furkan Aydin - North Carolina State Univ.
Priyank Kashyap - North Carolina State Univ.
Seetal Potluri - North Carolina State Univ.
Paul Franzon - North Carolina State Univ.
Aydin Aysu - North Carolina State Univ.
10D.3Model Extraction Attack on Practical BNN Hardware using EM Side-Channel Information
 Speaker: Ville Yli-Mayry - Tohoku Univ.
 Authors: Ville Yli-Mayry - Tohoku Univ.
Akira Ito - Tohoku Univ.
Rei Ueno - Tohoku Univ.
Dirmanto Jap - Temasek Laboratories, NTU
Shivam Bhasin - Temasek Laboratories, NTU Singapore
Naofumi Homma - Tohoku Univ.
10D.4Protections Against Physical Attacks on Machine Learning Hardware
 Speaker: Ilia Polian - Univ. of Stuttgart
 Authors: Ilia Polian - Univ. of Stuttgart
Francesco Regazzoni - University of Amsterdam and ALaRI - USI
10D.5PAPER - Machine Learning and Hardware security: challenges and opportunities
 Speaker: Shivam Bhasin - Temasek Laboratories & National Taiwan Univ.
 Authors: Francesco Regazzoni - Univ. of Amsterdam & ALaRI
Shivam Bhasin - Temasek Laboratories & National Taiwan Univ.
Amir Ali Pour - Grenoble Institute of Technology
Ihab Alshaer - Grenoble Institute of Technology
Furkan Aydin - North Carolina State Univ.
Aydin Aysu - North Carolina State Univ.
Vincent Beroulle - Grenoble Institute of Technology
Giorgio Di Natale - Grenoble Institute of Technology
Paul Franzon - North Carolina State Univ.
David Hely - Grenoble Institute of Technology
Naofumi Homma - Tohoku Univ.
Akira Ito - Tohoku Univ.
Dirmanto Jap - Temasek Laboratories
Priyank Kashyap - North Carolina State Univ.
Ilia Polian - Univ. of Stuttgart
Seetal Potluri - North Carolina State Univ.
Rei Ueno - Tohoku Univ.
Elena Ioana Vatajelu - Grenoble Institute of Technology
Ville Yli-Mayry - Tohoku Univ.