Defend Bit-Flip Attacks with ModelShield Framework Extension

modelshield a generic and portable framework n.w
1 / 7
Embed
Share

Explore ModelShield, a generic and portable framework extension designed to defend against bit-flip-based adversarial weight attacks in deep neural networks. Learn about the protection mechanism, performance optimization, and results achieved in enhancing DNN security and integrity.

  • ModelShield
  • Deep Learning
  • Security
  • Framework Extension
rayaanacharya
flic_lyn Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. ModelShield: A Generic and Portable Framework Extension for Defending Bit-Flip based Adversarial Weight Attacks Yanan Guo1, Liang Liu1, Yueqiang Cheng2, Youtao Zhang1, Jun Yang1 1University of Pittsburgh 2NIO Security Group

  2. Rowhammer + Bit Flip Attack

  3. Defend Bit Flip Attack Hardware Modification High overhead. Takes a time long to verify and deploy the defense. Increase DNN s robustness Can only makes bit flip attack harder but not impossible. Baseline: Modifying 28 weights can make ResNet-20 malfunction. Binarization-aware training: Modifying >500 weights can make ResNet-20 malfunction. Requirements Easy implementation. Compatible with current frameworks. Negligible performance overhead.

  4. ModelShield Protect the integrity of the DNN weights Pre-calculate a hash of the weights in each layer. Use a cryptographic non-keyed hash. Store the hash together with weights in memory. Real-time hash verification. Verify the hash after the inference completes, before sending user the results. Problems What if the attacker change the weights back after inference? What if the attacker modify the weights and hashes together? Answers Hash values are diffused and random. Rowhammer attackers can only perform one-direction flip in a memory row.

  5. Performance Optimization Use high-performance non-cryptographic hash Software hash tree

  6. Results Performance Security

  7. Thank you!

Related


Clean Energy Transition, Scarcity and Urban Mining

Clean Energy Transition, Scarcity and Urban Mining

anisa
Clean Heat Skills and Supply Chains

Clean Heat Skills and Supply Chains

ilyas
Herbal Home Care Products for a Clean and Healthy Lifestyle

Herbal Home Care Products for a Clean and Healthy Lifestyle

alvin
9th Plenary Meeting Clean Hydrogen Mission Agenda and Updates

9th Plenary Meeting Clean Hydrogen Mission Agenda and Updates

estrella
Home Transformation, A Dive Into The Benefits Of Professional House Washing With GREEN N Clean

Home Transformation, A Dive Into The Benefits Of Professional House Washing With GREEN N Clean

Greennclean
Clean Energy DC 2.0: Transformative Climate and Energy Plan for the District of Columbia

Clean Energy DC 2.0: Transformative Climate and Energy Plan for the District of Columbia

marwah
Maintaining Personal Hygiene: Tips to Keep Clean and Fresh

Maintaining Personal Hygiene: Tips to Keep Clean and Fresh

susannah
Clean Air Awareness Campaign: Myths vs. Facts

Clean Air Awareness Campaign: Myths vs. Facts

gethin
Clean Coalition's Fixed Charge Proposal for Local Solar Energy

Clean Coalition's Fixed Charge Proposal for Local Solar Energy

roisin
Research Highlights: Clean Air Initiatives at IIT Delhi (2019-20)

Research Highlights: Clean Air Initiatives at IIT Delhi (2019-20)

buck
Partnership to Advance Clean Energy Deployment (PACE-D) Technical Assistance Program Grid Connectivity & Inspection Procedure

Partnership to Advance Clean Energy Deployment (PACE-D) Technical Assistance Program Grid Connectivity & Inspection Procedure

egypt
Establishment of Decentralized Clean Water Service Providers in Winooski Basin

Establishment of Decentralized Clean Water Service Providers in Winooski Basin

jaquelin
Advancing Clean Energy Economy in Minnesota

Advancing Clean Energy Economy in Minnesota

giavann
Financial Analysis and Management of Clean Energy Technologies

Financial Analysis and Management of Clean Energy Technologies

hephzibah
Advancing Clean Energy Transition in Illinois: Sierra Club's Ready for 100 Campaign Update

Advancing Clean Energy Transition in Illinois: Sierra Club's Ready for 100 Campaign Update

zay_sti
Clean Energy Policy and Carbon Emissions in Nevada

Clean Energy Policy and Carbon Emissions in Nevada

sbake
Manitoba's Climate Action Plan: Fostering Clean Energy and Carbon Pricing

Manitoba's Climate Action Plan: Fostering Clean Energy and Carbon Pricing

stum_omi
EPA Regulations and Clean Air Act: Legal Interpretation

EPA Regulations and Clean Air Act: Legal Interpretation

jusi592
Green Valley Green Committee: Keeping Our Neighborhood Clean and Green

Green Valley Green Committee: Keeping Our Neighborhood Clean and Green

zyke_659
Clean Fuels Forecast Review - August 22nd, 2023 Summary

Clean Fuels Forecast Review - August 22nd, 2023 Summary

meen276
Grid Modernization Policies and Barriers to Clean Energy Overview

Grid Modernization Policies and Barriers to Clean Energy Overview

kadija
The Importance of Clean Water: Insights from Europe

The Importance of Clean Water: Insights from Europe

banister_m

More Related Content