Novel Hardware Trojan Attack on Activation Parameters of FPGA-Based DNN Accelerators

Novel Hardware Trojan Attack on Activation Parameters of FPGA-Based DNN Accelerators

Deep neural network (DNN) hardware accelerators are being deployed widely to accelerate the inference process. Security of such accelerators is a major challenge, especially when being deployed in safety-critical systems such as autonomous vehicles. In this letter, we present novel Hardware Trojan (...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE embedded systems letters 2022-09, Vol.14 (3), p.131-134
Hauptverfasser: Mukherjee, Rijoy, Chakraborty, Rajat Subhra
Format: Artikel
Sprache:eng
Schlagworte:
Accelerators
Artificial neural networks
Clocks
Deep neural network (DNN)
Field programmable gate arrays
field-programmable gate array (FPGA)
Hardware
Hardware acceleration
hardware accelerators
Hardware Trojan (HT)
Indexes
Inference
IP networks
Parameter modification
Safety critical
Security
Throughput
Trojan horses
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Deep neural network (DNN) hardware accelerators are being deployed widely to accelerate the inference process. Security of such accelerators is a major challenge, especially when being deployed in safety-critical systems such as autonomous vehicles. In this letter, we present novel Hardware Trojan (HT) attacks on two DNN hardware accelerators, which modifies the activation parameters of the DNN in a field-programmable gate array-based accelerator implementation. The proposed HT is agnostic to the detailed architecture of the DNN. Experimental results demonstrate that the proposed HT is extremely stealthy, and when activated can result in significant degradation in inference accuracy.
ISSN:1943-0663
1943-0671
DOI:10.1109/LES.2022.3159541