|
Recent News
|
|
Education |
|
Publications
|
 |
Stealing Neural Network Structure through Remote FPGA Side-channel Analysis
Yicheng Zhang,
Rozhin Yasaei,
Hao Chen,
Zhou Li,
Mohammad Abdullah Al Faruque
Accepted by IEEE Transactions on Information Forensics and Security (TIFS), August, 2021.
PDF
/
Slides
/
Poster
/
BibTex
We explore whether the structural secret (layers and hyper-parameters) of a victim DNN model can be inferred by a remote attacker who shares the same FPGA board.
We show by implementing on-chip RO-based power monitors, the power consumption of the victim DNN can be sampled at high resolution, which guarantees all layers and hyper-parameters can be reconstructed at high accuracy.
|
 |
Leaky DNN: Stealing Deep-Learning Model Secret with GPU Context-Switching Side-Channel
Junyi Wei*,
Yicheng Zhang*,
Zhe Zhou,
Zhou Li,
Mohammad Abdullah Al Faruque
*Junyi Wei and Yicheng Zhang are both first author.
Accepted by Proceedings of the 50th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Valencia, Spain, June, 2020.
(48/291=16.5% acceptance rate)
PDF
/
Slides
/
Video
/
Code
/
BibTex
We exploit the GPU side-channel based on context-switching penalties.
This side-channel allows us to extract the fine-grained structural secret of a DNN model, including its layer composition and hyper-parameters.
Leveraging this side-channel, we developed an attack prototype named MosConS, which applies LSTM-based inference models to identify the structural secret.
|
|
Honors and Awards
|
Student Travel Grant | 30th USENIX Security Symposium
|
2021
|
Student Travel Grant | 42nd IEEE Symposium on Security and Privacy
|
2021
|
Dean's Distinguished Fellowship Award | UC Riverside
|
2021
|
Sichuan University Scholarship | Sichuan University
|
2014-2018
|
Outstanding Students Leader | Sichuan University
|
2016
|
|
Teaching
|
|
Professional Service
|
Reviewer: ICPS' 20, CYBER' 21, CYBER' 22
Sub-reviewer: DATE'19/'20, CODES+ISSS'20, NDSS'20, DSN'20, RTSS'21, MICRO'22, HPCA'22
Artifact Evaluation: MICRO'22
|
|
About me
|
|