SCA Strikes Back: Reverse Engineering Neural Network Architectures using Side Channels

This paper was selected for Top Picks in Hardware and Embedded Security 2020 and it presents a physical side-channel attack aiming at reverse engineering neural networks implemented on an edge device. The attack does not need access to training data and allows for neural network recovery by feeding known random inputs. We successfully reverse...

CSI NN: Reverse engineering of neural network architectures through electromagnetic side channel

Machine learning has become mainstream across industries. Numerous examples prove the validity of it for security applications. In this work, we investigate how to reverse engineer a neural network by using side-channel information such as timing and electromagnetic (EM) emanations. To this end, we consider multilayer perceptron and...