Poster
Recovering the input of neural networks via single shot side-channel attacks
Conference Paper
(2019)
Author(s)
L. Batina (Radboud Universiteit Nijmegen)
Shivam Bhasin (Nanyang Technological University)
D. Jap (Nanyang Technological University)
S. Picek (TU Delft - Cyber Security)
Research Group
Cyber Security
DOI related publication
https://doi.org/10.1145/3319535.3363280
To reference this document use:
https://resolver.tudelft.nl/uuid:084d602e-3861-4e04-b0d6-3fb198fc3418
More Info
expand_more
expand_more
Publication Year
2019
Language
English
Research Group
Cyber Security
Pages (from-to)
2657-2659
ISBN (electronic)
978-1-4503-6747-9
Abstract
The interplay between machine learning and security is becoming more prominent. New applications using machine learning also bring new security risks. Here, we show it is possible to reverse-engineer the inputs to a neural network with only a single-shot side-channel measurement assuming the attacker knows the neural network architecture being used.
No files available
Metadata only record. There are no files for this record.