Poster

None, None; None, None; None, None; None, None

Poster

Recovering the input of neural networks via single shot side-channel attacks

Conference Paper (2019)

Author(s)

Lejla Batina (Radboud Universiteit Nijmegen)

Shivam Bhasin (Nanyang Technological University)

Dirmanto Jap (Nanyang Technological University)

Stjepan Picek (TU Delft - Electrical Engineering, Mathematics and Computer Science)

Research Group

Cyber Security

Side-channel analysis Neural networks Input recovery

DOI related publication

https://doi.org/10.1145/3319535.3363280 Final published version

To reference this document use

https://resolver.tudelft.nl/uuid:084d602e-3861-4e04-b0d6-3fb198fc3418

More Info

expand_more

Publication Year

2019

Language

English

Research Group

Cyber Security

Pages (from-to)

2657-2659

ISBN (electronic)

978-1-4503-6747-9

Event

26th ACM SIGSAC Conference on Computer and Communications Security, CCS 2019 (2019-11-11 - 2019-11-15), London, United Kingdom

Downloads counter

177

Abstract

The interplay between machine learning and security is becoming more prominent. New applications using machine learning also bring new security risks. Here, we show it is possible to reverse-engineer the inputs to a neural network with only a single-shot side-channel measurement assuming the attacker knows the neural network architecture being used.