Revealing the Secrets of Spiking Neural Networks
The Case of Izhikevich Neuron
Luíza Garaffa (TU Delft - Computer Engineering)
Abdullah Aljuffri (TU Delft - Computer Engineering)
Cezar Rodolfo Wedig Reinbrecht (TU Delft - Computer Engineering)
S Hamdioui (TU Delft - Quantum & Computer Engineering)
M Taouil (TU Delft - Computer Engineering)
Johanna Sepulveda (AirBus Defence and Space GmbH)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
Spiking Neural Networks (SNNs) are a strong candidate to be used in future machine learning applications. SNNs can obtain the same accuracy of complex deep learning networks, while only using a fraction of its power. As a result, an increase in popularity of SNNs is expected in the near future for cyber physical systems, especially in the Internet of Things (IoT) segment. However, SNNs work very different than conventional neural network architectures. Consequently, applying SNNs in the field might introduce new unexpected security vulnerabilities. This paper explores and identifies potential sources of information leakage for the Izhikevich neuron, which is a popular neuron model used in digital implementations of SNNs. Simulations and experiments on FPGA implementation of the spiking neurons show that timing and power can be used to infer important information of the internal functionality of the network. Additionally, the paper demonstrates that is feasible to perform a reverse engineering attack using both power and timing leakage.