Countermeasures against Fault Injection Attacks in Neural Networks and Processors

T.C. Köylü

Research output: ThesisDissertation (TU Delft)

51 Downloads (Pure)


Machine learning has gained a lot of recognition recently and is now being used in many important applications. However, this recognition was limited in the hardware security area. Especially, very few approaches depend on this powerful tool to detect attacks during operation. This thesis reduces this gap in the field of fault injection attack detection and prevention in neural networks and processors.

This thesis presents our methods of machine learning-based fault attack detection and prevention in different chapters, after providing the background information. Our first idea is to detect fault attacks from the processor’s instruction flow. The essence of the idea is that machine learning algorithms can learn the generated machine instruction sequences of a security-sensitive application. Thereafter, any fault in the instructions can be detected. The thesis demonstrates this idea by using RNN, CAM, and BF. Additionally, it demonstrates how to correct them using Hopfield networks.

The second idea is to use smart sensors to detect fault attacks. The first type of smart sensor is sensitive to multiple changes, such as in clock signal and supply voltage. The thesis demonstrates how to design such a sensor using RO PUFs. The second type of smart sensor is based on the operation of the device. The thesis demonstrates a design for ANNs, where the smart sensor detects fault attacks from discrepancies in neuron activation rates.

The thesis finally presents the idea of preventing fault attacks using smart verification. The first way is attained via a memory verification module, which verifies data from the external memory before processor execution. The second way is designed to protect ANNs via redundancy. However, the thesis presents a way to do this more efficiently, by using smart and selective redundancy.
Original languageEnglish
Awarding Institution
  • Delft University of Technology
  • Hamdioui, S., Supervisor
  • Taouil, M., Advisor
Award date15 Sept 2023
Print ISBNs978-94-6384-472-7
Publication statusPublished - 2023


  • fault injection attack
  • countermeasure
  • machine learning
  • neural networks
  • processor
  • hardware security
  • artificial intelligence


Dive into the research topics of 'Countermeasures against Fault Injection Attacks in Neural Networks and Processors'. Together they form a unique fingerprint.

Cite this