Poster: Recovering the input of neural networks via single shot side-channel attacks

Lejla Batina, Shivam Bhasin, Dirmanto Jap, Stjepan Picek

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

3 Citations (Scopus)

Abstract

The interplay between machine learning and security is becoming more prominent. New applications using machine learning also bring new security risks. Here, we show it is possible to reverse-engineer the inputs to a neural network with only a single-shot side-channel measurement assuming the attacker knows the neural network architecture being used.

Original languageEnglish
Title of host publicationCCS '19
Subtitle of host publicationProceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security
Place of PublicationNew York
PublisherAssociation for Computing Machinery (ACM)
Pages2657-2659
Number of pages3
ISBN (Electronic)978-1-4503-6747-9
DOIs
Publication statusPublished - 2019
Event26th ACM SIGSAC Conference on Computer and Communications Security, CCS 2019 - London, United Kingdom
Duration: 11 Nov 201915 Nov 2019

Conference

Conference26th ACM SIGSAC Conference on Computer and Communications Security, CCS 2019
CountryUnited Kingdom
CityLondon
Period11/11/1915/11/19

Keywords

  • Input recovery
  • Neural networks
  • Side-channel analysis

Fingerprint

Dive into the research topics of 'Poster: Recovering the input of neural networks via single shot side-channel attacks'. Together they form a unique fingerprint.

Cite this