Stochastic Training for Side-Channel Resilient AI
By: Anuj Dubey, Aydin Aysu
Potential Business Impact:
Protects smart devices from secret spying.
The confidentiality of trained AI models on edge devices is at risk from side-channel attacks exploiting power and electromagnetic emissions. This paper proposes a novel training methodology to enhance resilience against such threats by introducing randomized and interchangeable model configurations during inference. Experimental results on Google Coral Edge TPU show a reduction in side-channel leakage and a slower increase in t-scores over 20,000 traces, demonstrating robustness against adversarial observations. The defense maintains high accuracy, with about 1% degradation in most configurations, and requires no additional hardware or software changes, making it the only applicable solution for existing Edge TPUs.
Similar Papers
Learning to Localize Leakage of Cryptographic Sensitive Variables
Machine Learning (CS)
Finds hidden secrets in computer power use.
"Energon": Unveiling Transformers from GPU Power and Thermal Side-Channels
Cryptography and Security
Steals secrets from AI by watching computer heat.
Leveraging Generalizability of Image-to-Image Translation for Enhanced Adversarial Defense
CV and Pattern Recognition
Protects AI from being tricked by fake pictures.