Investigation of Voltage Fault Injection Attacks on NN Inference Utilizing NVM based Weight Storage

被引:0
作者
Chakraborty, Supriya [1 ]
Das, Tamoghno [1 ]
Suri, Manan [1 ]
机构
[1] Indian Inst Technol Delhi, Dept Elect Engn, New Delhi 110016, India
来源
2023 IEEE ASIA PACIFIC CONFERENCE ON CIRCUITS AND SYSTEMS, APCCAS | 2024年
关键词
Fault injection; Flash memory; Hardware security; Non-volatile memory; Neural network; Resistive memory;
D O I
10.1109/APCCAS60141.2023.00018
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
This study investigates the vulnerability of Neural Networks (NNs) with weights stored in commercial Non-Volatile Memory (NVM) chips to Voltage Fault Injection (VFI) attack. In particular, we present the vulnerabilities of NOR Flash and Resistive Random Access Memory (ReRAM) chips to VFI attack. We experimentally inject voltage glitches with similar to 12% variation in power supply compared to the data-sheet specifications. As a case study, we implement two NNs: i) Multilayer Perceptron (MLP) and ii) AlexNet (CNN) trained on Fashion MNIST (FMNIST) and CIFAR-10 datasets respectively. We observe failure of read operations in NVM chips due to VFI. The occurrences of soft errors lead to significant corruption (similar to 91% for FMNIST and similar to 42% for CIFAR-10 datasets) in the trained weights read out. Experimental results show that the inference accuracy of NNs drops to similar to 10% for FMNIST and similar to 14.36% for CIFAR-10.
引用
收藏
页码:26 / 30
页数:5
相关论文
共 32 条
  • [1] ADG1408, Analog Devices Datasheet: 4ohm RON, 4-/8-Channel,15 V/+12 V/5 V iCMOS Multiplexers
  • [2] RESPARC: A Reconfigurable and Energy-Efficient Architecture with Memristive Crossbars for Deep Spiking Neural Networks
    Ankit, Aayush
    Sengupta, Abhronil
    Panda, Priyadarshini
    Roy, Kaushik
    [J]. PROCEEDINGS OF THE 2017 54TH ACM/EDAC/IEEE DESIGN AUTOMATION CONFERENCE (DAC), 2017,
  • [3] [Anonymous], MX25L12835F, "3V,128M-BIT [x1/x 2/x 4]CMOS MXSMIO<(R)> (SERIAL MULTI I/O) FLASH MEMORY
  • [4] The sorcerer's apprentice guide to fault attacks
    Bar-El, H
    Choukri, H
    Naccache, D
    Tunstall, M
    Whelan, C
    [J]. PROCEEDINGS OF THE IEEE, 2006, 94 (02) : 370 - 382
  • [5] Bozzato C., 2019, IACR Transactions on Cryptographic Hardware and Embedded Systems, V2019, P199, DOI DOI 10.13154/TCHES.V2019.I2.199-224
  • [6] Vulnerabilities in MLC NAND Flash Memory Programming: Experimental Analysis, Exploits, and Mitigation Techniques
    Cai, Yu
    Ghose, Saugata
    Luo, Yixin
    Mai, Ken
    Mutlu, Onur
    Haratsch, Erich F.
    [J]. 2017 23RD IEEE INTERNATIONAL SYMPOSIUM ON HIGH PERFORMANCE COMPUTER ARCHITECTURE (HPCA), 2017, : 49 - 60
  • [7] Chakraborty S., 2020, 2020 IEEE INT S CIRC, P1
  • [8] Experimental Study of Adversarial Magnetic Field Exposure Attacks on Toggle MRAM Chips
    Chakraborty, Supriya
    Suri, Manan
    [J]. IEEE TRANSACTIONS ON ELECTRON DEVICES, 2022, 69 (03) : 1480 - 1485
  • [9] Short-Term Memory to Long-Term Memory Transition in a Nanoscale Memristor
    Chang, Ting
    Jo, Sung-Hyun
    Lu, Wei
    [J]. ACS NANO, 2011, 5 (09) : 7669 - 7676
  • [10] Colombier B, 2019, PROCEEDINGS OF THE 2019 IEEE INTERNATIONAL SYMPOSIUM ON HARDWARE ORIENTED SECURITY AND TRUST (HOST), P1, DOI 10.1109/HST.2019.8741030