A new method for securing binary deep neural networks against model replication attacks using magnetic tunnel junctions

As deep neural networks (DNNs) continue to advance and find widespread applications across various domains, the escalating demands for processing large datasets in artificial intelligence and increasing power density necessitate exploring emerging technologies. In tandem, ensuring the security of DNNs has become paramount amid the growing risks of intellectual property (IP) theft and reverse engineering (RE). In response to these challenges, this paper introduces an efficient approach to safeguarding binary DNNs using spintronic technologies. Our proposed paradigm leverages the read disturbance phenomenon in Magnetic Tunnel Junction (MTJ) devices to fortify DNNs against model replication attacks and reverse engineering attempts. In this innovative approach, during normal DNN operation, weights are read using standard procedures, preserving network accuracy. However, in the event of an intrusion attempt, malicious access to the DNN triggers a high-current read operation, inducing read disturbance. As a result, network accuracy is severely compromised, deterring potential attackers. Extensive simulations substantiate the efficacy of our proposed method in countering model replication attacks in well-established binary DNNs, even under process variations.