EdgeML accelerators like Intel Neural Compute Stick 2 (NCS) can enable efficient edge-based inference with complex pre-trained models. The models are loaded in the host (like Raspberry Pi) and then transferred to NCS for inference. In this paper, we demonstrate practical and low-cost cold boot based model recovery attacks on NCS to recover the model architecture and weights, loaded from the Raspberry Pi. The architecture is recovered with 100% success and weights with an error rate of 0.04%. The recovered model reports maximum accuracy loss of 0.5% as compared to original model and allows high fidelity transfer of adversarial examples. We further extend our study to other cold boot attack setups reported in the literature with higher error ...
Model extraction emerges as a critical security threat with attack vectors exploiting both algorithm...
The flourishing of Internet of Things (IoT) has rekindled on-premise computing to allow data to be a...
With new applications made possible by the fusion of edge computing and artificial intelligence (AI)...
Cold boot attacks are semi-invasive attacks which have threatened computer systems over a decade now...
Edge deep learning accelerators are optimised hard ware to enable efficient inference on the edge. T...
Deep neural networks have shown significant improvements in computer vision applications over the la...
With growing popularity, deep learning (DL) models are becoming larger-scale, and only the companies...
Volatile memory like SDRAM, forms an integral part of any computer system. It stores variety of data...
Abstract. In a cold boot attack a cryptosystem is compromised by analysing a noisy version of its in...
The processing of locally harvested data at the physically accessible edge devices opens a new avenu...
The convergence of edge computing and deep learning empowers endpoint hardwares or edge devices to p...
Companies have extensively developed deep Neural Network (DNN) models for a wide range of applicatio...
The use of deep learning models within scientific experimental facilities frequently requires low-la...
Side-channel CPU disassembly is a side-channel attack that allows an adversary to recover instructio...
The significance of security is often overlooked until a catastrophic event occurs. This holds for t...
Model extraction emerges as a critical security threat with attack vectors exploiting both algorithm...
The flourishing of Internet of Things (IoT) has rekindled on-premise computing to allow data to be a...
With new applications made possible by the fusion of edge computing and artificial intelligence (AI)...
Cold boot attacks are semi-invasive attacks which have threatened computer systems over a decade now...
Edge deep learning accelerators are optimised hard ware to enable efficient inference on the edge. T...
Deep neural networks have shown significant improvements in computer vision applications over the la...
With growing popularity, deep learning (DL) models are becoming larger-scale, and only the companies...
Volatile memory like SDRAM, forms an integral part of any computer system. It stores variety of data...
Abstract. In a cold boot attack a cryptosystem is compromised by analysing a noisy version of its in...
The processing of locally harvested data at the physically accessible edge devices opens a new avenu...
The convergence of edge computing and deep learning empowers endpoint hardwares or edge devices to p...
Companies have extensively developed deep Neural Network (DNN) models for a wide range of applicatio...
The use of deep learning models within scientific experimental facilities frequently requires low-la...
Side-channel CPU disassembly is a side-channel attack that allows an adversary to recover instructio...
The significance of security is often overlooked until a catastrophic event occurs. This holds for t...
Model extraction emerges as a critical security threat with attack vectors exploiting both algorithm...
The flourishing of Internet of Things (IoT) has rekindled on-premise computing to allow data to be a...
With new applications made possible by the fusion of edge computing and artificial intelligence (AI)...