首页 /研究 /Review of security techniques for memristor computing systems
LEARNING

Review of security techniques for memristor computing systems

Minhui Zou, Nan Du, Shahar Kvatinsky

发表年份
2022
引用次数
9
访问权限
开放获取

摘要

Neural network (NN) algorithms have become the dominant tool in visual object recognition, natural language processing, and robotics. To enhance the computational efficiency of these algorithms, in comparison to the traditional von Neuman computing architectures, researchers have been focusing on memristor computing systems. A major drawback when using memristor computing systems today is that, in the artificial intelligence (AI) era, well-trained NN models are intellectual property and, when loaded in the memristor computing systems, face theft threats, especially when running in edge devices. An adversary may steal the well-trained NN models through advanced attacks such as learning attacks and side-channel analysis. In this paper, we review different security techniques for protecting memristor computing systems. Two threat models are described based on their assumptions regarding the adversary’s capabilities: a black-box (BB) model and a white-box (WB) model. We categorize the existing security techniques into five classes in the context of these threat models: thwarting learning attacks (BB), thwarting side-channel attacks (BB), NN model encryption (WB), NN weight transformation (WB), and fingerprint embedding (WB). We also present a cross-comparison of the limitations of the security techniques. This paper could serve as an aid when designing secure memristor computing systems.

关键词

MemristorComputer scienceArtificial intelligenceAdversaryContext (archaeology)Edge computingArtificial neural networkDeep learningComputer securityEmbedding

相关论文

查看 LEARNING 分类全部论文