Sie verwenden einen Browser, in dem JavaScript deaktiviert ist. Dadurch wird verhindert, dass Sie die volle Funktionalität dieser Webseite nutzen können. Zur Navigation müssen Sie daher die Sitemap nutzen.

You are currently using a browser with deactivated JavaScript. There you can't use all the features of this website. In order to navigate the site, please use the Sitemap .

"S3cure": Scramble, Shuffle and Shambles - Secure Deployment of Weight Matrices in Memristor Crossbar Arrays

Authors:: Galicia, M. , Osman, I. , Owusu-Afriyie, C. , Leupers, R.
Book Title:: Association for Computing Machinery, ACM, ICONS '23: Proceedings of the 2023 International Conference on Neuromorphic Systems
Organization:: RWTH Aachen University
Date:: Aug. 2023
DOI:: 10.1145/3589737.3605964
Language:: English
Abstract:: Crossbar arrays based on emerging memristor technology offer significant power savings when running Artificial Neural Network (ANN) applications. An additional advantage of this technology is its non-volatility, which eliminates the need for costly loading of a complete ANN model from conventional memories, thus saving power and allowing immediate system availability. However, this advantage can arguably be seen as a disadvantage from a security perspective, since the ANN model remains on the crossbar indefinitely and is therefore vulnerable to theft. On the other hand, a disadvantage of the current memristor technology is its significantly limited write endurance. Considering these two constraints, we propose a highly secure and yet simple deployment method: "S3cure", which does not require encryption of individual stored values in the memristor, thus avoiding rewriting after each decryption and also rendering useless any unwanted extraction of the ANN model from the crossbar. In our proposed methodology, the ANN model is permuted before deployment by multiplying the model weight matrices with permutation matrices, and the inverse permutation vectors of these matrices become the access key needed at runtime to correctly exploit the model. The analysis and testing of our "S3cure" method reveals extremely difficult brute-force reverse engineering, proportional to the key size, and also shows a limited one-time performance overhead incurred by this implementation.
Download:: BibTeX