Version 1
: Received: 4 September 2024 / Approved: 4 September 2024 / Online: 4 September 2024 (13:15:02 CEST)
How to cite:
Hong, S.; Kang, H.; Lee, Y.; Kim, G.; Ha, J. A Countermeasure to Glitch-based Fault Injection Attacks on Deep Neural Networks. Preprints2024, 2024090373. https://doi.org/10.20944/preprints202409.0373.v1
Hong, S.; Kang, H.; Lee, Y.; Kim, G.; Ha, J. A Countermeasure to Glitch-based Fault Injection Attacks on Deep Neural Networks. Preprints 2024, 2024090373. https://doi.org/10.20944/preprints202409.0373.v1
Hong, S.; Kang, H.; Lee, Y.; Kim, G.; Ha, J. A Countermeasure to Glitch-based Fault Injection Attacks on Deep Neural Networks. Preprints2024, 2024090373. https://doi.org/10.20944/preprints202409.0373.v1
APA Style
Hong, S., Kang, H., Lee, Y., Kim, G., & Ha, J. (2024). A Countermeasure to Glitch-based Fault Injection Attacks on Deep Neural Networks. Preprints. https://doi.org/10.20944/preprints202409.0373.v1
Chicago/Turabian Style
Hong, S., Gwangyeol Kim and Jaecheol Ha. 2024 "A Countermeasure to Glitch-based Fault Injection Attacks on Deep Neural Networks" Preprints. https://doi.org/10.20944/preprints202409.0373.v1
Abstract
Recently, deep neural networks (DNNs) have been widely used in various fields such as autonomous vehicles and smart homes. Since these DNNs can be directly implemented on edge devices, they offer advantages such as real-time processing in low-power and low-bandwidth environments. However, deployment of DNNs in embedded systems, including edge devices, exposes them to threats such as fault injection attacks. In this paper, we introduce two methods to induce misclassifications by using clock and voltage glitch-based fault attacks in devices where DNN models are executed. As a result of experiments on a microcontroller implemented with a DNN for image classification, we show that glitch injection attacks can lead with high probability to serious misclassifications. Furthermore, we propose a countermeasure to glitch attacks on the softmax function, and confirm that this method is effective in preventing misclassifications.
Computer Science and Mathematics, Security Systems
Copyright:
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.