Abstract
The use of hardware accelerators for convolutional neural networks (CNN) is on the rise due to the popularity of artificial intelligence in autonomous vehicles, industrial control systems, and intrusion detection techniques. However, the security of these designs is undermined by emerging attacks on the integrated circuits (IC) supply chain, such as hardware Trojan insertion. The latter consists of malicious modifications of the design to sabotage its functionality or leak sensitive information. This type of attack can significantly undermine the trustworthiness of artificial intelligence(AI) based systems and limit their applications. This paper investigates a new Hardware Trojan attack that targets the pooling layer of CNN implementations. We show that the accuracy of CNN is reduced by up to 30%. The work subsequently develops countermeasures to mitigate these risks. Based on an implementation of the MobileNets CNN architecture, our results demonstrate the ability of the proposed defence mechanism of early detection of reduced classification accuracy, which is caused by a Trojan insertion.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
