PrometheusFree: Concurrent Detection of Laser Fault Injection Attacks in Optical Neural Networks
Kota Nishida, Yoshihiro Midoh, Noriyuki Miura, Satoshi Kawakami, Alex Orailoglu, Jun Shiomi
基于硅光子学的AI加速器(SPAA)被认为是有前途的AI加速器,可实现高能效和低延迟。 虽然许多研究人员专注于提高SPAA的能源效率和延迟,但他们的物理安全性直到最近才受到关注。 虽然提供强大的光学神经网络推理方法至关重要,但它们的成功和采用取决于它们提供安全执行环境的能力。 为此,本文提出了PrometheusFree,一种能够并发检测激光故障注入攻击的光学神经网络框架。 本文首先对SPA提出了激光故障注入攻击的示例性威胁,能够将光学神经网络引入错误分类。 然后通过开发同时检测激光故障喷射攻击的技术来解决本文中的威胁。 此外,本文介绍了波长划分扰动(WDP)技术的一种新颖应用,其中利用波长依赖的矢量矩阵乘法(VMM)结果来提高故障攻击检测精度。 模拟结果表明,PrometheusFree实现了超过96%的攻击引起的错误预测召回,因为使用WDP技术将攻击成功率平均降低了38.6%。 与以前的技术相比,PrometheusFree将平均攻击成功率限制在0.019,减少了95.3%。 实验结果证实了并发检测的优越性以及WDP方法所赋予的攻击检测能力的提升。
Silicon Photonics-based AI Accelerators (SPAAs) have been considered as promising AI accelerators achieving high energy efficiency and low latency. While many researchers focus on improving SPAAs' energy efficiency and latency, their physical security has only recently received attention. While it is essential to deliver strong optical neural network inferencing approaches, their success and adoption are predicated on their ability to deliver a secure execution environment. Towards this end, thi...
