Dr. Yunsi Fei, Northeastern University
Security of deep neural network (DNN) inference engines, i.e., trained DNN models on various platforms, has become one of the biggest challenges in deploying artificial intelligence in domains where privacy, safety, and reliability are of paramount importance. In addition to classic software attacks such as model inversion and evasion attacks, recently a new attack surface-implementation attacks which include both passive side-channel attacks and active fault injection attacks-is arising, targeting implementation peculiarities of DNNs to breach their confidentiality and integrity. This talk focuses on several new active attacks of deep learning accelerators on different platforms, FPGA and GPU, resulting in image misclassification and integrity breach of deep neural network execution. Our new vector of attacks are first of their kind and reveal a largely under-explored attack surface of DNN inference engines. Insights gained during attack exploration provide valuable guidance for effectively protecting DNN execution against integrity violations.
Dr. Yunsi Fei is a Professor of Electrical and Computer Engineering at Northeastern University, Boston, and directs the Northeastern University Energy-efficient and Secure System (NUEESS) laboratory. She received her BS and MS degrees in Electronic Engineering from Tsinghua University, China, in 1997 and 1999, respectively, and her PhD degree in Electrical Engineering from Princeton University in 2004. Her recent research focuses on hardware-oriented security and trust, side-channel attack analysis and countermeasures, and secure computer architecture and heterogeneous systems. She was a recipient of National Science Foundation CAREER award. She was a general co-chair for CHES (International Conference on Cryptographic Hardware and Embedded Systems) 2019. Currently she is the site director for an NSF Industry University Research Cooperation Center – Center for Hardware and Embedded System Security and Trust (CHEST), and actively engaging with industry partners to address security needs arising in their products and applications.
Bookings are closed for this event.