Close

Presentation

TBNet: A Neural Architectural Defense Framework Facilitating DNN Model Protection in Trusted Execution Environments
SessionGlitz, Glam, and Binary Jam: A Symphony of New Security Trends for Deep Neural Networks
DescriptionTrusted Execution Environments (TEEs) have become a promising solution to secure DNN models on edge devices. However, existing solutions either provide inadequate protection or introduce large performance overhead. This paper presents TBNet, a TEE-based defense framework that protects DNN model from a neural architectural perspective. TBNet generates a novel Two-Branch substitution model, to exploit (1) the computational resources in untrusted Rich Execution Environment (REE) for latency reduction and (2) the physically-isolated TEE for model protection. Experimental results on a Raspberry Pi across diverse DNN model architectures and datasets demonstrate that TBNet achieves efficient model protection at a low cost.
Authors
Ziyu Liu
Northeastern University
Tong Zhou
Northeastern University
Yukui Luo
University of Massachusetts, Dartmouth
Xiaolin Xu
Northeastern University
Event Type
Research Manuscript
TimeWednesday, June 263:30pm - 3:45pm PDT
Location3002, 3rd Floor
Topics
AI
Security
Keywords
AI/ML Security/Privacy
Next PresentationNext Presentation
Older and Wise: The Marriage of Device Aging and Intellectual Property Protection of DNNs