Close

Presentation

Defending Membership Inference Attack on Edge using Trusted Execution Environments
SessionWednesday Work-in-Progress Posters
DescriptionPrivacy concerns arise from malicious attacks on Deep Neural Network (DNN) applications during sensitive data inference on edge devices. Our proposed defense method addresses limitations in existing Trusted Execution Environments (TEEs) by employing depth-wise layer partitioning for large DNNs and a model quantization strategy. This enhances protection against both white-box and black-box Membership Inference Attacks (MIAs) while accelerating computation. Experiments on Raspberry Pi 3B+ demonstrate significant reductions in white-box MIA accuracy (up to 35.3%) and black-box MIA accuracy (up to 29.6%) for popular DNN models (AlexNet, VGG-16, ResNet-20) on CIFAR-100 dataset.
Authors
Cheng-Yun Yang
Purdue University
Gowri Ramshankar
Purdue University
Sudarshan Nambiar
Purdue University
Evan Miller
Purdue University
Xun Zhang
Purdue University
Nicholas Eliopoulos
Purdue University
Purvish Jajal
Purdue University
Dave Tian
Purdue University
Shuo-Han Chen
National Yang Ming Chiao Tung University
Chiy-Ferng Perng
Wistron
Yung-Hsiang Lu
Purdue University
Event Type
Work-in-Progress Poster
TimeWednesday, June 265:00pm - 6:00pm PDT
LocationLevel 2 Lobby
Topics
AI
Autonomous Systems
Cloud
Design
EDA
Embedded Systems
IP
Security
Next PresentationNext Presentation
A Fast IR-drop Modeling for In-RRAM Computing Considering Data Allocation