| Title | How to Stealthily Poison Neural Network Chips in the Supply Chain | |
| Date | Thursday July 05 2018, @09:06AM | |
| Author | Fnord666 | |
| Topic | ||
| from the confusing-the-AI dept. | ||
Submitted via IRC for BoyceMagooglyMonkey
Computer boffins have devised a potential hardware-based Trojan attack on neural network models that could be used to alter system output without detection.
Adversarial attacks on neural networks and related deep learning systems have received considerable attention in recent years due to the growing use of AI-oriented systems.
The researchers – doctoral student Joseph Clements and assistant professor of electrical and computer engineering Yingjie Lao at Clemson University in the US – say that they've come up with a novel threat model by which an attacker could maliciously modify hardware in the supply chain to interfere with the output of machine learning models run on the device.
[...] "Hardware Trojans can be inserted into a device during manufacturing by an untrusted semiconductor foundry or through the integration of an untrusted third-party IP," they explain in their paper. "Furthermore, a foundry or even a designer may possibly be pressured by the government to maliciously manipulate the design for overseas products, which can then be weaponized."
The purpose of such deception, the researchers explain, would be to introduce hidden functionality – a Trojan – in chip circuitry. The malicious code would direct a neural network to classify a selected input trigger in a specific way while remaining undetectable in test data.
Source: https://www.theregister.co.uk/2018/06/19/hardware_trojans_ai/
| Links |
printed from SoylentNews, How to Stealthily Poison Neural Network Chips in the Supply Chain on 2024-04-27 07:26:30