# CheckNet: Secure Inference on Untrusted Devices

**Authors:** Marcus Comiter, Surat Teerapittayanon, H.T. Kung

arXiv: 1906.07148 · 2019-06-18

## TL;DR

CheckNet is a novel method that verifies the integrity of neural network inference on untrusted devices, ensuring correctness and detecting manipulation with high accuracy, without hardware changes or significant performance impact.

## Contribution

It introduces a universal, hardware-agnostic checksum approach for secure inference, providing configurable security levels and validated through empirical and theoretical analysis.

## Key findings

- Achieves 0.88-0.99 AUC in attack detection
- Works with all neural network types
- Adds minimal overhead and no hardware requirements

## Abstract

We introduce CheckNet, a method for secure inference with deep neural networks on untrusted devices. CheckNet is like a checksum for neural network inference: it verifies the integrity of the inference computation performed by untrusted devices to 1) ensure the inference has actually been performed, and 2) ensure the inference has not been manipulated by an attacker. CheckNet is completely transparent to the third party running the computation, applicable to all types of neural networks, does not require specialized hardware, adds little overhead, and has negligible impact on model performance. CheckNet can be configured to provide different levels of security depending on application needs and compute/communication budgets. We present both empirical and theoretical validation of CheckNet on multiple popular deep neural network models, showing excellent attack detection (0.88-0.99 AUC) and attack success bounds.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1906.07148/full.md

## Figures

7 figures with captions in the complete paper: https://tomesphere.com/paper/1906.07148/full.md

## References

11 references — full list in the complete paper: https://tomesphere.com/paper/1906.07148/full.md

---
Source: https://tomesphere.com/paper/1906.07148