TL;DR
This paper introduces methods to analyze the execution environment of deep neural network pipelines by detecting numerical deviations in outputs, enabling forensic identification of hardware platforms and machine-specific signatures.
Contribution
It presents novel techniques for inferring hardware and environment properties of neural network inference pipelines through numerical deviation analysis and boundary sample creation.
Findings
Proof-of-concept experiments on local and cloud machines validate the approach.
Numerical deviations can be used to identify hardware platforms.
Boundary samples effectively amplify deviations for machine differentiation.
Abstract
We propose methods to infer properties of the execution environment of machine learning pipelines by tracing characteristic numerical deviations in observable outputs. Results from a series of proof-of-concept experiments obtained on local and cloud-hosted machines give rise to possible forensic applications, such as the identification of the hardware platform used to produce deep neural network predictions. Finally, we introduce boundary samples that amplify the numerical deviations in order to distinguish machines by their predicted label only.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
