Learning to Reverse DNNs from AI Programs Automatically

Simin Chen; Hamed Khanpour; Cong Liu; Wei Yang

arXiv:2205.10364·cs.LG·December 6, 2022·6 cites

Learning to Reverse DNNs from AI Programs Automatically

Simin Chen, Hamed Khanpour, Cong Liu, Wei Yang

PDF

Open Access

TL;DR

This paper introduces NNReverse, a learning-based approach that automatically reverses DNNs from AI programs' binary code, enhancing security analysis without requiring domain expertise.

Contribution

NNReverse is the first method to automatically reverse DNNs from AI programs using a learned semantic representation of binary code.

Findings

01

Successfully infers DNN layer types from binary code

02

Uses a fine-grained embedding model for assembly semantics

03

Achieves high accuracy in DNN reverse engineering

Abstract

With the privatization deployment of DNNs on edge devices, the security of on-device DNNs has raised significant concern. To quantify the model leakage risk of on-device DNNs automatically, we propose NNReverse, the first learning-based method which can reverse DNNs from AI programs without domain knowledge. NNReverse trains a representation model to represent the semantics of binary code for DNN layers. By searching the most similar function in our database, NNReverse infers the layer type of a given function's binary code. To represent assembly instructions semantics precisely, NNReverse proposes a more fine-grained embedding model to represent the textual and structural-semantic of assembly functions.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsAdvanced Malware Detection Techniques · Ferroelectric and Negative Capacitance Devices · Security and Verification in Computing