TL;DR
This paper introduces a novel hardware-software co-designed method using genetic XOR encryption to protect the intellectual property of spiking neural networks on RRAM-based neuromorphic accelerators, achieving minimal encryption overhead and significant energy savings.
Contribution
It presents a new secure encryption scheme tailored for SNNs, combining genetic algorithms and XOR encryption with a low-energy, zero-latency hardware decryption module.
Findings
Encrypts only 0.00005% to 0.016% of weights, ensuring security.
Reduces energy consumption by 59 to 6780 times.
Lowers decryption latency by 175 to 4250 times.
Abstract
Biologically plausible Spiking Neural Networks (SNNs), characterized by spike sparsity, are growing tremendous attention over intellectual edge devices and critical bio-medical applications as compared to artificial neural networks (ANNs). However, there is a considerable risk from malicious attempts to extract white-box information (i.e., weights) from SNNs, as attackers could exploit well-trained SNNs for profit and white-box adversarial concerns. There is a dire need for intellectual property (IP) protective measures. In this paper, we present a novel secure software-hardware co-designed RRAM-based neuromorphic accelerator for protecting the IP of SNNs. Software-wise, we design a tailored genetic algorithm with classic XOR encryption to target the least number of weights that need encryption. From a hardware perspective, we develop a low-energy decryption module, meticulously…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
