2024-04-23 マサチューセッツ工科大学(MIT)
A new chip can efficiently accelerate machine-learning workloads on edge devices like smartphones while protecting sensitive user data from two common types of attacks — side-channel attacks and bus-probing attacks.
Image: Chip figure courtesy of the researchers; MIT News; iStock.
健康管理アプリは、スマートフォンを使って慢性病の管理やフィットネス目標の達成を支援しますが、大規模な機械学習モデルのデータ転送が遅く、エネルギー効率が悪いことが課題です。MITとMIT-IBM Watson AI Labの研究者は、一般的な攻撃に耐性のある機械学習アクセラレーターを開発しました。このチップは、高いセキュリティを提供しつつ、デバイス上で大規模なAIモデルを効率的に動作させることができます。攻撃を防ぐために、データをランダムに分割して暗号化し、キーをチップ内で生成します。セキュリティ強化により若干のエネルギー効率低下やコスト増加が生じますが、研究者はさらなる最適化を目指しています。
<関連情報>
- https://news.mit.edu/2024/tiny-chip-safeguards-user-data-while-enabling-efficient-computing-0423
- https://ieeexplore.ieee.org/document/10529033
サイドチャネル攻撃とバス・プロービング攻撃を防御するセキュアなデジタル・インメモリ・コンピュート(IMC)マクロ A Secure Digital In-Memory Compute (IMC) Macro with Protections for Side-Channel and Bus Probing Attacks
Maitreyi Ashok; Saurav Maji; Xin Zhang; John Cohn; Anan…
2024 IEEE Custom Integrated Circuits Conference Date Added to IEEE Xplore: 15 May 2024
DOI:https://doi.org/10.1109/CICC60959.2024.10529033
Abstract
Machine learning (ML) accelerators provide energy efficient neural network (NN) implementations for applications such as speech recognition and image processing. Recently, digital IMC has been proposed to reduce data transfer energy, while still allowing for higher bitwidths and accuracies necessary for many workloads, especially with technology scaling [1], [2]. Privacy of ML workloads can be exploited with physical side-channel attacks (SCAs) or bus probing attacks (BPAs) [3] (Fig. 1). While SCAs correlate IC power consumption or EM emissions to data or operations, BPAs directly tap traces between the IC and off-chip memory. The inputs reflect private data collected on loT devices, such as images of faces. The weights, typically stored off-chip, reveal information about proprietary private training datasets. This work presents the first IMC macro protected against SCAs and BPAs to mitigate these risks.