Security of Neural Networks from Hardware Perspective: A Survey and Beyond

Recent advances in neural networks (NNs) and their applications in deep learning techniques have made the security aspects of NNs an important and timely topic for fundamental research. In this paper, we survey the security challenges and opportunities in the computing hardware used in implementing deep neural networks (DNN). First, we explore the hardware attack surfaces for DNN. Then, we report the current state-of-the-art hardware-based attacks on DNN with focus on hardware Trojan insertion, fault injection, and side-channel analysis. Next, we discuss the recent development on detecting these hardware-oriented attacks and the corresponding countermeasures. We also study the application of secure enclaves for the trusted execution of NN-based algorithms. Finally, we consider the emerging topic of intellectual property protection for deep learning systems. Based on our study, we find ample opportunities for hardware based research to secure the next generation of DNN-based artificial intelligence and machine learning platforms.