HammerDodger: A Lightweight Defense Framework against RowHammer Attack on DNNs
- Resource Type
- Conference
- Authors
- Gongye, Cheng; Luo, Yukui; Xu, Xiaolin; Fei, Yunsi
- Source
- 2023 60th ACM/IEEE Design Automation Conference (DAC) Design Automation Conference (DAC), 2023 60th ACM/IEEE. :1-6 Jul, 2023
- Subject
- Components, Circuits, Devices and Systems
Computing and Processing
Engineering Profession
Design automation
Artificial neural networks
Predictive models
Security
Monitoring
Neural networks
Computer security
Fault protection
- Language
RowHammer attacks have become a serious security problem on deep neural networks (DNNs). Some carefully induced bit-flips degrade the prediction accuracy of DNN models to random guesses. This work proposes a lightweight defense framework that detects and mitigates adversarial bit-flip attacks. We employ a dynamic channel-shuffling obfuscation scheme to present moving targets to the attack, and develop a logits-based model integrity monitor with negligible performance loss. The parameters and architecture of DNN models remain unchanged, which ensures lightweight deployment and makes the framework compatible with commodity models. We demonstrate that our framework can protect various DNN models against RowHammer attacks.