DRAM-Locker: A General-Purpose DRAM Protection Mechanism Against Adversarial DNN Weight Attacks

Authors

Ranyang Zhou, Newark College of Engineering
Sabbir Ahmed, The Thomas J. Watson College of Engineering and Applied Science
Arman Roohi, UNL College of Engineering
Adnan Siraj Rakin, The Thomas J. Watson College of Engineering and Applied Science
Shaahin Angizi, Newark College of Engineering

Document Type

Conference Proceeding

Publication Date

1-1-2024

Abstract

In this work, we propose DRAM-Locker as a robust general-purpose defense mechanism that can protect DRAM against various adversarial Deep Neural Network (DNN) weight attacks affecting data or page tables. DRAM-Locker harnesses the capabilities of in-DRAM swapping combined with a lock-table to prevent attackers from singling out specific DRAM rows to safeguard DNN's weight parameters. Our results indicate that DRAM-Locker can deliver a high level of protection downgrading the performance of targeted weight attacks to a random attack level. Furthermore, the proposed defense mechanism demonstrates no reduction in accuracy when applied to CIFAR-I0 and CIFAR-100. Importantly, DRAM-Locker does not necessitate any software retraining or result in extra hardware burden.

Identifier

85210067901 (Scopus)

ISBN

[9798350348590]

Publication Title

Proceedings -Design, Automation and Test in Europe, DATE

External Full Text Location

https://doi.org/10.23919/date58400.2024.10546892

ISSN

15301591

Grant

2228028

Fund Ref

National Science Foundation

Recommended Citation

Zhou, Ranyang; Ahmed, Sabbir; Roohi, Arman; Rakin, Adnan Siraj; and Angizi, Shaahin, "DRAM-Locker: A General-Purpose DRAM Protection Mechanism Against Adversarial DNN Weight Attacks" (2024). Faculty Publications. 798.
https://digitalcommons.njit.edu/fac_pubs/798