DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in Memories

8 November 2021

Adnan Siraj Rakin

Md Hafizul Islam Chowdhuryy

Papers citing "DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in Memories"

50 / 56 papers shown

Title
When Mitigations Backfire: Timing Channel Attacks and Defense for PRAC-Based RowHammer Mitigations Jeonghyun Woo Joyce Qu Gururaj Saileshwar Prashant J. Nair 21 0 0 19 May 2025
Threat Modeling for AI: The Case for an Asset-Centric Approach Jose Sanchez Vicarte Marcin Spoczynski Mostafa Elsaid 29 0 0 08 May 2025
Hessian-aware Training for Enhancing DNNs Resilience to Parameter Corruptions Tahmid Hasan Prato Seijoon Kim Lizhong Chen Sanghyun Hong AAML 33 0 0 02 Apr 2025
Understanding and Mitigating Side and Covert Channel Vulnerabilities Introduced by RowHammer Defenses F. Nisa Bostancı Oguzhan Canpolat Ataberk Olgun Ismail Emir Yüksel Mohammad Sadrosadati A. Giray Yağlıkçı O. Mutlu Onur Mutlu AAML 52 0 0 23 Mar 2025
Revisiting DRAM Read Disturbance: Identifying Inconsistencies Between Experimental Characterization and Device-Level Studies Haocong Luo Ismail Emir Yüksel Ataberk Olgun A. Giray Yağlıkçı O. Mutlu 48 1 0 20 Mar 2025
MACPruning: Dynamic Operation Pruning to Mitigate Side-Channel DNN Model Extraction Ruyi Ding Cheng Gongye Davis Ranney A. A. Ding Yunsi Fei AAML 63 0 0 24 Feb 2025
THOR: A Non-Speculative Value Dependent Timing Side Channel Attack Exploiting Intel AMX Farshad Dizani Azam Ghanbari Joshua Kalyanapu Darsh Asher Samira Mirbagher Ajorpaz 57 0 0 24 Feb 2025
A Survey of Model Extraction Attacks and Defenses in Distributed Computing Environments Kaixiang Zhao Lincan Li Kaize Ding Neil Zhenqiang Gong Yue Zhao Yushun Dong AAML 47 0 0 22 Feb 2025
Verification of Bit-Flip Attacks against Quantized Neural Networks Yedi Zhang Lei Huang Pengfei Gao Fu Song Jun Sun Jin Song Dong AAML 47 0 0 22 Feb 2025
Understanding RowHammer Under Reduced Refresh Latency: Experimental Analysis of Real DRAM Chips and Implications on Future Solutions Yahya Can Tugrul A. Giray Yağlıkçı Ismail Emir Yüksel Ataberk Olgun Oguzhan Canpolat Nisa Bostancı Mohammad Sadrosadati Oguz Ergin O. Mutlu 40 2 0 17 Feb 2025
PrisonBreak: Jailbreaking Large Language Models with Fewer Than Twenty-Five Targeted Bit-flips Zachary Coalson Jeonghyun Woo Shiyang Chen Yu Sun Lishan Yang Prashant J. Nair Bo Fang Sanghyun Hong AAML 79 2 0 10 Dec 2024
SoK: A Systems Perspective on Compound AI Threats and Countermeasures Sarbartha Banerjee Prateek Sahu Mulong Luo Anjo Vahldiek-Oberwagner N. Yadwadkar Mohit Tiwari AAML 72 0 0 20 Nov 2024
A Hard-Label Cryptanalytic Extraction of Non-Fully Connected Deep Neural Networks using Side-Channel Attacks Benoît Coqueret Mathieu Carbone Olivier Sentieys Gabriel Zaid AAML MLAU 28 0 0 15 Nov 2024
TEESlice: Protecting Sensitive Neural Network Models in Trusted Execution Environments When Attackers have Pre-Trained Models Ding Li Ziqi Zhang Mengyu Yao Y. Cai Yao Guo Xiangqun Chen FedML 37 2 0 15 Nov 2024
The Early Bird Catches the Leak: Unveiling Timing Side Channels in LLM Serving Systems Linke Song Zixuan Pang Wenhao Wang Zihao Wang XiaoFeng Wang Hongbo Chen Wei Song Yier Jin Dan Meng Rui Hou 48 7 0 30 Sep 2024
IDEA: An Inverse Domain Expert Adaptation Based Active DNN IP Protection Method Chaohui Xu Qi Cui Jinxin Dong Weiyang He Chip-Hong Chang AAML 25 2 0 29 Sep 2024
Say No to Freeloader: Protecting Intellectual Property of Your Deep Model Lianyu Wang M. Wang Huazhu Fu Daoqiang Zhang 37 2 0 23 Aug 2024
DeepBaR: Fault Backdoor Attack on Deep Neural Network Layers Camilo A. Mart´ınez-Mej´ıa Jesus Solano J. Breier Dominik Bucko Xiaolu Hou AAML 32 0 0 30 Jul 2024
Understanding the Security Benefits and Overheads of Emerging Industry Solutions to DRAM Read Disturbance Oguzhan Canpolat A. Giray Yağlıkçı Geraldo F. Oliveira Ataberk Olgun Oguz Ergin Onur Mutlu 21 14 0 27 Jun 2024
An Experimental Characterization of Combined RowHammer and RowPress Read Disturbance in Modern DRAM Chips Haocong Luo Ismail Emir Yüksel Ataberk Olgun A. Giray Yağlıkçı Mohammad Sadrosadati Onur Mutlu 21 4 0 18 Jun 2024
AI Risk Management Should Incorporate Both Safety and Security Xiangyu Qi Yangsibo Huang Yi Zeng Edoardo Debenedetti Jonas Geiping ... Chaowei Xiao Bo-wen Li Dawn Song Peter Henderson Prateek Mittal AAML 43 10 0 29 May 2024
CoMeT: Count-Min-Sketch-based Row Tracking to Mitigate RowHammer at Low Cost F. N. Bostanci Ismail Emir Yüksel Ataberk Olgun Konstantinos Kanellopoulos Yahya Can Tugrul A. G. Yaglikçi Mohammad Sadrosadati Onur Mutlu 28 16 0 29 Feb 2024
Spatial Variation-Aware Read Disturbance Defenses: Experimental Analysis of Real DRAM Chips and Implications on Future Solutions A. G. Yaglikçi Yahya Can Tugrul Geraldo F. Oliveira Ismail Emir Yüksel Ataberk Olgun Haocong Luo Onur Mutlu 27 13 0 28 Feb 2024
Stealing the Invisible: Unveiling Pre-Trained CNN Models through Adversarial Examples and Timing Side-Channels Shubhi Shukla Manaar Alam Pabitra Mitra Debdeep Mukhopadhyay MLAU AAML 29 1 0 19 Feb 2024
SparseLock: Securing Neural Network Models in Deep Learning Accelerators Nivedita Shrivastava S. Sarangi AAML 25 1 0 05 Nov 2023
Like an Open Book? Read Neural Network Architecture with Simple Power Analysis on 32-bit Microcontrollers Raphael Joud Pierre-Alain Moëllic S. Pontié J. Rigaud 11 4 0 02 Nov 2023
Read Disturbance in High Bandwidth Memory: A Detailed Experimental Study on HBM2 DRAM Chips Ataberk Olgun Majd Osseiran A. G. Yaglikçi Yahya Can Tugrul Haocong Luo Steve Rhyner Behzad Salami Juan Gómez Luna Onur Mutlu 18 8 0 23 Oct 2023
ABACuS: All-Bank Activation Counters for Scalable and Low Overhead RowHammer Mitigation Ataberk Olgun Yahya Can Tugrul Nisa Bostanci Ismail Emir Yüksel Haocong Luo Steve Rhyner A. G. Yaglikçi Geraldo F. Oliveira Onur Mutlu 30 18 0 15 Oct 2023
No Privacy Left Outside: On the (In-)Security of TEE-Shielded DNN Partition for On-Device ML Ziqi Zhang Chen Gong Yifeng Cai Yuanyuan Yuan Bingyan Liu Ding Li Yao Guo Xiangqun Chen FedML 37 16 0 11 Oct 2023
Exploring the Horizon: A Comprehensive Survey of Rowhammer Amir Naseredini 11 0 0 10 Oct 2023
Beyond Labeling Oracles: What does it mean to steal ML models? Avital Shafran Ilia Shumailov Murat A. Erdogdu Nicolas Papernot AAML 24 4 0 03 Oct 2023
DeepTheft: Stealing DNN Model Architectures through Power Side Channel Yansong Gao Huming Qiu Zhi-Li Zhang Binghui Wang Hua Ma A. Abuadbba Minhui Xue Anmin Fu Surya Nepal MLAU FedML 30 12 0 21 Sep 2023
Fault Injection and Safe-Error Attack for Extraction of Embedded Neural Network Models Kevin Hector Pierre-Alain Moëllic Mathieu Dumont J. Dutertre SILM MIACV 20 5 0 31 Aug 2023
Fault Injection on Embedded Neural Networks: Impact of a Single Instruction Skip Clément Gaine Pierre-Alain Moëllic O. Potin J. Dutertre AAML SILM 18 1 0 31 Aug 2023
One-bit Flip is All You Need: When Bit-flip Attack Meets Model Training Jianshuo Dong Han Qiu Yiming Li Tianwei Zhang Yuan-Fang Li Zeqi Lai Chao Zhang Shutao Xia AAML 26 13 0 12 Aug 2023
Pareto-Secure Machine Learning (PSML): Fingerprinting and Securing Inference Serving Systems Debopam Sanyal Jui-Tse Hung Manavi Agrawal Prahlad Jasti Shahab Nikkhoo S. Jha Tianhao Wang Sibin Mohan Alexey Tumanov 33 0 0 03 Jul 2023
RowPress: Amplifying Read Disturbance in Modern DRAM Chips Haocong Luo Ataberk Olgun A. G. Yaglikçi Yahya Can Tugrul Steve Rhyner Meryem Banu Cavlak Joel Lindegger Mohammad Sadrosadati O. Mutlu 17 52 0 29 Jun 2023
Retrospective: Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors O. Mutlu 13 576 0 28 Jun 2023
Extracting Cloud-based Model with Prior Knowledge S. Zhao Kangjie Chen Meng Hao Jian Zhang Guowen Xu Hongwei Li Tianwei Zhang AAML MIACV SILM MLAU SLR 25 5 0 07 Jun 2023
An Experimental Analysis of RowHammer in HBM2 DRAM Chips Ataberk Olgun Majd Osseiran A. G. Yaglikçi Yahya Can Tugrul Haocong Luo Steve Rhyner Behzad Salami Juan Gómez Luna O. Mutlu 19 15 0 29 May 2023
Evaluation of Parameter-based Attacks against Embedded Neural Networks with Laser Injection Mathieu Dumont Kevin Hector Pierre-Alain Moëllic J. Dutertre S. Pontié AAML 18 2 0 25 Apr 2023
DNN-Alias: Deep Neural Network Protection Against Side-Channel Attacks via Layer Balancing Mahya Morid Ahmadi Lilas Alrahis Ozgur Sinanoglu Muhammad Shafique AAML 21 7 0 12 Mar 2023
Aegis: Mitigating Targeted Bit-flip Attacks against Deep Neural Networks Jialai Wang Ziyuan Zhang Meiqi Wang Han Qiu Tianwei Zhang Qi Li Zongpeng Li Tao Wei Chao Zhang AAML 17 20 0 27 Feb 2023
Fundamentally Understanding and Solving RowHammer O. Mutlu Ataberk Olgun A. G. Yaglikçi 14 49 0 14 Nov 2022
DRAM Bender: An Extensible and Versatile FPGA-based Infrastructure to Easily Test State-of-the-art DRAM Chips Ataberk Olgun Hasan Hassan A. G. Yaglikçi Yahya Can Tugrul Lois Orosa Haocong Luo Minesh Patel Oguz Ergin O. Mutlu 26 37 0 10 Nov 2022
Machine Learning with Confidential Computing: A Systematization of Knowledge Fan Mo Zahra Tarkhani Hamed Haddadi 32 8 0 22 Aug 2022
On the Evaluation of User Privacy in Deep Neural Networks using Timing Side Channel Shubhi Shukla Manaar Alam Sarani Bhattacharya Debdeep Mukhopadhyay Pabitra Mitra AAML 17 2 0 01 Aug 2022
Revealing Secrets From Pre-trained Models Mujahid Al Rafi Yuan Feng Hyeran Jeon 13 0 0 19 Jul 2022
I Know What You Trained Last Summer: A Survey on Stealing Machine Learning Models and Defences Daryna Oliynyk Rudolf Mayer Andreas Rauber 36 106 0 16 Jun 2022
NeuroUnlock: Unlocking the Architecture of Obfuscated Deep Neural Networks Mahya Morid Ahmadi Lilas Alrahis Alessio Colucci Ozgur Sinanoglu Muhammad Shafique AAML 24 8 0 01 Jun 2022