Session Chair: Mardani Kamali, University of Florida

Tuesday, June 28, 2022 | Time: 11:00 - 12:00

Location: Int'l Ballroom C

• 103. NeurObfuscator: A Full-stack Obfuscation Tool to Mitigate Neural Architecture Stealing
  Jingtao Li, Zhezhi He, Adnan Siraj Rakin, Deliang Fan and Chaitali Chakrabarti
  Abstract: Neural network stealing attacks have posed grave threats to neural network model deployment. Such attacks can be launched by extracting neural architecture information, such as layer sequence and dimension parameters, through leaky sidechannels. To mitigate such attacks, we propose NeurObfuscator, a full-stack obfuscation tool to obfuscate the neural network architecture while preserving its functionality with very limited performance overhead. At the heart of this tool is a set of obfuscating knobs, including layer branching, layer widening, selective fusion and schedule pruning, that increase the number of operators, reduce/increase the latency, and number of cache and DRAM accesses. A genetic algorithm-based approach is adopted to orchestrate the combination of obfuscating knobs to achieve the best obfuscating effect on the layer sequence and dimension parameters so that the architecture information cannot be successfully extracted. Results on sequence obfuscation show that the proposed tool obfuscates a ResNet-18 ImageNet model to a totally different architecture (with 44 layer difference) without affecting its functionality with only 2% overall latency overhead. For dimension obfuscation, we demonstrate that an example convolution layer with 64 input and 128 output channels can be obfuscated to generate a layer with 207 input and 93 output channels with only a 2% latency overhead.


• 122. Fun-SAT: Functional Corruptibility-Guided SAT-Based Attack on Sequential Logic Encryption
  Yinghua Hu, Yuke Zhang, Kaixin Yang, Dake Chen, Peter A. Beerel and Pierluigi Nuzzo
  Abstract: The SAT attack has shown to be efficient against most combinational logic encryption methods. It can be extended to attack sequential logic encryption techniques by leveraging circuit unrolling and model checking methods. However, with no guidance on the number of times that a circuit needs to be unrolled to find the correct key, the attack tends to solve many time-consuming Boolean satisfiability (SAT) and model checking problems, which can significantly hamper its efficiency. In this paper, we introduce Fun-SAT, a functional corruptibility-guided SAT-based attack that can significantly decrease the SAT solving and model checking time of a SAT-based attack on sequential encryption by efficiently estimating the minimum required number of circuit unrollings. Fun-SAT relies on a notion of functional corruptibility for encrypted sequential circuits and its relationship with the required number of circuit unrollings in a SAT-based attack. Numerical results show that Fun-SAT can be, on average, 90× faster than previous attacks against state-of-theart encryption methods, when both attacks successfully complete before a one-day time-out. Moreover, Fun-SAT completes before the time-out on many more circuits.


• 124. JANUS: Boosting Logic Obfuscation Scope Through Reconfigurable FSM Synthesis
  Leon Li, Shuyi Ni and Alex Orailoglu
  Abstract: Logic obfuscation has been proposed as a countermeasure against supply chain threats such as overproduction and IP piracy. However, the functional corruption it offers can be exploited by oracle-guided pruning attacks to recover the obfuscation key, forcing existing logic obfuscation methods to trivialize their output corruption which in turn leads to a diminished protection scope. In this paper, we address this quandary through an FSM obfuscation methodology that delivers obfuscation scope not only through external secrets but more importantly through inherent state transition patterns. We leverage a minimum-cut graph partitioning algorithm to divide the FSM diagram and implement the resulting partitions with distinct FF configurations, enabled by a novel synthesis methodology supporting reconfigurable FFs. The obfuscated FSM can be activated by invoking key values to dynamically switch the FF configuration at a small number of inter-partition transitions. Yet, the overall obfuscation scope comprises far more intra-partition transitions which are driven solely by the inherent transition sequences and thus reveal no key trace. We validate the security of the proposed obfuscation method against numerous functional and structural attacks. Experimental results confirm its delivery of extensive obfuscation scope at marginal overheads