Files and links (1)
Preprint (Author's original)arXiv.org - Non-exclusive license to distribute, Open
Preprint
Older and Wiser: The Marriage of Device Aging and Intellectual Property Protection of Deep Neural Networks
arXiv.org
21 Jun 2024
Abstract
Deep neural networks (DNNs), such as the widely-used GPT-3 with billions of
parameters, are often kept secret due to high training costs and privacy
concerns surrounding the data used to train them. Previous approaches to
securing DNNs typically require expensive circuit redesign, resulting in
additional overheads such as increased area, energy consumption, and latency.
To address these issues, we propose a novel hardware-software co-design
approach for DNN intellectual property (IP) protection that capitalizes on the
inherent aging characteristics of circuits and a novel differential orientation
fine-tuning (DOFT) to ensure effective protection. Hardware-wise, we employ
random aging to produce authorized chips. This process circumvents the need for
chip redesign, thereby eliminating any additional hardware overhead during the
inference procedure of DNNs. Moreover, the authorized chips demonstrate a
considerable disparity in DNN inference performance when compared to
unauthorized chips. Software-wise, we propose a novel DOFT, which allows
pre-trained DNNs to maintain their original accuracy on authorized chips with
minimal fine-tuning, while the model's performance on unauthorized chips is
reduced to random guessing. Extensive experiments on various models, including
MLP, VGG, ResNet, Mixer, and SwinTransformer, with lightweight binary and
practical multi-bit weights demonstrate that the proposed method achieves
effective IP protection, with only 10\% accuracy on unauthorized chips, while
preserving nearly the original accuracy on authorized ones.
Metrics
9 Record Views
Details
- Title
- Older and Wiser: The Marriage of Device Aging and Intellectual Property Protection of Deep Neural Networks
- Creators
- Ning LinShaocong WangYue ZhangYangu HeKwunhang WongArindam BasuDashan ShangXiaoming ChenZhongrui Wang
- Publication Details
- arXiv.org
- Resource Type
- Preprint
- Language
- English
- Academic Unit
- Computer Science (Computing)
- Other Identifier
- 991021889462904721