Xiaolu Hou scite author profile

As deep learning systems are widely adopted in safety-and securitycritical applications, such as autonomous vehicles, banking systems, etc., malicious faults and attacks become a tremendous concern, which potentially could lead to catastrophic consequences. In this paper, we initiate the first study of leveraging physical fault injection attacks on Deep Neural Networks (DNNs), by using laser injection technique on embedded systems. In particular, our exploratory study targets four widely used activation functions in DNNs development, that are the general main building block of DNNs that creates non-linear behaviors -ReLu, softmax, sigmoid, and tanh. Our results show that by targeting these functions, it is possible to achieve a misclassification by injecting faults into the hidden layer of the network. Such result can have practical implications for realworld applications, where faults can be introduced by simpler means (such as altering the supply voltage).

show abstract

Hilbert spaces of entire Dirichlet series and composition operators

Hou

Khoi

2013

Journal of Mathematical Analysis and Applications

View full text Add to dashboard Cite

On LCD codes and lattices

Hou

Oggier

2016

View full text Add to dashboard Cite

LCD (linear complimentary dual) codes are linear codes that trivially intersect their duals. We address the question of an equivalent concept for lattices. We observe basic properties of the intersection of a lattice with its dual, and consider the construction of lattices from LCD codes using Construction A. Lattices obtained from the intersection of a code with its dual via Construction A are further discussed.

show abstract

SNIFF: Reverse Engineering of Neural Networks with Fault Attacks

Breier¹,

Jap

Hou

et al. 2020

Preprint

View full text Add to dashboard Cite

Neural networks have been shown to be vulnerable against fault injection attacks. These attacks change the physical behavior of the device during the computation, resulting in a change of value that is currently being computed. They can be realized by various fault injection techniques, ranging from clock/voltage glitching to application of lasers to rowhammer. In this paper we explore the possibility to reverse engineer neural networks with the usage of fault attacks. SNIFF stands for sign bit flip fault, which enables the reverse engineering by changing the sign of intermediate values. We develop the first exact extraction method on deep-layer feature extractor networks that provably allows the recovery of the model parameters. Our experiments with Keras library show that the precision error for the parameter recovery for the tested networks is less than 10 −13 with the usage of 64-bit floats, which improves the current state of the art by 6 orders of magnitude. Additionally, we discuss the protection techniques against fault injection attacks that can be applied to enhance the fault resistance.

show abstract

Construction and secrecy gain of a family of 5-modular lattices

Hou

Lin

Oggier

2014

View full text Add to dashboard Cite

The secrecy gain of a lattice is a lattice invariant used to characterize wiretap lattice codes for Gaussian channels. The secrecy gain has been classified for unimodular lattices up to dimension 23, and so far, a few sparse examples are known for lmodular lattices, with l = 2, 3. We propose some constructions of 5-modular lattices via the Construction A of lattices from linear codes, and study the secrecy gain of the resulting lattices.

show abstract

On Evaluating Fault Resilient Encoding Schemes in Software

Breier¹,

Hou²,

Liu

2021

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Cryptographic implementations are often vulnerable against physical attacks, fault injection analysis being among the most popular techniques. On par with development of attacks, the area of countermeasures is advancing rapidly, utilizing both hardware-and software-based approaches. When it comes to software encoding countermeasures for fault protection and their evaluation, there are very few proposals so far, mostly focusing on single operations rather than cipher as a whole. In this paper we propose an evaluation framework that can be used for analyzing the effectivity of software encoding countermeasures against fault attacks. We first formalize the encoding schemes in software, helping us to define what properties are required when designing a fault protection. Based on these findings, we develop an evaluation metric that can be used universally to determine the robustness of a software encoding scheme against bit flip faults and instruction skips. We provide a way to select a code according to user criteria and also a dynamic code analysis method to estimate the level of protection of assembly implementations using encoding schemes. Finally, we verify our findings by implementing a block cipher PRESENT, protected by encoding scheme based on anticodes, and provide a detailed evaluation of this implementation using different codes.

show abstract

Fault Attacks Made Easy: Differential Fault Analysis Automation on Assembly Code

Breier¹,

Hou

Liu

2018

TCHES

View full text Add to dashboard Cite

Over the past decades, fault injection attacks have been extensively studied due to their capability to efficiently break cryptographic implementations. Fault injection attack models are normally determined by analyzing the cipher structure and finding exploitable spots in non-linear and permutation layers. However, this level of abstraction is often too high to distinguish vulnerable parts of software implementations, due to specific operations and optimizations. On the other hand, manually analyzing the assembly code requires non-negligible amount of time and expertise. In this paper, we propose an automated approach for analyzing cipher implementations in assembly. We represent the whole assembly program as a data flow graph so that the vulnerable spots can be found efficiently. Fault propagation is analyzed in a subgraph constructed from each vulnerable spot, allowing equations for Differential Fault Analysis (DFA) to be automatically generated. We have created a tool that implements our approach: DATAC – DFA Automation Tool for Assembly Code. We have successfully used this tool for attacking PRESENT- 80, being able to find implementation-specific vulnerabilities that can be exploited in order to recover the last round key with 16 faults. Our results show that DATAC is useful in finding attack spots that are not visible from the cipher structure, but can be easily exploited when dealing with real-world implementations.

show abstract

Feeding Two Cats with One Bowl: On Designing a Fault and Side-Channel Resistant Software Encoding Scheme

Breier

Hou

2017

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Xiaolu Hou

Practical Fault Attack on Deep Neural Networks

Hilbert spaces of entire Dirichlet series and composition operators

On LCD codes and lattices

SNIFF: Reverse Engineering of Neural Networks with Fault Attacks

Construction and secrecy gain of a family of 5-modular lattices

On Evaluating Fault Resilient Encoding Schemes in Software

Fault Attacks Made Easy: Differential Fault Analysis Automation on Assembly Code

Feeding Two Cats with One Bowl: On Designing a Fault and Side-Channel Resistant Software Encoding Scheme

Contact Info

Product

Resources

About