As ML and AI techniques are widely deployed, they will be subject to attacks from determined adversaries, much like modern software systems. These attacks range from maliciously backdoored neural networks (BadNets) or adversarially generated inputs that cause targeted misclassifications, leading the network to identify a stop sign as a speed-limit sign for example. Further, neural networks are frequently trained and executed in the cloud, introducing further security concerns. In our work, we are identifying and developing new techniques to address these emerging security vulnerabilities.
The increasing power density with technology scaling, coupled with a thermally-constrained constant power budget has given rise to the so-called "dark silicon" problem - although we can integrate unprecedented numbers of transistors on a chip, not all can be simultaneously powered on. It has been suggested that in a few years, more than half the chip will have to be kept dark to stay within the power budget. We are investigating hardware and software solutions to address the dark silicon challenge.
We are investigating techniques to secure semiconductor chips against malicious attacks at the hardware level that seek to alter the chip's functionality or leak secret information stored in hardware. These emerging attack surfaces include hardware Trojan insertion, IC counterfeiting and reverse engineering. The figure shows one such solution - "split manufacturing."
Welcome to the EnSuRe research group website. We are part of the Electrical and Computer Engineering Department at New York University. Our research focuses on computer hardware, including electronic design automation (EDA) and micro-architectural solutions for energy-efficient (En), secure (Su), and reliable (Re) computing. We are always looking for talented students to join our group - if you are interested please e-mail Prof. Siddharth Garg.
2018-03-12 22:55
2016-10-10 21:10
2016-10-10 21:05
Siddharth Garg
Phone: 718 260 3656
Email: sg175@nyu.edu
Office: 2 MetroTech, 10.076
