BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Sponge Examples: Energy-Latency Attacks on Neural Networks - Ilia 
 Shumailov
DTSTART:20201013T121500Z
DTEND:20201013T131500Z
UID:TALK152782@talks.cam.ac.uk
CONTACT:Mateja Jamnik
DESCRIPTION:"Join us on Zoom":https://zoom.us/j/99166955895?pwd=SzI0M3pMVE
 kvNmw3Q0dqNDVRalZvdz09\n\nThe high energy costs of neural network training
  and inference led to the use of acceleration hardware such as GPUs and TP
 Us. While this enabled us to train largescale neural networks in datacente
 rs and deploy them on edge devices\, the focus so far is on average-case p
 erformance. In this work\, we introduce a novel threat vector against neur
 al networks whose energy consumption or decision latency are critical. We 
 show how adversaries can exploit carefully crafted sponge examples\, which
  are inputs designed to maximise energy consumption and latency. We mount 
 two variants of this attack on established vision and language models\, in
 creasing energy consumption by a factor of 10 to 200. Our attacks can also
  be used to delay decisions where a network has critical real-time perform
 ance\, such as in perception for autonomous vehicles. We demonstrate the p
 ortability of our malicious inputs across CPUs and a variety of hardware a
 ccelerator chips including GPUs\, and an ASIC simulator. We conclude by pr
 oposing a defense strategy which mitigates our attack by shifting the anal
 ysis of energy consumption in hardware from an average-case to a worst-cas
 e perspective.
LOCATION:Zoom
END:VEVENT
END:VCALENDAR