This paper proposes ReBNet, an end-to-end framework for training reconfigurable binary neural networks on software and developing efficient accelerators execution FPGA. Binary offer intriguing opportunity deploying large-scale deep learning models resource-constrained devices. Binarization reduces the memory footprint replaces power-hungry matrix-multiplication with light-weight XnorPopcount operations. However, suffer from a degraded accuracy compared to their fixed-point counterparts. We...

Advancements in deep learning enable cloud servers to provide inference-as-a-service for clients. In this scenario, clients send their raw data the server run model and back results. One standing challenge setting is ensure privacy of clients' sensitive data. Oblivious inference task running neural network on client's input without disclosing or result server. This paper introduces XONN, a novel end-to-end framework based Yao's Garbled Circuits (GC) protocol, that provides paradigm shift...

We propose a novel end-to-end framework to customize execution of deep neural networks on FPGA platforms. Our employs reconfigurable clustering approach that encodes the parameters in accordance with application's accuracy requirement and underlying platform constraints. The throughput FPGA-based realizations is often bounded by memory access bandwidth. use encoded reduces both required bandwidth computational complexity networks, increasing effective throughput. enables systematic...

Adversarial attacks have exposed the unreliability of machine-learning (ML) models for decision making in autonomous agents. This article discusses recent research ML model assurance face adversarial attacks.

Hyperdimensional (HD) computing is gaining traction as an alternative light-way machine learning approach for cognition tasks. Inspired by the neural activity patterns of brain, HD performs tasks exploiting longsize vectors, namely hypervectors, rather than working with scalar numbers used in conventional computing. Since a hypervector represented thousands dimensions (elements), majority prior work assume binary elements to simplify computation and alleviate processing cost. In this paper,...

Deep neural networks (DNN) have demonstrated effectiveness for various applications such as image processing, video segmentation, and speech recognition. Running state-of-the-art DNNs on current systems mostly relies either generalpurpose processors, ASIC designs, or FPGA accelerators, all of which suffer from data movements due to the limited onchip memory transfer bandwidth. In this work, we propose a novel framework, called RAPIDNN, processes DNN operations within minimize cost movement....

Recent advances in adversarial Deep Learning (DL) have opened up a largely unexplored surface for malicious attacks jeopardizing the integrity of autonomous DL systems. With wide-spread usage critical and time-sensitive applications, including unmanned vehicles, drones, video surveillance systems, online detection inputs is utmost importance. We propose DeepFense, first end-to-end automated framework that simultaneously enables efficient safe execution models. DeepFense formalizes goal...

We propose CLEANN, the first end-to-end framework that enables online mitigation of Trojans for embedded Deep Neural Network (DNN) applications. A Trojan attack works by injecting a backdoor in DNN while training; during inference, can be activated specific trigger. What differentiates CLEANN from prior work is its lightweight methodology which recovers ground-truth class samples without need labeled data, model retraining, or assumptions on trigger attack. leverage dictionary learning and...

We introduce COINN - an efficient, accurate, and scalable framework for oblivious deep neural network (DNN) inference in the two-party setting. In our system, DNN is performed without revealing client's private inputs to server or server's proprietary weights client. To speedup secure while maintaining a high accuracy, we make three interlinked innovations plaintext ciphertext domains: (i) develop new domain-specific low-bit quantization scheme tailored high-efficiency computation, (ii)...

Deep neural networks have been shown to be vulnerable backdoor, or trojan, attacks where an adversary has embedded a trigger in the network at training time such that model correctly classifies all standard inputs, but generates targeted, incorrect classification on any input which contains trigger. In this paper, we present first ultra light-weight and highly effective trojan detection method does not require access training/test data, involve expensive computations, makes no assumptions...

We introduce CAMsure, the first realization of secure Content Addressable Memory (CAM) in context approximate search using near-neighbor algorithms. CAMsure provides a lightweight solution for practical (approximate) with minimal drop accuracy results. CAM has traditionally been used as hardware engine that explores entire memory single clock cycle. However, there little attention to security data stored CAM. Our approach stores distance-preserving hash embeddings within ensure privacy. The...

Automated optimization algorithms are extensively used to search for optimal design parameters in applications ranging from designing compilers and analog circuits crafting embedded machine -learning technology. System is particularly laborious as the pertinent space includes various conflicting objectives a swarm of free parameters. Automating parameter can enhance system quality while ensuring low cost high performance. In this tutorial, we review several recent tools selecting...

This paper explores the application of Binary Neural Networks (BNN) in oblivious inference, a service provided by server to mistrusting clients. Using this service, client can obtain inference result on her data trained model held without disclosing or leaning parameters. We make two contributions field. First, we devise light-weight cryptographic protocols designed specifically exploit unique characteristics BNNs. Second, present dynamic exploration runtime-accuracy tradeoff BNNs...

In the contemporary big data realm, Deep Neural Networks (DNNs) are evolving towards more complex architectures to achieve higher inference accuracy. Model compression techniques can be leveraged efficiently deploy such compute-intensive on resource-limited mobile devices. Such methods comprise various hyper-parameters that require per-layer customization ensure high Choosing is cumbersome as pertinent search space grows exponentially with model layers. This paper introduces GeneCAI, a novel...

This article proposes EncoDeep, an end-to-end framework that facilitates encoding, bitwidth customization, fine-tuning, and implementation of neural networks on FPGA platforms. EncoDeep incorporates nonlinear encoding to the computation flow save memory. The encoded features demand significantly lower storage compared raw full-precision activation values; therefore, execution hardware engine is completely performed within using on-chip streaming buffers with no access off-chip DRAM. We...

Using a vision-inspired keyword spotting framework, we propose an architecture with input-dependent dynamic depth capable of processing streaming audio. Specifically, extend conformer encoder trainable binary gates that allow us to dynamically skip network modules according the input Our approach improves detection and localization accuracy on continuous speech using Librispeech top1000 most frequent words while maintaining small memory footprint. The inclusion also reduces average amount...

Recent advances in adversarial Deep Learning (DL) have opened up a new and largely unexplored surface for malicious attacks jeopardizing the integrity of autonomous DL systems. This article introduces CuRTAIL, novel end-to-end computing framework to characterize thwart potential significantly improve reliability (safety) victim model. We formalize goal preventing as an optimization problem minimize rarely observed regions latent feature space spanned by network. To solve aforementioned...

This paper proposes CodeX, an end-to-end framework that facilitates encoding, bitwidth customization, fine-tuning, and implementation of neural networks on FPGA platforms. CodeX incorporates nonlinear encoding to the computation flow save memory. The encoded features demand significantly lower storage compared raw full-precision activation values; therefore, execution hardware engine is completely performed within using on-chip streaming buffers with no access off-chip DRAM. We further...

Recent advances in adversarial Deep Learning (DL) have opened up a largely unexplored surface for malicious attacks jeopardizing the integrity of autonomous DL systems. With wide-spread usage critical and time-sensitive applications, including unmanned vehicles, drones, video surveillance systems, online detection inputs is utmost importance. We propose DeepFense, first end-to-end automated framework that simultaneously enables efficient safe execution models. DeepFense formalizes goal...

Splitting network computations between the edge device and a server enables low edge-compute inference of neural networks but might expose sensitive information about test query to server. To address this problem, existing techniques train model minimize leakage for given set attributes. In practice, however, queries contain attributes that are not foreseen during training. We propose instead an unsupervised obfuscation method discard irrelevant main task. formulate problem via theoretical...

Tensor decomposition is a promising approach for low-power and real-time application of neural networks on resource-constrained embedded devices. This paper proposes AutoRank, an end-to-end framework customizing network using cross-layer rank-selection. For many-layer networks, determining the optimal ranks cumbersome task. To overcome this challenge, we establish state-action-reward system that effectively absorbs inference accuracy platform specifications into rank-selection policy. Our...

This paper introduces an adaptive sampling methodology for automated compression of Deep Neural Networks (DNNs) accelerated inference on resource-constrained platforms. Modern DNN techniques comprise various hyperparameters that require per-layer customization. Our objective is to locate optimal hyperparameter configuration leads lowest model complexity while adhering a desired accuracy. We design score function evaluates the aforementioned optimality. The optimization problem then...