Bachelor Thesis: Side channel attack on HDC Accelerators

Description:

Hardware security includes side-channel and fault attacks, which have recently expanded to machine learning accelerators, particularly those accelerated on FPGAs. Since machine learning models are often applied in critical areas such as autonomous driving or medical devices, the results they produce can have important safety implications. This makes it essential to ensure hardware-level protection of these accelerators.

Hyperdimensional Computing (HDC) is an emerging machine learning approach, especially suited for classification tasks on low-power, hardware-restricted devices like IoT edge devices, where processing needs to happen locally.

This project focuses on analyzing new side-channel and fault attack vulnerabilities in HDC, with an emphasis on causing misclassification. This topic hasn't been widely covered in existing research, and there are multiple opportunities to work on.

In this role, you'll first get hands-on experience with HDC implemented on hardware, and gain a deep understanding of how side-channel attacks work on FPGAs. Once you got the basic ideas and approaches, attacking the device can be started on the real models and FPGA devices. You will have the opportunity to integrate sensors into the FPGA with IP and experiment with various attack techniques on HDC to induce misclassification or any other attacks that you want.

 

Minimum Requirements:

Some familiarity with both hardware design and machine learning
Basic knowledge of hardware description languages (VHDL preferred, Verilog is also fine)
Great passion and drive to explore different attack models, and strategies on different HDC configurations
Experience with PyTorch, and Python (for training the models)
Preliminary experience with Xilinx Vivado

 

Contact:

Mahboobe Sadeghipourrudsari
Vincent Meyers