Artificial intelligence is progressing ever faster with new applications and results that would not be possible only a few years ago. At the same time, hardware security is becoming increasingly important for embedded systems applications where the number of such applications keeps on growing. The connection between AI and hardware security is becoming more prominent. Today, there are numerous applications where AI has either an offensive or defensive role for HW security. AIHWS aims to position itself in the intersection of these topics and provide a space where ideas converge into exciting new approaches for HW security. This workshop will provide an environment for researchers from academic and industrial domains to discuss findings and on-going work on all aspects of hardware security and artificial intelligence including design, attacks, manufacturing, testing, validation, utilization.
We encourage researchers working on all aspects of AI and HW security to take the opportunity and use AIHWS to share their work and participate in discussions.
The authors are invited to submit the papers using EasyChair submission system. The link for submission will be posted later.
Every accepted paper must have at least one author registered for the workshop. All submissions must follow the original LNCS format with a page limit of 18 pages, including references and possible appendices. Papers should be submitted electronically in PDF format. The post-proceedings will be published by Springer in the LNCS series.
The best workshop paper award is selected from all workshops. Each workshop nominates a candidate paper, and the winning paper is selected among them.
Workshop paper submission deadline: Apr 16, 2021
previously Mar 27, 2021
Workshop paper notification: May 8, 2021
previously Apr 27, 2021
Camera-ready papers for pre-proceedings: May 15, 2021
previously May 10, 2021
Workshop date: June 21, 2021
Indian Institute of Technology, Kharagpur1
ES&S - imec-COSIC, ESAT, KU Leuven, Belgium1, EAVISE - PSI, ESAT, KU Leuven, Belgium2, LIACS, Leiden University, The Netherlands3
Ritsumeikan University, Shiga, Japan1
Radboud University, Nijmegen, The Netherlands1, Delft University of Technology, The Netherlands2, Riscure BV, The Netherlands3
Delft University of Technology, The Netherlands1
Mitsubishi Electric Corporation, Japan1, Ritsumeikan University, Japan2
In an era characterized by increasing cybersecurity threats, we have witnessed the ever-continuing competition between system designers/manufacturers and adversaries that maliciously break the security of systems. This is partially due to the lack of systematic and provable methods, which can assess the security of a system. This lack of methods is present despite the existence of well-known and acknowledged frameworks developed in cryptography and its “sister field”, i.e., machine learning. This talk aims to explore the close relationship between machine learning and cryptography and provide examples of physical systems, whose security can be assessed from the point of view of machine learning.
Fatemeh Ganji is an assistant professor at the ECE and Cybersecurity departments of Worcester Polytechnic Institute (WPI). Before joining WPI, Fatemeh was a Post Doctoral Associate at the University of Florida (from 2018-2020) and at the Telecom Innovation Laboratories/Technical University of Berlin (from 2017-2018). For her dissertation with the title “On the Learnability of Physically Unclonable Functions”, she was awarded the BIMoS Ph.D. Award 2018 and nominated by the Technical University of Berlin for ACM Dissertation Award. Fatemeh’s research focuses on interdisciplinary approaches covering two main angles of hardware security, namely machine learning and cryptography.
The program starts at 11:45 pm, CEST time (UTC + 2).
|11:45 - 12:00||Welcome note from the organizers|
|Session 1: Security of AI
12:00 - 14:15
|12:00 - 13:00||Keynote talk 1: Internet of Threats: Federated Anomaly Detection in IoT and Challenges
Ahmad-Reza Sadeghi, TU Darmstadt, Germany
|13:00 - 13:25||Towards Trained Model Confidentiality and Integrity using Trusted Execution Environments
Tsunato Nakai, Daisuke Suzuki and Takeshi Fujino
|13:25 - 13:50||Model Evasion Attacks Against Partially Encrypted Deep Neural Networks in Isolated Execution Environment
Kota Yoshida and Takeshi Fujino
|13:50 - 14:15||On Reverse Engineering Neural Network Implementation on GPU
Łukasz Chmielewski and Léo Weissbart
|14:15 - 15:00||Break|
|Session 2: AI for Security
15:00 - 17:15
|15:00 - 16:00||Keynote talk 2: Machine Learning for Hardware Security: Standing on the Shoulders of Giants
Fatemeh Ganji, Worcester Polytechnic Institute, USA
|16:00 - 16:25||A Good Anvil Fears No Hammer: Automated Rowhammer Detection using Unsupervised Deep Learning
Anirban Chakraborty, Manaar Alam and Debdeep Mukhopadhyay
|16:25 - 16:50||On the Importance of Pooling Layer Tuning for Profiling Side-channel Analysis
Lichao Wu and Guilherme Perin
|16:50 - 17:15||Towards Real-Time Deep Learning-based Network Intrusion Detection on FPGA
Laurens Le Jeune, Toon Goedemé and Nele Mentens
|17:15 - 17:30||Farewell and discussion for future editions of AIHWS|
Shivam Bhasin, Nanyang Technological University, Singapore
Ileana Buhan, Radboud University, The Netherlands
Lukasz Chmielewski, Radboud University, and Riscure, The Netherlands
Chitchanok Chuengsatiansup, The University of Adelaide, Australia
Elena Dubrova, KTH Royal Institute of Technology, Sweden
Fatemeh Ganji, Worcester Polytechnic Institute, United States
Julio Hernandez-Castro, University of Kent, United Kingdom
Naofumi Homma, Tohoku University, Japan
Dirmanto Jap, Nanyang Technological University, Singapore
Alan Jović, University of Zagreb, Croatia
Liran Lerman, Thales, Belgium
Eleonora Losiouk, University of Padova, Italy
Luca Mariot, TU Delft, The Netherlands
Nele Mentens, Leiden University, The Netherlands, and KU Leuven, Belgium
Debdeep Mukhopadhyay, IIT Kharagpur, India
Kostas Papagiannopoulos, Radboud University, The Netherlands
Kazuo Sakiyama, The University of Electro-Communications, Japan
Shahin Tajik, Worcester Polytechnic Institute, United States
Vincent Verneuil, NXP Semiconductors, Germany
Nikita Veshchikov, QualSec at Université Libre de Bruxelles, Belgium
Marina Krček, TU Delft, The Netherlands