Practical Deep Neural Network Protection for Unmodified Applications in Intel Software Guard Extension Environments

Page view(s)
41
Checked on Jun 22, 2024
Practical Deep Neural Network Protection for Unmodified Applications in Intel Software Guard Extension Environments
Title:
Practical Deep Neural Network Protection for Unmodified Applications in Intel Software Guard Extension Environments
Journal Title:
IFIP Advances in Information and Communication Technology
Keywords:
Publication Date:
28 December 2023
Citation:
Kang, D. M., Faahym, H., Meftah, S., Keoh, S. L., & Khin, M. M. A. (2023). Practical Deep Neural Network Protection for Unmodified Applications in Intel Software Guard Extension Environments. In Critical Infrastructure Protection XVII (pp. 177–192). Springer Nature Switzerland. https://doi.org/10.1007/978-3-031-49585-4_9
Abstract:
Trusted computing, often referred to as confidential computing, is an attempt to enhance the trust of modern computer systems through a combination of software and hardware mechanisms. The area increased in popularity after the release of the Intel Software Guard Extensions software development kit, enabling industry actors to create applications compatible with the interfaces required to leverage secure enclaves. However, the prime choices of users are still libraries and solutions that facilitate code portability to Software Guard Extension environments without any modifications to native applications. While these have proved effective at eliminating additional development costs, they inherit all the security concerns for which Software Guard Extensionshas been criticized. This chapter proposes a split computing method to enhance the privacy of deep neural network models outsourced to trusted execution environments. The key metric that guides the approach is split computing performance that does not involve architectural modifications to deep neural network models. The model partitioning method enables stricter security guarantees while producing negligible levels of overhead. This chapter also discusses the challenges involved in developing a pragmatic solution against established Intel Software Guard Extensions attacks.The results demonstrate that the method introduces negligible performance overhead and reliably secures the outsourcing of deep neural network models.
License type:
Publisher Copyright
Funding Info:
This research / project is supported by the Institute for Infocomm Research, an A*STAR research entity, - RIE2020 Advanced Manufacturing and Engineering (AME) Program
Grant Reference no. : A19E3b0099
Description:
This version of the article has been accepted for publication, after peer review and is subject to Springer Nature’s AM terms of use, but is not the Version of Record and does not reflect post-acceptance improvements, or any corrections. The Version of Record is available online at: http://dx.doi.org/10.1007/978-3-031-49585-4_9
ISSN:
9783031495854
ISBN:
9783031495847
Files uploaded:

File Size Format Action
book-chapter-practical-deep-neural-network-protection-for-unmodified-applications-in-intel-software-guard-extension-environments.pdf 4.74 MB PDF Request a copy