Research Mentor: Abhishek Dutta
Neuromorphic computing hardware has emerged in recent years as a complementary architecture to von Neumann systems. In particular, the adoption of neuromorphic computing systems that implement neural network and machine learning algorithms on hardware generates the need for protecting data security in such systems. The learning model is exposed to the risk of being attacked by malicious users who have physical access to the device. The objective of this research is to prevent an attacker with physical access from learning the proprietary algorithm implemented by the neuromorphic hardware. Since, the similarity between programmable resistance state of memristors and the variable weight connection in neural networks simplifies the structure of circuit realization of a neural network, a memristor-based realization of the neuromorphic system performing an image classification task will be considered. An attacker in this scenario could potentially replicate the classifier by simply obtaining the input-output data. To block such attacks, we shall make use of the physical property of a memristor, such that even if the neuromorphic system is captured, the functionality of the system will decay quickly after a very limited number of tests. The research outcomes will enable the exploration of neuroscience and other machine learning applications through neuromorphic systems, as well as securing them against unwanted attacks.
The REU students will realize the above objective of secure neuromorphic system design by completing the following two research tasks: (i) A memristor based neuromorphic system will be designed to perform an image classification task by optimizing a neural-network architecture. (ii) The above neuromorphic design will be made secure against model replication attack by making use of the memristor’s retention property. By realizing these tasks, and in collaboration with relevant industrial partners, the students will gain critical theoretical and experimental knowledge in the design and security of biologically inspired neuromorphic systems.