Skip to Main Content
Frequently Asked Questions
Submit an ETD
Global Search Box
Need Help?
Keyword Search
Participating Institutions
Advanced Search
School Logo
Files
File List
Ohio_State_University_dissertation_accelerator_architecture_for_secure_and_energy_efficient__Machine_learning.pdf (7.39 MB)
ETD Abstract Container
Abstract Header
Accelerator Architecture for Secure and Energy Efficient Machine learning
Author Info
Samavatian, Mohammad Hossein
ORCID® Identifier
http://orcid.org/0000-0001-6163-2771
Permalink:
http://rave.ohiolink.edu/etdc/view?acc_num=osu165188351393856
Abstract Details
Year and Degree
2022, Doctor of Philosophy, Ohio State University, Computer Science and Engineering.
Abstract
ML applications are driving the next computing revolution. In this context both performance and security are crucial. We propose hardware/software co-design solutions for addressing both. First, we propose RNNFast, an accelerator for Recurrent Neural Networks (RNNs). RNNs are particularly well suited for machine learning problems in which context is important, such as language translation. RNNFast leverages an emerging class of non-volatile memory called domain-wall memory (DWM). We show that DWM is very well suited for RNN acceleration due to its very high density and low read/write energy. RNNFast is very efficient and highly scalable, with a flexible mapping of logical neurons to RNN hardware blocks. The accelerator is designed to minimize data movement by closely interleaving DWM storage and computation. We compare our design with a state-of-the-art GPGPU and find 21.8X higher performance with 70X lower energy. Second, we brought ML security into ML accelerator design for more efficiency and robustness. Deep Neural Networks (DNNs) are employed in an increasing number of applications, some of which are safety-critical. Unfortunately, DNNs are known to be vulnerable to so-called adversarial attacks. In general, the proposed defenses have high overhead, some require attack-specific re-training of the model or careful tuning to adapt to different attacks. We show that these approaches, while successful for a range of inputs, are insufficient to address stronger, high-confidence adversarial attacks. To address this, we propose HASI and DNNShield, two hardware-accelerated defenses that adapt the strength of the response to the confidence of the adversarial input. Both techniques rely on approximation or random noise deliberately introduced into the model. HASI uses direct noise injection into the model at inference. DNNShield uses approximation that relies on dynamic and random sparsification of the DNN model to achieve inference approximation efficiently and with fine-grain control over the approximation error. Both techniques use the output distribution characteristics of noisy/sparsified inference compared to a baseline output to detect adversarial inputs. We show an adversarial detection rate of 86% when applied to VGG16 and 88% when applied to ResNet50, which exceeds the detection rate of the state-of-the-art approaches, with a much lower overhead. We demonstrate a software/hardware-accelerated FPGA prototype, which reduces the performance impact of HASI and DNNShield relative to software-only CPU and GPU implementations.
Committee
Radu Teoderescu (Advisor)
Yang Wang (Committee Member)
Wei-Lun Chao (Committee Member)
Pages
145 p.
Subject Headings
Computer Engineering
;
Computer Science
Keywords
Machine learning, Accelerator, Security, Adversarial attack, Energy efficiency, Domain wall memory, Recurrent Neural Network, Sparsification,
Recommended Citations
Refworks
EndNote
RIS
Mendeley
Citations
Samavatian, M. H. (2022).
Accelerator Architecture for Secure and Energy Efficient Machine learning
[Doctoral dissertation, Ohio State University]. OhioLINK Electronic Theses and Dissertations Center. http://rave.ohiolink.edu/etdc/view?acc_num=osu165188351393856
APA Style (7th edition)
Samavatian, Mohammad Hossein.
Accelerator Architecture for Secure and Energy Efficient Machine learning.
2022. Ohio State University, Doctoral dissertation.
OhioLINK Electronic Theses and Dissertations Center
, http://rave.ohiolink.edu/etdc/view?acc_num=osu165188351393856.
MLA Style (8th edition)
Samavatian, Mohammad Hossein. "Accelerator Architecture for Secure and Energy Efficient Machine learning." Doctoral dissertation, Ohio State University, 2022. http://rave.ohiolink.edu/etdc/view?acc_num=osu165188351393856
Chicago Manual of Style (17th edition)
Abstract Footer
Document number:
osu165188351393856
Download Count:
178
Copyright Info
© 2022, all rights reserved.
This open access ETD is published by The Ohio State University and OhioLINK.