{"id":"https://openalex.org/W3185600290","doi":"https://doi.org/10.1109/host49136.2021.9702287","title":"Using Undervolting as an on-Device Defense Against Adversarial Machine Learning Attacks","display_name":"Using Undervolting as an on-Device Defense Against Adversarial Machine Learning Attacks","publication_year":2021,"publication_date":"2021-12-12","ids":{"openalex":"https://openalex.org/W3185600290","doi":"https://doi.org/10.1109/host49136.2021.9702287","mag":"3185600290"},"language":"en","primary_location":{"id":"doi:10.1109/host49136.2021.9702287","is_oa":false,"landing_page_url":"https://doi.org/10.1109/host49136.2021.9702287","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2107.09804","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5009379780","display_name":"Saikat Majumdar","orcid":"https://orcid.org/0000-0002-7971-5214"},"institutions":[{"id":"https://openalex.org/I52357470","display_name":"The Ohio State University","ror":"https://ror.org/00rs6vg23","country_code":"US","type":"education","lineage":["https://openalex.org/I52357470"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Saikat Majumdar","raw_affiliation_strings":["The Ohio State University,Department of Computer Science and Engineering,Columbus,OH,USA"],"affiliations":[{"raw_affiliation_string":"The Ohio State University,Department of Computer Science and Engineering,Columbus,OH,USA","institution_ids":["https://openalex.org/I52357470"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5079796402","display_name":"Mohammad Hossein Samavatian","orcid":"https://orcid.org/0009-0007-7274-1333"},"institutions":[{"id":"https://openalex.org/I52357470","display_name":"The Ohio State University","ror":"https://ror.org/00rs6vg23","country_code":"US","type":"education","lineage":["https://openalex.org/I52357470"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mohammad Hossein Samavatian","raw_affiliation_strings":["The Ohio State University,Department of Computer Science and Engineering,Columbus,OH,USA"],"affiliations":[{"raw_affiliation_string":"The Ohio State University,Department of Computer Science and Engineering,Columbus,OH,USA","institution_ids":["https://openalex.org/I52357470"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067555740","display_name":"Kristin Barber","orcid":"https://orcid.org/0000-0001-6184-9954"},"institutions":[{"id":"https://openalex.org/I52357470","display_name":"The Ohio State University","ror":"https://ror.org/00rs6vg23","country_code":"US","type":"education","lineage":["https://openalex.org/I52357470"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kristin Barber","raw_affiliation_strings":["The Ohio State University,Department of Computer Science and Engineering,Columbus,OH,USA"],"affiliations":[{"raw_affiliation_string":"The Ohio State University,Department of Computer Science and Engineering,Columbus,OH,USA","institution_ids":["https://openalex.org/I52357470"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091455049","display_name":"Radu Teodorescu","orcid":"https://orcid.org/0000-0002-6474-2201"},"institutions":[{"id":"https://openalex.org/I52357470","display_name":"The Ohio State University","ror":"https://ror.org/00rs6vg23","country_code":"US","type":"education","lineage":["https://openalex.org/I52357470"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Radu Teodorescu","raw_affiliation_strings":["The Ohio State University,Department of Computer Science and Engineering,Columbus,OH,USA"],"affiliations":[{"raw_affiliation_string":"The Ohio State University,Department of Computer Science and Engineering,Columbus,OH,USA","institution_ids":["https://openalex.org/I52357470"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5009379780"],"corresponding_institution_ids":["https://openalex.org/I52357470"],"apc_list":null,"apc_paid":null,"fwci":0.8399,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.78619554,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"158","last_page":"169"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T14117","display_name":"Integrated Circuits and Semiconductor Failure Analysis","score":0.9948999881744385,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8121809959411621},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7794374227523804},{"id":"https://openalex.org/keywords/margin","display_name":"Margin (machine learning)","score":0.7172268033027649},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6071089506149292},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.5809680819511414},{"id":"https://openalex.org/keywords/adversarial-machine-learning","display_name":"Adversarial machine learning","score":0.5783805251121521},{"id":"https://openalex.org/keywords/deep-neural-networks","display_name":"Deep neural networks","score":0.5345911383628845},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5280462503433228},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5004181861877441},{"id":"https://openalex.org/keywords/image","display_name":"Image (mathematics)","score":0.4994969367980957},{"id":"https://openalex.org/keywords/contextual-image-classification","display_name":"Contextual image classification","score":0.484468936920166},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.47389689087867737},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.4460172653198242},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4122801125049591},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.4068185091018677},{"id":"https://openalex.org/keywords/computer-engineering","display_name":"Computer engineering","score":0.33028745651245117}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8121809959411621},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7794374227523804},{"id":"https://openalex.org/C774472","wikidata":"https://www.wikidata.org/wiki/Q6760393","display_name":"Margin (machine learning)","level":2,"score":0.7172268033027649},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6071089506149292},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.5809680819511414},{"id":"https://openalex.org/C2778403875","wikidata":"https://www.wikidata.org/wiki/Q20312394","display_name":"Adversarial machine learning","level":3,"score":0.5783805251121521},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.5345911383628845},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5280462503433228},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5004181861877441},{"id":"https://openalex.org/C115961682","wikidata":"https://www.wikidata.org/wiki/Q860623","display_name":"Image (mathematics)","level":2,"score":0.4994969367980957},{"id":"https://openalex.org/C75294576","wikidata":"https://www.wikidata.org/wiki/Q5165192","display_name":"Contextual image classification","level":3,"score":0.484468936920166},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.47389689087867737},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.4460172653198242},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4122801125049591},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.4068185091018677},{"id":"https://openalex.org/C113775141","wikidata":"https://www.wikidata.org/wiki/Q428691","display_name":"Computer engineering","level":1,"score":0.33028745651245117},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/host49136.2021.9702287","is_oa":false,"landing_page_url":"https://doi.org/10.1109/host49136.2021.9702287","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2107.09804","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2107.09804","pdf_url":"https://arxiv.org/pdf/2107.09804","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2107.09804","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2107.09804","pdf_url":"https://arxiv.org/pdf/2107.09804","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.7200000286102295}],"awards":[{"id":"https://openalex.org/G4930293850","display_name":null,"funder_award_id":"FA8650-20-C-1719","funder_id":"https://openalex.org/F4320338294","funder_display_name":"Air Force Research Laboratory"},{"id":"https://openalex.org/G6313387758","display_name":null,"funder_award_id":"CCF-2028944,CCF-1629392","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320338294","display_name":"Air Force Research Laboratory","ror":"https://ror.org/02e2egq70"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":89,"referenced_works":["https://openalex.org/W1673923490","https://openalex.org/W1686810756","https://openalex.org/W1945616565","https://openalex.org/W1981384041","https://openalex.org/W1994172067","https://openalex.org/W1994805710","https://openalex.org/W2098163907","https://openalex.org/W2104677471","https://openalex.org/W2117539524","https://openalex.org/W2163605009","https://openalex.org/W2180612164","https://openalex.org/W2194775991","https://openalex.org/W2237177896","https://openalex.org/W2243397390","https://openalex.org/W2342840547","https://openalex.org/W2543927648","https://openalex.org/W2552767274","https://openalex.org/W2590523583","https://openalex.org/W2592929672","https://openalex.org/W2607219512","https://openalex.org/W2618530766","https://openalex.org/W2624299682","https://openalex.org/W2754049786","https://openalex.org/W2765233338","https://openalex.org/W2766888159","https://openalex.org/W2766972025","https://openalex.org/W2774018344","https://openalex.org/W2783692467","https://openalex.org/W2789388689","https://openalex.org/W2795098699","https://openalex.org/W2798302089","https://openalex.org/W2905500442","https://openalex.org/W2913318911","https://openalex.org/W2947133760","https://openalex.org/W2950048339","https://openalex.org/W2950468330","https://openalex.org/W2962759300","https://openalex.org/W2962835968","https://openalex.org/W2963158386","https://openalex.org/W2963207607","https://openalex.org/W2963389226","https://openalex.org/W2963446712","https://openalex.org/W2963485691","https://openalex.org/W2963542245","https://openalex.org/W2963612069","https://openalex.org/W2963857521","https://openalex.org/W2963952467","https://openalex.org/W2964082701","https://openalex.org/W2964153729","https://openalex.org/W2964224652","https://openalex.org/W2964248614","https://openalex.org/W2964253222","https://openalex.org/W2971180473","https://openalex.org/W2980829995","https://openalex.org/W2981011605","https://openalex.org/W3011915968","https://openalex.org/W3015806656","https://openalex.org/W3035174611","https://openalex.org/W3046449280","https://openalex.org/W3046769567","https://openalex.org/W3101267861","https://openalex.org/W3102720581","https://openalex.org/W3103940881","https://openalex.org/W3118608800","https://openalex.org/W3186714066","https://openalex.org/W4236432903","https://openalex.org/W4256044039","https://openalex.org/W4287712039","https://openalex.org/W4293846201","https://openalex.org/W4297573953","https://openalex.org/W4300677102","https://openalex.org/W4394644156","https://openalex.org/W6637162671","https://openalex.org/W6637373629","https://openalex.org/W6640425456","https://openalex.org/W6684191040","https://openalex.org/W6704559304","https://openalex.org/W6725739302","https://openalex.org/W6729756640","https://openalex.org/W6733645847","https://openalex.org/W6734787559","https://openalex.org/W6739868092","https://openalex.org/W6744511767","https://openalex.org/W6744679260","https://openalex.org/W6746621119","https://openalex.org/W6747819456","https://openalex.org/W6748711285","https://openalex.org/W6767812273","https://openalex.org/W6864546407"],"related_works":["https://openalex.org/W3048732067","https://openalex.org/W4383468834","https://openalex.org/W4283221438","https://openalex.org/W2900159906","https://openalex.org/W4384648009","https://openalex.org/W4287828318","https://openalex.org/W2406556600","https://openalex.org/W4380352238","https://openalex.org/W2950183588","https://openalex.org/W3126470649"],"abstract_inverted_index":{"Deep":[0],"neural":[1],"network":[2],"(DNN)":[3],"classifiers":[4,73],"are":[5,24,47],"powerful":[6],"tools":[7],"that":[8,32,46,74,84,115,125],"drive":[9],"a":[10,63,79,82,107,123],"broad":[11],"spectrum":[12],"of":[13,96,110,162],"important":[14],"applications,":[15],"from":[16],"image":[17,72],"recognition":[18],"to":[19,26,29,44,49,53,105,130],"autonomous":[20],"vehicles.":[21],"Unfortunately,":[22],"DNNs":[23,52],"known":[25],"be":[27,127],"vulnerable":[28],"adversarial":[30,66,120],"attacks":[31,39,156],"affect":[33],"virtually":[34],"all":[35],"state-of-the-art":[36],"models.":[37],"These":[38],"make":[40],"small":[41],"imperceptible":[42],"modifications":[43],"inputs":[45],"sufficient":[48],"induce":[50],"the":[51,55,97,100,119,132,136,142],"produce":[54],"wrong":[56],"classification.":[57],"In":[58],"this":[59],"paper":[60],"we":[61],"propose":[62,92],"novel,":[64],"lightweight":[65],"correction":[67],"and/or":[68],"detection":[69,160],"mechanism":[70],"for":[71],"relies":[75],"on":[76,166],"undervolting":[77,95],"(running":[78],"chip":[80,98],"at":[81],"voltage":[83],"is":[85],"slightly":[86],"below":[87],"its":[88],"safe":[89],"margin).":[90],"We":[91,113,140,153],"using":[93],"controlled":[94],"running":[99],"inference":[101],"process":[102],"in":[103,122,145],"order":[104],"introduce":[106],"limited":[108],"number":[109],"compute":[111],"errors.":[112],"show":[114,158],"these":[116],"errors":[117],"disrupt":[118],"input":[121,137],"way":[124],"can":[126],"used":[128],"either":[129],"correct":[131],"classification":[133],"or":[134],"detect":[135],"as":[138],"adversarial.":[139],"evaluate":[141,154],"proposed":[143],"solution":[144],"an":[146],"FPGA":[147],"design":[148],"and":[149,157,164],"through":[150],"software":[151],"simulation.":[152],"10":[155],"average":[159],"rates":[161],"77%":[163],"90%":[165],"two":[167],"popular":[168],"DNNs.":[169]},"counts_by_year":[{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":3}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}