{"id":"https://openalex.org/W4412082730","doi":"https://doi.org/10.1109/host64725.2025.11050058","title":"EvoWeight: Sponge Poisoning of FPGA-Based DNN Accelerators in Differential Private Secure Federated Learning","display_name":"EvoWeight: Sponge Poisoning of FPGA-Based DNN Accelerators in Differential Private Secure Federated Learning","publication_year":2025,"publication_date":"2025-05-05","ids":{"openalex":"https://openalex.org/W4412082730","doi":"https://doi.org/10.1109/host64725.2025.11050058"},"language":"en","primary_location":{"id":"doi:10.1109/host64725.2025.11050058","is_oa":false,"landing_page_url":"https://doi.org/10.1109/host64725.2025.11050058","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://pure.ulster.ac.uk/en/publications/033eb4f5-6d02-42ea-8b4c-98aaf9c4121a","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100699840","display_name":"Muhammad Akram","orcid":"https://orcid.org/0000-0003-1485-9804"},"institutions":[{"id":"https://openalex.org/I138801177","display_name":"University of Ulster","ror":"https://ror.org/01yp9g959","country_code":"GB","type":"education","lineage":["https://openalex.org/I138801177"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Muhammad Shakeel Akram","raw_affiliation_strings":["School of Engineering, Ulster University,Belfast,UK"],"affiliations":[{"raw_affiliation_string":"School of Engineering, Ulster University,Belfast,UK","institution_ids":["https://openalex.org/I138801177"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070034350","display_name":"Vincent Meyers","orcid":"https://orcid.org/0000-0001-9775-5861"},"institutions":[{"id":"https://openalex.org/I102335020","display_name":"Karlsruhe Institute of Technology","ror":"https://ror.org/04t3en479","country_code":"DE","type":"education","lineage":["https://openalex.org/I102335020","https://openalex.org/I1305996414"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Vincent Meyers","raw_affiliation_strings":["Karlsruhe Institute of Technology,Karlsruhe,Germany"],"affiliations":[{"raw_affiliation_string":"Karlsruhe Institute of Technology,Karlsruhe,Germany","institution_ids":["https://openalex.org/I102335020"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5087885735","display_name":"Mehdi Tahoori","orcid":null},"institutions":[{"id":"https://openalex.org/I102335020","display_name":"Karlsruhe Institute of Technology","ror":"https://ror.org/04t3en479","country_code":"DE","type":"education","lineage":["https://openalex.org/I102335020","https://openalex.org/I1305996414"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Mehdi Tahoori","raw_affiliation_strings":["Karlsruhe Institute of Technology,Karlsruhe,Germany"],"affiliations":[{"raw_affiliation_string":"Karlsruhe Institute of Technology,Karlsruhe,Germany","institution_ids":["https://openalex.org/I102335020"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5114577218","display_name":"Bogaraju Sharatchandra Varma","orcid":null},"institutions":[{"id":"https://openalex.org/I138801177","display_name":"University of Ulster","ror":"https://ror.org/01yp9g959","country_code":"GB","type":"education","lineage":["https://openalex.org/I138801177"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Bogaraju Sharatchandra Varma","raw_affiliation_strings":["School of Engineering, Ulster University,Belfast,UK"],"affiliations":[{"raw_affiliation_string":"School of Engineering, Ulster University,Belfast,UK","institution_ids":["https://openalex.org/I138801177"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5010420002","display_name":"Dewar Finlay","orcid":"https://orcid.org/0000-0003-2628-6070"},"institutions":[{"id":"https://openalex.org/I138801177","display_name":"University of Ulster","ror":"https://ror.org/01yp9g959","country_code":"GB","type":"education","lineage":["https://openalex.org/I138801177"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Dewar Finlay","raw_affiliation_strings":["School of Engineering, Ulster University,Belfast,UK"],"affiliations":[{"raw_affiliation_string":"School of Engineering, Ulster University,Belfast,UK","institution_ids":["https://openalex.org/I138801177"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5100699840"],"corresponding_institution_ids":["https://openalex.org/I138801177"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.20824975,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"182","last_page":"193"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.988099992275238,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10558","display_name":"Advancements in Semiconductor Devices and Circuit Design","score":0.982200026512146,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/field-programmable-gate-array","display_name":"Field-programmable gate array","score":0.7327983975410461},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6581066250801086},{"id":"https://openalex.org/keywords/differential","display_name":"Differential (mechanical device)","score":0.5125560760498047},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.49064889550209045},{"id":"https://openalex.org/keywords/sponge","display_name":"Sponge","score":0.4666329324245453},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3877682387828827},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.37799081206321716},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.17021480202674866},{"id":"https://openalex.org/keywords/geology","display_name":"Geology","score":0.08500871062278748}],"concepts":[{"id":"https://openalex.org/C42935608","wikidata":"https://www.wikidata.org/wiki/Q190411","display_name":"Field-programmable gate array","level":2,"score":0.7327983975410461},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6581066250801086},{"id":"https://openalex.org/C93226319","wikidata":"https://www.wikidata.org/wiki/Q193137","display_name":"Differential (mechanical device)","level":2,"score":0.5125560760498047},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.49064889550209045},{"id":"https://openalex.org/C2778849931","wikidata":"https://www.wikidata.org/wiki/Q18960","display_name":"Sponge","level":2,"score":0.4666329324245453},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3877682387828827},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.37799081206321716},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.17021480202674866},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.08500871062278748},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C146978453","wikidata":"https://www.wikidata.org/wiki/Q3798668","display_name":"Aerospace engineering","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/host64725.2025.11050058","is_oa":false,"landing_page_url":"https://doi.org/10.1109/host64725.2025.11050058","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","raw_type":"proceedings-article"},{"id":"pmh:oai:pure.atira.dk:openaire/033eb4f5-6d02-42ea-8b4c-98aaf9c4121a","is_oa":true,"landing_page_url":"https://pure.ulster.ac.uk/en/publications/033eb4f5-6d02-42ea-8b4c-98aaf9c4121a","pdf_url":null,"source":{"id":"https://openalex.org/S4306402454","display_name":"Ulster University Research Portal (Ulster University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I138801177","host_organization_name":"University of Ulster","host_organization_lineage":["https://openalex.org/I138801177"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Akram, M S, Meyers, V, Tahoori, M, Varma, B S & Finlay, D 2025, EvoWeight: Sponge Poisoning of FPGA-Based DNN Accelerators in Differential Private Secure Federated Learning. in 2025 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). 2025 edn, 2025 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), IEEE, pp. 182-193. https://doi.org/10.1109/host64725.2025.11050058","raw_type":"contributionToPeriodical"}],"best_oa_location":{"id":"pmh:oai:pure.atira.dk:openaire/033eb4f5-6d02-42ea-8b4c-98aaf9c4121a","is_oa":true,"landing_page_url":"https://pure.ulster.ac.uk/en/publications/033eb4f5-6d02-42ea-8b4c-98aaf9c4121a","pdf_url":null,"source":{"id":"https://openalex.org/S4306402454","display_name":"Ulster University Research Portal (Ulster University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I138801177","host_organization_name":"University of Ulster","host_organization_lineage":["https://openalex.org/I138801177"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Akram, M S, Meyers, V, Tahoori, M, Varma, B S & Finlay, D 2025, EvoWeight: Sponge Poisoning of FPGA-Based DNN Accelerators in Differential Private Secure Federated Learning. in 2025 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). 2025 edn, 2025 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), IEEE, pp. 182-193. https://doi.org/10.1109/host64725.2025.11050058","raw_type":"contributionToPeriodical"},"sustainable_development_goals":[{"score":0.4300000071525574,"display_name":"Zero hunger","id":"https://metadata.un.org/sdg/2"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2015854251","https://openalex.org/W2122538981","https://openalex.org/W2021188643","https://openalex.org/W614364637","https://openalex.org/W4308250236","https://openalex.org/W2338797498","https://openalex.org/W2096844293","https://openalex.org/W2363944576","https://openalex.org/W2351041855","https://openalex.org/W2570254841"],"abstract_inverted_index":{"Differential":[0],"Private":[1],"Secure":[2],"Federated":[3],"Learning":[4],"(DPSecure":[5],"FL)":[6],"ensures":[7],"secure,":[8],"privacy-preserving":[9,123],"collaborative":[10],"training":[11,74],"by":[12,144,182],"transmitting":[13],"encrypted":[14],"updates":[15],"instead":[16],"of":[17,128,158,176,272],"raw":[18],"data,":[19],"addressing":[20],"data-sharing":[21],"constraints":[22],"in":[23,53,117,205,212,219,238,246,261,265,279],"critical":[24],"real-time":[25,97],"applications.":[26],"Integrating":[27],"FPGAs":[28],"into":[29],"DP-Secure":[30,81,119,239],"FL":[31,82],"benefits":[32,78],"from":[33],"their":[34],"parallelism,":[35],"low":[36],"power":[37,156,174,190,242,254,262],"consumption,":[38,64,191],"and":[39,51,65,72,88,94,102,104,214,235,276],"reconfigurability":[40],"to":[41,140,153,184,189,269],"overcome":[42],"edge":[43],"device":[44,280],"resource":[45],"limitations":[46],"while":[47,68],"improving":[48],"efficiency,":[49],"scalability,":[50,61],"adaptability":[52,95],"privacysensitive,":[54],"resource-constrained":[55,89],"environments.":[56],"This":[57,111,259],"integration":[58],"enhances":[59],"latency,":[60],"reduced":[62],"energy":[63],"computational":[66],"efficiency":[67],"reducing":[69],"cloud":[70],"dependency":[71],"optimizing":[73],"processes.":[75],"These":[76,135],"combined":[77],"make":[79],"FPGA-enabled":[80],"an":[83],"ideal":[84],"solution":[85],"for":[86,96],"privacysensitive":[87],"environments,":[90],"enabling":[91],"robust":[92,100],"scalability":[93],"applications,":[98],"delivering":[99],"privacy":[101],"security,":[103],"effectively":[105],"protecting":[106],"against":[107],"external":[108],"data":[109],"leaks.":[110],"study":[112,222],"reveals":[113],"a":[114,201,208,215,277],"significant":[115],"vulnerability":[116],"FPGA-based":[118],"FL,":[120,240],"where":[121],"the":[122,126,142,155,173,192,227,233,241,252],"setup":[124],"hinders":[125],"detection":[127],"internal":[129],"threats,":[130],"such":[131,148],"as":[132,149],"freerider":[133],"attacks.":[134],"attacks":[136],"enable":[137],"malicious":[138],"users":[139,160],"exploit":[141],"system":[143,274],"contributing":[145],"crafted":[146],"gradients,":[147],"through":[150],"sponge":[151],"poisoning,":[152],"increase":[154,211,260],"consumption":[157,175,243,255,263],"honest":[159],"without":[161],"impacting":[162],"model":[163],"accuracy.":[164],"By":[165],"introducing":[166],"\u201cinnovative":[167],"EvoWeight":[168,193],"techniques\u201d,":[169],"we":[170],"show":[171],"how":[172],"DNN-FPGA":[177],"accelerators":[178],"can":[179],"be":[180],"increased":[181],"up":[183],"17.41":[185],"%.":[186,258],"In":[187],"addition":[188],"attack":[194],"negatively":[195],"affects":[196],"other":[197],"performance":[198],"metrics,":[199],"causing":[200],"2.31":[202],"%":[203,210,217],"rise":[204],"inference":[206],"time,":[207],"4.99":[209],"runtime,":[213],"4.75":[216],"reduction":[218,278],"throughput.":[220],"The":[221],"also":[223],"highlights":[224],"that":[225],"when":[226],"fine-tuning":[228],"is":[229],"enabled":[230],"on":[231],"both":[232],"server":[234],"user":[236],"ends":[237],"consistently":[244],"increases":[245],"nearly":[247],"all":[248],"global":[249],"rounds,":[250],"with":[251],"maximum":[253],"reaching":[256],"15.4":[257],"results":[264],"higher":[266],"temperatures,":[267],"leading":[268],"potential":[270],"denial":[271],"service,":[273],"crashes,":[275],"lifetime.":[281]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}