{"id":"https://openalex.org/W3212836513","doi":"https://doi.org/10.3390/info14090516","title":"Attacking Deep Learning AI Hardware with Universal Adversarial Perturbation","display_name":"Attacking Deep Learning AI Hardware with Universal Adversarial Perturbation","publication_year":2023,"publication_date":"2023-09-19","ids":{"openalex":"https://openalex.org/W3212836513","doi":"https://doi.org/10.3390/info14090516","mag":"3212836513"},"language":"en","primary_location":{"id":"doi:10.3390/info14090516","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info14090516","pdf_url":"https://www.mdpi.com/2078-2489/14/9/516/pdf?version=1695131762","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/2078-2489/14/9/516/pdf?version=1695131762","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5036369307","display_name":"Mehdi Sadi","orcid":"https://orcid.org/0000-0002-0468-7810"},"institutions":[{"id":"https://openalex.org/I82497590","display_name":"Auburn University","ror":"https://ror.org/02v80fc35","country_code":"US","type":"education","lineage":["https://openalex.org/I82497590"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Mehdi Sadi","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Auburn University, Auburn, AL 36849, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Auburn University, Auburn, AL 36849, USA","institution_ids":["https://openalex.org/I82497590"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086590194","display_name":"B. M. S. Bahar Talukder","orcid":"https://orcid.org/0000-0001-6388-0509"},"institutions":[{"id":"https://openalex.org/I19700959","display_name":"Florida International University","ror":"https://ror.org/02gz6gg07","country_code":"US","type":"education","lineage":["https://openalex.org/I19700959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Bashir Mohammad Sabquat Bahar Talukder","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Florida International University, Miami, FL 33199, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Florida International University, Miami, FL 33199, USA","institution_ids":["https://openalex.org/I19700959"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5015612463","display_name":"Kaniz Mishty","orcid":"https://orcid.org/0009-0003-4623-6940"},"institutions":[{"id":"https://openalex.org/I82497590","display_name":"Auburn University","ror":"https://ror.org/02v80fc35","country_code":"US","type":"education","lineage":["https://openalex.org/I82497590"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kaniz Mishty","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Auburn University, Auburn, AL 36849, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Auburn University, Auburn, AL 36849, USA","institution_ids":["https://openalex.org/I82497590"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091695146","display_name":"Md Tauhidur Rahman","orcid":"https://orcid.org/0000-0002-0010-6388"},"institutions":[{"id":"https://openalex.org/I19700959","display_name":"Florida International University","ror":"https://ror.org/02gz6gg07","country_code":"US","type":"education","lineage":["https://openalex.org/I19700959"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Md Tauhidur Rahman","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Florida International University, Miami, FL 33199, USA"],"raw_orcid":"https://orcid.org/0000-0002-0010-6388","affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Florida International University, Miami, FL 33199, USA","institution_ids":["https://openalex.org/I19700959"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5036369307","https://openalex.org/A5091695146"],"corresponding_institution_ids":["https://openalex.org/I19700959","https://openalex.org/I82497590"],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":0.1657,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.51223734,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":"14","issue":"9","first_page":"516","last_page":"516"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T14117","display_name":"Integrated Circuits and Semiconductor Failure Analysis","score":0.9922000169754028,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.805478036403656},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.7458710074424744},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.6325020790100098},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6264580488204956},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6186028718948364},{"id":"https://openalex.org/keywords/convolutional-neural-network","display_name":"Convolutional neural network","score":0.56437748670578},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.524027407169342},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.5206626653671265},{"id":"https://openalex.org/keywords/deep-neural-networks","display_name":"Deep neural networks","score":0.5180373787879944},{"id":"https://openalex.org/keywords/noise","display_name":"Noise (video)","score":0.481219083070755},{"id":"https://openalex.org/keywords/trojan","display_name":"Trojan","score":0.4552731215953827},{"id":"https://openalex.org/keywords/computer-engineering","display_name":"Computer engineering","score":0.4126475751399994},{"id":"https://openalex.org/keywords/image","display_name":"Image (mathematics)","score":0.4072277247905731},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.36881500482559204},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.24000418186187744},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.11603280901908875}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.805478036403656},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.7458710074424744},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.6325020790100098},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6264580488204956},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6186028718948364},{"id":"https://openalex.org/C81363708","wikidata":"https://www.wikidata.org/wiki/Q17084460","display_name":"Convolutional neural network","level":2,"score":0.56437748670578},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.524027407169342},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.5206626653671265},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.5180373787879944},{"id":"https://openalex.org/C99498987","wikidata":"https://www.wikidata.org/wiki/Q2210247","display_name":"Noise (video)","level":3,"score":0.481219083070755},{"id":"https://openalex.org/C174333608","wikidata":"https://www.wikidata.org/wiki/Q19635","display_name":"Trojan","level":2,"score":0.4552731215953827},{"id":"https://openalex.org/C113775141","wikidata":"https://www.wikidata.org/wiki/Q428691","display_name":"Computer engineering","level":1,"score":0.4126475751399994},{"id":"https://openalex.org/C115961682","wikidata":"https://www.wikidata.org/wiki/Q860623","display_name":"Image (mathematics)","level":2,"score":0.4072277247905731},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.36881500482559204},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.24000418186187744},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.11603280901908875}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3390/info14090516","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info14090516","pdf_url":"https://www.mdpi.com/2078-2489/14/9/516/pdf?version=1695131762","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:62973fb52f7d4e2cbcaf3b9664481488","is_oa":true,"landing_page_url":"https://doaj.org/article/62973fb52f7d4e2cbcaf3b9664481488","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Information, Vol 14, Iss 9, p 516 (2023)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/info14090516","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info14090516","pdf_url":"https://www.mdpi.com/2078-2489/14/9/516/pdf?version=1695131762","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.5199999809265137,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G3051376520","display_name":"CRII: SaTC: Rowhammer Attack on Fresh and Recycled Memory Chips: Security Risks and Defenses","funder_award_id":"2214108","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4980156546","display_name":"Collaborative Research: SaTC: EDU: Hardware Security Education for All Through Seamless Extension of Existing Curricula","funder_award_id":"2114200","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W3212836513.pdf"},"referenced_works_count":51,"referenced_works":["https://openalex.org/W1945616565","https://openalex.org/W2001802315","https://openalex.org/W2099101940","https://openalex.org/W2157116240","https://openalex.org/W2229662347","https://openalex.org/W2397423248","https://openalex.org/W2543927648","https://openalex.org/W2603766943","https://openalex.org/W2604319603","https://openalex.org/W2606722458","https://openalex.org/W2620038827","https://openalex.org/W2748528844","https://openalex.org/W2748789698","https://openalex.org/W2771112233","https://openalex.org/W2807765471","https://openalex.org/W2808426733","https://openalex.org/W2809457377","https://openalex.org/W2913144408","https://openalex.org/W2934837523","https://openalex.org/W2943220429","https://openalex.org/W2946801000","https://openalex.org/W2953212265","https://openalex.org/W2959173014","https://openalex.org/W2962939738","https://openalex.org/W2963178695","https://openalex.org/W2963184668","https://openalex.org/W2963207607","https://openalex.org/W2963744840","https://openalex.org/W2964153729","https://openalex.org/W2981860227","https://openalex.org/W2983042735","https://openalex.org/W2990270730","https://openalex.org/W3012279190","https://openalex.org/W3016266693","https://openalex.org/W3026196565","https://openalex.org/W3030962502","https://openalex.org/W3036480850","https://openalex.org/W3036618276","https://openalex.org/W3036847733","https://openalex.org/W3038103856","https://openalex.org/W3039098095","https://openalex.org/W3042829099","https://openalex.org/W3092516112","https://openalex.org/W3102908045","https://openalex.org/W3104141960","https://openalex.org/W3109541151","https://openalex.org/W3114686421","https://openalex.org/W3196387322","https://openalex.org/W4242053016","https://openalex.org/W4256383029","https://openalex.org/W4288337628"],"related_works":["https://openalex.org/W2952919291","https://openalex.org/W4313563103","https://openalex.org/W2915754718","https://openalex.org/W2968586400","https://openalex.org/W4299822940","https://openalex.org/W2279398222","https://openalex.org/W4206826928","https://openalex.org/W2969184416","https://openalex.org/W3000866861","https://openalex.org/W3045863126"],"abstract_inverted_index":{"Universal":[0],"adversarial":[1,29,87,100],"perturbations":[2,30],"are":[3],"image-agnostic":[4],"and":[5,36,118],"model-independent":[6],"noise":[7,88,101],"that,":[8,70],"when":[9,71],"added":[10],"to":[11,50],"any":[12],"image,":[13],"can":[14,31,79],"mislead":[15],"the":[16,23,34,43,52,58,86,90,97,111,115,119,124,127],"trained":[17],"deep":[18,40,105],"convolutional":[19],"neural":[20,48],"networks":[21,49],"into":[22],"wrong":[24],"prediction.":[25],"Since":[26],"these":[27,55,81],"universal":[28,99],"seriously":[32],"jeopardize":[33],"security":[35],"integrity":[37],"of":[38,54,110,114,123],"practical":[39],"learning":[41,106],"applications,":[42],"existing":[44,82],"techniques":[45],"use":[46],"additional":[47],"detect":[51],"existence":[53],"noises":[56],"at":[57,89],"input":[59],"image":[60],"source.":[61],"In":[62],"this":[63],"paper,":[64],"we":[65],"demonstrate":[66,96],"an":[67],"attack":[68,102],"strategy":[69],"activated":[72],"by":[73,84],"rogue":[74],"means":[75],"(e.g.,":[76],"malware,":[77],"trojan),":[78],"bypass":[80],"countermeasures":[83],"augmenting":[85],"AI":[91],"hardware":[92,125],"accelerator":[93],"stage.":[94],"We":[95],"accelerator-level":[98],"on":[103],"several":[104],"models":[107],"using":[108],"co-simulation":[109],"software":[112],"kernel":[113],"Conv2D":[116],"function":[117],"Verilog":[120],"RTL":[121],"model":[122],"under":[126],"FuseSoC":[128],"environment.":[129]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}