Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Hermes Attack - Steal DNN Models in AI Privatization Deployment Scenarios

Black Hat via YouTube

Start learning Write review
Coursera Ad

40% Off Career-Building Certificates

Learn More → Corporate Finance Institute Ad

Get 35% Off CFI Certifications - Code CFI35

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a critical security vulnerability in AI privatization deployments through this Black Hat conference talk. Delve into the Hermes Attack, which exploits the PCIe bus connecting the host and GPU/AI-accelerator to fully reconstruct deep neural network (DNN) models. Learn about the attack's methodology, challenges, and implementation, including hardware package relationships, GPU command analysis, and semantic reconstruction techniques. Examine the evaluation results comparing different architectures, with a focus on VGG, and assess the attack's accuracy and performance. Gain insights into potential countermeasures and understand the implications for AI security in both Chinese and US markets.

Syllabus

Introduction
Motivations
Cost
Leak
Hermes Attack
Challenges
Attack Overview
Hardware
Package Relationships
Quick Facts
Out of Order Issues
GPU Command
Data Movement Command
Reverse Engineer
Split Command
Command Data Noise
Semantic Reconstruction
Offline Database Generation
Hyperparameter Reconstruct
No Directed Connections
Evaluation
Architecture Comparison
VGG Architecture
Accuracy Evaluation
Reconstruction Performance Evaluation
Countermeasures
Summary

Taught by

Black Hat

Reviews

Start your review of Hermes Attack - Steal DNN Models in AI Privatization Deployment Scenarios

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.