TBNet: A Neural Architectural Defense Framework Facilitating DNN Model Protection in Trusted Execution Environments

arXiv:2405.03974v1 Announce Type: cross
Abstract: Trusted Execution Environments (TEEs) have become a promising solution to secure DNN models on edge devices. However, the existing solutions either provide inadequate protection or introduce large performance overhead. Taking both security and performance into consideration, this paper presents TBNet, a TEE-based defense framework that protects DNN model from a neural architectural perspective. Specifically, TBNet generates a novel Two-Branch substitution model, to respectively exploit (1) the computational resources in the untrusted Rich Execution Environment (REE) …

abstract arxiv become cs.ai cs.cr cs.lg defense devices dnn edge edge devices environments framework however paper performance protection security solution solutions type