EMShepherd: Detecting Adversarial Samples via Side-channel Leakage

no code implementations • 27 Mar 2023 • Ruyi Ding, Cheng Gongye, Siyue Wang, Aidong Ding, Yunsi Fei

Inspired by the fact that electromagnetic (EM) emanations of a model inference are dependent on both operations and data and may contain footprints of different input classes, we propose a framework, EMShepherd, to capture EM traces of model execution, perform processing on traces and exploit them for adversarial detection.