{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,17]],"date-time":"2025-09-17T16:47:57Z","timestamp":1758127677372,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":64,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,9,7]],"date-time":"2020-09-07T00:00:00Z","timestamp":1599436800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1619450"],"award-info":[{"award-number":["CNS-1619450"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,9,7]]},"DOI":"10.1145\/3386263.3409104","type":"proceedings-article","created":{"date-parts":[[2020,9,4]],"date-time":"2020-09-04T21:34:20Z","timestamp":1599255260000},"page":"499-506","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Securing Machine Learning Architectures and Systems"],"prefix":"10.1145","author":[{"given":"Shirin","family":"HajiAmin Shirazi","sequence":"first","affiliation":[{"name":"University of California, Riverside, Riverside, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hoda","family":"Naghibijouybari","sequence":"additional","affiliation":[{"name":"Binghamton University, Binghamton, NY, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nael","family":"Abu-Ghazaleh","sequence":"additional","affiliation":[{"name":"University of California, Riverside, Riverside, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,9,7]]},"reference":[{"key":"e_1_3_2_1_3_1","unstructured":"2018. Multi-Process Service Nvidia. https:\/\/docs.nvidia.com\/deploy\/pdf\/CUDA_Multi_Process_Service_Overview.pdf.  2018. Multi-Process Service Nvidia. https:\/\/docs.nvidia.com\/deploy\/pdf\/CUDA_Multi_Process_Service_Overview.pdf."},{"key":"e_1_3_2_1_4_1","unstructured":"2020. Nvidia DGX-2. https:\/\/www.nvidia.com\/en-us\/data-center\/dgx-2\/.  2020. Nvidia DGX-2. https:\/\/www.nvidia.com\/en-us\/data-center\/dgx-2\/."},{"volume-title":"Robustness to adversarial examples through an ensemble of specialists. arXiv preprint arXiv:1702.06856","year":"2017","author":"Abbasi Mahdieh","key":"e_1_3_2_1_5_1"},{"key":"e_1_3_2_1_6_1","unstructured":"Amazon AWS. 2020. Amazon Elastic Graphics. https:\/\/aws.amazon.com\/ec2\/Elastic-GPUs\/.  Amazon AWS. 2020. Amazon Elastic Graphics. https:\/\/aws.amazon.com\/ec2\/Elastic-GPUs\/."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/3297858.3304049"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/3061639.3062311"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/CCGRID.2017.15"},{"volume-title":"Proc. ACM Symposium on Information, computer and communications security) Workshops. 16--25","author":"Barreno Marco","key":"e_1_3_2_1_10_1"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3307650.3322207"},{"volume-title":"Proceedings of the International Conference on Learning Representations (ICLR).","year":"2018","author":"Wieland","key":"e_1_3_2_1_12_1"},{"volume-title":"Model Compression. In Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining.","year":"2006","author":"Bucilua Cristian","key":"e_1_3_2_1_13_1"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.49"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.3390\/make1010011"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/IISWC.2009.5306797"},{"volume-title":"CC-Hunter: Uncovering Covert Timing Channels on Shared Processor Hardware. In 47th Annual IEEE\/ACM International Symposium on Microarchitecture (MICRO'14)","year":"2014","author":"Chen Jie","key":"e_1_3_2_1_17_1"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/3128572.3140448"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2654822.2541967"},{"key":"e_1_3_2_1_20_1","unstructured":"Xinyun Chen Chang Liu Bo Li Kimberly Lu and Dawn Song. 2017a. Targeted backdoor attacks on deep learning systems using data poisoning.  Xinyun Chen Chang Liu Bo Li Kimberly Lu and Dawn Song. 2017a. Targeted backdoor attacks on deep learning systems using data poisoning."},{"volume-title":"Certified adversarial robustness via randomized smoothing. arXiv preprint arXiv:1902.02918","year":"2019","author":"Cohen Jeremy M","key":"e_1_3_2_1_21_1"},{"volume-title":"A guide to deep learning in healthcare. Nature medicine","year":"2019","author":"Esteva Andre","key":"e_1_3_2_1_22_1"},{"volume-title":"2018 ACM\/IEEE 45th Annual International Symposium on Computer Architecture (ISCA). 1--14","author":"Fowers J.","key":"e_1_3_2_1_23_1"},{"volume-title":"23rd USENIX Security Symposium (USENIX Security 14)","year":"2014","author":"Fredrikson Matthew","key":"e_1_3_2_1_24_1"},{"volume-title":"Int. Conf. on Learning Representations.","year":"2015","author":"Goodfellow Ian J","key":"e_1_3_2_1_25_1"},{"key":"e_1_3_2_1_26_1","unstructured":"Google Cloud. 2020. Cloud Tensor Processing Units (TPUs). https:\/\/cloud.google.com\/tpu\/docs\/tpus.  Google Cloud. 2020. Cloud Tensor Processing Units (TPUs). https:\/\/cloud.google.com\/tpu\/docs\/tpus."},{"key":"e_1_3_2_1_27_1","unstructured":"Google Cloud Platform. 2020. Cloud GPUs. https:\/\/cloud.google.com\/gpu\/.  Google Cloud Platform. 2020. Cloud GPUs. https:\/\/cloud.google.com\/gpu\/."},{"volume-title":"Defensive Approximation: Enhancing CNNs Security through Approximate Computing. arXiv preprint arXiv:2006.07700","year":"2020","author":"Guesmi Amira","key":"e_1_3_2_1_28_1"},{"volume-title":"Proceedings of the 35th International Conference on Machine Learning, ICML.","year":"2018","author":"Hashemi Milad","key":"e_1_3_2_1_29_1"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/2228360.2228448"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2001.903263"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897937.2897962"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3123939.3123972"},{"volume-title":"2014 ACM\/IEEE 41st International Symposium on Computer Architecture (ISCA). 361--372","author":"Kim Y.","key":"e_1_3_2_1_34_1"},{"volume-title":"Spectre Attacks: Exploiting Speculative Execution. In 40th IEEE Symposium on Security and Privacy (S&P'19)","year":"2019","author":"Kocher Paul","key":"e_1_3_2_1_35_1"},{"volume-title":"12th USENIX Workshop on Offensive Technologies (WOOT 18)","year":"2018","author":"Koruyeh Esmaeil Mohammadian","key":"e_1_3_2_1_36_1"},{"volume-title":"CoRR","year":"2016","author":"Kurakin Alexey","key":"e_1_3_2_1_37_1"},{"volume-title":"Adversarial machine learning at scale. arXiv preprint arXiv:1611.01236","year":"2016","author":"Kurakin Alexey","key":"e_1_3_2_1_38_1"},{"volume-title":"27th USENIX Security Symposium (USENIX Security 18)","year":"2018","author":"Lipp Moritz","key":"e_1_3_2_1_39_1"},{"volume-title":"Lee","year":"2015","author":"Liu Fangfei","key":"e_1_3_2_1_40_1"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCAD.2017.8203770"},{"volume-title":"Twenty-Ninth AAAI Conference on Artificial Intelligence.","year":"2015","author":"Mei Shike","key":"e_1_3_2_1_42_1"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134057"},{"volume-title":"Proceedings of 5th International Conference on Learning Representations (ICLR).","year":"2017","author":"Metzen Jan Hendrik","key":"e_1_3_2_1_44_1"},{"key":"e_1_3_2_1_45_1","unstructured":"Microsoft Azure. 2020. GPU-Accelerated Microsoft Azure. http:\/\/www.nvidia.com\/object\/gpu-accelerated-microsoft-azure.html.  Microsoft Azure. 2020. GPU-Accelerated Microsoft Azure. http:\/\/www.nvidia.com\/object\/gpu-accelerated-microsoft-azure.html."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.282"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3123939.3124538"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243831"},{"volume-title":"In Conference on Computer Vision and Pattern Recognition (CVPR) Workshops.","year":"2017","author":"Narodytska Nina","key":"e_1_3_2_1_49_1"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053009"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.41"},{"volume-title":"Qualcomm Smart Protect Technology. Last Accessed","year":"2020","key":"e_1_3_2_1_52_1"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"crossref","unstructured":"Kui Ren Tianhang Zheng Zhan Qin and Xue Liu. 2020. Adversarial attacks and defenses in deep learning.  Kui Ren Tianhang Zheng Zhan Qin and Xue Liu. 2020. Adversarial attacks and defenses in deep learning.","DOI":"10.1016\/j.eng.2019.12.012"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/3007787.3001139"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.41"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354211"},{"volume-title":"Proceedings of the International Conference on Learning Representations (ICLR).","year":"2013","author":"Szegedy Christian","key":"e_1_3_2_1_57_1"},{"volume-title":"25th USENIX Security Symposium (USENIX Security 16)","year":"2016","author":"Tramer Florian","key":"e_1_3_2_1_58_1"},{"volume-title":"23rd USENIX Security Symposium (USENIX Security 14)","year":"2014","author":"Varadarajan Venkatanathan","key":"e_1_3_2_1_59_1"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1109\/FPL.2019.00034"},{"volume-title":"Proceedings of the 2014 international conference on Autonomous agents and multi-agent systems. International Foundation for Autonomous Agents and Multiagent Systems, 485--492","year":"2014","author":"Vorobeychik Yevgeniy","key":"e_1_3_2_1_61_1"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/3241539.3241563"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1145\/3330345.3330389"},{"key":"e_1_3_2_1_64_1","unstructured":"Weilin Xu David Evans and Yanjun Qi. 2017. Feature squeezing mitigates and detects carlini\/wagner adversarial examples.  Weilin Xu David Evans and Yanjun Qi. 2017. Feature squeezing mitigates and detects carlini\/wagner adversarial examples."},{"volume-title":"Cache telepathy: Leveraging shared resource attacks to learn DNN architectures. arXiv preprint arXiv:1808.04761","year":"2018","author":"Yan Mengjia","key":"e_1_3_2_1_65_1"},{"volume-title":"Adversarial examples: Attacks and defenses for deep learning","year":"2019","author":"Yuan Xiaoyong","key":"e_1_3_2_1_66_1"}],"event":{"name":"GLSVLSI '20: Great Lakes Symposium on VLSI 2020","acronym":"GLSVLSI '20","location":"Virtual Event China"},"container-title":["Proceedings of the 2020 on Great Lakes Symposium on VLSI"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3386263.3409104","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/abs\/10.1145\/3386263.3409104","content-type":"text\/html","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3386263.3409104","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3386263.3409104","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:38:25Z","timestamp":1750199905000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3386263.3409104"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,9,7]]},"references-count":64,"alternative-id":["10.1145\/3386263.3409104","10.1145\/3386263"],"URL":"https:\/\/doi.org\/10.1145\/3386263.3409104","relation":{},"subject":[],"published":{"date-parts":[[2020,9,7]]},"assertion":[{"value":"2020-09-07","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}