This paper presents a novel data-free Membership Inference Attack (MIA) that uses gradient inversion on Standard Cell Library Layouts (SCLLs) to reconstruct sensitive hardware images from intercepted…

This paper investigates the use of Federated Learning (FL) for hardware assurance, demonstrating that while FL improves model performance over centralized learning, it remains vulnerable to gradient i…

FedEDAuth is a lightweight, embedding-level authentication framework that enhances federated learning for counterfeit IC detection by identifying and filtering malicious participants before model aggr…

This paper empirically evaluates the effectiveness of Differential Privacy (DP) against Membership Inference Attacks (MIAs) in Federated Learning, demonstrating that a stacking attack strategy can det…

The paper introduces a novel threat model, approximate obfuscation, and proposes a framework to detect IP piracy in approximate circuits by comparing their statistical error profiles.

The paper introduces ARES, a novel and practical gradient inversion attack that reconstructs sensitive training samples from large batch updates in Federated Learning without requiring architectural m…

The paper proposes 'mimetic deception,' a novel IP camouflaging technique that structurally disguises a functional IP as a different appearance IP, thereby thwarting both structural reverse engineerin…

The paper introduces a Verifiable Gradient Inversion Attack (VGIA) that provides an explicit, certifiable method for reconstructing individual training records from shared gradients, particularly effe…

The paper analyzes existing hardware Trojan datasets to demonstrate that standard cell libraries can be systematically exploited to create visually undetectable, stealthy hardware Trojans, exemplified…

The paper proposes a hardware-efficient compound IC protection mechanism that combines lightweight cryptography with logic locking and hardware obfuscation to secure integrated circuits against variou…

CIPHR introduces a novel, fine-grain hardware redaction methodology inspired by cryptographic indistinguishability to protect intellectual property against structural attacks that exploit existing art…

EdgeDetect is a communication-efficient and privacy-preserving federated intrusion detection system that uses gradient binarization and homomorphic encryption to significantly reduce bandwidth usage w…

This paper introduces a dual-layer side-channel attack framework that exploits the variable workload introduced by dynamic image preprocessing in local Vision-Language Models (VLMs) to infer sensitive…

FedSurrogate introduces a novel backdoor defense for Federated Learning that uses layer-criticality analysis and surrogate replacement to significantly reduce false positives while maintaining high mo…

This paper provides a comparative analysis and benchmarking of Secure Multi-Party Computation (SMPC) and Fully Homomorphic Encryption (FHE) for machine learning, finding that the optimal choice depend…

The paper proposes a constant-time implementation methodology for activation functions on microcontrollers to prevent timing side-channel attacks during embedded neural-network inference.

The paper introduces ActInv and PAF to systematically analyze and quantify privacy leakage from intermediate activations during split inference of LLMs, proposing PriPert for enhanced defense.

The paper demonstrates that simpler, shallower Deep Neural Network architectures with reduced features and ReLU activations can inherently improve the robustness of ML-NIDS against gradient-based adve…

This review analyzes the dual impact of integrating Large Language Models (LLMs) into hardware design, detailing both their transformative potential in EDA and the critical security vulnerabilities th…

The paper introduces CIPL, a unified channel-oriented framework, demonstrating that privacy leakage in LLM agents is governed by observable data channels and pipeline interactions, rather than being l…