Date of Award

8-2024

Document Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department

Electrical and Computer Engineering (Holcomb Dept. of)

Committee Chair/Advisor

Dr. Yingjie Lao

Committee Member

Dr. Long Cheng

Committee Member

Dr. Richard Groff

Committee Member

Dr. Rajendra Singh

Abstract

The security of Machine Learning (ML) grows along with the development of high-performance models and expanding application scenarios. Numerous users are benefiting from the convenience brought by transformative ML applications. In the meantime, various attackers are trying to find vulnerabilities within ML deployment service models, thereby undermining the performance of ML and jeopardizing stakeholders’ interests. The dissertation focuses on the two aspects of secure ML applications: acceleration and protection. Homomorphic Encryption (HE) emerges as a widely recognized security primitive suitable for the cloud computing service model, where the computation can be performed over ciphertext without decryption. However, evaluations in the ciphertext domain is time-consuming and demands custom hardware acceleration. In this dissertation, we propose two HE computation hardware architectures to meet the demand. HEDWIG focusing on the latest BFV-HPS HE scheme for its homomorphic multiplication evaluation hardware implementation, and HERMES considers the CKKS bootstrapping computation flow optimization respectively. Apart from HE’s hardware acceleration target ML cloud deployment, we proposed a protection framework named NNTesting. This framework safeguards quantized ML model weights stored in memory, which are susceptible to physical bit-flip attacks. It can detect and recover the potential bit-flip in the memory, preserving high performance for the end user. Additionally, we propose the NoPUF framework aimed at enhancing cloud-based authentication by employing Physical Unclonable Functions within the IC Chip. It can be integrated into the hardware system used for high-performance architecture in cloud-based privacy-preserving computing acceleration solutions.

Available for download on Sunday, August 31, 2025

Share

COinS