Resilience of ML Hardware Accelerators Against Accuracy Degrading Trojans

The goal of this project is to assess the resilience of machine learning (ML) hardware accelerators, with a specific focus on Convolutional Neural Network (CNN) accelerators, when subjected to Trojan attacks aimed at degrading their accuracy. The project will analyze how various hardware components, such as weights, biases, and feature maps, are impacted by these attacks and under what conditions the system remains compromised without detection. The research will explore the scalability of Trojan insertion, the optimal timing for Trojan activation to evade standard testing, and the pace of accuracy degradation that can go unnoticed. By providing a comprehensive evaluation of CNN accelerators’ vulnerability to such attacks, this project will identify the most susceptible components, reveal the activation strategies that maximize Trojan effectiveness, and determine the degradation patterns that pose the greatest threat while remaining stealthy.